Submitted URL: http://login.staging-thesun.co.uk/
Effective URL: https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRS...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 12 via api from FR — Scanned from FR

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 56 HTTP transactions. The main IP is 2606:4700::6813:9813, located in United States and belongs to CLOUDFLARENET, US. The main domain is account.staging-thesun.co.uk.
TLS certificate: Issued by E1 on October 22nd 2023. Valid for: 3 months.
This is the only time account.staging-thesun.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:225... 16509 (AMAZON-02)
2 3 2600:9000:225... 16509 (AMAZON-02)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:224... 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
8 2600:9000:223... 16509 (AMAZON-02)
4 18.66.122.51 16509 (AMAZON-02)
3 35.190.10.96 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 18.245.60.72 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 99.86.4.12 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 35.241.9.51 396982 (GOOGLE-CL...)
1 37.252.173.215 29990 (ASN-APPNEX)
2 34.107.254.252 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
56 24
Apex Domain
Subdomains
Transfer
8 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1253
49 KB
8 staging-thesun.co.uk
login.staging-thesun.co.uk
account.staging-thesun.co.uk
96 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
627 KB
4 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2904
api.permutive.com — Cisco Umbrella Rank: 2165
googlesync.permutive.com — Cisco Umbrella Rank: 8909
315 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
2 KB
4 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1361
37 KB
4 thesun.co.uk
www.thesun.co.uk — Cisco Umbrella Rank: 28079
119 KB
4 px-cloud.net
client.px-cloud.net — Cisco Umbrella Rank: 6931
collector-pxercz0zul.px-cloud.net
77 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
1018 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
3 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7121
cdn.eu.auth0.com — Cisco Umbrella Rank: 132212
247 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
173 KB
2 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2638
759 B
1 google.fr
www.google.fr — Cisco Umbrella Rank: 17843
408 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
54 B
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
584 B
1 prmutv.co
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co — Cisco Umbrella Rank: 48972
235 B
1 newsdata.uk
pac.newsdata.uk
1009 B
1 dotmetrics.net
uk-script.dotmetrics.net — Cisco Umbrella Rank: 5234
1 KB
56 19
Domain Requested by
8 tags.tiqcdn.com account.staging-thesun.co.uk
tags.tiqcdn.com
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
4 sb.scorecardresearch.com 2 redirects
4 www.recaptcha.net cdn.auth0.com
www.gstatic.com
www.recaptcha.net
4 www.thesun.co.uk account.staging-thesun.co.uk
4 account.staging-thesun.co.uk 1 redirects cdn.auth0.com
4 login.staging-thesun.co.uk 3 redirects account.staging-thesun.co.uk
3 collector-pxercz0zul.px-cloud.net client.px-cloud.net
2 cm.g.doubleclick.net 2 redirects
2 cdn.permutive.com tags.tiqcdn.com
cdn.permutive.com
2 www.googletagmanager.com tags.tiqcdn.com
www.google-analytics.com
2 www.google-analytics.com tags.tiqcdn.com
www.google-analytics.com
2 cdn.polyfill.io account.staging-thesun.co.uk
2 cdn.auth0.com account.staging-thesun.co.uk
cdn.auth0.com
1 fonts.gstatic.com www.recaptcha.net
1 googlesync.permutive.com
1 www.google.fr
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 api.permutive.com cdn.permutive.com
1 ib.adnxs.com cdn.permutive.com
1 88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co cdn.permutive.com
1 pac.newsdata.uk
1 uk-script.dotmetrics.net tags.tiqcdn.com
1 cdn.eu.auth0.com cdn.auth0.com
1 client.px-cloud.net account.staging-thesun.co.uk
56 27

This site contains no links.

Subject Issuer Validity Valid
account.staging-thesun.co.uk
E1
2023-10-22 -
2024-01-20
3 months crt.sh
*.auth0.com
Amazon RSA 2048 M01
2023-02-24 -
2024-03-24
a year crt.sh
polyfill.io
Certainly Intermediate R1
2023-10-23 -
2023-11-22
a month crt.sh
client.botchk.net
R3
2023-09-27 -
2023-12-26
3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01
2023-04-18 -
2024-05-17
a year crt.sh
*.stag.nukcdn.com
Amazon RSA 2048 M01
2023-02-19 -
2024-03-19
a year crt.sh
eu.auth0.com
E1
2023-09-30 -
2023-12-29
3 months crt.sh
*.nukcdn.com
Amazon RSA 2048 M01
2023-03-18 -
2024-04-15
a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA
2023-08-15 -
2024-09-13
a year crt.sh
misc.google.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3
2023-01-26 -
2024-01-25
a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02
2023-08-23 -
2024-09-20
a year crt.sh
pac.newsdata.uk
GTS CA 1D4
2023-11-11 -
2024-02-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.prmutv.co
R3
2023-09-01 -
2023-11-30
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
api.permutive.com
R3
2023-10-15 -
2024-01-13
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh
*.google.fr
GTS CA 1C3
2023-10-16 -
2024-01-08
3 months crt.sh

This page contains 3 frames:

Primary Page: https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
Frame ID: DF41CCDED00D1FC636CF74FDEC3E66EA
Requests: 51 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX&co=aHR0cHM6Ly9hY2NvdW50LnN0YWdpbmctdGhlc3VuLmNvLnVrOjQ0Mw..&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=cigxzp6jyc2e
Frame ID: B84295DF96D32B1E26B7B52B21D94B1E
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX
Frame ID: 70E6354E656D9E5EBBB6A14AD9FD0A61
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Sign in to The Sun

Page URL History Show full URLs

  1. http://login.staging-thesun.co.uk/ HTTP 301
    https://login.staging-thesun.co.uk/ HTTP 302
    https://login.staging-thesun.co.uk/oidc/rp/login/thesunuk?gotoUrl=http%3A%2F%2Fwww.staging-thesun.co.uk%2F HTTP 302
    https://account.staging-thesun.co.uk/authorize?client_id=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&scope=openid%20profile%... HTTP 302
    https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • /lock/([\d.]+)/lock(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

56
Requests

91 %
HTTPS

68 %
IPv6

19
Domains

27
Subdomains

24
IPs

3
Countries

1764 kB
Transfer

5234 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://login.staging-thesun.co.uk/ HTTP 301
    https://login.staging-thesun.co.uk/ HTTP 302
    https://login.staging-thesun.co.uk/oidc/rp/login/thesunuk?gotoUrl=http%3A%2F%2Fwww.staging-thesun.co.uk%2F HTTP 302
    https://account.staging-thesun.co.uk/authorize?client_id=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&scope=openid%20profile%20email&response_type=code&prompt=login&state=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8ifQ%3D%3D&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https://login.staging-thesun.co.uk/oidc/rp/callback HTTP 302
    https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://sb.scorecardresearch.com/c2/6035523/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 30
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035523&ns__t=1699749087331&ns_c=UTF-8&c8=Sign%20in%20to%20The%20Sun&c7=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3DhKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ%26client%3DebjsF93bPUgPmsTqphg0s0JjjHKbB33i%26protocol%3Doauth2%26prompt%3Dlogin%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26nustate%3DeyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%253D%26nuperms%3DeyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19%26redirect_uri%3Dhttps%253A%252F%252Flogin.staging-thesun.co.uk%252Foidc%252Frp%252Fcallback&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035523&ns__t=1699749087331&ns_c=UTF-8&c8=Sign%20in%20to%20The%20Sun&c7=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3DhKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ%26client%3DebjsF93bPUgPmsTqphg0s0JjjHKbB33i%26protocol%3Doauth2%26prompt%3Dlogin%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26nustate%3DeyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%253D%26nuperms%3DeyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19%26redirect_uri%3Dhttps%253A%252F%252Flogin.staging-thesun.co.uk%252Foidc%252Frp%252Fcallback&c9=
Request Chain 49
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=cbc6f223-e68a-4151-bf80-41efd04b2c5f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=cbc6f223-e68a-4151-bf80-41efd04b2c5f&google_tc= HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=&error=15&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=cbc6f223-e68a-4151-bf80-41efd04b2c5f

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
account.staging-thesun.co.uk/
Redirect Chain
  • http://login.staging-thesun.co.uk/
  • https://login.staging-thesun.co.uk/
  • https://login.staging-thesun.co.uk/oidc/rp/login/thesunuk?gotoUrl=http%3A%2F%2Fwww.staging-thesun.co.uk%2F
  • https://account.staging-thesun.co.uk/authorize?client_id=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&scope=openid%20profile%20email&response_type=code&prompt=login&state=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdG...
  • https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMw...
90 KB
91 KB
Document
General
Full URL
https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5520e02d3254d4ae449141b4b8483590ee084b71b2b224f984ab9b8c22fd4200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
824aac0c9ef63cda-CDG
content-type
text/html; charset=utf-8
date
Sun, 12 Nov 2023 00:31:26 GMT
etag
W/"169c6-Tf3wHl31+8rkas2Rpv0oqHA+oNY"
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
2ec144ae8437cca8319d
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1699749087
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
824aac0b8e7c3cda-CDG
content-length
2058
content-type
text/html; charset=utf-8
date
Sun, 12 Nov 2023 00:31:26 GMT
location
/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
cffed2d974a630ee2d7f
x-content-type-options
nosniff
x-ratelimit-limit
100
x-ratelimit-remaining
99
x-ratelimit-reset
1699749087
lock.min.js
cdn.auth0.com/js/lock/11.30.4/
852 KB
243 KB
Script
General
Full URL
https://cdn.auth0.com/js/lock/11.30.4/lock.min.js
Requested by
Host: account.staging-thesun.co.uk
URL: https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c200:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
330ff0eccc074f1791b4455ef443ac7f7538b324d5998e5357e6e17ba720d9c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
44w8E8gdU9ZYo_KGyuMrUSEmV8MFDS4a
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
date
Sat, 11 Nov 2023 04:36:16 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
71711
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Jul 2021 14:30:08 GMT
server
AmazonS3
etag
W/"3ed56a52bd6c0e36ac12d008d24a0b36"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
sNnchvVqwXpaETqAUus-JnsawtjStnRLdFflMygilTsLzo3oBigCvw==
polyfill.min.js
cdn.polyfill.io/v2/
100 B
604 B
Script
General
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: account.staging-thesun.co.uk
URL: https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Nov 2023 00:31:26 GMT
age
988265
detected-user-agent
Chrome/119.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/119.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
main.min.js
client.px-cloud.net/PXErcz0zuL/
169 KB
76 KB
Script
General
Full URL
https://client.px-cloud.net/PXErcz0zuL/main.min.js
Requested by
Host: account.staging-thesun.co.uk
URL: https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b14f9aabec3995f5c93536cd617306905d8febb2b3fd3fe17c26973afce1843a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:26 GMT
content-encoding
gzip
etag
"2a459-nBY0h4FJCn3RMDOW1EqsHfUxZQg"
x-px-hash
ZmNjNGRjZjQzZGFiMWJkNTk0ZDI1MjEzYzlhOTNiMjViZGIzYjJjYTlmYjhiM2ZiMGMwNzU5NmY0NWU2M2VjMA==
vary
Accept-Encoding
active-cdn
Akamai
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
utag.js
tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/
30 KB
10 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Requested by
Host: account.staging-thesun.co.uk
URL: https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b2607f3a4d94b14a9a140bb0704db5a431ec995071a88b96c50cfedf78fc4d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
B.ej40eBwtm8NUZjYr7pB6FcAwbBevAO
content-encoding
br
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 00:31:26 GMT
last-modified
Thu, 20 Jul 2023 10:17:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
231
x-amz-server-side-encryption
AES256
etag
W/"440ec13bf875dd628d019d186dbfccea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
gBFgzwWmICQrThpUHucCg4sHiFh6Zca-Yww3Wuv1wuIcjodWCZG9bw==
thesun
login.staging-thesun.co.uk/oidc/rp/permissions/
540 B
797 B
XHR
General
Full URL
https://login.staging-thesun.co.uk/oidc/rp/permissions/thesun
Requested by
Host: account.staging-thesun.co.uk
URL: https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:c400:d:1e38:4880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cd148682d1bec88db9986c2249d8942c438ab7f22cfb76a6988a099b532a9c92

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:26 GMT
via
1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
content-length
540
x-amz-cf-id
nIjx6vJMC5mkVPSmjJsImS7SuGl5eXkGvv7fh2JUS2Kuz0aOYt81hQ==
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66764324e2fadabf6d35abd3c211b39e60e82c9ca66754c5c0c944100f21afc4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
polyfill.min.js
cdn.polyfill.io/v2/
100 B
155 B
Other
General
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: account.staging-thesun.co.uk
URL: https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Nov 2023 00:31:26 GMT
age
988265
detected-user-agent
Chrome/119.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/119.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
en.js
cdn.auth0.com/js/lock/11.30.4/
6 KB
3 KB
Script
General
Full URL
https://cdn.auth0.com/js/lock/11.30.4/en.js
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.30.4/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c200:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
274a08ddc700fc754cb977c38b9fa34cc0dac17b9d768da40c81b502b97862f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
bNyTEQ96A9ts3dA9a4LyP7BdPzZeBle0
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
date
Sat, 11 Nov 2023 01:46:10 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
81958
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Jul 2021 14:30:08 GMT
server
AmazonS3
etag
W/"752bd942891e49a1035e916dd81017a5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
lg96UoGi-ZRIQcu3lAhGyQlamddJTR97FJfMHW67GmHbebhO9dpW_Q==
ebjsF93bPUgPmsTqphg0s0JjjHKbB33i.js
cdn.eu.auth0.com/client/
585 B
873 B
Script
General
Full URL
https://cdn.eu.auth0.com/client/ebjsF93bPUgPmsTqphg0s0JjjHKbB33i.js?t1699749086806
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.30.4/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd29d7f069133ea8fc6fbb76eb17d841016eea9a5df4aa6026e4044fe814c8db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-auth0-requestid
9ce78eab62daf419929f
server
cloudflare
etag
W/"249-O6vIJ/K6fokGt4vdaAyoGG6fOY0"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
cf-ray
824aac10fb6d2a44-CDG
alt-svc
h3=":443"; ma=86400
challenge
account.staging-thesun.co.uk/usernamepassword/
104 B
503 B
XHR
General
Full URL
https://account.staging-thesun.co.uk/usernamepassword/challenge
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.30.4/lock.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31fabf9d35249c7f091d5462ba575dfc9999b33500d5615a4fc54f2f69127bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Auth0-Client
eyJuYW1lIjoibG9jay5qcy11bHAiLCJ2ZXJzaW9uIjoiMTEuMzAuNCIsImVudiI6eyJhdXRoMC5qcy11bHAiOiI5LjE2LjIiLCJhdXRoMC5qcyI6IjkuMTYuMiJ9fQ==
Referer
https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 12 Nov 2023 00:31:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
643527cb6843caf10d4b
alt-svc
h3=":443"; ma=86400
content-length
104
server
cloudflare
etag
W/"68-SpOvGhMZSpqvPnUBk/2E7hBnnTM"
x-ratelimit-remaining
99
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
x-ratelimit-reset
1699749087
x-ratelimit-limit
100
cf-ray
824aac109ad0d67e-CDG
utag.3.js
tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/
55 KB
17 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.3.js?utv=ut4.46.201811161729
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0ea2fea5723cdffb3396bbcd549575146e3f5497c9bcf55f8c20e5456151490

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
Ozshiw5jW67znCHnY.rAGWbVX170p17t
content-encoding
br
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 00:31:26 GMT
last-modified
Thu, 20 Jul 2023 10:17:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
231
x-amz-server-side-encryption
AES256
etag
W/"90439a2b676c9c53082f65d2c5d22b38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ZMaUg6wDNYrHPa53fh7IEajJ0XHwA3r_-vCyEBmo7jJR50irJAo19w==
utag.26.js
tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/
33 KB
8 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.26.js?utv=ut4.46.202307201016
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b595173b261b84aa806d303f403bf43d5ca9bae76f0162886bae5733f700e0f3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
T8Mq7vN9o4axBYaRdW6GYAFd7i9bGowD
content-encoding
gzip
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 00:31:26 GMT
last-modified
Thu, 20 Jul 2023 10:17:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
231
x-amz-server-side-encryption
AES256
etag
W/"ed47247ad16485bbfbfbb7dd39792ac7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
fMGa_U9HhcsfSLDwM8HabxfWD1ZckZV_EZQHoxlL9xAOknlz53oKyA==
utag.39.js
tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/
11 KB
4 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.39.js?utv=ut4.46.202307201016
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab42ce42da8f3ce1aa978573f5269fa8e0cb5ed4af3a766653f177c8fe23a658

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
0brUCVTvUCsG65lSgE7gNk6upo6rMiaq
content-encoding
br
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 00:31:26 GMT
last-modified
Thu, 20 Jul 2023 10:17:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
231
x-amz-server-side-encryption
AES256
etag
W/"56b97060c20b87c3e6942dd3835ac791"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
CMQRiOxtRtWrr3kpU2wYnXDDTWAktqlj5leMSQr8sEaF7Rc_pCbPbw==
utag.42.js
tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/
26 KB
7 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.42.js?utv=ut4.46.202307201016
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b9c88ee37366879397f5a39b641038bbb59eefc6730eca2b373c2891a2c8972

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
JpJYY2Web220MxMA5rWo.J5FrlsdmwAR
content-encoding
br
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 00:31:26 GMT
last-modified
Thu, 20 Jul 2023 10:17:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
231
x-amz-server-side-encryption
AES256
etag
W/"576c8e1cf797d3cdc9a2be585883c641"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
r_AUEwj_VZIUpGR8ARrUp16z8GI9sGgLHaCzjomVWmKPH_WLmjIKaQ==
utag.30.js
tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/
3 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.30.js?utv=ut4.46.202001141348
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cbde20debff0f4fbb1af0548e595aeb09571e3ee0e5300c6173cd716e1acad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
8WnoqRM7xTUFyVXSyGV6EoqLIYyBY8YW
content-encoding
br
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 00:31:26 GMT
last-modified
Thu, 20 Jul 2023 10:17:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
231
x-amz-server-side-encryption
AES256
etag
W/"12a8a44cbc9a28ef828a389098d4b0e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
LC_V2zSu15zKZGWzJyRclk_xtxCMZRgo-eU-eTAvYtT1M7vv8iZwqg==
utag.34.js
tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/
3 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.34.js?utv=ut4.46.202106151350
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b387cbf12e0924ca40d0843c240d53dade6a1572a6b15e6102e4db2c609ecf19

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
83chi78Cbce7DI4BCUAqvexsWiGtzm3W
content-encoding
br
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
date
Sun, 12 Nov 2023 00:31:26 GMT
last-modified
Thu, 20 Jul 2023 10:17:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
231
x-amz-server-side-encryption
AES256
etag
W/"cdfa5dbc2c2c278a215af28ef8344020"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
6TvEARynmXaexdrTHEng5Z0sWNv1FH9bIf5rdBenlImpCgZXthzvoQ==
TheSun-Regular.woff
www.thesun.co.uk/wp-content/themes/thesun/fonts/
37 KB
37 KB
Font
General
Full URL
https://www.thesun.co.uk/wp-content/themes/thesun/fonts/TheSun-Regular.woff
Requested by
Host: account.staging-thesun.co.uk
URL: https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-51.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
38366953735478db6b10449a4cb4925f5c3ae5c7a5dae22d329675a46aaf6908
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://account.staging-thesun.co.uk/
Origin
https://account.staging-thesun.co.uk
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 16:12:05 GMT
strict-transport-security
max-age=604800; includeSubDomains
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
10052361
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
37556
x-rq
lhr3 111 253 443
last-modified
Tue, 18 Jul 2023 14:04:45 GMT
server
nginx
etag
"64b69bfd-92b4"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
C2pnuS7Xkc3MwM1pXFh26vTnXaRPjH68J-meKYFeCLNYfBhWedEm-w==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
440 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsinternational/thesun.auth0/202307201016&cb=1699749086878
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sun, 12 Nov 2023 00:26:19 GMT
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
308
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
Zsjfl-abpypG3XreSfusimIWgsMwjWdyfoN4chWEAHW4MIAsScnCXg==
ssodata
account.staging-thesun.co.uk/user/
13 B
320 B
XHR
General
Full URL
https://account.staging-thesun.co.uk/user/ssodata
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.30.4/lock.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b463bb14e596f489375e5838968175b0d50e84e333d79fcc81e01ee6e006d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-auth0-requestid
8d7558ef6715d0ad3205
server
cloudflare
etag
W/"d-GlAPaWXrEcmIgYBtGZfYYQ8hNAU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
access-control-allow-credentials
true
cf-ray
824aac116b70d67e-CDG
alt-svc
h3=":443"; ma=86400
content-length
13
collector
collector-pxercz0zul.px-cloud.net/api/v2/
540 B
802 B
XHR
General
Full URL
https://collector-pxercz0zul.px-cloud.net/api/v2/collector
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXErcz0zuL/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
1505687f6e682a65166502fec8f497f229ad10674d932d2b1e3375b2d8b5d6e3

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 12 Nov 2023 00:31:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account.staging-thesun.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
540
enterprise.js
www.recaptcha.net/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=explicit&hl=en&onload=recatpchaCallback_281927
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.30.4/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6702cdeb3447f17e36317bb503fd1fe626af4d4ee0be508e2ca3b04256f53760
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 12 Nov 2023 00:31:27 GMT
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39297d7dbbf9a005727e156f16d540cfee0fe597091046c47b3867065a59c4d4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf9b44b10a339d642ce06652810a464dec2e1f1c9e948a08142d1e65c3441cff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
TheSunW01-Medium.woff
www.thesun.co.uk/wp-content/themes/thesun/fonts/
21 KB
22 KB
Font
General
Full URL
https://www.thesun.co.uk/wp-content/themes/thesun/fonts/TheSunW01-Medium.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-51.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ff58148b1b0aade0e7d42bf90b8167f5378b8ac505125b982986c6364d42f100
Security Headers
Name Value
Strict-Transport-Security max-age=10; includeSubDomains

Request headers

Referer
https://account.staging-thesun.co.uk/
Origin
https://account.staging-thesun.co.uk
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 00:28:36 GMT
content-encoding
gzip
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
strict-transport-security
max-age=10; includeSubDomains
x-amz-cf-pop
FRA60-P2
age
19180970
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-rq
lhr4
last-modified
Mon, 03 Apr 2023 09:20:36 GMT
server
nginx
etag
W/"642a9a64-55e9"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
f9Ydzw-CEUtRJutqN5Ly8PWrSCc90xc80_w_ESHGITG6Vtt69j8ZfQ==
expires
Wed, 03 Apr 2024 00:28:36 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035523/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
383 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 07:04:41 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
62917
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
6doXVwFI1ohUaOii5EicdOMP3JMwPx_nR9PTfn9Yn4OjeKDivtVp-w==

Redirect headers

date
Sun, 12 Nov 2023 00:31:27 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
Lp_klBX66135rkL07znPD6bIpNfVvytWXD7lcJ9yPHfw9D6aVO5OpA==
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 11 Nov 2023 23:49:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2506
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 12 Nov 2023 01:49:41 GMT
js
www.googletagmanager.com/gtag/
273 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T8GFRLEG7X
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77464b0473617433c4109a625288a72fbf7ce53123ed7e3549f1ae885a1e5284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92878
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 12 Nov 2023 00:31:27 GMT
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
cdn.permutive.com/
763 KB
210 KB
Script
General
Full URL
https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c613d47da6bd4de25f028a1b4b0deaaa542c5cd4027e63c15b055bcd9e983d41

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad
age
0
x-guploader-uploadid
ABPtcPqbNE69KDaHKExpLP05KkO1krDH6pbWenvQgC8lnyMk7aTW71qHMKhFZqxHyWl71pa8b2sfRHinpUGJ2mE-GemOEA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 09 Nov 2023 12:51:38 GMT
server
cloudflare
etag
W/"13fbd2abc83d0f1ec92b7f718344c144"
vary
Accept-Encoding
x-goog-generation
1699534298836926
content-type
application/javascript
x-goog-hash
crc32c=wqW3gA==, md5=E/vSq8g9Dx7JK39xg0TBRA==
cache-control
public, max-age=900
x-goog-stored-content-length
234057
timing-allow-origin
*
cf-ray
824aac144be500a8-CDG
expires
Sun, 12 Nov 2023 00:46:27 GMT
door.js
uk-script.dotmetrics.net/
69 B
1 KB
Script
General
Full URL
https://uk-script.dotmetrics.net/door.js?d=account.staging-thesun.co.uk&t=auth0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.auth0/prod/utag.34.js?utv=ut4.46.202106151350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
Kestrel /
Resource Hash
d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
content-encoding
br
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA6-C1
etag
".account.staging-thesun.co.uk.auth0.240.2023111200"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
dQfzHWCm2flbzX0r_TpP9BcjuW-YS2wz2HT4fDHwxzWL3CimFXuNJA==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035523&ns__t=1699749087331&ns_c=UTF-8&c8=Sign%20in%20to%20The%20Sun&c7=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3DhKFo2SBQbjZPR0phZWVVN...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035523&ns__t=1699749087331&ns_c=UTF-8&c8=Sign%20in%20to%20The%20Sun&c7=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3DhKFo2SBQbjZPR0phZWVV...
0
226 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035523&ns__t=1699749087331&ns_c=UTF-8&c8=Sign%20in%20to%20The%20Sun&c7=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3DhKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ%26client%3DebjsF93bPUgPmsTqphg0s0JjjHKbB33i%26protocol%3Doauth2%26prompt%3Dlogin%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26nustate%3DeyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%253D%26nuperms%3DeyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19%26redirect_uri%3Dhttps%253A%252F%252Flogin.staging-thesun.co.uk%252Foidc%252Frp%252Fcallback&c9=
Protocol
H2
Server
18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
fxI4bzPERrambrgcjZXOIEKwl6MW3R-TD6qclCUGe9Hdt4rqSQGAaQ==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 12 Nov 2023 00:31:27 GMT
via
1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035523&ns__t=1699749087331&ns_c=UTF-8&c8=Sign%20in%20to%20The%20Sun&c7=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3DhKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ%26client%3DebjsF93bPUgPmsTqphg0s0JjjHKbB33i%26protocol%3Doauth2%26prompt%3Dlogin%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26nustate%3DeyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%253D%26nuperms%3DeyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19%26redirect_uri%3Dhttps%253A%252F%252Flogin.staging-thesun.co.uk%252Foidc%252Frp%252Fcallback&c9=
content-length
0
x-amz-cf-id
TmvcAK5n7I2QvJI6IFhXa6PdCzjr0vIUJhYYOR7LZhKvBMB6ohD0qw==
track
pac.newsdata.uk/
0
1009 B
Image
General
Full URL
https://pac.newsdata.uk/track?et=0&n=ngn&p=thesun&pu=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3Dhkfo2sbqbjzpr0phzwvvnfnrcgpfqtrtsjvsbmlpqmdftwnwu6fupwxvz2luo3rpznkgz01td3vvr3pobjrsvnn4r2lpcu1kemg1au02ttrcyuqjy2lk2sblympzrjkzylbvz1btc1rxcghnmhmwsmpqsetiqjmzaq%26client%3Debjsf93bpugpmstqphg0s0jjjhkbb33i%26protocol%3Doauth2%26prompt%3Dlogin%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26nustate%3Deyjyzxr1cm5fdxjsijoiahr0cdovl3d3dy5zdgfnaw5nlxrozxn1bi5jby51ay8ilcjwcm9kdwn0r3jvdxaioijtdw5fv2viin0%253d%26nuperms%3Deyjwzxjtaxnzaw9ucyi6w3siawqioii2nzzmmtzlmc0xzdzjltexztgtyjq2ny0wzwq1zjg5zjcxogiilcjjzci6iln1bl9nyxjrzxrpbmcilcjjcci6ildl4oczbgwga2vlccb5b3ugdxagdg8gc3blzwqgd2l0acblegnsdxnpdmugb2zmzxjzlcbwcm9tb3rpb25zigfuzcbwcm9kdwn0cybmcm9tifrozsbtdw4gdghhdcb3zsb0agluayb5b3xigjlsbcbsb3zllibtb3vuzcbnb29kpyisinr5ijoisgfyzcisinzlijoimjaxoc0wos0ymfqxmjo1mdowni4wmdbaiiwiy2giolsirw1hawwilcjqb3n0iiwiughvbmuilcjttvmixswiy3qioijet04nvcbnsvntie9vvcisimnhijoitvvuvufmx0vyiiwiy2exijoiwwvziiwiy2eyijoitm8ifv19%26redirect_uri%3Dhttps%253a%252f%252flogin.staging-thesun.co.uk%252foidc%252frp%252fcallback&pn=login&sn=auth0&cs_id=018bc0f0c4cc000e74c45499ea130307403f306c00b08&d1=the%20sun&d2=018bc0f0c4cc000e74c45499ea130307403f306c00b08&d3=1699749086413&d4=europe%2Fparis&d7=2023%2F11%2F12%2001%3A31%20sunday&d8=1600x1200%7C1600x1200%7C1&d38=login&pvi=nuk%3Ab6f83697-1b4d-409d-805b-a5ca85f65915&d47=1&d100=2023-07-20%2010%3A17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
0
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
origin-agent-cluster
?1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
TheSun-HeavyCondensed.woff
www.thesun.co.uk/wp-content/themes/thesun/fonts/
38 KB
38 KB
Font
General
Full URL
https://www.thesun.co.uk/wp-content/themes/thesun/fonts/TheSun-HeavyCondensed.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-51.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ca1deebcbff35826fd3e5fb45143a654aacbe11fd041822e48282d6614cfc8d1
Security Headers
Name Value
Strict-Transport-Security max-age=10; includeSubDomains

Request headers

Referer
https://account.staging-thesun.co.uk/
Origin
https://account.staging-thesun.co.uk
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 01:52:02 GMT
content-encoding
gzip
via
1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
strict-transport-security
max-age=10; includeSubDomains
x-amz-cf-pop
FRA60-P2
age
19003165
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-rq
lhr3
last-modified
Wed, 15 Mar 2023 14:13:45 GMT
server
nginx
etag
W/"6411d299-96ac"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DsjqR1Z9rBUrUrY-hB3pfx1o3bWOWo-uh3NQNro71GB7LvYWu0LetQ==
expires
Fri, 05 Apr 2024 01:52:02 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/
466 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=explicit&hl=en&onload=recatpchaCallback_281927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://account.staging-thesun.co.uk
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 17:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191412
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Nov 2024 17:03:27 GMT
collect
www.google-analytics.com/j/
15 B
230 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1722669104&t=pageview&ds=web&_s=1&dl=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3DhKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ%26client%3DebjsF93bPUgPmsTqphg0s0JjjHKbB33i%26protocol%3Doauth2%26prompt%3Dlogin%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26nustate%3DeyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%253D%26nuperms%3DeyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19%26redirect_uri%3Dhttps%253A%252F%252Flogin.staging-thesun.co.uk%252Foidc%252Frp%252Fcallback&dp=%2Flogin&dh=account.staging-thesun.co.uk&ul=en-us&de=UTF-8&dt=login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABBAAAACACIg~&cid=795567264.1699749087&tid=UA-100401456-18&_gid=1368194773.1699749087&_slc=1&cg1=auth0&cd1=the%20sun&cd2=login&cd3=auth0&cd7=login&cd12=uk&cd63=sign%20in%20to%20the%20sun&cd64=state%3Dhkfo2sbqbjzpr0phzwvvnfnrcgpfqtrtsjvsbmlpqmdftwnwu6fupwxvz2luo3rpznkgz01td3vvr3pobjrsvnn4r2lpcu1kemg1au02ttrcyuqjy2lk2sblympzrjkzylbvz1btc1rxcghnmhmwsmpqsetiqjmzaq%26client%3Debjsf93bpugpmstqphg0s0jjjhkbb33i%26protocol%3Doauth2%26prompt%3Dlogin%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26nustate%3Deyjyzxr1cm5fdxjsijoiahr0cdovl3d3dy5zdgfnaw5nlxrozxn1bi5jby51ay8ilcjwcm9kdwn0r3jvdxaioijtdw5fv2viin0%253d%26nuperms%3Deyjwzxjtaxnzaw9ucyi6w3siawqioii2nzzmmtzlmc0xzdzjltexztgtyjq2ny0wzwq1zjg5zjcxogiilcjjzci6iln1bl9nyxjrzxrpbmcilcjjcci6ildl4oczbgwga2vlccb5b3ugdxagdg8gc3blzwqgd2l0acblegnsdxnpdmugb2zmzxjzlcbwcm9tb3rpb25zigfuzcbwcm9kdwn0cybmcm9tifrozsbtdw4gdghhdcb3zsb0agluayb5b3xigjlsbcbsb3zllibtb3vuzcbnb29kpyisinr5ijoisgfyzcisinzlijoimjaxoc0wos0ymfqxmjo1mdowni4wmdbaiiwiy2giolsirw1hawwilcjqb3n0iiwiughvbmuilcjttvmixswiy3qioijet04nvcbnsvntie9vvcisimnhijoitvvuvufmx0vyiiwiy2exijoiwwvziiwiy2eyijoitm8ifv19%26redirect_uri%3Dhttps%253a%252f%252flogin.staging-thesun.co.uk%252foidc%252frp%252fcallback&cd100=guest&cd102=018bc0f0c4cc000e74c45499ea130307403f306c00b08&cd110=2023-07-20%2010%3A17%20%5Bthesun.auth0%5D&cd111=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F119.0.6045.123%20safari%2F537.36&cd146=nuk%3Ab6f83697-1b4d-409d-805b-a5ca85f65915&npa=1&z=1168479629
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aa4548fdc7107f648107f6fac5e8fce2760a65d19b48f82f53204f68e6c1aef2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 00:31:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.staging-thesun.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
pxid
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co/v2.0/
12 B
235 B
XHR
General
Full URL
https://88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co/v2.0/pxid?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://account.staging-thesun.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
getuidj
ib.adnxs.com/
11 B
584 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 00:31:27 GMT
an-x-request-uuid
12b86998-09bb-40a6-94a3-48d14f2aacc6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account.staging-thesun.co.uk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.33.144.179; 178.33.144.179; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
js
www.googletagmanager.com/gtag/
231 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P9D7FQS2FH&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
da5816df508fc4195f901114b3e8adf727ebf41d36e01fd97693f2c23945a096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83698
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 12 Nov 2023 00:31:27 GMT
68e214fd-9c05-46e5-bcf4-963ec630c03b
https://account.staging-thesun.co.uk/
372 KB
0
Other
General
Full URL
blob:https://account.staging-thesun.co.uk/68e214fd-9c05-46e5-bcf4-963ec630c03b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1d040beb7530248c43d920a6a605ab7cf3ba2593dc4f45e8153725a9f4d0ecc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
380616
Content-Type
d45ed4c8-6a75-414d-b41d-722bb37da23a
https://account.staging-thesun.co.uk/
372 KB
0
Other
General
Full URL
blob:https://account.staging-thesun.co.uk/d45ed4c8-6a75-414d-b41d-722bb37da23a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1d040beb7530248c43d920a6a605ab7cf3ba2593dc4f45e8153725a9f4d0ecc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://account.staging-thesun.co.uk/login?state=hKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ&client=ebjsF93bPUgPmsTqphg0s0JjjHKbB33i&protocol=oauth2&prompt=login&scope=openid%20profile%20email&response_type=code&nustate=eyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%3D&nuperms=eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19&redirect_uri=https%3A%2F%2Flogin.staging-thesun.co.uk%2Foidc%2Frp%2Fcallback
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
380616
Content-Type
geoip
api.permutive.com/v2.0/
184 B
343 B
XHR
General
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
cbe38262701c7f8844746432f9d8a2f04cfbfbfc120e091b5642c7a06ca173d7

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://account.staging-thesun.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139
collect
region1.google-analytics.com/g/
0
263 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-T8GFRLEG7X&gtm=45je3b81v9118945121&_p=1699749086863&gcd=11l1l1l1l3&npa=1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=795567264.1699749087&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=sign%20in%20to%20the%20sun&dp=%2Flogin&sid=1699749087&sct=1&seg=0&dl=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3DhKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ%26client%3DebjsF93bPUgPmsTqphg0s0JjjHKbB33i%26protocol%3Doauth2%26prompt%3Dlogin%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26nustate%3DeyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%253D%26nuperms%3DeyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19%26redirect_uri%3Dhttps%253A%252F%252Flogin.staging-thesun.co.uk%252Foidc%252Frp%252Fcallback&en=page_view&_fv=1&_ss=1&_ee=1&ep.platform=the%20sun&ep.tealium_visitor_id=018bc0f0c4cc000e74c45499ea130307403f306c00b08&ep.tealium_session_id=1699749086413&ep.time_timestamp=2023%2F11%2F12%2001%3A31%20sunday&ep.page_type=login&ep.tealium_session_page_view_count=1&ep.page_name=login&ep.page_section=auth0&ep.page_site_region=uk&ep.customer_type=guest&ep.tealium_version_timestamp=2023-07-20%2010%3A17%20%5Bthesun.auth0%5D&ep.user_agent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F119.0.6045.123%20safari%2F537.36&tfd=2596
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T8GFRLEG7X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 00:31:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.staging-thesun.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-models.bin
cdn.permutive.com/models/v2/
151 KB
105 KB
XHR
General
Full URL
https://cdn.permutive.com/models/v2/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-models.bin
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8141e93e6181dbbb3fbb34cbbb68247d6a3f76820536d4c5f9f0bd4efbf3d4

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-oid
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad
age
0
x-guploader-uploadid
ABPtcPpT33Uu5Y9zFttYyajnkxn1sZ7SdEpWm5mpZ-5-OWLmugXV_FYLcpvg1_nWXR_NU-iPXboROvDhWn8e3qDDL6ZNOQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
107175
last-modified
Sat, 11 Nov 2023 06:01:55 GMT
server
cloudflare
etag
"77806ea89dbd578c2090b5b6e1101861"
vary
Accept-Encoding
x-goog-generation
1699294003636715
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=6PDawg==, md5=d4BuqJ29V4wgkLW24RAYYQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
107175
accept-ranges
bytes
timing-allow-origin
*
cf-ray
824aac16392ef12c-CDG
expires
Sun, 12 Nov 2023 00:31:27 GMT
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame B842
61 KB
35 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX&co=aHR0cHM6Ly9hY2NvdW50LnN0YWdpbmctdGhlc3VuLmNvLnVrOjQ0Mw..&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=cigxzp6jyc2e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a4f1703d03ca37d54339387a165a8703188d85801b39bd0f0167460963cb771
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dtgfuq3DiXFFUoF2hqaYJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dtgfuq3DiXFFUoF2hqaYJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 00:31:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P9D7FQS2FH&gtm=45je3b81v9126278451&_p=1699749086863&_gaz=1&gcd=11l1l1l1l3&npa=1&dma_cps=sypham&dma=1&gdid=dYmQxMT&ul=en-us&sr=1600x1200&cid=795567264.1699749087&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Faccount.staging-thesun.co.uk%2Flogin%3Fstate%3DhKFo2SBQbjZPR0phZWVVNFNrcGpFQTRtSjVSbmlPQmdfTWNWU6FupWxvZ2luo3RpZNkgZ01td3VvR3pobjRSVnN4R2lpcU1Kemg1aU02TTRCYUqjY2lk2SBlYmpzRjkzYlBVZ1Btc1RxcGhnMHMwSmpqSEtiQjMzaQ%26client%3DebjsF93bPUgPmsTqphg0s0JjjHKbB33i%26protocol%3Doauth2%26prompt%3Dlogin%26scope%3Dopenid%2520profile%2520email%26response_type%3Dcode%26nustate%3DeyJyZXR1cm5fdXJsIjoiaHR0cDovL3d3dy5zdGFnaW5nLXRoZXN1bi5jby51ay8iLCJwcm9kdWN0R3JvdXAiOiJTdW5fV2ViIn0%253D%26nuperms%3DeyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJET04nVCBNSVNTIE9VVCIsImNhIjoiTVVUVUFMX0VYIiwiY2ExIjoiWWVzIiwiY2EyIjoiTm8ifV19%26redirect_uri%3Dhttps%253A%252F%252Flogin.staging-thesun.co.uk%252Foidc%252Frp%252Fcallback&dp=%2Flogin&dt=login&sid=1699749087&sct=1&seg=0&tfd=2682
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9D7FQS2FH&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 00:31:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.staging-thesun.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
263 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P9D7FQS2FH&cid=795567264.1699749087&gtm=45je3b81v9126278451&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l3&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P9D7FQS2FH&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 00:31:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.staging-thesun.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/
42 B
408 B
Image
General
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P9D7FQS2FH&cid=795567264.1699749087&gtm=45je3b81v9126278451&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l3&npa=1&z=2093967798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Nov 2023 00:31:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame B842
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX&co=aHR0cHM6Ly9hY2NvdW50LnN0YWdpbmctdGhlc3VuLmNvLnVrOjQ0Mw..&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=cigxzp6jyc2e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 23:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 23:49:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame B842
466 KB
187 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX&co=aHR0cHM6Ly9hY2NvdW50LnN0YWdpbmctdGhlc3VuLmNvLnVrOjQ0Mw..&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=cigxzp6jyc2e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 17:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191412
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Nov 2024 17:03:27 GMT
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=cbc6f223-e68a-4151-bf80-41efd04b2c5f
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=cbc6f223-e68a-4151-bf80-41efd04b2c5f&google_tc=
  • https://googlesync.permutive.com/v2.0/px/sync?alias=&error=15&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=cbc6f223-e68a-4151-bf80-41efd04b2c5f
0
0
Image
General
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=&error=15&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=cbc6f223-e68a-4151-bf80-41efd04b2c5f
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Sun, 12 Nov 2023 00:31:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=&error=15&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=cbc6f223-e68a-4151-bf80-41efd04b2c5f
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
361
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B842
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B842
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B842
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 15:15:26 GMT
x-content-type-options
nosniff
age
206161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 16 Nov 2023 15:15:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B842
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX&co=aHR0cHM6Ly9hY2NvdW50LnN0YWdpbmctdGhlc3VuLmNvLnVrOjQ0Mw..&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=cigxzp6jyc2e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 03:12:15 GMT
x-content-type-options
nosniff
age
163153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 03:12:15 GMT
webworker.js
www.recaptcha.net/recaptcha/enterprise/ Frame B842
102 B
135 B
Other
General
Full URL
https://www.recaptcha.net/recaptcha/enterprise/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX&co=aHR0cHM6Ly9hY2NvdW50LnN0YWdpbmctdGhlc3VuLmNvLnVrOjQ0Mw..&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=cigxzp6jyc2e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f6707358cdb63bdc85124260711d17242baf09cdbae1395b8cb461bebe7793c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX&co=aHR0cHM6Ly9hY2NvdW50LnN0YWdpbmctdGhlc3VuLmNvLnVrOjQ0Mw..&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=cigxzp6jyc2e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 00:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 12 Nov 2023 00:31:28 GMT
collector
collector-pxercz0zul.px-cloud.net/api/v2/
600 B
664 B
XHR
General
Full URL
https://collector-pxercz0zul.px-cloud.net/api/v2/collector
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXErcz0zuL/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0254c278c0586cc1883eeb3209ffdfd853371ee6d15ccdc6c7592fd6ffc271ee

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account.staging-thesun.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
TheSunW01-Bold.woff
www.thesun.co.uk/wp-content/themes/thesun/fonts/
21 KB
21 KB
Font
General
Full URL
https://www.thesun.co.uk/wp-content/themes/thesun/fonts/TheSunW01-Bold.woff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.122.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-51.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
3840b2956d74b5cf52666519488e656a700d932fa948caea99befc93835263b8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://account.staging-thesun.co.uk/
Origin
https://account.staging-thesun.co.uk
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 25 May 2023 08:08:26 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
age
14746982
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
21495
x-rq
lhr4 111 254 443
last-modified
Wed, 08 Mar 2023 14:29:29 GMT
server
nginx
etag
"64089bc9-53f7"
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
j_XOOKThjqdCjqggP8jpFbWgzGVFsRVuJvB-QdEZ3SuzgUhHUYUbug==
bframe
www.recaptcha.net/recaptcha/enterprise/ Frame 70E6
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
342b6aaf033f795f15c62c120d9f5f8a8731f21500f5257a28a296d608bc6118
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g9TrEiCI1SndxNM13x9x0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-g9TrEiCI1SndxNM13x9x0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 12 Nov 2023 00:31:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 70E6
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 23:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 23:49:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 70E6
466 KB
187 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lcuw-8bAAAAADa64_kkIsvX33laqsMhs6oNyLYX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 17:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191412
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 03:03:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Nov 2024 17:03:27 GMT
collector
collector-pxercz0zul.px-cloud.net/api/v2/
32 B
49 B
XHR
General
Full URL
https://collector-pxercz0zul.px-cloud.net/api/v2/collector
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PXErcz0zuL/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
71aaba2de49f24ee12fd51c22420a9a4af8f842f1b3b6f79994b02f72ac3870b

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 12 Nov 2023 00:31:27 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account.staging-thesun.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| utag_data boolean| utag_condload object| utag object| utag_cfg_ovrd object| Auth0 function| Auth0Lock function| Auth0LockPasswordless undefined| styles undefined| styleSheet string| GoogleAnalyticsObject function| ga object| ns_ object| ns_p function| udm_ function| ns_order function| ns_onclick object| dm string| gtagRename object| dataLayer function| gtag object| permutive object| googletag string| _pxAppId object| PXErcz0zuL object| PX undefined| _Ercz0zuLhandler object| utag_newsuk object| nukt_data string| varName object| label object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| recaptcha object| closure_lm_824071

25 Cookies

Domain/Path Name / Value
account.staging-thesun.co.uk/usernamepassword/login Name: _csrf
Value: NrbhTsZT1HaQWQalyPF79BpK
account.staging-thesun.co.uk/ Name: did
Value: s%3Av0%3Ad0575790-80f2-11ee-8813-b92973758e82.esLMOyJlohh7r69x90imtmzjNPfYlyUXcksvJrT8R0A
account.staging-thesun.co.uk/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQKPFn5jIAtOFM4Dij75JM3-JMqxDP2FFfDlVhwJqw9tFARXPCBDQxGz7psBE0UWzXUuCMnlzROKj5aUn8lwgy92mY29va2llg6dleHBpcmVz1_8h2v4AZVQRXq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.B5DyWBSwpSFvI5qHuQpozm%2BDnTRJ9QQv%2B6r7ATFuCkY
account.staging-thesun.co.uk/ Name: did_compat
Value: s%3Av0%3Ad0575790-80f2-11ee-8813-b92973758e82.esLMOyJlohh7r69x90imtmzjNPfYlyUXcksvJrT8R0A
account.staging-thesun.co.uk/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQKPFn5jIAtOFM4Dij75JM3-JMqxDP2FFfDlVhwJqw9tFARXPCBDQxGz7psBE0UWzXUuCMnlzROKj5aUn8lwgy92mY29va2llg6dleHBpcmVz1_8h2v4AZVQRXq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.B5DyWBSwpSFvI5qHuQpozm%2BDnTRJ9QQv%2B6r7ATFuCkY
.account.staging-thesun.co.uk/ Name: __cf_bm
Value: 604G7M30Pno9QMHiSrw1zT6TiNkPh_oJe8VjNqXkN8U-1699749086-0-ATrSI04JlDfkWso2Jz3Vg7QnliWcN8Oi0IjhNhhfFtTrdU1OxeYElDtzPvsUoIPmohXwpHj3Lptm6vbAGfKRlx0=
.eu.auth0.com/ Name: __cf_bm
Value: 6228VRMRZ.3Csj0Okeyr7igSXF4DqgZkIzXhLmnX0FY-1699749086-0-AeVaIENmba0amTBoUNwJHz8S84ca2bQbSx1L4ZyAG4Gnt0iTndCIohbmapJ0sSuT5Jgwv61qCxo9NulSaUzGSaA=
.staging-thesun.co.uk/ Name: pxcts
Value: d1051655-80f2-11ee-9f80-29edd39f6d14
.staging-thesun.co.uk/ Name: _pxvid
Value: d1050671-80f2-11ee-9f80-e3f2cb3973ce
.staging-thesun.co.uk/ Name: utag_main
Value: v_id:018bc0f0c4cc000e74c45499ea130307403f306c00b08$_sn:1$_se:1$_ss:1$_st:1699750886413$ses_id:1699749086413%3Bexp-session$_pn:1%3Bexp-session$_prevpage:login%3A%3Alogin%3A%3Aauth0%3Bexp-1699752687330
.scorecardresearch.com/ Name: UID
Value: 14Fda3ca45b722a33262f511699749087
.staging-thesun.co.uk/ Name: _gid
Value: GA1.3.1368194773.1699749087
uk-script.dotmetrics.net/ Name: AWSALBCORS
Value: e+t5Z8z9osaiXme0FYB+riZN08xDBXq2BY32+YT5w3eLdS/HkJWqrmhcBgfDF77sqsPlBf/lFlcFOH8vtSL/0O+5aR8GqUs29Hsknzki9pHxGKwQagZwJA8dD4CN
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=bfb309ec-cbaa-43b5-925f-8de97a3aa5c8&Created=11/12/2023 00:31:27&UserMode=0&guid=2bf48d7b-7507-4707-ba39-66e1e9314b11&ver=1
.staging-thesun.co.uk/ Name: permutive-id
Value: cbc6f223-e68a-4151-bf80-41efd04b2c5f
.newsdata.uk/ Name: nuPixelApp
Value: j%3A%7B%22id%22%3A%22d12c0cb0-80f2-11ee-b560-7307915672ae%22%7D
pac.newsdata.uk/ Name: nuPixelAppSession
Value: j%3A%7B%22id%22%3A%22d12c0cb1-80f2-11ee-b560-7307915672ae%22%7D
.newsdata.uk/ Name: rc_id1
Value: 018bc0f0c4cc000e74c45499ea130307403f306c00b08
.newsdata.uk/ Name: rc_id2
Value: 018bc0f0c4cc000e74c45499ea130307403f306c00b08
.staging-thesun.co.uk/ Name: _ga
Value: GA1.1.795567264.1699749087
.staging-thesun.co.uk/ Name: _ga_T8GFRLEG7X
Value: GS1.1.1699749087.1.0.1699749087.0.0.0
.staging-thesun.co.uk/ Name: _ga_P9D7FQS2FH
Value: GS1.3.1699749087.1.0.1699749087.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.staging-thesun.co.uk/ Name: _px3
Value: 045d3d90043c515ccf55890c3bd3c8e85b1746fa955511ac8927898c1cae8632:mvSZg1glZpKAT3CXMX4qP63/+NVSBHEAs7UokNt4L3WNeoSHvBufE3TgdiDMz31dYcw72vxg1iuq2HCJF/zPAQ==:1000:JDw7PGGp57HMgIGUBH8RU7ZiX24DDf/NYIAPj8oHgp/vw8JB0SsAhExMvosgeClg7i7i6Kv2d8BpCyRMZo4U/NfTFZCnOpvvyw6IAXeKJDw6SuiG++lIEOwB0ujssUJnO/KFLlOslaO4YMgobpZB38xQCRRQaZycfb2ZMoGuqgyJI/g2QUl42Fm7uWUHEztdtC7iDnydWEXoVo088MMX54Y3kZwvnFEmhAn0tW/XS4c=

1 Console Messages

Source Level URL
Text
network error URL: https://googlesync.permutive.com/v2.0/px/sync?alias=&error=15&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=cbc6f223-e68a-4151-bf80-41efd04b2c5f
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co
account.staging-thesun.co.uk
api.permutive.com
cdn.auth0.com
cdn.eu.auth0.com
cdn.permutive.com
cdn.polyfill.io
client.px-cloud.net
cm.g.doubleclick.net
collector-pxercz0zul.px-cloud.net
fonts.gstatic.com
googlesync.permutive.com
ib.adnxs.com
login.staging-thesun.co.uk
pac.newsdata.uk
region1.analytics.google.com
region1.google-analytics.com
sb.scorecardresearch.com
stats.g.doubleclick.net
tags.tiqcdn.com
uk-script.dotmetrics.net
www.google-analytics.com
www.google.fr
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.thesun.co.uk
142.250.186.34
18.245.60.72
18.66.122.51
2001:4860:4802:32::36
2001:4860:4802:36::15
2600:9000:223e:da00:7:2bfb:7c00:93a1
2600:9000:2240:c200:10:474e:104a:2961
2600:9000:2251:3e00:d:1e38:4880:93a1
2600:9000:2251:c400:d:1e38:4880:93a1
2606:4700::6811:7611
2606:4700::6813:9813
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2008
2a00:1450:4001:828::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a02:26f0:3500:11::215:14d0
2a04:4e42:200::282
34.107.254.252
35.190.10.96
35.241.9.51
37.252.173.215
99.86.4.12
01cbde20debff0f4fbb1af0548e595aeb09571e3ee0e5300c6173cd716e1acad
0254c278c0586cc1883eeb3209ffdfd853371ee6d15ccdc6c7592fd6ffc271ee
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55
1505687f6e682a65166502fec8f497f229ad10674d932d2b1e3375b2d8b5d6e3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
274a08ddc700fc754cb977c38b9fa34cc0dac17b9d768da40c81b502b97862f6
31b2607f3a4d94b14a9a140bb0704db5a431ec995071a88b96c50cfedf78fc4d
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
330ff0eccc074f1791b4455ef443ac7f7538b324d5998e5357e6e17ba720d9c5
342b6aaf033f795f15c62c120d9f5f8a8731f21500f5257a28a296d608bc6118
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
38366953735478db6b10449a4cb4925f5c3ae5c7a5dae22d329675a46aaf6908
3840b2956d74b5cf52666519488e656a700d932fa948caea99befc93835263b8
39297d7dbbf9a005727e156f16d540cfee0fe597091046c47b3867065a59c4d4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
4b463bb14e596f489375e5838968175b0d50e84e333d79fcc81e01ee6e006d96
5520e02d3254d4ae449141b4b8483590ee084b71b2b224f984ab9b8c22fd4200
5f6707358cdb63bdc85124260711d17242baf09cdbae1395b8cb461bebe7793c
66764324e2fadabf6d35abd3c211b39e60e82c9ca66754c5c0c944100f21afc4
6702cdeb3447f17e36317bb503fd1fe626af4d4ee0be508e2ca3b04256f53760
6a4f1703d03ca37d54339387a165a8703188d85801b39bd0f0167460963cb771
6b9c88ee37366879397f5a39b641038bbb59eefc6730eca2b373c2891a2c8972
71aaba2de49f24ee12fd51c22420a9a4af8f842f1b3b6f79994b02f72ac3870b
77464b0473617433c4109a625288a72fbf7ce53123ed7e3549f1ae885a1e5284
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78f991561757f77208f4502582e9217ce716e6d6504ef8dd1386157636b4718f
7f8141e93e6181dbbb3fbb34cbbb68247d6a3f76820536d4c5f9f0bd4efbf3d4
a1d040beb7530248c43d920a6a605ab7cf3ba2593dc4f45e8153725a9f4d0ecc
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
aa4548fdc7107f648107f6fac5e8fce2760a65d19b48f82f53204f68e6c1aef2
ab42ce42da8f3ce1aa978573f5269fa8e0cb5ed4af3a766653f177c8fe23a658
b14f9aabec3995f5c93536cd617306905d8febb2b3fd3fe17c26973afce1843a
b387cbf12e0924ca40d0843c240d53dade6a1572a6b15e6102e4db2c609ecf19
b595173b261b84aa806d303f403bf43d5ca9bae76f0162886bae5733f700e0f3
c0ea2fea5723cdffb3396bbcd549575146e3f5497c9bcf55f8c20e5456151490
c613d47da6bd4de25f028a1b4b0deaaa542c5cd4027e63c15b055bcd9e983d41
ca1deebcbff35826fd3e5fb45143a654aacbe11fd041822e48282d6614cfc8d1
cbe38262701c7f8844746432f9d8a2f04cfbfbfc120e091b5642c7a06ca173d7
cd148682d1bec88db9986c2249d8942c438ab7f22cfb76a6988a099b532a9c92
cf9b44b10a339d642ce06652810a464dec2e1f1c9e948a08142d1e65c3441cff
d28a575c57591aa6256f31f4982e8f37132bef8525060bae2b2bfee3df42ba95
da5816df508fc4195f901114b3e8adf727ebf41d36e01fd97693f2c23945a096
dd29d7f069133ea8fc6fbb76eb17d841016eea9a5df4aa6026e4044fe814c8db
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e31fabf9d35249c7f091d5462ba575dfc9999b33500d5615a4fc54f2f69127bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff58148b1b0aade0e7d42bf90b8167f5378b8ac505125b982986c6364d42f100