URL: https://junews.pw/
Submission: On January 23 via api from US — Scanned from US

Summary

This website contacted 12 IPs in 1 countries across 12 domains to perform 40 HTTP transactions. The main IP is 23.111.182.242, located in Tampa, United States and belongs to HVC-AS, US. The main domain is junews.pw.
TLS certificate: Issued by R3 on January 20th 2024. Valid for: 3 months.
This is the only time junews.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 23.111.182.242 29802 (HVC-AS)
2 151.139.128.10 20446 (STACKPATH...)
6 2a04:4e42::367 54113 (FASTLY)
1 54.192.51.87 16509 (AMAZON-02)
1 151.101.2.132 54113 (FASTLY)
1 192.243.61.225 39572 (ADVANCEDH...)
1 2600:1402:880... 20940 (AKAMAI-ASN1)
2 2 54.192.51.21 16509 (AMAZON-02)
2 3.161.213.54 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1408:540... 20940 (AKAMAI-ASN1)
40 12
Apex Domain
Subdomains
Transfer
10 dznews.pw
dznews.pw
162 KB
6 guim.co.uk
i.guim.co.uk — Cisco Umbrella Rank: 15965
15 KB
4 mural.com.mx
mural.com.mx — Cisco Umbrella Rank: 559676
www.mural.com.mx — Cisco Umbrella Rank: 629501
114 KB
2 theindependent.sg
media.theindependent.sg — Cisco Umbrella Rank: 522372
2 MB
1 bonnier.news
cached-images.bonnier.news — Cisco Umbrella Rank: 312949
56 KB
1 dctdigital.com
wpcluster.dctdigital.com — Cisco Umbrella Rank: 181451
95 KB
1 cloudinary.com
onecms-res.cloudinary.com — Cisco Umbrella Rank: 86471
45 KB
1 vgc.no
svd.vgc.no — Cisco Umbrella Rank: 415366
133 KB
1 deporttideevenings.com
deporttideevenings.com
1 svd.se
static.svd.se — Cisco Umbrella Rank: 447832
4 KB
1 infomaker.io
imengine.public.nwt.infomaker.io
23 KB
1 junews.pw
junews.pw
11 KB
40 12
Domain Requested by
10 dznews.pw junews.pw
6 i.guim.co.uk junews.pw
2 www.mural.com.mx junews.pw
2 mural.com.mx 2 redirects
2 media.theindependent.sg junews.pw
1 cached-images.bonnier.news
1 wpcluster.dctdigital.com
1 onecms-res.cloudinary.com junews.pw
1 svd.vgc.no junews.pw
1 deporttideevenings.com junews.pw
1 static.svd.se junews.pw
1 imengine.public.nwt.infomaker.io junews.pw
1 junews.pw
40 13

This site contains links to these domains. Also see Links.

Domain
dznews.pw
Subject Issuer Validity Valid
www.olimnews.pw.bksfe.com
R3
2024-01-20 -
2024-04-19
3 months crt.sh
dznews.pw
R3
2024-01-21 -
2024-04-20
3 months crt.sh
media.theindependent.sg
R3
2023-12-24 -
2024-03-23
3 months crt.sh
theguardian.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-11-14 -
2024-12-15
a year crt.sh
*.public.prod.nwt.infomaker.io
Amazon RSA 2048 M02
2023-07-10 -
2024-08-07
a year crt.sh
*.svd.se
R3
2023-12-10 -
2024-03-09
3 months crt.sh
deporttideevenings.com
R3
2023-11-27 -
2024-02-25
3 months crt.sh
svd.vgc.no
R3
2023-11-22 -
2024-02-20
3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2
2023-12-14 -
2024-06-22
6 months crt.sh
wpcluster.dctdigital.com
Cloudflare Inc ECC CA-3
2024-01-06 -
2024-12-31
a year crt.sh
bonnier.news
DigiCert TLS RSA SHA256 2020 CA1
2023-07-04 -
2024-07-03
a year crt.sh

This page contains 1 frames:

Primary Page: https://junews.pw/
Frame ID: 90D0764DA9416A9861DBD27DC6505799
Requests: 43 HTTP requests in this frame

Screenshot

Page Title

Ultabz - Ultabz

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

65 %
HTTPS

42 %
IPv6

12
Domains

13
Subdomains

12
IPs

1
Countries

3145 kB
Transfer

3648 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/646/5645952.jpg&wm=1&ang=0 HTTP 302
  • https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/646/5645952.jpg&wm=1&ang=0
Request Chain 35
  • https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644874.jpg&wm=1&ang=0 HTTP 302
  • https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644874.jpg&wm=1&ang=0

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
junews.pw/
82 KB
11 KB
Document
General
Full URL
https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed / PHP/7.4.33
Resource Hash
a22b4796126f9b50008f1e66e6b520807c5eba3928948233c433cdc88b3c2958

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate max-age=0
content-encoding
br
content-length
10707
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 11:42:07 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
bootstrap.min.css
dznews.pw/assets/vendor/bootstrap/css/
190 KB
24 KB
Stylesheet
General
Full URL
https://dznews.pw/assets/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:07 GMT
content-encoding
br
last-modified
Fri, 29 Sep 2023 14:45:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
24634
expires
Wed, 22 Jan 2025 11:42:07 GMT
icons-2.2.min.css
dznews.pw/assets/themes/magazine/css/
20 KB
15 KB
Stylesheet
General
Full URL
https://dznews.pw/assets/themes/magazine/css/icons-2.2.min.css
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
f1dff1eed88a9ec41ccd24edbec9506f8c28f6687d5e214d3e4f8478a12f99f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:07 GMT
content-encoding
br
last-modified
Fri, 29 Sep 2023 14:45:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
15066
expires
Wed, 22 Jan 2025 11:42:07 GMT
plugins-2.2.min.css
dznews.pw/assets/themes/magazine/css/
1 KB
482 B
Stylesheet
General
Full URL
https://dznews.pw/assets/themes/magazine/css/plugins-2.2.min.css
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
953e00bc07f3b0e9210bb6de1c03d2855480448ac1cafd69b8e68fa26640c394

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:07 GMT
content-encoding
br
last-modified
Fri, 29 Sep 2023 14:45:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
448
expires
Wed, 22 Jan 2025 11:42:07 GMT
style-2.2.min.css
dznews.pw/assets/themes/magazine/css/
75 KB
13 KB
Stylesheet
General
Full URL
https://dznews.pw/assets/themes/magazine/css/style-2.2.min.css
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
69331b2bf93cfd57e07415d3900e3287b2b6fbe99b33d1b29595f1790c4bdaea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:07 GMT
content-encoding
br
last-modified
Fri, 29 Sep 2023 14:45:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13366
expires
Wed, 22 Jan 2025 11:42:07 GMT
logo_651f9b5331fdf4-26218277.png
dznews.pw/uploads/logo/
12 KB
12 KB
Image
General
Full URL
https://dznews.pw/uploads/logo/logo_651f9b5331fdf4-26218277.png
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
66a3ca8b6f2065025ec148755198e191cffb54f287b52f0bfce6066ad2ab846a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:08 GMT
last-modified
Fri, 06 Oct 2023 05:29:55 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11901
expires
Wed, 22 Jan 2025 11:42:08 GMT
logo_651f9b53322ab6-39043167.png
dznews.pw/uploads/logo/
12 KB
12 KB
Image
General
Full URL
https://dznews.pw/uploads/logo/logo_651f9b53322ab6-39043167.png
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
66a3ca8b6f2065025ec148755198e191cffb54f287b52f0bfce6066ad2ab846a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:07 GMT
last-modified
Fri, 06 Oct 2023 05:29:55 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
11901
expires
Wed, 22 Jan 2025 11:42:07 GMT
jquery-3.6.1.min.js
dznews.pw/assets/themes/magazine/js/
88 KB
30 KB
Script
General
Full URL
https://dznews.pw/assets/themes/magazine/js/jquery-3.6.1.min.js
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:07 GMT
content-encoding
br
last-modified
Fri, 29 Sep 2023 14:45:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
30317
expires
Wed, 22 Jan 2025 11:42:07 GMT
bootstrap.bundle.min.js
dznews.pw/assets/vendor/bootstrap/js/
79 KB
22 KB
Script
General
Full URL
https://dznews.pw/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:08 GMT
content-encoding
br
last-modified
Fri, 29 Sep 2023 14:45:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22476
expires
Wed, 22 Jan 2025 11:42:08 GMT
plugins.js
dznews.pw/assets/themes/magazine/js/
112 KB
31 KB
Script
General
Full URL
https://dznews.pw/assets/themes/magazine/js/plugins.js
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
812187a40cd926e5c56c17806c2d07e2f6ec06d73f4b6097a6ceb0708f50ea9a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:08 GMT
content-encoding
br
last-modified
Fri, 29 Sep 2023 14:45:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
32042
expires
Wed, 22 Jan 2025 11:42:08 GMT
main-2.2.min.js
dznews.pw/assets/themes/magazine/js/
14 KB
3 KB
Script
General
Full URL
https://dznews.pw/assets/themes/magazine/js/main-2.2.min.js
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.111.182.242 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
pacific.us.hostns.io
Software
LiteSpeed /
Resource Hash
47a35ccd55a2ba045e214fcd8f4be2d2b851fe4e76031a77eb6c00907c1722b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:08 GMT
content-encoding
br
last-modified
Fri, 29 Sep 2023 14:45:46 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3142
expires
Wed, 22 Jan 2025 11:42:08 GMT
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
122 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3342b958e2b48f37cbd0ae10997b0d36c8940bf46bf8c7b3102098c2288512e2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
open-sans-400.woff2
dznews.pw/assets/fonts/open-sans/
0
0

open-sans-700.woff2
dznews.pw/assets/fonts/open-sans/
0
0

truncated
/
7 KB
7 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82ab7dc48cf0a854ef57ff4779c140e3965d37d585f0bad1bca0ea63eaf10bab

Request headers

Referer
Origin
https://junews.pw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
application/octet-stream
inter-400.woff2
dznews.pw/assets/fonts/inter/
0
0

inter-600.woff2
dznews.pw/assets/fonts/inter/
0
0

open-sans-600.woff2
dznews.pw/assets/fonts/open-sans/
0
0

inter-700.woff2
dznews.pw/assets/fonts/inter/
0
0

Screenshot-2024-01-23-at-03-33-54-Your-Children-is-Not-Your-Dividend-Stock.png
media.theindependent.sg/wp-content/uploads/2024/01/23033246/
2 MB
2 MB
Image
General
Full URL
https://media.theindependent.sg/wp-content/uploads/2024/01/23033246/Screenshot-2024-01-23-at-03-33-54-Your-Children-is-Not-Your-Dividend-Stock.png
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
d16b4892f5c2201e2e94b4c673ec54bfcf1376d9199487d45f5dddf085ef416c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 11:42:09 GMT
Last-Modified
Mon, 22 Jan 2024 19:34:38 GMT
Server
fbs
x-amz-request-id
DB2EEP880YSJD8D8
ETag
"e0efc095ef4c3fe4fde02321476ab7ec"
x-amz-server-side-encryption
AES256
X-HW
1706010129.cds222.mi1.hn,1706010129.cds238.mi1.c
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1853855
x-amz-id-2
pZXNqYazDUs9cXCqok+nKmC0roIxc/mBo/jQPh3vmZavAvB3I1BdZ3Rid6mJxlNKTcRIA+WUm471GELiPdxC/Q==
Screenshot-2024-01-23-at-02-37-41-North-Korean-teens-sentenced-for-watching-K-pop-REUTERS-1024x572.png
media.theindependent.sg/wp-content/uploads/2024/01/23024137/
669 KB
670 KB
Image
General
Full URL
https://media.theindependent.sg/wp-content/uploads/2024/01/23024137/Screenshot-2024-01-23-at-02-37-41-North-Korean-teens-sentenced-for-watching-K-pop-REUTERS-1024x572.png
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs /
Resource Hash
4d62c60f3a3c18dfb0975152c4f234fc147adb48508e0899917ac212fe1d0b2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 11:42:09 GMT
Last-Modified
Mon, 22 Jan 2024 18:43:31 GMT
Server
fbs
x-amz-request-id
WYX5GYJZFW97K9HK
ETag
"f75b93dcd0bbd837a36e7332b97bcea7"
x-amz-server-side-encryption
AES256
X-HW
1706010129.cds230.mi1.hn,1706010129.cds232.mi1.c
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
685415
x-amz-id-2
sXl26BQf0aCUqVvBEGfK0DNLi/YRLD3w+KqJS3u9AMm8IRsx3JzZ9mTO5m9+lB1JdvzdBQTu8/is64xkmmgxWQ==
6460.jpg
i.guim.co.uk/img/media/52bfd38b4724d969ab945e765d794f170e4dd805/0_15_6460_3878/master/
2 KB
2 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/52bfd38b4724d969ab945e765d794f170e4dd805/0_15_6460_3878/master/6460.jpg?width=140&quality=85&auto=format&fit=max&s=c4871076021de1e6da1afc8a300cc5f5
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c5b5f311c71c2c75975e4168eb964e8ef2033fb660e790f186f3bdcf8b36167

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img05-europe-west2
age
36106
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=8807544 idim=6460x3878 ifmt=jpeg ofsz=1990 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
15
content-length
1990
x-served-by
cache-lcy-eglc8600033-LCY, cache-mia-kmia1760049-MIA
server
AmazonS3
x-timer
S1706010129.230296,VS0,VE1
etag
"sMQF01wtTFxom2rfEOb3qy3dCn55UVzhj8QG6dE1+14"
x-amz-meta-bounds-height
3878
x-amz-meta-bounds-width
6460
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
2, 1
5120.jpg
i.guim.co.uk/img/media/6a8c447f012a3f11f87ed7a3401da5218b5062f1/0_171_5120_3073/master/
4 KB
4 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/6a8c447f012a3f11f87ed7a3401da5218b5062f1/0_171_5120_3073/master/5120.jpg?width=140&quality=85&auto=format&fit=max&s=e7f6d6b10c5cdc3472029601d06d8d0f
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71f65ac735622443731672da167df33525f3c77efadf4b19a35e3acc7122a92c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img03-europe-west2
age
36339
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=2981595 idim=5120x3073 ifmt=jpeg ofsz=3666 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
171
content-length
3666
x-served-by
cache-lcy-eglc8600036-LCY, cache-mia-kmia1760049-MIA
server
AmazonS3
x-timer
S1706010129.230421,VS0,VE1
etag
"1MUkY295zBi6331R7mjDw27DkMb1Ww9ramq+N33EDlA"
x-amz-meta-bounds-height
3073
x-amz-meta-bounds-width
5120
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
1, 1
7966.jpg
i.guim.co.uk/img/media/05b62077fac41a427f2c82df79fd58a5ded027fa/0_49_7966_4780/master/
2 KB
3 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/05b62077fac41a427f2c82df79fd58a5ded027fa/0_49_7966_4780/master/7966.jpg?width=140&quality=85&auto=format&fit=max&s=824c4bcd123ee9c3c98005fc78daed88
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc20201392281443acb704a3edfaf0f99903e52317b69a68a3137364afa02c66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img10-europe-west2
age
39894
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=11758666 idim=7966x4780 ifmt=jpeg ofsz=2184 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
49
content-length
2184
x-served-by
cache-lcy-eglc8600059-LCY, cache-mia-kmia1760049-MIA
server
AmazonS3
x-timer
S1706010129.230277,VS0,VE1
etag
"FR5gw1Zt6iV5W5nRFWxMZJ5aSikbdROTCkCNp0wYk+U"
x-amz-meta-bounds-height
4780
x-amz-meta-bounds-width
7966
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
1, 1
image.php
imengine.public.nwt.infomaker.io/
22 KB
23 KB
Image
General
Full URL
https://imengine.public.nwt.infomaker.io/image.php?type=preview&uuid=cc5f3454-c330-5fe1-9096-62a3dd471db2&function=cropresize&crop_w=0.999999&crop_h=0.78125&x=0.000001&y=0.022569444444444444&width=700&height=394
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-87.yul62.r.cloudfront.net
Software
nginx /
Resource Hash
9fb93efd61f0f729f3a26d545cc1c743bb421d7d3646c417466c24276ed96f70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Tue, 23 Jan 2024 01:40:05 GMT
via
1.1 612d3e065148a94cbbe94139733f662e.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jan 2024 01:40:05 +0000
server
nginx
x-amz-cf-pop
YUL62-C2
age
36124
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
d_U5o2SuIek2ecG7pkpEc2wng47fOo5VbHembHA4y0Ve_Xod06WTbg==
expires
Sun, 21 Jul 2024 01:40:05 GMT
logo-sharing-backup.png
static.svd.se/assets/assets/images/
4 KB
4 KB
Image
General
Full URL
https://static.svd.se/assets/assets/images/logo-sharing-backup.png
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31f2c8116290349fa0c4025ce6f5dd3ab101405c8d9c9aba2cc5499102b72546

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:09 GMT
via
1.1 varnish
x-amz-request-id
QNMEVXD20E4HFJ3K
age
1044846
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
4065
x-amz-id-2
8e6On7u2VLMcuT6IwFlOXRfYRm5KujaKFIYnV4dW0PI1PU3kpRAUqOJYGSgCTO+6kiVGP/I1Gf0=
x-served-by
cache-mia-kmia1760020-MIA
last-modified
Thu, 11 Jan 2024 08:30:30 GMT
server
AmazonS3
x-timer
S1706010129.326426,VS0,VE1
etag
"e5965997be1b9e9872b4ddab2bfd0687"
vary
Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
https://www.svd.se
cache-control
max-age=3628800
accept-ranges
bytes
x-cache-hits
1
invoke.js
deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/
0
0
Script
General
Full URL
https://deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/invoke.js
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://junews.pw/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 23 Jan 2024 11:42:09 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
inter-700.woff
dznews.pw/assets/fonts/inter/
0
0

c2e99b52-280b-476d-afdf-a337978cb4ea
svd.vgc.no/v2/images/
133 KB
133 KB
Image
General
Full URL
https://svd.vgc.no/v2/images/c2e99b52-280b-476d-afdf-a337978cb4ea?h=630&q=80&upscale=true&w=1200&s=d0e39b18360f33815c69a354c86d8480b6a0eb59
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1402:8800::1728:cda2 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e4564f63d4e4002474c84898579b05e28fba4e20d8ab2779a751464933cf13c5
Security Headers
Name Value
Strict-Transport-Security max-age=14400; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=14400; includeSubDomains
cache-control
public, max-age=315360000
date
Tue, 23 Jan 2024 11:42:10 GMT
x-plan3-correlation-id
x1XkzRrM8F9kOgRM
content-length
136025
content-type
image/jpeg
ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain
  • https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/646/5645952.jpg&wm=1&ang=0
  • https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/646/5645952.jpg&wm=1&ang=0
75 KB
76 KB
Image
General
Full URL
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/646/5645952.jpg&wm=1&ang=0
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Server
3.161.213.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-54.yul62.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
af5b4f47eddd0aabb5ba7ce79125993ca2a8a94b90719eec2657a2990a893ee2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:09 GMT
via
1.1 7476af8f062782a67347b5ad36d9410e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version
2.0.50727
x-amz-cf-pop
YUL62-P1
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
p3p
CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc
h3=":443"; ma=86400
content-length
76628
x-xss-protection
1; mode=block
server
Microsoft-IIS/8.5
expect-ct
enforce; max-age=3600
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private,private
x-amz-cf-id
h1_n4TkPX0xJzLk6lT6PEYxZdQKkXmDeb8xT-n6WDGIc8o3fj90Y7w==

Redirect headers

date
Tue, 23 Jan 2024 11:11:47 GMT
via
1.1 266cd0ca40a2604d8ba51f8173b83662.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
1822
x-cache
Hit from cloudfront
location
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/646/5645952.jpg&wm=1&ang=0
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
2_-jab0q7HkpM75ZyAVV0aA36JOh_XfZQd0hfgZtwf3Ixy8P-67aXQ==
IMG_6874.jpg
onecms-res.cloudinary.com/image/upload/s--hL1AfHpb--/c_crop,h_675,w_1200,x_0,y_334/fl_relative,g_south_east,l_mediacorp:cna:watermark:2021-08:cna,w_0.1/f_auto,q_auto/c_fill,g_auto,h_676,w_1200/v1/m...
45 KB
45 KB
Image
General
Full URL
https://onecms-res.cloudinary.com/image/upload/s--hL1AfHpb--/c_crop,h_675,w_1200,x_0,y_334/fl_relative,g_south_east,l_mediacorp:cna:watermark:2021-08:cna,w_0.1/f_auto,q_auto/c_fill,g_auto,h_676,w_1200/v1/mediacorp/cna/image/2024/01/13/IMG_6874.jpg?itok=ulWjDnnJ
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
94243df6c0ad8d4e08d86c5668f569cccf8e5d8fbe19ccfac5dad1f366629ebc
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:10 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Mon, 22 Jan 2024 14:59:23 GMT
server
Cloudinary
etag
"a00c117331626492b5b8cbb211efed88"
vary
Save-Data
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
server-timing
cld-fastly;dur=723;cpu=1;start=2024-01-23T11:42:09.423Z;desc=miss,rtt;dur=29,content-info;desc="width=1200,height=676,bytes=45898,owidth=1200,oheight=1600,obytes=245432,ef=(1,11,13,17,23,25)",cloudinary;dur=25;start=2024-01-23T11:42:10.004Z
accept-ranges
bytes
timing-allow-origin
*
content-length
45898
1411.jpg
i.guim.co.uk/img/media/6e273ed0008df8f2261fe3b8be4c31f88e9c569f/23_52_1411_847/master/
2 KB
2 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/6e273ed0008df8f2261fe3b8be4c31f88e9c569f/23_52_1411_847/master/1411.jpg?width=140&quality=85&auto=format&fit=max&s=3358a9c34dbc589ffe242a95f1b4d69b
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31170d1a9bc03ce8de582a225c83d848d4d98182299fac741775ea795d70002e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img09-europe-west2
age
42089
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=260049 idim=1411x847 ifmt=jpeg ofsz=2010 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
52
content-length
2010
x-served-by
cache-lcy-eglc8600071-LCY, cache-mia-kmia1760049-MIA
server
AmazonS3
x-timer
S1706010129.324171,VS0,VE1
etag
"wk9AWPle+FfTji2zdmHJ+cW7297MNSCHDcK7Na/XNcE"
x-amz-meta-bounds-height
847
x-amz-meta-bounds-width
1411
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
23
x-cache-hits
3, 1
1951.jpg
i.guim.co.uk/img/media/fa8691d70765e5f5a4db36f4a1a84c0b9764190f/0_0_1951_1170/master/
1 KB
2 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/fa8691d70765e5f5a4db36f4a1a84c0b9764190f/0_0_1951_1170/master/1951.jpg?width=140&quality=85&auto=format&fit=max&s=5572b8ee94670820d29b089bd0c92384
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbc337fc34f7d5f65e606fbe6b4fdc151abd9f6735fbe5306e08cd964bf65868

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img01-europe-west2
age
66031
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=516491 idim=1951x1170 ifmt=jpeg ofsz=1532 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
0
content-length
1532
x-served-by
cache-lcy-eglc8600026-LCY, cache-mia-kmia1760049-MIA
server
AmazonS3
x-timer
S1706010129.324308,VS0,VE1
etag
"HZCwXYa2EHW+pVYe3CMMHgmyRdg72UU/yqDTnhuDZJE"
x-amz-meta-bounds-height
1170
x-amz-meta-bounds-width
1951
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
13, 1
5208.jpg
i.guim.co.uk/img/media/aaea2cb25a38c6786981d10274c7a76d93faa84a/0_167_5208_3126/master/
1 KB
2 KB
Image
General
Full URL
https://i.guim.co.uk/img/media/aaea2cb25a38c6786981d10274c7a76d93faa84a/0_167_5208_3126/master/5208.jpg?width=140&quality=85&auto=format&fit=max&s=6980b283529017188bcb08e64e300f66
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::367 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfdf430018f948269a0ff19004a10905dfb2af83ac7f2c1241015fab344c9bed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:09 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
img07-europe-west2
age
96162
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
fastly-io-info
ifsz=5105361 idim=5208x3126 ifmt=jpeg ofsz=1418 odim=140x84 ofmt=webp
fastly-stats
io=1
x-amz-meta-bounds-y
167
content-length
1418
x-served-by
cache-lcy-eglc8600047-LCY, cache-mia-kmia1760049-MIA
server
AmazonS3
x-timer
S1706010129.324431,VS0,VE1
etag
"7R3Uyk4uiVEq7iJDWpscNjvLMGCRpWcub9Qsgyov+hg"
x-amz-meta-bounds-height
3126
x-amz-meta-bounds-width
5208
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-meta-aspect-ratio
5:3
timing-allow-origin
https://www.theguardian.com
x-amz-meta-bounds-x
0
x-cache-hits
5, 1
open-sans-400.woff
dznews.pw/assets/fonts/open-sans/
0
0

ImageTransformer.aspx
www.mural.com.mx/aplicacioneslibre/compartir/
Redirect Chain
  • https://mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644874.jpg&wm=1&ang=0
  • https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644874.jpg&wm=1&ang=0
36 KB
37 KB
Image
General
Full URL
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644874.jpg&wm=1&ang=0
Requested by
Host: junews.pw
URL: https://junews.pw/
Protocol
H2
Server
3.161.213.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-54.yul62.r.cloudfront.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5a16c01e094cea36e30f5246f87de2b4076f7df018a0179c700a13a11f19b4e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:09 GMT
via
1.1 7476af8f062782a67347b5ad36d9410e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' *.reforma.com *.elnorte.com *.mural.com.mx *.gruporeforma.com *.agenciareforma.com *.avisosdeocasion.com *.elviernesnocuesta.com aristeguinoticias.com *.ezproxy.iteso.mx *.udemproxy.elogim.com creative-preview-an.com ib.adnxs-simple.com mediation.adnxs.com http://intraneteditora http://intranetreforma http://intranetmural http://operacionesinternet;
x-aspnet-version
2.0.50727
x-amz-cf-pop
YUL62-P1
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
p3p
CP="NOI CURa ADMa DEVa OUR IND UNI NAV INT"
alt-svc
h3=":443"; ma=86400
content-length
37300
x-xss-protection
1; mode=block
server
Microsoft-IIS/8.5
expect-ct
enforce; max-age=3600
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private,private
x-amz-cf-id
cCfcnWX98k9PazopbjL0Gml3m940TbAhiWVCZDKyzN4tHQMdGbmwow==

Redirect headers

date
Tue, 23 Jan 2024 11:11:47 GMT
via
1.1 266cd0ca40a2604d8ba51f8173b83662.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
YUL62-C2
age
1822
x-cache
Hit from cloudfront
location
https://www.mural.com.mx/aplicacioneslibre/compartir/ImageTransformer.aspx?img=https://img.gruporeforma.com/imagenes/960x640/6/645/5644874.jpg&wm=1&ang=0
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
NCpF7y5W4WPzgGWGGOpwQ3xa2yCJJN-AH7-bbbW390LCZPwK2RqYzw==
open-sans-700.woff
dznews.pw/assets/fonts/open-sans/
0
0

inter-600.woff
dznews.pw/assets/fonts/inter/
0
0

inter-400.woff
dznews.pw/assets/fonts/inter/
0
0

open-sans-600.woff
dznews.pw/assets/fonts/open-sans/
0
0

IMG_2204-16rr32j5r-e1705760560714-940x564.jpg
wpcluster.dctdigital.com/wp-content/uploads/sites/2/2024/01/
94 KB
95 KB
Image
General
Full URL
https://wpcluster.dctdigital.com/wp-content/uploads/sites/2/2024/01/IMG_2204-16rr32j5r-e1705760560714-940x564.jpg?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6d1ada5ba6c017d6bbef4034ef1943e77b1e799fdd690622d947a49992900f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-dct-digital
connected
x-amz-request-id
tx000009a02b829e90923a8-0065abd9d5-1e53e36b-default
cf-polished
origSize=100670
content-length
96300
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Sat, 20 Jan 2024 14:22:42 GMT
server
cloudflare
etag
"b12b7f01d62e204c53611f31846d9eb8"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
x-rgw-object-type
Normal
accept-ranges
bytes
x-robots-tag
noindex, nosnippet, noarchive
cf-ray
849fc594adccd99d-MIA
17a40626-0505-4d69-a0b5-4a2b91972ea6.jpeg
cached-images.bonnier.news/gcs/bilder/dn-mly/
56 KB
56 KB
Image
General
Full URL
https://cached-images.bonnier.news/gcs/bilder/dn-mly/17a40626-0505-4d69-a0b5-4a2b91972ea6.jpeg?interpolation=lanczos-none&downsize=1000:*&output-quality=80&output-format=jpeg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:5400:392::31b3 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0e3e23625f916d120ecd99768de48e5d926ba48cc0226fa57da2634d144d965f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://junews.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 11:42:11 GMT
last-modified
Sat, 20 Jan 2024 17:58:53 GMT
x-serial
1892
server
Akamai Image Manager
x-check-cacheable
YES
etag
"b48911004134b01b558cdbba5a56a2f1"
content-type
image/jpeg
cache-control
private, no-transform, max-age=31299468
content-length
57187
expires
Sun, 19 Jan 2025 17:59:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff2
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff2
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/inter/inter-400.woff2
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/inter/inter-600.woff2
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff2
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/inter/inter-700.woff2
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/inter/inter-700.woff
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/inter/inter-600.woff
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/inter/inter-400.woff
Domain
dznews.pw
URL
https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| VrConfig function| $ function| jQuery number| uidEvent object| bootstrap object| lazySizes function| setImmediate function| clearImmediate function| swal function| sweetAlert function| setAjaxData function| setSerializedData object| tooltipTriggerList object| tooltipList function| loadMorePosts function| viewPollResults function| viewPollOptions function| addReaction function| loadMoreComments function| addRemoveReadingListItem function| deleteComment function| closeCookiesWarning function| showImagePreview object| atOptions

2 Cookies

Domain/Path Name / Value
junews.pw/ Name: vr_session
Value: f7817e31470cd7828d8e543ec53f6f8c379de4ce
junews.pw/ Name: vr_csrf_cookie
Value: c405d4a67ae7ad95cd25c7363c8d621b

27 Console Messages

Source Level URL
Text
javascript warning URL: https://junews.pw/(Line 1162)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://junews.pw/(Line 1162)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/inter/inter-700.woff2' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/inter/inter-700.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/inter/inter-700.woff' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/inter/inter-700.woff
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://deporttideevenings.com/4e0d74a08e7a30d1941ce908b85998d3/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff2' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff2' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/open-sans/open-sans-400.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/inter/inter-600.woff2' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/inter/inter-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/open-sans/open-sans-700.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/inter/inter-400.woff2' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/inter/inter-400.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff2' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/inter/inter-600.woff' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/inter/inter-600.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/inter/inter-400.woff' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/inter/inter-400.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://junews.pw/
Message:
Access to font at 'https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff' from origin 'https://junews.pw' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://dznews.pw/assets/fonts/open-sans/open-sans-600.woff
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cached-images.bonnier.news
deporttideevenings.com
dznews.pw
i.guim.co.uk
imengine.public.nwt.infomaker.io
junews.pw
media.theindependent.sg
mural.com.mx
onecms-res.cloudinary.com
static.svd.se
svd.vgc.no
wpcluster.dctdigital.com
www.mural.com.mx
dznews.pw
151.101.2.132
151.139.128.10
192.243.61.225
23.111.182.242
2600:1402:8800::1728:cda2
2600:1408:5400:392::31b3
2606:4700::6812:1c14
2a04:4e42:200::393
2a04:4e42::367
3.161.213.54
54.192.51.21
54.192.51.87
0e3e23625f916d120ecd99768de48e5d926ba48cc0226fa57da2634d144d965f
31170d1a9bc03ce8de582a225c83d848d4d98182299fac741775ea795d70002e
31f2c8116290349fa0c4025ce6f5dd3ab101405c8d9c9aba2cc5499102b72546
3342b958e2b48f37cbd0ae10997b0d36c8940bf46bf8c7b3102098c2288512e2
3c5b5f311c71c2c75975e4168eb964e8ef2033fb660e790f186f3bdcf8b36167
47a35ccd55a2ba045e214fcd8f4be2d2b851fe4e76031a77eb6c00907c1722b1
4d62c60f3a3c18dfb0975152c4f234fc147adb48508e0899917ac212fe1d0b2a
5a16c01e094cea36e30f5246f87de2b4076f7df018a0179c700a13a11f19b4e4
66a3ca8b6f2065025ec148755198e191cffb54f287b52f0bfce6066ad2ab846a
69331b2bf93cfd57e07415d3900e3287b2b6fbe99b33d1b29595f1790c4bdaea
71f65ac735622443731672da167df33525f3c77efadf4b19a35e3acc7122a92c
812187a40cd926e5c56c17806c2d07e2f6ec06d73f4b6097a6ceb0708f50ea9a
82ab7dc48cf0a854ef57ff4779c140e3965d37d585f0bad1bca0ea63eaf10bab
94243df6c0ad8d4e08d86c5668f569cccf8e5d8fbe19ccfac5dad1f366629ebc
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
953e00bc07f3b0e9210bb6de1c03d2855480448ac1cafd69b8e68fa26640c394
9fb93efd61f0f729f3a26d545cc1c743bb421d7d3646c417466c24276ed96f70
a22b4796126f9b50008f1e66e6b520807c5eba3928948233c433cdc88b3c2958
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
af5b4f47eddd0aabb5ba7ce79125993ca2a8a94b90719eec2657a2990a893ee2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
cd6d1ada5ba6c017d6bbef4034ef1943e77b1e799fdd690622d947a49992900f
cfdf430018f948269a0ff19004a10905dfb2af83ac7f2c1241015fab344c9bed
d16b4892f5c2201e2e94b4c673ec54bfcf1376d9199487d45f5dddf085ef416c
dbc337fc34f7d5f65e606fbe6b4fdc151abd9f6735fbe5306e08cd964bf65868
dc20201392281443acb704a3edfaf0f99903e52317b69a68a3137364afa02c66
e4564f63d4e4002474c84898579b05e28fba4e20d8ab2779a751464933cf13c5
f1dff1eed88a9ec41ccd24edbec9506f8c28f6687d5e214d3e4f8478a12f99f3