urlscan.io logo urlscan.io
SecurityTrails logo

hbr.alphanews.online Open in urlscan Pro
45.153.185.164  Public Scan

Go To Rescan Add Verdict Report
URL: https://hbr.alphanews.online/
Submission: On December 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 35 HTTP transactions. The main IP is 45.153.185.164, located in Maidenhead, United Kingdom and belongs to MVPS www.mvps.net, CY. The main domain is hbr.alphanews.online.
TLS certificate: Issued by R3 on December 8th 2023. Valid for: 3 months.
This is the only time hbr.alphanews.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 45.153.185.164 202448 (MVPS www....)
7 18.165.83.84 16509 (AMAZON-02)
4 192.243.59.13 39572 (ADVANCEDH...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:20e... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.241.9.51 396982 (GOOGLE-CL...)
1 68.67.178.10 29990 (ASN-APPNEX)
2 34.107.254.252 396982 (GOOGLE-CL...)
35 11
10    45.153.185.164 (Maidenhead, United Kingdom)

ASN202448 (MVPS www.mvps.net, CY)
PTR: ip-45-153-185-164-98606.vps.hosted-by-mvps.net
hbr.alphanews.online
7    18.165.83.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-84.iad55.r.cloudfront.net
www.thesun.co.uk
4    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
frequencyfeelhoneymoon.com
1    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:9000:20e2:f400:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
2    2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co
1    68.67.178.10 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
Apex Domain
Subdomains		 Transfer
10 alphanews.online
hbr.alphanews.online
46 KB
7 thesun.co.uk
www.thesun.co.uk — Cisco Umbrella Rank: 26196
716 KB
4 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2932
api.permutive.com — Cisco Umbrella Rank: 2205
278 KB
4 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1001
26 KB
4 frequencyfeelhoneymoon.com
frequencyfeelhoneymoon.com
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
575 B
1 prmutv.co
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co — Cisco Umbrella Rank: 48634
386 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
248 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
35 9
Domain Requested by
10 hbr.alphanews.online hbr.alphanews.online
7 www.thesun.co.uk hbr.alphanews.online
www.thesun.co.uk
4 tags.tiqcdn.com www.thesun.co.uk
tags.tiqcdn.com
4 frequencyfeelhoneymoon.com hbr.alphanews.online
2 api.permutive.com cdn.permutive.com
2 cdn.permutive.com tags.tiqcdn.com
cdn.permutive.com
1 ib.adnxs.com cdn.permutive.com
1 88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co cdn.permutive.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com hbr.alphanews.online
35 10
Subject Issuer Validity Valid
hbr.alphanews.online
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.nukcdn.com
Amazon RSA 2048 M01		 2023-03-18 -
2024-04-15		 a year crt.sh
frequencyfeelhoneymoon.com
R3		 2023-10-20 -
2024-01-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
api.permutive.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://hbr.alphanews.online/
Frame ID: 89A6CC2D83D96D4A61F1082ED5410D54
Requests: 19 HTTP requests in this frame

Frame: https://www.thesun.co.uk/pollingwidgets/v3/polling
Frame ID: B464181FFBD16995AC2CD5973576B039
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ALPHA HBR

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

94 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

1158 kB
Transfer

3142 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hbr.alphanews.online/ 		27 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hbr.alphanews.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
d2fb3f981bb04951bccdad2d9447ffd82c738f6e1ebe28d862b058cd149cf533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 09 Dec 2023 03:52:55 GMT
etag
W/"6573d7f2-6dc4"
last-modified
Sat, 09 Dec 2023 02:58:58 GMT
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
main.css
hbr.alphanews.online/theme/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hbr.alphanews.online/theme/css/main.css
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
65b76ececa1df43bedb4ee6cb513a1ddb6d72bc233972d96193bdb02f7c705d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:56 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Dec 2023 02:58:59 GMT
server
nginx
etag
"6573d7f3-2c16"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
11286
x-xss-protection
1; mode=block
widget.js
www.thesun.co.uk/pollingwidgets/v3/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesun.co.uk/pollingwidgets/v3/widget.js?question_id=59994&game=polling
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-84.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2001b5ded59f1515d9f0a6ede41f5007b44560c1e80819bb1ab134be5df527ef
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:48:52 GMT
content-encoding
gzip
via
1.1 c416f79611bca57dde019f04fe3cc36e.cloudfront.net (CloudFront), 1.1 7e915a939f247f09de4523929f10bb0a.cloudfront.net (CloudFront)
strict-transport-security
max-age=2592000; includeSubDomains
last-modified
Fri, 25 Nov 2022 14:59:08 GMT
server
AmazonS3
x-amz-cf-pop
DUB2-C1, IAD55-P3
age
245
etag
W/"acb4a87355e686c1b977941e4ce1d1f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
eeLXkb0Oo9M1TqoRGF3rimbR-GYQfrZAT3ATlyv1KF4WSBu6bMZB3A==
invoke.js
frequencyfeelhoneymoon.com/e920b78b69b7b6db8b5b40a5c434f4a9/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://frequencyfeelhoneymoon.com/e920b78b69b7b6db8b5b40a5c434f4a9/invoke.js
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 03:52:57 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1R1SHZ8ZEL
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
638bb5e2eb50f8081bbee1b1445c53839f65e2f4ed923557ba2c133e37e53f31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93069
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 03:52:56 GMT
45bdd8e0aa745483e351793c5c18c483.js
frequencyfeelhoneymoon.com/45/bd/d8/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://frequencyfeelhoneymoon.com/45/bd/d8/45bdd8e0aa745483e351793c5c18c483.js
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 03:52:57 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
reset.css
hbr.alphanews.online/theme/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hbr.alphanews.online/theme/css/reset.css
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/theme/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
4ae34914231e28bff804bf122113a58cc071a1546e702ab2709948e2ae4d66ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/theme/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:56 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Dec 2023 02:58:59 GMT
server
nginx
etag
"6573d7f3-450"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
1104
x-xss-protection
1; mode=block
pygment.css
hbr.alphanews.online/theme/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hbr.alphanews.online/theme/css/pygment.css
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/theme/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
2782d571061e9144333496fb9beddc8d5edd2b8d2476b4045e482945f7d3f2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/theme/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:56 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Dec 2023 02:58:59 GMT
server
nginx
etag
"6573d7f3-72a"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
1834
x-xss-protection
1; mode=block
typogrify.css
hbr.alphanews.online/theme/css/ 		186 B
377 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hbr.alphanews.online/theme/css/typogrify.css
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/theme/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
7d28d202b02eb0f5c829a1eceea5283bcbb3cba40eebcb5e1879c56eef3f8ca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/theme/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:56 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Dec 2023 02:58:59 GMT
server
nginx
etag
"6573d7f3-ba"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
186
x-xss-protection
1; mode=block
fonts.css
hbr.alphanews.online/theme/css/ 		516 B
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hbr.alphanews.online/theme/css/fonts.css
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/theme/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
87f07abff9162c5986cd0cb71c03e970b65469aefb58e5fb7415d3148231265a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/theme/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:56 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Dec 2023 02:58:59 GMT
server
nginx
etag
"6573d7f3-204"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
516
x-xss-protection
1; mode=block
invoke.js
frequencyfeelhoneymoon.com/c3e9c93c8b9d7cf4658aaba6e675ec73/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://frequencyfeelhoneymoon.com/c3e9c93c8b9d7cf4658aaba6e675ec73/invoke.js
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://hbr.alphanews.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 09 Dec 2023 03:52:57 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
frequencyfeelhoneymoon.com/3b559ff5e081015a90c64ed40c0eb613/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://frequencyfeelhoneymoon.com/3b559ff5e081015a90c64ed40c0eb613/invoke.js
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://hbr.alphanews.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 09 Dec 2023 03:52:57 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
Yanone_Kaffeesatz_400.woff
hbr.alphanews.online/theme/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hbr.alphanews.online/theme/fonts/Yanone_Kaffeesatz_400.woff
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/theme/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
2ed2bc51445adfa90f3c75e6fca27df9ef0029ed45f03f5bd3f829ddad6bc5f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hbr.alphanews.online/theme/css/fonts.css
Origin
https://hbr.alphanews.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:57 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Dec 2023 02:58:59 GMT
server
nginx
etag
"6573d7f3-56f0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
accept-ranges
bytes
content-length
22256
x-xss-protection
1; mode=block
slaven-bilic-manager-watford-reacts-801152802.jpg
www.thesun.co.uk/wp-content/uploads/2023/12/ 		489 KB
490 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2023/12/slaven-bilic-manager-watford-reacts-801152802.jpg?strip=all&w=960
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-84.iad55.r.cloudfront.net
Software
nginx /
Resource Hash
3c24636364ce5e4ce48bda4cc66033dc0c8dcdc5b64c3972c97b69a218750966
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:08:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 7e915a939f247f09de4523929f10bb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
53077
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
500572
x-rq
lhr3 109 88 443
last-modified
Fri, 08 Dec 2023 12:10:34 GMT
server
nginx
etag
"5d84d44bc91a3048"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_FWCmdiOwjITY23dyHFmHDu5Sk601hIEg5z22GLmc5AunXppaE1KWQ==
NINTCHDBPICT000864919769.jpg
www.thesun.co.uk/wp-content/uploads/2023/12/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2023/12/NINTCHDBPICT000864919769.jpg?strip=all&w=960
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-84.iad55.r.cloudfront.net
Software
nginx /
Resource Hash
278da0c3cc81396aff23ca31923e69c1ed9466841db69ee80a4b474abcc33129
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:08:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 7e915a939f247f09de4523929f10bb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
53077
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
63162
x-rq
lhr3 109 27 443
last-modified
Fri, 08 Dec 2023 13:07:32 GMT
server
nginx
etag
"9605af4c04ec40f4"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
mLk40Evqx0IYeu9zQRsQh-4SRkrhhDOfWVIZQP1RnL7w7ikGA60Mgg==
polling
www.thesun.co.uk/pollingwidgets/v3/ Frame B464 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thesun.co.uk/pollingwidgets/v3/polling
Requested by
Host: www.thesun.co.uk
URL: https://www.thesun.co.uk/pollingwidgets/v3/widget.js?question_id=59994&game=polling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-84.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
112c004dcef9579302f8619eab8b0b8e59a92d18e822d559fe1d989770d446cf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://hbr.alphanews.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
235
alt-svc
h3=":443"; ma=86400
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-type
text/html
date
Sat, 09 Dec 2023 03:49:01 GMT
etag
W/"a61bf99d98a9b0dadcec33a44af09781"
last-modified
Fri, 25 Nov 2022 14:59:08 GMT
server
AmazonS3
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 b2503ae4ba1f23047290413d8808a120.cloudfront.net (CloudFront), 1.1 7e915a939f247f09de4523929f10bb0a.cloudfront.net (CloudFront)
x-amz-cf-id
XxZ48vVO6yKI1DW7JMSNcVm72NjmV_qHLYsGwmse55kRvYlWUMDkQQ==
x-amz-cf-pop
DUB2-C1 IAD55-P3
x-amz-error-code
NoSuchKey
x-amz-error-detail-key
pollingwidgets/v3/polling
x-amz-error-message
The specified key does not exist.
x-cache
Error from cloudfront
rss.png
hbr.alphanews.online/theme/images/icons/ 		751 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbr.alphanews.online/theme/images/icons/rss.png
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/theme/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
055ccf410d06e2736e2210ae826ccccee7835a0e2ff855a55106bb1902f7472a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/theme/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:57 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Dec 2023 02:58:59 GMT
server
nginx
etag
"6573d7f3-2ef"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
751
x-xss-protection
1; mode=block
facebook.png
hbr.alphanews.online/theme/images/icons/ 		150 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbr.alphanews.online/theme/images/icons/facebook.png
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/theme/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
59e78e1107c1e4496b81f8a520ae3d6edeb1a46b3bb446083d1a23d48bef1f05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/theme/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:57 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Dec 2023 02:58:59 GMT
server
nginx
etag
"6573d7f3-96"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
150
x-xss-protection
1; mode=block
twitter.png
hbr.alphanews.online/theme/images/icons/ 		416 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbr.alphanews.online/theme/images/icons/twitter.png
Requested by
Host: hbr.alphanews.online
URL: https://hbr.alphanews.online/theme/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.153.185.164 Maidenhead, United Kingdom, ASN202448 (MVPS www.mvps.net, CY),
Reverse DNS
ip-45-153-185-164-98606.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash
ff0f6ffe2956723a64448a32961c9452cbd623ded87864ffbf32db59a526442b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/theme/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:57 GMT
x-content-type-options
nosniff
last-modified
Sat, 09 Dec 2023 02:58:59 GMT
server
nginx
etag
"6573d7f3-1a0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
416
x-xss-protection
1; mode=block
collect
www.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1R1SHZ8ZEL&gtm=45je3bt0v9172812013&_p=1702093977127&gcd=11l1l1l1l1&dma=0&cid=170852071.1702093977&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702093977&sct=1&seg=0&dl=https%3A%2F%2Fhbr.alphanews.online%2F&dt=ALPHA%20HBR&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1583
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1R1SHZ8ZEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hbr.alphanews.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 03:52:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hbr.alphanews.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.652f03af.js
www.thesun.co.uk/pollingwidgets/v3/static/js/ Frame B464 		176 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesun.co.uk/pollingwidgets/v3/static/js/main.652f03af.js
Requested by
Host: www.thesun.co.uk
URL: https://www.thesun.co.uk/pollingwidgets/v3/polling
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.165.83.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-84.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd8e46dcb1f81e9b1c303f392f397d5d5f994a44ae1115ec038e7c5b10af8922
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thesun.co.uk/pollingwidgets/v3/polling
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:11 GMT
content-encoding
gzip
via
1.1 eabeeb66310de2e0c46bbbc4c13439d0.cloudfront.net (CloudFront), 1.1 42da47d5828a8cbe9a05fbe7917a66c2.cloudfront.net (CloudFront)
strict-transport-security
max-age=2592000; includeSubDomains
last-modified
Fri, 25 Nov 2022 14:59:08 GMT
server
AmazonS3
age
47
x-amz-cf-pop
DUB2-C1, IAD55-P3
etag
W/"19a9782cad645341aeb86d83d59d49e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
-MqISIWyoIKFcMhZif7b5wcbt68io_RbW2kXfG88Bzy476yp0kBMIw==
utag.js
tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/ Frame B464 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/utag.js
Requested by
Host: www.thesun.co.uk
URL: https://www.thesun.co.uk/pollingwidgets/v3/polling
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:f400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd81e8276ae4993752b6a42f9659a720b6226e1cc83dde249794febb4634b33e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thesun.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
9Gshv_yV_Ul0px0C6v_aDxwWSyzZiR_j
content-encoding
br
via
1.1 c772176b119045d2ed52ef4f42db5fe0.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 03:52:54 GMT
last-modified
Fri, 10 Mar 2023 17:27:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
4
x-amz-server-side-encryption
AES256
etag
W/"9b30c0dcb36c00953ab1fae76f044d7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
yyD3uA8KfB9EJkoUQs0sm80kcoRMywO2nZGp2Mz_ptbR_ob4vGhang==
912.795648c5.chunk.js
www.thesun.co.uk/pollingwidgets/v3/static/js/ Frame B464 		224 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesun.co.uk/pollingwidgets/v3/static/js/912.795648c5.chunk.js
Requested by
Host: www.thesun.co.uk
URL: https://www.thesun.co.uk/pollingwidgets/v3/static/js/main.652f03af.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.165.83.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-84.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
889b8d63a39f85af144d96b68ecbba0672765009c70186ba94057f5a880fd62e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thesun.co.uk/pollingwidgets/v3/polling
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:51:50 GMT
content-encoding
gzip
via
1.1 f83c83d77232fb065a0398261a62d82c.cloudfront.net (CloudFront), 1.1 42da47d5828a8cbe9a05fbe7917a66c2.cloudfront.net (CloudFront)
strict-transport-security
max-age=2592000; includeSubDomains
last-modified
Fri, 25 Nov 2022 14:59:08 GMT
server
AmazonS3
age
68
x-amz-cf-pop
DUB2-C1, IAD55-P3
etag
W/"9eaf541498e0e1ba32e46901a2c96f22"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
fgafm8tvN_MCr1-ozyppbRRNn_3TsRKipNVwc34Qb_cmSBH_NRvAKg==
135.ba1d8f02.chunk.js
www.thesun.co.uk/pollingwidgets/v3/static/js/ Frame B464 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thesun.co.uk/pollingwidgets/v3/static/js/135.ba1d8f02.chunk.js
Requested by
Host: www.thesun.co.uk
URL: https://www.thesun.co.uk/pollingwidgets/v3/static/js/main.652f03af.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.165.83.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-84.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce87f2ea3da02fb9678c05927cd114112e62186a856f096fb77904af2ebcdd80
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thesun.co.uk/pollingwidgets/v3/polling
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:49:42 GMT
content-encoding
gzip
via
1.1 7d3f81ed0ad49a0602cc8ebb8a281f46.cloudfront.net (CloudFront), 1.1 42da47d5828a8cbe9a05fbe7917a66c2.cloudfront.net (CloudFront)
strict-transport-security
max-age=2592000; includeSubDomains
last-modified
Fri, 25 Nov 2022 14:59:08 GMT
server
AmazonS3
age
196
x-amz-cf-pop
DUB2-C1, IAD55-P3
etag
W/"c8d2c632368ae93f2bb3274a3cd7de53"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300, must-revalidate
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ovblHnAofmmlWJsXDNkz6Iq_1Xm2ErhWneysil_Z4jQNzaKvTGw-cg==
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
cdn.permutive.com/ Frame B464 		742 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba9f01183e1ae4e62f8da94dd41399d276ed39b8b891c948217acfa7bbd6b402

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thesun.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:52:57 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad
age
0
x-guploader-uploadid
ABPtcPqDRR8qos30jxDfQHCHweF-iNd1TCQM9PtbjCnN65sRqYXM4iJ3F8nU7O30LIB_lMnZ8XTLL7GGQ9lSO4AZ_V5vjQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
176769
last-modified
Thu, 07 Dec 2023 09:14:59 GMT
server
cloudflare
etag
"e5c85216b5a4ef4e62d9bf7b4f2c3a69"
vary
Accept-Encoding
x-goog-generation
1701940499415885
content-type
application/javascript
x-goog-hash
crc32c=svUU5g==, md5=5chSFrWk705i2b97Tyw6aQ==
cache-control
public, max-age=900
x-goog-stored-content-length
176769
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832a4c5fece60325-MIA
expires
Sat, 09 Dec 2023 04:07:57 GMT
utag.31.js
tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/ Frame B464 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/utag.31.js?utv=ut4.46.202302201324
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:f400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fe2d9cc5c2b80660dc8e2a320f826ef89e37c0af2336005203fa2a374495889

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thesun.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
llh4dq9Vaj0fVfxajnxmxSPKs3f.1aGA
content-encoding
gzip
via
1.1 c772176b119045d2ed52ef4f42db5fe0.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 03:52:25 GMT
last-modified
Fri, 10 Mar 2023 17:27:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
33
x-amz-server-side-encryption
AES256
etag
W/"f22365bbb0a79bab3e282d9fe7feb2c3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
BzMZC_qq1ghybmpAXz8PPKUsZNjgunu9LoxY-b1VUaAGMPCp0f7SIA==
utag.26.js
tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/ Frame B464 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/utag.26.js?utv=ut4.46.202205031325
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:f400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9a92c89ff19e31058ae5626d0c9380b42c5a288a6e7cff27d2a889a8dacc6ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thesun.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
pp8nkF1DaFkiWHASiYKQ3wrKMAUyupqP
content-encoding
br
via
1.1 c772176b119045d2ed52ef4f42db5fe0.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 03:52:25 GMT
last-modified
Fri, 10 Mar 2023 17:27:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD79-C2
age
33
x-amz-server-side-encryption
AES256
etag
W/"a25e95c3404d8d967f723d96dca9a663"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ooAP8pSs3VZxFiwpDHd8yw_tSc7PTjFxTS1ZN_1oZucagNF5bCkE9A==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ Frame B464 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsinternational/thesun.widgets/202302201324&cb=1702093977557
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsinternational/thesun.widgets/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:f400:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thesun.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sat, 09 Dec 2023 03:47:07 GMT
via
1.1 c772176b119045d2ed52ef4f42db5fe0.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C2
age
350
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
kpZZ-K7_MYZX84sUkcpeUH0WCoLyQX3m-3ANAESCHiL8r6f_Uc7A_w==
pxid
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co/v2.0/ Frame B464 		46 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co/v2.0/pxid?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
7cdfcc820ef837a584df7e51bfc5f9d5d567bc40b12d7870ef52a148bcb8a7a9

Request headers

Referer
https://www.thesun.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 09 Dec 2023 03:52:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thesun.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ Frame B464 		11 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thesun.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 03:52:57 GMT
an-x-request-uuid
31af9397-c979-4f8f-9bab-bbf6959a987c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thesun.co.uk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.74; 38.132.118.74; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
aa7973e9-1d7f-422b-ad75-c1f59a59a2c4
https://www.thesun.co.uk/ Frame B464 		379 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thesun.co.uk/aa7973e9-1d7f-422b-ad75-c1f59a59a2c4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d83f45fcd0dbe52a35f6e29b29c1a6ec8135b6a2e2ce67ef94e60316f5a1292

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
388235
Content-Type
495580ea-996b-4c23-95a1-7433cb239819
https://www.thesun.co.uk/ Frame B464 		379 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thesun.co.uk/495580ea-996b-4c23-95a1-7433cb239819
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d83f45fcd0dbe52a35f6e29b29c1a6ec8135b6a2e2ce67ef94e60316f5a1292

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
388235
Content-Type
geoip
api.permutive.com/v2.0/ Frame B464 		279 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e95289074f070240dccdabd849d35d5c3f57f9c9bfb9d5ffe538aac12d1926aa

Request headers

Referer
https://www.thesun.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 09 Dec 2023 03:52:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thesun.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
194
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-models.bin
cdn.permutive.com/models/v2/ Frame B464 		148 KB
104 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-models.bin
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12b2887a5e9e96c63819bcb0c1535c863a5cc7bc431a9a2d9c25e88b449b39e

Request headers

Referer
https://www.thesun.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 09 Dec 2023 03:52:57 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad
age
0
x-guploader-uploadid
ABPtcPqgxcioMQqsvrwc0_Htq7U-FM-SHvkApTB5HsTWhGztnbeo6L5ORSnHI9kexJDmupmF2oTSWungIvgoAmLlnLzKawwKMdy9
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
105432
last-modified
Mon, 04 Dec 2023 14:24:37 GMT
server
cloudflare
etag
"d7e56fd020401bb4a5231a9754793878"
vary
Accept-Encoding
x-goog-generation
1701699877495634
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=1ZVGJg==, md5=1+Vv0CBAG7SlIxqXVHk4eA==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
105432
accept-ranges
bytes
timing-allow-origin
*
cf-ray
832a4c61a977288e-MIA
expires
Sat, 09 Dec 2023 03:33:06 GMT
identify
api.permutive.com/v2.0/ Frame B464 		50 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e6065f0ed3a576dc761902e3b48d17850e770c9d8c1e184a384cd5274e6253f4

Request headers

Referer
https://www.thesun.co.uk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 09 Dec 2023 03:52:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thesun.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| atOptions function| NewsUKWidgetIframe function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Domain/Path Name / Value
.alphanews.online/ Name: _ga_1R1SHZ8ZEL
Value: GS1.1.1702093977.1.0.1702093977.0.0.0
.alphanews.online/ Name: _ga
Value: GA1.1.170852071.1702093977
www.thesun.co.uk/ Name: nuk_customer_country_code
Value: US
.thesun.co.uk/ Name: permutive-id
Value: 7a860395-3183-4223-bb89-8233e9596220
.88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co/ Name: pxid
Value: 16dc7f21-95c2-4788-9183-f4e3fe391e2b

9 Console Messages

Source Level URL
Text
javascript warning URL: https://hbr.alphanews.online/(Line 55)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://frequencyfeelhoneymoon.com/c3e9c93c8b9d7cf4658aaba6e675ec73/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://hbr.alphanews.online/(Line 55)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://frequencyfeelhoneymoon.com/c3e9c93c8b9d7cf4658aaba6e675ec73/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://frequencyfeelhoneymoon.com/45/bd/d8/45bdd8e0aa745483e351793c5c18c483.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://frequencyfeelhoneymoon.com/e920b78b69b7b6db8b5b40a5c434f4a9/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://frequencyfeelhoneymoon.com/c3e9c93c8b9d7cf4658aaba6e675ec73/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://hbr.alphanews.online/(Line 84)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://frequencyfeelhoneymoon.com/3b559ff5e081015a90c64ed40c0eb613/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://hbr.alphanews.online/(Line 84)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://frequencyfeelhoneymoon.com/3b559ff5e081015a90c64ed40c0eb613/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://frequencyfeelhoneymoon.com/3b559ff5e081015a90c64ed40c0eb613/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://www.thesun.co.uk/pollingwidgets/v3/polling
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co
api.permutive.com
cdn.permutive.com
frequencyfeelhoneymoon.com
hbr.alphanews.online
ib.adnxs.com
tags.tiqcdn.com
www.google-analytics.com
www.googletagmanager.com
www.thesun.co.uk
18.165.83.84
192.243.59.13
2600:9000:20e2:f400:7:2bfb:7c00:93a1
2606:4700::6811:7711
2607:f8b0:4006:80b::200e
2607:f8b0:4006:821::2008
34.107.254.252
35.241.9.51
45.153.185.164
68.67.178.10
055ccf410d06e2736e2210ae826ccccee7835a0e2ff855a55106bb1902f7472a
112c004dcef9579302f8619eab8b0b8e59a92d18e822d559fe1d989770d446cf
2001b5ded59f1515d9f0a6ede41f5007b44560c1e80819bb1ab134be5df527ef
2782d571061e9144333496fb9beddc8d5edd2b8d2476b4045e482945f7d3f2f5
278da0c3cc81396aff23ca31923e69c1ed9466841db69ee80a4b474abcc33129
2ed2bc51445adfa90f3c75e6fca27df9ef0029ed45f03f5bd3f829ddad6bc5f1
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3c24636364ce5e4ce48bda4cc66033dc0c8dcdc5b64c3972c97b69a218750966
4ae34914231e28bff804bf122113a58cc071a1546e702ab2709948e2ae4d66ed
4fe2d9cc5c2b80660dc8e2a320f826ef89e37c0af2336005203fa2a374495889
59e78e1107c1e4496b81f8a520ae3d6edeb1a46b3bb446083d1a23d48bef1f05
638bb5e2eb50f8081bbee1b1445c53839f65e2f4ed923557ba2c133e37e53f31
65b76ececa1df43bedb4ee6cb513a1ddb6d72bc233972d96193bdb02f7c705d2
7cdfcc820ef837a584df7e51bfc5f9d5d567bc40b12d7870ef52a148bcb8a7a9
7d28d202b02eb0f5c829a1eceea5283bcbb3cba40eebcb5e1879c56eef3f8ca8
87f07abff9162c5986cd0cb71c03e970b65469aefb58e5fb7415d3148231265a
889b8d63a39f85af144d96b68ecbba0672765009c70186ba94057f5a880fd62e
8d83f45fcd0dbe52a35f6e29b29c1a6ec8135b6a2e2ce67ef94e60316f5a1292
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a9a92c89ff19e31058ae5626d0c9380b42c5a288a6e7cff27d2a889a8dacc6ae
ba9f01183e1ae4e62f8da94dd41399d276ed39b8b891c948217acfa7bbd6b402
bd81e8276ae4993752b6a42f9659a720b6226e1cc83dde249794febb4634b33e
bd8e46dcb1f81e9b1c303f392f397d5d5f994a44ae1115ec038e7c5b10af8922
ce87f2ea3da02fb9678c05927cd114112e62186a856f096fb77904af2ebcdd80
d2fb3f981bb04951bccdad2d9447ffd82c738f6e1ebe28d862b058cd149cf533
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6065f0ed3a576dc761902e3b48d17850e770c9d8c1e184a384cd5274e6253f4
e95289074f070240dccdabd849d35d5c3f57f9c9bfb9d5ffe538aac12d1926aa
f12b2887a5e9e96c63819bcb0c1535c863a5cc7bc431a9a2d9c25e88b449b39e
ff0f6ffe2956723a64448a32961c9452cbd623ded87864ffbf32db59a526442b