urlscan.io logo urlscan.io
SecurityTrails logo

www.newindianexpress.com Open in urlscan Pro
193.108.153.9  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.newindianexpress.com/thes
Submission: On January 24 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 193.108.153.9, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.newindianexpress.com. The Cisco Umbrella rank of the primary domain is 533527.
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.
This is the only time www.newindianexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 193.108.153.9 20940 (AKAMAI-ASN1)
6 142.250.186.35 15169 (GOOGLE)
1 18.66.147.25 16509 (AMAZON-02)
3 172.67.27.232 13335 (CLOUDFLAR...)
2 142.250.184.226 15169 (GOOGLE)
2 172.217.16.200 15169 (GOOGLE)
2 104.22.26.212 13335 (CLOUDFLAR...)
1 216.239.34.36 15169 (GOOGLE)
1 54.80.230.82 14618 (AMAZON-AES)
3 142.250.185.206 15169 (GOOGLE)
1 142.250.186.42 15169 (GOOGLE)
26 12
4    193.108.153.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-9.deploy.static.akamaitechnologies.com
www.newindianexpress.com
6    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    18.66.147.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-25.fra60.r.cloudfront.net
cdn.gumlet.com
3    172.67.27.232 (United States)

ASN13335 (CLOUDFLARENET, US)
fea.assettype.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f200.1e100.net
www.googletagmanager.com
2    104.22.26.212 (None, )

ASN13335 (CLOUDFLARENET, US)
images.assettype.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    54.80.230.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-230-82.compute-1.amazonaws.com
prod-analytics.qlitics.com
3    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
6 gstatic.com
fonts.gstatic.com
243 KB
5 assettype.com
fea.assettype.com — Cisco Umbrella Rank: 139361
images.assettype.com — Cisco Umbrella Rank: 227954
424 KB
4 newindianexpress.com
www.newindianexpress.com — Cisco Umbrella Rank: 533527
108 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
120 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
158 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
165 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
6 KB
1 qlitics.com
prod-analytics.qlitics.com — Cisco Umbrella Rank: 102998
562 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
261 B
1 gumlet.com
cdn.gumlet.com — Cisco Umbrella Rank: 75892
7 KB
26 10
Domain Requested by
6 fonts.gstatic.com www.newindianexpress.com
4 www.newindianexpress.com fea.assettype.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 fea.assettype.com www.newindianexpress.com
fea.assettype.com
2 images.assettype.com www.newindianexpress.com
2 www.googletagmanager.com www.newindianexpress.com
www.googletagmanager.com
2 securepubads.g.doubleclick.net www.newindianexpress.com
securepubads.g.doubleclick.net
1 fonts.googleapis.com
1 prod-analytics.qlitics.com www.newindianexpress.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.gumlet.com www.newindianexpress.com
26 11
Subject Issuer Validity Valid
www.newindianexpress.com
R3		 2024-01-17 -
2024-04-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gumlet.com
Amazon RSA 2048 M03		 2023-10-27 -
2024-11-24		 a year crt.sh
assettype.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.qlitics.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.newindianexpress.com/thes
Frame ID: 37F12D7830AB66A1FF9985258772FF28
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 - Page not found

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

1232 kB
Transfer

4315 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request thes
www.newindianexpress.com/ 		818 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
73cabb5375834ae15cec1f5876d6f79c3dc7d37f8f9ebaee166565ad270d2576
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https: http:;script-src data: 'unsafe-inline' 'unsafe-eval' https: http: blob:;style-src data: 'unsafe-inline' https: http: blob:;img-src data: https: http: blob:;font-src data: https: http:;connect-src https: wss: ws: http: blob:;media-src https: blob: http:;object-src https: http:;child-src https: data: blob: http:;form-action https: http:;frame-ancestors 'self' https://*.quintype.com https://www.newindianexpress.com;block-all-mixed-content;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

akamai-cache-status
Miss from child, Miss from parent
akamai-grn
0.09ce3617.1706077467.4beeb26
cache-control
public,max-age=15,s-maxage=60, stale-while-revalidate=150,stale-if-error=3600
content-encoding
gzip
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https: http:;script-src data: 'unsafe-inline' 'unsafe-eval' https: http: blob:;style-src data: 'unsafe-inline' https: http: blob:;img-src data: https: http: blob:;font-src data: https: http:;connect-src https: wss: ws: http: blob:;media-src https: blob: http:;object-src https: http:;child-src https: data: blob: http:;form-action https: http:;frame-ancestors 'self' https://*.quintype.com https://www.newindianexpress.com;block-all-mixed-content;
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:24:28 GMT
etag
W/"cc629-l6YiiifHXk+YVypfNXgKRsaq0gI"
link
<https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://fea.assettype.com>;rel="preconnect",<https://fonts.gstatic.com>;rel="preconnect",<https://cdn.gumlet.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect"
server-timing
cdn-cache; desc=MISS edge; dur=108 origin; dur=455 ak_p; desc="1706077467667_389467657_79620902_56342_8281_60_92_255";dur=1
vary
Accept-Encoding
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newindianexpress.com/
Origin
https://www.newindianexpress.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:28:30 GMT
x-content-type-options
nosniff
age
24959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:28:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newindianexpress.com/
Origin
https://www.newindianexpress.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:28:34 GMT
x-content-type-options
nosniff
age
24955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:28:34 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newindianexpress.com/
Origin
https://www.newindianexpress.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 02:58:46 GMT
x-content-type-options
nosniff
age
357943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 02:58:46 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newindianexpress.com/
Origin
https://www.newindianexpress.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 16:12:40 GMT
x-content-type-options
nosniff
age
51109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 16:12:40 GMT
gumlet.min.js
cdn.gumlet.com/gumlet.js/2.0/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gumlet.com/gumlet.js/2.0/gumlet.min.js
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-25.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
13df2bb7aaa7526f48a0135ce43c27dcedd42b1c10bd4f8da2d7965b62b50102

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:13:29 GMT
content-encoding
br
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 09:03:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1188661
etag
W/"083a141b447aa53bbb9073a45592d18d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, s-maxage=31536000, max-age=172800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
An4ncqZeMQOV6gqwiWGpXimvH1myaXoLqqYnmWyKhVkw964RL3gJHg==
list-77ad4fcc4d9d1bf063ed.js
fea.assettype.com/quintype-ace/assets/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fea.assettype.com/quintype-ace/assets/list-77ad4fcc4d9d1bf063ed.js
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.27.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e05d8267bbca9b4711a2253157774f0217a8a2d0f3dfbf6af321b81f5924be57

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
x-amz-version-id
a2anHLwIkpv40x307CweV8_5NGFiHjaT
content-encoding
gzip
cf-cache-status
HIT
via
1.1 8d774700accd819b20dfa986df336be2.cloudfront.net (CloudFront)
x-amz-cf-pop
HEL51-P3
age
426072
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 07:24:46 GMT
server
cloudflare
etag
W/"7b8d39bbf93c2d8af864b21e0956854b"
vary
Accept-Encoding
access-control-allow-methods
HEAD, PUT, POST, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31104000
cf-ray
84a631956bb44c87-HEL
x-amz-cf-id
zNU14GmfmkC1JyTeYCXcChjXgL045uI9TI-yNfTr99_Zy1Oh3RK5cw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a0b633f679e753855464ff2656cd0f366be81d9b273ab34c864f5a802910f5ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30159
x-xss-protection
0
server
cafe
etag
653 / 19746 / m202401180101 / config-hash: 12028933323860707752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 Jan 2024 06:24:29 GMT
gtm.js
www.googletagmanager.com/ 		180 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MMDZD5
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
ffd8789ce58cfb76a6519c0e7535f9f47f72e8b48c4fb39d2c8fc6747849b93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65408
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Jan 2024 06:24:29 GMT
Long_Light_Mode_500_Height.png
images.assettype.com/newindianexpress/2024-01/513ad66b-9f6c-4c96-a3d5-ea0e785580a6/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.assettype.com/newindianexpress/2024-01/513ad66b-9f6c-4c96-a3d5-ea0e785580a6/Long_Light_Mode_500_Height.png
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901411d5ecf875d7d3a4d97d05efe4bfcbb800a0d5caa1598eff012318ecf4f4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
cf-cache-status
HIT
server
cloudflare
age
83818
etag
"54e17c54a307d34d92111fd88fb5af875659e81d"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84a631961a7ad93f-HEL
alt-svc
h3=":443"; ma=86400
content-length
26236
expires
Wed, 24 Jan 2024 07:07:31 GMT
Long_Dark_Mode_500_Height.png
images.assettype.com/newindianexpress/2024-01/27bf98c6-45f2-4697-a09d-4fc967f76df6/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.assettype.com/newindianexpress/2024-01/27bf98c6-45f2-4697-a09d-4fc967f76df6/Long_Dark_Mode_500_Height.png
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3224a9bd269e44b8ee9766a5bc185092cb3e828f8e6097f6bde8103b6906680f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
cf-cache-status
HIT
server
cloudflare
age
52885
etag
"e53f5344d1e024a25212a2276fee220abc8d896a"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84a631961a71d93f-HEL
alt-svc
h3=":443"; ma=86400
content-length
79204
expires
Wed, 24 Jan 2024 15:43:04 GMT
app-77ad4fcc4d9d1bf063ed.js
fea.assettype.com/quintype-ace/assets/ 		1 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fea.assettype.com/quintype-ace/assets/app-77ad4fcc4d9d1bf063ed.js
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.27.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070c4c1ba23ddfe82ba8cf404bc8a105e8607d6f226f017b22580974e03e0318

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
x-amz-version-id
4q4BUprXbyxIiv5.voA939NHf1lTbtNi
content-encoding
gzip
cf-cache-status
HIT
via
1.1 9a5691d5f57251013f89f471e99f9b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
HEL51-P3
age
428292
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 07:24:31 GMT
server
cloudflare
etag
W/"ca625f2a93eb78db3b4f066697738f12"
vary
Accept-Encoding
access-control-allow-methods
HEAD, PUT, POST, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31104000
cf-ray
84a631956bb84c87-HEL
x-amz-cf-id
Lvkrjgj-2LY0tmkkAMlkC314io5h7ehKFX6-QuIJo1zUaOl7NqnlPA==
svg-sprite-6b422ea7dc08f55780ae3689062e9e73.svg
www.newindianexpress.com/quintype-ace/assets/ 		52 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.newindianexpress.com/quintype-ace/assets/svg-sprite-6b422ea7dc08f55780ae3689062e9e73.svg
Requested by
Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-77ad4fcc4d9d1bf063ed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
00b9ed1832f3f41481c0433c7610541c14a61e0d780f5f05b38b43c3ff76b41b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/thes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
content-encoding
br
akamai-cache-status
Hit from child
last-modified
Fri, 19 Jan 2024 14:26:26 GMT
akamai-grn
0.86093217.1705674386.2c9123f, 0.09ce3617.1706077469.4bf0463
etag
W/"d17d-18d20987d68"
content-type
image/svg+xml
cache-control
public,max-age=31104000,s-maxage=31104000
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1706077469321_389467657_79627363_156_7577_37_0_146";dur=1
accept-ranges
bytes
content-length
13397
breaking-news
www.newindianexpress.com/api/v1/ 		14 B
526 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.newindianexpress.com/api/v1/breaking-news
Requested by
Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-77ad4fcc4d9d1bf063ed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb4f134f3a8aff794f7914ad61196b67d94586cf163efaf592ab41632ecb6d32

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/thes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
content-encoding
gzip
surrogate-key
q/5591//home c/5591/140074
akamai-cache-status
Miss from child, Hit from parent
akamai-grn
0.09ce3617.1706077469.4bf04f5
vary
Accept-Encoding
content-type
application/json
x-varnish
130071686 164447573
cache-tag
q/5591//home,c/5591/140074
cache-control
public,max-age=15,s-maxage=240,stale-while-revalidate=300,stale-if-error=7200
server-timing
cdn-cache; desc=HIT, edge; dur=17, origin; dur=0, ak_p; desc="1706077469359_389467657_79627509_1703_7324_37_0_219";dur=1
accept-ranges
bytes
qt-trace-id
39f0a0af-9392-460f-a473-6f61a386687b
content-length
34
x-hitcount
4
6385-77ad4fcc4d9d1bf063ed.js
fea.assettype.com/quintype-ace/assets/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fea.assettype.com/quintype-ace/assets/6385-77ad4fcc4d9d1bf063ed.js
Requested by
Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-77ad4fcc4d9d1bf063ed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.27.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38f68646a9509bab84743280b2abfbd7eeddcb1cb2d15b0a693f2a827bced6a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
x-amz-version-id
VmWfwIFfvinzNMnJSZ6rr2vco1o4RkGd
content-encoding
gzip
cf-cache-status
HIT
via
1.1 8a7b11c8a73c9363e6dd587e2c39686e.cloudfront.net (CloudFront)
x-amz-cf-pop
HEL51-P3
age
426072
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 07:24:14 GMT
server
cloudflare
etag
W/"d4c4b4450e857692ad9e24f055c4f35a"
vary
Accept-Encoding
access-control-allow-methods
HEAD, PUT, POST, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31104000
cf-ray
84a6319768a44c87-HEL
x-amz-cf-id
COMCSnGw9u840CeyaQnmVjIuTDOmz4O8erC0TJxfpYQBB2IX9GMt_w==
truncated
/ 		58 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/webp
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 03:30:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
10446
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138095
x-xss-protection
0
server
cafe
etag
16105826302836755247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 23 Jan 2025 03:30:23 GMT
js
www.googletagmanager.com/gtag/ 		287 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G7QJFDYYFT&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MMDZD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
3262163de344d49033bf9dee3106232f50d11eddd0c4b50d625bc42568315b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96073
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jan 2024 06:24:29 GMT
qlitics.js
www.newindianexpress.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newindianexpress.com/qlitics.js
Requested by
Host: fea.assettype.com
URL: https://fea.assettype.com/quintype-ace/assets/app-77ad4fcc4d9d1bf063ed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9e01e3bc0f787629f7f53eac2eb2da2664aa3c3b6b634b5388fd31590d235ce4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/thes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:29 GMT
content-encoding
gzip
akamai-cache-status
RefreshHit from child, Hit from parent
akamai-grn
0.8d3a2f17.1705648947.307b3a47, 0.09ce3617.1706077469.4bf0a3e
cache-tag
p/qlitics.js
server-timing
cdn-cache; desc=HIT, edge; dur=14, origin; dur=0, ak_p; desc="1706077469666_389467657_79628862_1361_6695_37_0_146";dur=1
qt-trace-id
4038d9dc-d584-4496-b109-8adfa9577c2c
content-length
4584
surrogate-key
p/qlitics.js
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-varnish
205527926 205073434
cache-control
public,max-age=60,s-maxage=600,stale-while-revalidate=7200,stale-if-error=7200
accept-ranges
bytes
x-hitcount
1
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G7QJFDYYFT&gtm=45je41m0v9130501826z871524695&_p=1706077468602&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tag_exp=71847096&cid=1918999982.1706077470&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706077469&sct=1&seg=0&dl=https%3A%2F%2Fwww.newindianexpress.com%2Fthes&dt=404%20-%20Page%20not%20found&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2748
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G7QJFDYYFT&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 06:24:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.newindianexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
device-tracker-id
prod-analytics.qlitics.com/api/ 		60 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-analytics.qlitics.com/api/device-tracker-id
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/qlitics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.230.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-230-82.compute-1.amazonaws.com
Software
/
Resource Hash
1595cbc9f3a1bc3a2d08ed706c086be09e690d7de7eb96369bf24c9b0941071b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:30 GMT
access-control-allow-option
POST, PUT, GET
access-control-max-age
30
content-type
application/json
access-control-allow-origin
https://www.newindianexpress.com
cache-control
private, no-cache
access-control-allow-credentials
true
access-control-allow-headers
x-requested-with, content-type, origin, accept
106213651
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/106213651?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
eab50ef76bb1b7c12e2b31f5016dd74387a28f37a7b238bb730bf9559f212a30
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-td0PzNW1qkkXFIfXrNeqhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:30 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-td0PzNW1qkkXFIfXrNeqhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXBMverWV7zCQv_11YBObIuWMVISPKseB1UgdFC019rOdtYp8Ahc9i2mEL3uRC9wlpZpg3YyGk6mbiy_B8d3vRT1iIv9Pes56nE-G4vBld_T0nuzcnorwdIqq4KqcchQc3gAiGNrA==
fundingchoicesmessages.google.com/f/ 		368 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXBMverWV7zCQv_11YBObIuWMVISPKseB1UgdFC019rOdtYp8Ahc9i2mEL3uRC9wlpZpg3YyGk6mbiy_B8d3vRT1iIv9Pes56nE-G4vBld_T0nuzcnorwdIqq4KqcchQc3gAiGNrA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MDc3NDcwLDg4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubmV3aW5kaWFuZXhwcmVzcy5jb20vdGhlcyIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImZpIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fi.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMyYsI87hs4r6aydw1qpDtvY8zJA2w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
a38c6108024a7226b9301306cbe4a461bc6e8180fb489e0718a02a7224a19342
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kvQ52X56izXasO6txhjgcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:24:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-kvQ52X56izXasO6txhjgcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		100 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fi.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyvVPg6xPZbxN-8pU_kv0arEgmO0w/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
d8dafdf9ef6affe7075b6fad200e065100934a702c198812b41a48d1570e34e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.newindianexpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 06:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 06:24:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 06:24:31 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newindianexpress.com/
Origin
https://www.newindianexpress.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:50 GMT
x-content-type-options
nosniff
age
24761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:31:50 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.newindianexpress.com
URL: https://www.newindianexpress.com/thes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newindianexpress.com/
Origin
https://www.newindianexpress.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:59:33 GMT
x-content-type-options
nosniff
age
105898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 00:59:33 GMT
AGSKWxW2FkStmZIDJOqx6OeJdyvnTkdt1BvuThvFeyZtdEc72n650aXG4Rd7rvj9NoWASZgRCp6Gi0YUL_nejQEcGopTJ8UfE5YrHiDz8S9E_BFv_13fNL5YghOlUg7KNm9zFMCZOCiJJA==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW2FkStmZIDJOqx6OeJdyvnTkdt1BvuThvFeyZtdEc72n650aXG4Rd7rvj9NoWASZgRCp6Gi0YUL_nejQEcGopTJ8UfE5YrHiDz8S9E_BFv_13fNL5YghOlUg7KNm9zFMCZOCiJJA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fi.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMyYsI87hs4r6aydw1qpDtvY8zJA2w/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Qldvumns5czr9C8IxCx7dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.newindianexpress.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Jan 2024 06:24:31 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Qldvumns5czr9C8IxCx7dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.newindianexpress.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| GUMLET_CONFIG object| _izq object| qtVersion object| dataLayer boolean| desktopAd boolean| desktopAdBig boolean| mobileAd object| googletag undefined| pFS boolean| disableAjaxNavigation function| loadFonts object| localStore object| pwaEventDate number| pwaDiff undefined| deferredPrompt function| getDiffInDays function| closeDialog function| addToHomeScreen object| webpackChunkquintype_ace object| regeneratorRuntime object| app function| qlitics object| qtData object| gumlet object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| BlockAdBlock object| blockAdBlock undefined| google_measure_js_timing object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NGJkZmQyYzc0NTRkMzEwMGxvYWRlcl9qcw== string| NGJkZmQyYzc0NTRkMzEwMGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

6 Cookies

Domain/Path Name / Value
.newindianexpress.com/ Name: AKA_A2
Value: A
.newindianexpress.com/ Name: _ga
Value: GA1.1.1918999982.1706077470
www.newindianexpress.com/ Name: qtype-session
Value: d8bb51d2-339f-4804-9a0f-553bd81159d3
.newindianexpress.com/ Name: _ga_G7QJFDYYFT
Value: GS1.1.1706077469.1.0.1706077469.0.0.0
.qlitics.com/ Name: thinmint
Value: 0e8dee41-b601-4db1-b8a0-6751fdb6642b
www.newindianexpress.com/ Name: thinmint
Value: 0e8dee41-b601-4db1-b8a0-6751fdb6642b

1 Console Messages

Source Level URL
Text
network error URL: https://www.newindianexpress.com/thes
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https: http:;script-src data: 'unsafe-inline' 'unsafe-eval' https: http: blob:;style-src data: 'unsafe-inline' https: http: blob:;img-src data: https: http: blob:;font-src data: https: http:;connect-src https: wss: ws: http: blob:;media-src https: blob: http:;object-src https: http:;child-src https: data: blob: http:;form-action https: http:;frame-ancestors 'self' https://*.quintype.com https://www.newindianexpress.com;block-all-mixed-content;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.gumlet.com
fea.assettype.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
images.assettype.com
prod-analytics.qlitics.com
region1.google-analytics.com
securepubads.g.doubleclick.net
www.googletagmanager.com
www.newindianexpress.com
104.22.26.212
142.250.184.226
142.250.185.206
142.250.186.35
142.250.186.42
172.217.16.200
172.67.27.232
18.66.147.25
193.108.153.9
216.239.34.36
54.80.230.82
00b9ed1832f3f41481c0433c7610541c14a61e0d780f5f05b38b43c3ff76b41b
070c4c1ba23ddfe82ba8cf404bc8a105e8607d6f226f017b22580974e03e0318
13df2bb7aaa7526f48a0135ce43c27dcedd42b1c10bd4f8da2d7965b62b50102
1595cbc9f3a1bc3a2d08ed706c086be09e690d7de7eb96369bf24c9b0941071b
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
3224a9bd269e44b8ee9766a5bc185092cb3e828f8e6097f6bde8103b6906680f
3262163de344d49033bf9dee3106232f50d11eddd0c4b50d625bc42568315b80
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
73cabb5375834ae15cec1f5876d6f79c3dc7d37f8f9ebaee166565ad270d2576
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
901411d5ecf875d7d3a4d97d05efe4bfcbb800a0d5caa1598eff012318ecf4f4
9e01e3bc0f787629f7f53eac2eb2da2664aa3c3b6b634b5388fd31590d235ce4
a0b633f679e753855464ff2656cd0f366be81d9b273ab34c864f5a802910f5ed
a38c6108024a7226b9301306cbe4a461bc6e8180fb489e0718a02a7224a19342
d8dafdf9ef6affe7075b6fad200e065100934a702c198812b41a48d1570e34e4
e05d8267bbca9b4711a2253157774f0217a8a2d0f3dfbf6af321b81f5924be57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab50ef76bb1b7c12e2b31f5016dd74387a28f37a7b238bb730bf9559f212a30
f38f68646a9509bab84743280b2abfbd7eeddcb1cb2d15b0a693f2a827bced6a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb4f134f3a8aff794f7914ad61196b67d94586cf163efaf592ab41632ecb6d32
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514
ffd8789ce58cfb76a6519c0e7535f9f47f72e8b48c4fb39d2c8fc6747849b93a