www.netsec.news Open in urlscan Pro
104.24.108.219 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Submission: On June 16 via api (June 16th 2020, 7:07:59 am UTC) from GB

Summary HTTP 54 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 54 HTTP transactions. The main IP is 104.24.108.219, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.netsec.news.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 7th 2020. Valid for: 6 months.

This is the only time www.netsec.news was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	104.24.108.219 104.24.108.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.242.230 143.204.242.230	16509 (AMAZON-02) (AMAZON-02)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
20	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
54	9

14 104.24.108.219 (United States)

ASN13335 (CLOUDFLARENET, US)

www.netsec.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.242.230 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-242-230.cph50.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	twimg.com cdn.syndication.twimg.com pbs.twimg.com	208 KB
14	netsec.news www.netsec.news	418 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	110 KB
7	gstatic.com fonts.gstatic.com	79 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	mailchimp.com cdn-images.mailchimp.com	1 KB
54	7

	Domain	Requested by
19	pbs.twimg.com	www.netsec.news
14	www.netsec.news	www.netsec.news
7	fonts.gstatic.com	www.netsec.news
7	platform.twitter.com	www.netsec.news platform.twitter.com
2	syndication.twitter.com	1 redirects www.netsec.news
2	www.google-analytics.com	www.netsec.news
2	fonts.googleapis.com	www.netsec.news
1	cdn.syndication.twimg.com	platform.twitter.com
1	cdn-images.mailchimp.com	www.netsec.news
54	9

This site contains links to these domains. Also see Links.

Domain
www.spamtitan.com
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-07` - `2020-10-09`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Frame ID: 473F9B15270CB28D447BDFE933C6414A
Requests: 34 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.86df6234483a1fa251e365dd8643c136.html?origin=https%3A%2F%2Fwww.netsec.news
Frame ID: ACA24AFA9397A246B9E8E8C50CAA7DBF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.dark.ltr.css
Frame ID: 3087BDF53E6E1015E3765668B58FA0EC
Requests: 24 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 1113247E0561BED965199F9349C905EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

54
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

837 kB
Transfer

1585 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.spamtitan.com/
Title: <img src="/wp-content/uploads/2019/07/save-time.jpg" alt="" width="728" height="90" />

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.netsec.news%2F113-email-accounts-compromised-in-nhs-phishing-attack%2F&t=113%20Email%20Accounts%20Compromised%20in%20NHS%20Phishing%20Attack
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=113%20Email%20Accounts%20Compromised%20in%20NHS%20Phishing%20Attack&url=https%3A%2F%2Fwww.netsec.news%2F113-email-accounts-compromised-in-nhs-phishing-attack%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.netsec.news%2F113-email-accounts-compromised-in-nhs-phishing-attack%2F&title=113%20Email%20Accounts%20Compromised%20in%20NHS%20Phishing%20Attack
Title: LinkedIn

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

54 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/ 31 KB
9 KB 1314ms
1252ms Document
text/html 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6a022b1e054e4a735b63fd1564c622c5b8ecf30f53bfc763fdce2f3a80afb4d

Request headers

:method: GET
:authority: www.netsec.news
:scheme: https
:path: /113-email-accounts-compromised-in-nhs-phishing-attack/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 16 Jun 2020 07:07:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d479389d71e740252a0ec3864b68d55761592291259; expires=Thu, 16-Jul-20 07:07:39 GMT; path=/; domain=.netsec.news; HttpOnly; SameSite=Lax
link: <https://www.netsec.news/wp-json/>; rel="https://api.w.org/", <https://www.netsec.news/?p=7716>; rel=shortlink
vary: User-Agent,Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
cf-request-id: 035d8d8a870000d46f66390200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a42b1f0d9ded46f-HAM
content-encoding: br

GET
H2 200 autoptimize_84e861fd5f84911870c42b7a27111686.css
www.netsec.news/wp-content/cache/autoptimize/css/ 260 KB
34 KB 710ms
708ms Stylesheet
text/css 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_84e861fd5f84911870c42b7a27111686.css
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72f58490f1785f26fd6eaa0a36f8d987b4a7ab0dda4a5bd7b614fde92682587

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Jun 2020 19:24:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: public, max-age=30672000, immutable
cf-ray: 5a42b1f8cf50d46f-HAM
cf-request-id: 035d8d8f800000d46f663c3200000001
expires: Sun, 06 Jun 2021 07:07:40 GMT

GET
H2 200 autoptimize_e2f0786612ea1d4d5fe3fc865a814103.css
www.netsec.news/wp-content/cache/autoptimize/css/ 16 KB
3 KB 29ms
27ms Stylesheet
text/css 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_e2f0786612ea1d4d5fe3fc865a814103.css
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f94c6bbe07a0c1cd75db3f68c3297f6442f3e57bd9bee499ff5130690790501

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Jun 2020 19:24:10 GMT
server: cloudflare
age: 43235
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: public, max-age=30672000, immutable
cf-ray: 5a42b1f8cf51d46f-HAM
cf-request-id: 035d8d8f800000d46f663c4200000001
expires: Sat, 05 Jun 2021 19:07:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
754 B 28ms
15ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Origin: https://www.netsec.news

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 05:41:20 GMT
server: ESF
date: Tue, 16 Jun 2020 07:07:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 07:07:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
2 KB 27ms
14ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396afaa86f16f9d8923ea38ee8f1da1d0db797819d97823ff5d0d1c41515a464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Origin: https://www.netsec.news

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Jun 2020 06:58:18 GMT
server: ESF
date: Tue, 16 Jun 2020 07:07:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jun 2020 07:07:40 GMT

GET
H2 200 jquery.js Show response
www.netsec.news/wp-includes/js/jquery/ 95 KB
32 KB 32ms
31ms Script
application/javascript 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 May 2019 01:07:20 GMT
server: cloudflare
age: 43234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 5a42b1f8cf55d46f-HAM
cf-request-id: 035d8d8f810000d46f663c6200000001
expires: Wed, 15 Jul 2020 19:07:04 GMT

GET
H2 200 et--customizer-global-15911258492391.min.css
www.netsec.news/wp-content/cache/et/global/ 6 KB
2 KB 567ms
565ms Stylesheet
text/css 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/cache/et/global/et--customizer-global-15911258492391.min.css
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd3ea61595ec7d1c612f26c95863a96a3430e6c2f8feedbaf2d25b0d1de88688

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Jun 2020 19:24:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=2592000
cf-ray: 5a42b1f8cf52d46f-HAM
cf-request-id: 035d8d8f810000d46f663c5200000001
expires: Thu, 16 Jul 2020 07:07:40 GMT

GET
H/1.1 200
OK slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 193ms
47ms Stylesheet
text/css 143.204.242.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/slim-10_7.css
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.242.230 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-242-230.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 01:21:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Dec 2015 20:19:39 GMT
Server: AmazonS3
Age: 20794
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 3285fe33cd28bf7e47b10465a4ff411b.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: CPH50-C1
X-Amz-Cf-Id: MNmSfyRZrfATI4D81zOL4_0gMXXRsTOoSjgEwndAyxK1pTYBVq0Tmw==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 12ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: b54675d0c78b4247cd5ae2ab6b4ab96a280ae2bbdaf4f46dff6b95ca109840a5

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 07:07:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2020 22:20:30 GMT
Server: ECS (fcn/41A4)
Age: 596
Etag: "e8665a6672f6c6e18facbfd9e1eaaad3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29247

GET
H2 200 lazysizes.min.js Show response
www.netsec.news/wp-content/plugins/autoptimize/classes/external/js/ 9 KB
4 KB 27ms
27ms Script
application/javascript 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.7.0
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 May 2020 10:48:35 GMT
server: cloudflare
age: 827593
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 5a42b1fc7e7ad46f-HAM
cf-request-id: 035d8d91ca0000d46f663e5200000001
expires: Mon, 06 Jul 2020 17:14:27 GMT

GET
H2 200 autoptimize_20452e557c350061a1dc9ac156561cbd.js Show response
www.netsec.news/wp-content/cache/autoptimize/js/ 135 KB
37 KB 705ms
704ms Script
application/javascript 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/cache/autoptimize/js/autoptimize_20452e557c350061a1dc9ac156561cbd.js
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaa4e4dd2325de6dd0bf50db258dd2f0ef54d773cfec03db876d82cd3c3683d2

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 02 Jun 2020 19:24:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=30672000, immutable
cf-ray: 5a42b1fcaeecd46f-HAM
cf-request-id: 035d8d91e60000d46f663e6200000001
expires: Sun, 06 Jun 2021 07:07:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1683
date: Tue, 16 Jun 2020 06:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 16 Jun 2020 08:39:38 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.netsec.news/wp-includes/js/ 14 KB
4 KB 580ms
580ms Script
application/javascript 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Apr 2020 15:46:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: max-age=2592000
cf-ray: 5a42b1fd98e9d46f-HAM
cf-request-id: 035d8d927f0000d46f663ed200000001
expires: Thu, 16 Jul 2020 07:07:41 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9dc60c88435895c2c30837a2f4f572c35042908e79992df178ff1a496c37dff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e4323cb773447aa0418c88dde648dffca5ab28462951ff9a7f8e4cd1bbc8e66

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shutterstock_593626601.jpg
www.netsec.news/wp-content/uploads/2018/12/ 187 KB
187 KB 839ms
838ms Image
image/jpeg 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/uploads/2018/12/shutterstock_593626601.jpg
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c5446af6bedd20da1bc256181218f2ba700354204b395b81de76040401bffdd

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Dec 2018 14:05:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a42b1fda903d46f-HAM
content-length: 191083
cf-request-id: 035d8d92870000d46f663ee200000001
expires: Wed, 16 Jun 2021 07:07:41 GMT

GET
H2 200 title-shadow.png
www.netsec.news/wp-content/themes/Nexus/images/ 277 B
456 B 561ms
560ms Image
image/png 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/themes/Nexus/images/title-shadow.png
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51f6757186bc2ffd28f2c2aab16b1b86ee001cc5bff18fa322129f3419c41b91

Request headers

Referer: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_84e861fd5f84911870c42b7a27111686.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2019 11:22:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a42b1fda904d46f-HAM
content-length: 277
cf-request-id: 035d8d92870000d46f663ef200000001
expires: Wed, 16 Jun 2021 07:07:41 GMT

GET
H2 200 breadcrumbs_separator.png
www.netsec.news/wp-content/themes/Nexus/images/ 1 KB
1 KB 570ms
570ms Image
image/png 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/themes/Nexus/images/breadcrumbs_separator.png
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6935b2c1940b4f74e22834aa671716c4f1a8f15c581e11fe02e21f4e4bf54cc1

Request headers

Referer: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_84e861fd5f84911870c42b7a27111686.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2019 11:22:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a42b1fda905d46f-HAM
content-length: 1210
cf-request-id: 035d8d92870000d46f663f0200000001
expires: Wed, 16 Jun 2021 07:07:41 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin: https://www.netsec.news

Response headers

date: Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 410657
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:03:24 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.netsec.news

Response headers

date: Thu, 11 Jun 2020 20:40:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 383235
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Fri, 11 Jun 2021 20:40:26 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwK4vWqZPANqczVs.woff2

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.netsec.news

Response headers

date: Wed, 10 Jun 2020 18:06:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:41 GMT
server: sffe
age: 478871
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13564
x-xss-protection: 0
expires: Thu, 10 Jun 2021 18:06:30 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.netsec.news

Response headers

date: Wed, 10 Jun 2020 22:37:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 462628
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13428
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:37:13 GMT

GET
H2 200 1Ptsg8zYS_SKggPNwE44TYFqL_KWxQ.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptsg8zYS_SKggPNwE44TYFqL_KWxQ.woff2

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a37d3624086675554078137e1df705b7dd0cae87bf39b588759a94157fdefd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.netsec.news

Response headers

date: Wed, 10 Jun 2020 17:56:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:29 GMT
server: sffe
age: 479467
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13004
x-xss-protection: 0
expires: Thu, 10 Jun 2021 17:56:34 GMT

GET
H2 200 monarch.ttf
www.netsec.news/wp-content/plugins/monarch/css/fonts/ 15 KB
15 KB 584ms
583ms Font
application/x-font-ttf 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netsec.news/wp-content/plugins/monarch/css/fonts/monarch.ttf
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.netsec.news/wp-content/cache/autoptimize/css/autoptimize_84e861fd5f84911870c42b7a27111686.css
Origin: https://www.netsec.news

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Apr 2019 11:05:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/x-font-ttf
status: 200
cache-control: max-age=2592000
cf-ray: 5a42b1fdd950d46f-HAM
cf-request-id: 035d8d92a20000d46f663f2200000001
expires: Thu, 16 Jul 2020 07:07:41 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Origin: https://www.netsec.news

Response headers

date: Fri, 12 Jun 2020 16:53:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 310478
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sat, 12 Jun 2021 16:53:03 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,800italic,400,300,700,800|Raleway:400,200,100,500,700,800,900&subset=latin,latin-ext
Origin: https://www.netsec.news

Response headers

date: Wed, 10 Jun 2020 04:17:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:42 GMT
server: sffe
age: 528611
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
expires: Thu, 10 Jun 2021 04:17:30 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
108 B 13ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1784858891&t=pageview&_s=1&dl=https%3A%2F%2Fwww.netsec.news%2F113-email-accounts-compromised-in-nhs-phishing-attack%2F&ul=en-us&de=UTF-8&dt=113%20Email%20Accounts%20Compromised%20in%20NHS%20Phishing%20Attack%20-%20NetSec.News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABC~&jid=543048227&gjid=1457094201&cid=965968730.1592291261&tid=UA-80120350-1&_gid=1442386127.1592291261&_r=1&z=883496892

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 netsec-news.png
www.netsec.news/wp-content/uploads/2018/05/ 20 KB
21 KB 27ms
26ms Image
image/png 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/uploads/2018/05/netsec-news.png
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e624223bc003d9f797b156318573ddb101d9c3ce43cb5bc311d8da6f0f2cf8

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
cf-cache-status: HIT
last-modified: Fri, 04 May 2018 09:16:20 GMT
server: cloudflare
age: 43234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a42b2011efcd46f-HAM
content-length: 20892
cf-request-id: 035d8d94ad0000d46f6600c200000001
expires: Tue, 15 Jun 2021 19:07:05 GMT

GET
H2 200 save-time.jpg
www.netsec.news/wp-content/uploads/2019/07/ 68 KB
69 KB 845ms
844ms Image
image/jpeg 104.24.108.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netsec.news/wp-content/uploads/2019/07/save-time.jpg
Requested by: Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4fccd55405c7ae6e1ba2dc69d1289c1c23171ff4e7348f275d5bd3aae9e0c28

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:42 GMT
cf-cache-status: MISS
last-modified: Tue, 16 Jul 2019 18:48:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5a42b2012f1ad46f-HAM
content-length: 70114
cf-request-id: 035d8d94b80000d46f6600d200000001
expires: Wed, 16 Jun 2021 07:07:41 GMT

GET
H/1.1 200
OK widget_iframe.86df6234483a1fa251e365dd8643c136.html
platform.twitter.com/widgets/ Frame ACA2 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.86df6234483a1fa251e365dd8643c136.html?origin=https%3A%2F%2Fwww.netsec.news
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41D7) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 636314
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Jun 2020 07:07:41 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Mon, 08 Jun 2020 22:13:29 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41D7)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H/1.1 200
OK moment~timeline~tweet.45ead3d5432161b054bab296e1d590eb.js Show response
platform.twitter.com/js/ 24 KB
8 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.45ead3d5432161b054bab296e1d590eb.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41AC) /
Resource Hash: 59cb0a5f59f16e66eca506cd942c18f1e74ec3b84d933d75c95593dec3d33f69

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 07:07:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2020 22:13:04 GMT
Server: ECS (fcn/41AC)
Age: 636313
Etag: "3fcf335f371a0d14c474b30b7cce01c3+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7869

GET
H/1.1 200
OK timeline.dcd659352714d721a9f3457b8601524a.js Show response
platform.twitter.com/js/ 21 KB
7 KB 14ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.dcd659352714d721a9f3457b8601524a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: cfc86c5d7acfe015875d9893737f5a243d8ba8c0cafef01b2b5ffa46cabb9e0e

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 07:07:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2020 22:13:05 GMT
Server: ECS (fcn/41A4)
Age: 636311
Etag: "035c82c5b07090eda0eec374cd2886c7+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6659

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 125 KB
8 KB 217ms
198ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_Net_Sec_News_old&dnt=false&domain=www.netsec.news&lang=en&screen_name=Net_Sec_News&suppress_response_codes=true&t=1769212&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ea0edd112f47416ab8f66ae0729f732952d21b5ba376c5d9e479e501018b54c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
content-length: 7248
x-xss-protection: 0
x-response-time: 175
last-modified: Tue, 16 Jun 2020 07:07:41 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
access-control-allow-methods: GET
content-type: application/javascript;charset=utf-8
expires: Tue, 16 Jun 2020 07:12:41 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: 0321920bf1ad2435b4821a772318f1c9
timing-allow-origin: *
x-transaction: 001f778d00a6306d
access-contol-allow-origin: platform.twitter.com

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
337 B 134ms
133ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1592291261689%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Tue, 16 Jun 2020 07:07:41 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1ccc26023ee19b8584544843c3d11857
x-transaction: 00d983d700e2cbd1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.dark.ltr.css
platform.twitter.com/css/ Frame 3087 53 KB
12 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40D1) /
Resource Hash: 32ae1222c34ac8d4ca2dcd6455e4b25c789515cbc05291c565dc49c64c21675e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 07:07:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2020 22:12:55 GMT
Server: ECS (fcn/40D1)
Age: 636312
Etag: "436682de2fd3039cb30ca50d238371c0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12179

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.dark.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 11ms
10ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40D1) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 07:07:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jun 2020 22:12:55 GMT
Server: ECS (fcn/40D1)
Age: 636312
Etag: "436682de2fd3039cb30ca50d238371c0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Content-Length: 12179

GET
H2 200 Uz4xXtJ6_normal.jpg
pbs.twimg.com/profile_images/755458469151576064/ Frame 3087 2 KB
2 KB 79ms
75ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/755458469151576064/Uz4xXtJ6_normal.jpg

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D8) /

Resource Hash

a7d9b24f8abfe28ea374668e4119a86b6c2577a9f8fa834b88ed43086f467ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:42 GMT
x-content-type-options: nosniff
age: 574230
x-cache: HIT
status: 200
content-length: 1579
x-response-time: 110
surrogate-key: profile_images profile_images/bucket/8 profile_images/755458469151576064
last-modified: Tue, 19 Jul 2016 17:43:09 GMT
server: ECS (fcn/41D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4bda090e4e2560ddb2ab3fe6904502c9
accept-ranges: bytes

GET
H2 200 DVXKogfVQAA0EDu
pbs.twimg.com/media/ Frame 3087 10 KB
10 KB 17ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVXKogfVQAA0EDu?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E8) /

Resource Hash

56fc5b359c0c8f98097c869b6fb012ccab9ae8a3c0b7386c661d94beee9f2c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 62884
x-cache: HIT
status: 200
content-length: 9916
x-response-time: 110
surrogate-key: media media/bucket/7 media/960896892778397696
last-modified: Tue, 06 Feb 2018 15:22:06 GMT
server: ECS (fcn/40E8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 97b519fbd17184e55ec05b0204285afb
accept-ranges: bytes

GET
H2 200 DVWpT5kVwAEJxUs
pbs.twimg.com/media/ Frame 3087 13 KB
14 KB 10ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVWpT5kVwAEJxUs?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

9ab4c21647322d4780f40416b99f52406a9fabd9f017bca6ac64f5ee31ef65d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 62884
x-cache: HIT
status: 200
content-length: 13744
x-response-time: 116
surrogate-key: media media/bucket/6 media/960860254849318913
last-modified: Tue, 06 Feb 2018 12:56:31 GMT
server: ECS (fcn/41D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0b4c2404ca8572ad7dbbe39e480e817f
accept-ranges: bytes

GET
H2 200 DVWEWRGVoAA3Uz6
pbs.twimg.com/media/ Frame 3087 9 KB
9 KB 16ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVWEWRGVoAA3Uz6?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

5a40edeb56fe54a4f2e5091858b2a859678a8c2a38368871aaf2cb3f818fa997

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 270824
x-cache: HIT
status: 200
content-length: 9333
x-response-time: 108
surrogate-key: media media/bucket/3 media/960819613595443200
last-modified: Tue, 06 Feb 2018 10:15:01 GMT
server: ECS (fcn/41D7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fee52c3bcb82a5a0c80870f88139949b
accept-ranges: bytes

GET
H2 200 DVCk_H6VAAYM4t0
pbs.twimg.com/media/ Frame 3087 14 KB
14 KB 17ms
14ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVCk_H6VAAYM4t0?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

671e327390728f7437837158698294f2396b70c9e9a30cbb86804316b75e60dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 574229
x-cache: HIT
status: 200
content-length: 13830
x-response-time: 117
surrogate-key: media media/bucket/6 media/959448124992323590
last-modified: Fri, 02 Feb 2018 15:25:13 GMT
server: ECS (fcn/41A7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b92e7e6f5bd16f4c6a35f26b2bea9d50
accept-ranges: bytes

GET
H2 200 DVB-8jWUQAAgC49
pbs.twimg.com/media/ Frame 3087 14 KB
15 KB 11ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVB-8jWUQAAgC49?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D9) /

Resource Hash

04f40b8405d03fb7493221724b0dc346c7cf4d32eb5c2d8ab13b4fec5978f0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 201767
x-cache: HIT
status: 200
content-length: 14730
x-response-time: 115
surrogate-key: media media/bucket/3 media/959406299376009216
last-modified: Fri, 02 Feb 2018 12:39:01 GMT
server: ECS (fcn/40D9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a61675b1f1887d382c906d823842da08
accept-ranges: bytes

GET
H2 200 DVBsml5U8AESsBQ
pbs.twimg.com/media/ Frame 3087 9 KB
9 KB 9ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVBsml5U8AESsBQ?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

9df2010a3420d443c6e9a81ade8f4a29de4da7c63575a652b74f4b23b3f9a467

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 412413
x-cache: HIT
status: 200
content-length: 8893
x-response-time: 115
surrogate-key: media media/bucket/5 media/959386130893303809
last-modified: Fri, 02 Feb 2018 11:18:52 GMT
server: ECS (fcn/40EA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8b80284fed9539cb87c1423924e7182a
accept-ranges: bytes

GET
H2 200 DU9x_7GVAAApCKK
pbs.twimg.com/media/ Frame 3087 13 KB
13 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU9x_7GVAAApCKK?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FB) /

Resource Hash

d915138d6a8baf3395d29080836cc8a2f88798560cf5a0f08c413ec23c8ccf9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 62884
x-cache: HIT
status: 200
content-length: 13106
x-response-time: 119
surrogate-key: media media/bucket/2 media/959110588663136256
last-modified: Thu, 01 Feb 2018 17:03:58 GMT
server: ECS (fcn/40FB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4250cc8e0b4a5b2d1bae8dcad6ebfd79
accept-ranges: bytes

GET
H2 200 DU85VJeVwAIbyG-
pbs.twimg.com/media/ Frame 3087 3 KB
3 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU85VJeVwAIbyG-?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DE) /

Resource Hash

a56667106154757d7e032440f4c98d3d85293039a4c886f19404df27cc8a6b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 324026
x-cache: HIT
status: 200
content-length: 2751
x-response-time: 114
surrogate-key: media media/bucket/6 media/959048281136414722
last-modified: Thu, 01 Feb 2018 12:56:23 GMT
server: ECS (fcn/40DE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f485207b376af85008a8488e543a5d81
accept-ranges: bytes

GET
H2 200 DU830BCUQAArOan
pbs.twimg.com/media/ Frame 3087 3 KB
3 KB 9ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU830BCUQAArOan?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

16a209f438db74603320e77965dfd754a34ea25fa9522219e84f23d9c3b122fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 62884
x-cache: HIT
status: 200
content-length: 2998
x-response-time: 116
surrogate-key: media media/bucket/3 media/959046612424081408
last-modified: Thu, 01 Feb 2018 12:49:45 GMT
server: ECS (fcn/419E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 49c91a439fa416d9bddf0fbf13fa7731
accept-ranges: bytes

GET
H2 200 DU8hFcXU8AAoJzv
pbs.twimg.com/media/ Frame 3087 37 KB
37 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU8hFcXU8AAoJzv?format=jpg&name=small

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

0c50428ad6bd3ae464796a32968d0e8b292da4ff6ffd5f89fd29606a24c3fee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 65237
x-cache: HIT
status: 200
content-length: 37668
x-response-time: 114
surrogate-key: media media/bucket/6 media/959021623050301440
last-modified: Thu, 01 Feb 2018 11:10:27 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: abc5cfba22bc903afe5b0e99563457e1
accept-ranges: bytes

GET
H2 200 DU4hLSoVMAAEJ50
pbs.twimg.com/media/ Frame 3087 9 KB
9 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU4hLSoVMAAEJ50?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E8) /

Resource Hash

f68a73bd171214db397963d9d5b7d97b4cd47d637f77af79fb6112b263acac47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 62884
x-cache: HIT
status: 200
content-length: 9049
x-response-time: 116
surrogate-key: media media/bucket/6 media/958740248539770880
last-modified: Wed, 31 Jan 2018 16:32:22 GMT
server: ECS (fcn/40E8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8468b4a78a977c3400a9c3f13e67ecba
accept-ranges: bytes

GET
H2 200 DU4ZZ6JV4AAfrsX
pbs.twimg.com/media/ Frame 3087 6 KB
7 KB 38ms
38ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU4ZZ6JV4AAfrsX?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41D8) /

Resource Hash

d13fb1fb8aedda068cbcbc05bdb2b6de9552c4ad88d735a543cc4c8d043efa77

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:42 GMT
x-content-type-options: nosniff
age: 62885
x-cache: HIT
status: 200
content-length: 6552
x-response-time: 123
surrogate-key: media media/bucket/7 media/958731703572357120
last-modified: Wed, 31 Jan 2018 15:58:25 GMT
server: ECS (fcn/41D8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e8a42cea00657329258619928f80f8a2
accept-ranges: bytes

GET
H2 200 DU4HiB6U8AAnVNN
pbs.twimg.com/media/ Frame 3087 6 KB
6 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DU4HiB6U8AAnVNN?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AE) /

Resource Hash

49c956c834ace3c111887f01f735acf4e74d9dc3bce21f599617dc240abd602a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 62884
x-cache: HIT
status: 200
content-length: 6232
x-response-time: 128
surrogate-key: media media/bucket/3 media/958712051886518272
last-modified: Wed, 31 Jan 2018 14:40:19 GMT
server: ECS (fcn/41AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4cf8727465bab1b2c5759b1a588262ee
accept-ranges: bytes

GET
H2 200 DUtyw0oVQAExiSl
pbs.twimg.com/media/ Frame 3087 12 KB
12 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUtyw0oVQAExiSl?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

baa7aaef58fc9be26018414f272937093a73446b9c3650a1f65c8da6bd417ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 62884
x-cache: HIT
status: 200
content-length: 12434
x-response-time: 132
surrogate-key: media media/bucket/6 media/957985528833458177
last-modified: Mon, 29 Jan 2018 14:33:23 GMT
server: ECS (fcn/4185)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 763e9d6cc73cab7ac062fcb00eeabd0e
accept-ranges: bytes

GET
H2 200 DUdJ09LUQAUvwyk
pbs.twimg.com/media/ Frame 3087 7 KB
7 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUdJ09LUQAUvwyk?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A2) /

Resource Hash

c8442d68d8e0cc1522844fb95cbf7e27c67ee001baf5b3365ab925874b7d97a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 62884
x-cache: HIT
status: 200
content-length: 7284
x-response-time: 115
surrogate-key: media media/bucket/8 media/956814619963572229
last-modified: Fri, 26 Jan 2018 09:00:36 GMT
server: ECS (fcn/41A2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a9daad604f0807ef7ed41643fe17d37b
accept-ranges: bytes

GET
H2 200 DUc_ThsUQAAAyKL
pbs.twimg.com/media/ Frame 3087 13 KB
13 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUc_ThsUQAAAyKL?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AE) /

Resource Hash

a9fd0e36448cb5b01c30f9887ae727c45dc5f409646114041795ec1a1970177d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 62884
x-cache: HIT
status: 200
content-length: 12878
x-response-time: 116
surrogate-key: media media/bucket/7 media/956803050533830656
last-modified: Fri, 26 Jan 2018 08:14:38 GMT
server: ECS (fcn/41AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 584ac156f6c8ec1ec2e478ff08b98c0b
accept-ranges: bytes

GET
H2 200 DUZGIruU0AIdfga
pbs.twimg.com/media/ Frame 3087 10 KB
10 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUZGIruU0AIdfga?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B4) /

Resource Hash

2a48ba38367b79f1705b99481965681726bf226d26ac75c45f63e4346c61508f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:41 GMT
x-content-type-options: nosniff
age: 201767
x-cache: HIT
status: 200
content-length: 9984
x-response-time: 106
surrogate-key: media media/bucket/1 media/956529085852733442
last-modified: Thu, 25 Jan 2018 14:06:00 GMT
server: ECS (fcn/40B4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a9b556e07d9ec2f4cb0ed0d7987efb1e
accept-ranges: bytes

GET
H2 200 DUOfghmUQAAdggx
pbs.twimg.com/media/ Frame 3087 9 KB
10 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUOfghmUQAAdggx?format=jpg&name=240x240

Requested by

Host: www.netsec.news
URL: https://www.netsec.news/113-email-accounts-compromised-in-nhs-phishing-attack/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E2) /

Resource Hash

83d7b3035e3fc431629f86042c85c4e400440ffdc4dfae4c35dc1c6363754e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Jun 2020 07:07:42 GMT
x-content-type-options: nosniff
age: 62883
x-cache: HIT
status: 200
content-length: 9698
x-response-time: 115
surrogate-key: media media/bucket/9 media/955782927056388096
last-modified: Tue, 23 Jan 2018 12:41:02 GMT
server: ECS (fcn/40E2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 185d3cf7822023580b9114bd11fda4b8
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 3087 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3087 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3087 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3087 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 1113
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40AE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.netsec.news
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 636315
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Jun 2020 07:07:42 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 08 Jun 2020 22:20:29 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40AE)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 16 Jun 2020 07:07:42 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 16 Jun 2020 07:07:42 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 1ccc26023ee19b8584544843c3d11857
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 117
x-transaction: 007ac96600ed4968
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.netsec.news/	1970-01-19 10:19:37	Name: _gid Value: GA1.2.1442386127.1592291261
.netsec.news/	1970-01-20 03:49:23	Name: _ga Value: GA1.2.965968730.1592291261
.netsec.news/	1970-01-19 10:18:11	Name: _gat Value: 1
.netsec.news/	1970-01-19 11:01:23	Name: __cfduid Value: df73dcdaaadc088fb375bb4b190e93def1592291260

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.netsec.news/wp-content/cache/autoptimize/js/autoptimize_20452e557c350061a1dc9ac156561cbd.js(Line 52) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-images.mailchimp.com
cdn.syndication.twimg.com
fonts.googleapis.com
fonts.gstatic.com
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
www.google-analytics.com
www.netsec.news
104.24.108.219
104.244.42.136
143.204.242.230
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::2003
2a00:1450:4001:809::200e
2a00:1450:4001:81a::200a
04f40b8405d03fb7493221724b0dc346c7cf4d32eb5c2d8ab13b4fec5978f0bd
0c50428ad6bd3ae464796a32968d0e8b292da4ff6ffd5f89fd29606a24c3fee2
16a209f438db74603320e77965dfd754a34ea25fa9522219e84f23d9c3b122fb
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2a48ba38367b79f1705b99481965681726bf226d26ac75c45f63e4346c61508f
2c5446af6bedd20da1bc256181218f2ba700354204b395b81de76040401bffdd
2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
32ae1222c34ac8d4ca2dcd6455e4b25c789515cbc05291c565dc49c64c21675e
396afaa86f16f9d8923ea38ee8f1da1d0db797819d97823ff5d0d1c41515a464
46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e
49c956c834ace3c111887f01f735acf4e74d9dc3bce21f599617dc240abd602a
51f6757186bc2ffd28f2c2aab16b1b86ee001cc5bff18fa322129f3419c41b91
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56fc5b359c0c8f98097c869b6fb012ccab9ae8a3c0b7386c661d94beee9f2c1d
59cb0a5f59f16e66eca506cd942c18f1e74ec3b84d933d75c95593dec3d33f69
5a40edeb56fe54a4f2e5091858b2a859678a8c2a38368871aaf2cb3f818fa997
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
671e327390728f7437837158698294f2396b70c9e9a30cbb86804316b75e60dd
6935b2c1940b4f74e22834aa671716c4f1a8f15c581e11fe02e21f4e4bf54cc1
6bc92b096fa224014e1caa871ae4e6d6c7bcc9a5c5459b893e6bb052b3cb257c
6e4323cb773447aa0418c88dde648dffca5ab28462951ff9a7f8e4cd1bbc8e66
7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d7b3035e3fc431629f86042c85c4e400440ffdc4dfae4c35dc1c6363754e73
8b88ddfa92e4cb2646d5c7e19274939caa3495dcb33c307f1bbaec31b1d9691a
8c102baea959329be23bb8a5d6bc268ce1668484995f0d23c2f88b46d7653c4f
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9ab4c21647322d4780f40416b99f52406a9fabd9f017bca6ac64f5ee31ef65d9
9c695acb1fb9e1a8739e6ae5621d41fc1ff3d13bbf370ea9c1fc95e879109890
9df2010a3420d443c6e9a81ade8f4a29de4da7c63575a652b74f4b23b3f9a467
9f94c6bbe07a0c1cd75db3f68c3297f6442f3e57bd9bee499ff5130690790501
a37d3624086675554078137e1df705b7dd0cae87bf39b588759a94157fdefd73
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a56667106154757d7e032440f4c98d3d85293039a4c886f19404df27cc8a6b78
a7d9b24f8abfe28ea374668e4119a86b6c2577a9f8fa834b88ed43086f467ad9
a9fd0e36448cb5b01c30f9887ae727c45dc5f409646114041795ec1a1970177d
aaa4e4dd2325de6dd0bf50db258dd2f0ef54d773cfec03db876d82cd3c3683d2
aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b3e624223bc003d9f797b156318573ddb101d9c3ce43cb5bc311d8da6f0f2cf8
b54675d0c78b4247cd5ae2ab6b4ab96a280ae2bbdaf4f46dff6b95ca109840a5
baa7aaef58fc9be26018414f272937093a73446b9c3650a1f65c8da6bd417ef1
c8442d68d8e0cc1522844fb95cbf7e27c67ee001baf5b3365ab925874b7d97a7
c9dc60c88435895c2c30837a2f4f572c35042908e79992df178ff1a496c37dff
cfc86c5d7acfe015875d9893737f5a243d8ba8c0cafef01b2b5ffa46cabb9e0e
d13fb1fb8aedda068cbcbc05bdb2b6de9552c4ad88d735a543cc4c8d043efa77
d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d
d72f58490f1785f26fd6eaa0a36f8d987b4a7ab0dda4a5bd7b614fde92682587
d915138d6a8baf3395d29080836cc8a2f88798560cf5a0f08c413ec23c8ccf9e
dd3ea61595ec7d1c612f26c95863a96a3430e6c2f8feedbaf2d25b0d1de88688
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fccd55405c7ae6e1ba2dc69d1289c1c23171ff4e7348f275d5bd3aae9e0c28
e6a022b1e054e4a735b63fd1564c622c5b8ecf30f53bfc763fdce2f3a80afb4d
ea0edd112f47416ab8f66ae0729f732952d21b5ba376c5d9e479e501018b54c9
f68a73bd171214db397963d9d5b7d97b4cd47d637f77af79fb6112b263acac47

www.netsec.news Open in urlscan Pro 104.24.108.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

63 %IPv6

7 Domains

9 Subdomains

9 IPs

2 Countries

837 kBTransfer

1585 kBSize

4 Cookies

4 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.netsec.news Open in urlscan Pro
104.24.108.219 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

837 kB
Transfer

1585 kB
Size

4
Cookies

54 HTTP transactions
6 data transactions