www.nubiantravel.com Open in urlscan Pro
118.139.176.146 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nubiantravel.com/
Submission Tags: @ecarlesi threat phishing govuk Search All
Submission: On November 14 via api (November 14th 2024, 5:21:38 pm UTC) from IT — Scanned from SG

Summary HTTP 40 Redirects Links 9 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 40 HTTP transactions. The main IP is 118.139.176.146, located in Singapore, Singapore and belongs to . The main domain is www.nubiantravel.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 10th 2024. Valid for: 3 months.

This is the only time www.nubiantravel.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

	IP Address		AS Autonomous System
4	118.139.176.146 118.139.176.146		() ()
29	2600:9000:23d... 2600:9000:23d2:5000:7:39da:8600:21		() ()
2 4	23.52.40.177 23.52.40.177		20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
40	4

4 118.139.176.146 (Singapore, Singapore)

ASN- ()
PTR: 146.176.139.118.host.secureserver.net

www.nubiantravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:23d2:5000:7:39da:8600:21 (United States)

ASN- ()

d84m3d9lv2bko.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.52.40.177 (Singapore, Singapore) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-52-40-177.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	cloudfront.net d84m3d9lv2bko.cloudfront.net	843 KB
4	wsimg.com 2 redirects img1.wsimg.com — Cisco Umbrella Rank: 12304	21 KB
4	nubiantravel.com www.nubiantravel.com	20 KB
40	3

	Domain	Requested by
29	d84m3d9lv2bko.cloudfront.net	www.nubiantravel.com d84m3d9lv2bko.cloudfront.net
4	img1.wsimg.com	2 redirects www.nubiantravel.com
4	www.nubiantravel.com	d84m3d9lv2bko.cloudfront.net www.nubiantravel.com
40	3

This site contains links to these domains. Also see Links.

Domain
www.gov.uk
resources.companieshouse.gov.uk
follow.company-information.service.gov.uk
www.smartsurvey.co.uk
developer.companieshouse.gov.uk
www.nationalarchives.gov.uk

Subject Issuer	Validity	Valid
nubiantravel.com ZeroSSL RSA Domain Secure Site CA	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.nubiantravel.com/
Frame ID: 53EC8C0D36DB8F54EAE0D836E873A972
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NUBIAN TRAVEL GOD DAY – Find and update company information – NUBIAN TRAVEL LTD – Free company information from Companies House including registered office address, filing history, accounts, annual re

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

GOV.UK Frontend (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

govuk-frontend(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

40
Requests

83 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

884 kB
Transfer

1124 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gov.uk/
Title: GOV.UK

Search URL Search Domain Scan URL

URL: http://resources.companieshouse.gov.uk/serviceInformation.shtml#compInfo
Title: Companies House does not verify the accuracy of the information filed(link opens a new window)

Search URL Search Domain Scan URL

URL: https://follow.company-information.service.gov.uk/company/12790772/confirm-follow?return_to=https://find-and-update.company-information.service.gov.uk/company/12790772
Title: Follow this company

Search URL Search Domain Scan URL

URL: https://www.smartsurvey.co.uk/s/getcompanyinformation/
Title: Tell us what you think of this service(link opens a new window)

Search URL Search Domain Scan URL

URL: http://resources.companieshouse.gov.uk/legal/termsAndConditions.shtml
Title: Policies Link opens in new tab

Search URL Search Domain Scan URL

URL: https://www.gov.uk/government/organisations/companies-house#org-contacts
Title: Contact us Link opens in new tab

Search URL Search Domain Scan URL

URL: https://developer.companieshouse.gov.uk/
Title: Developers Link opens in new tab

Search URL Search Domain Scan URL

URL: https://www.gov.uk/government/organisations/companies-house
Title: Companies House

Search URL Search Domain Scan URL

URL: https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/
Title: © Crown copyright

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

Request Chain 22

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

40 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.nubiantravel.com/	62 KB 13 KB	162ms 110ms	Document text/html	118.139.176.146
General Check archive.org Show headers Download Go to Full URL https://www.nubiantravel.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 118.139.176.146 Singapore, Singapore, ASN (), Reverse DNS 146.176.139.118.host.secureserver.net Software Apache / PHP/8.2.24 Resource Hash `c3b0a77354d8b085eb7c2d3283be2d76a2eb160c226b9cf8241b37d4bdad479f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-encoding br content-length 13637 content-type text/html; charset=UTF-8 date Thu, 14 Nov 2024 17:21:23 GMT link <https://www.nubiantravel.com/wp-json/>; rel="https://api.w.org/" server Apache vary Accept-Encoding x-powered-by PHP/8.2.24
GET H2	200	govuk-frontend-3.11.0.min.css d84m3d9lv2bko.cloudfront.net/stylesheets/govuk-frontend/v3.11.0/	100 KB 101 KB	69ms 12ms	Stylesheet text/css	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/stylesheets/govuk-frontend/v3.11.0/govuk-frontend-3.11.0.min.css Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `351bfc206431dbaec8dac01ac161b2795113ddb8cd3b3d8b801f4b66301a82af` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "b839e007162f86224a212fd307a9469b" age 2617951 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 102594 x-amz-cf-id YYs9BuMGZx_zun036hYlFMsUlQOIpyX1g-CRE0kpW0hhwvAzO54ajg== date Tue, 15 Oct 2024 10:08:54 GMT content-type text/css last-modified Mon, 14 Oct 2024 10:58:42 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	ch.gov.uk.css d84m3d9lv2bko.cloudfront.net/stylesheets/	110 KB 110 KB	90ms 33ms	Stylesheet text/css	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/stylesheets/ch.gov.uk.css Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `1985bb3d865aabd954e8057d212b75a4464fbc0c3a0d598c3069ca18c6caa4d1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "75c36ea6220b2316fb9547a9c0d520a6" age 2617951 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 112199 x-amz-cf-id HH-9hhadL0YcNPS4sxE5Z3WaWLroQqjrfYo03L8pyN9j-fZpBUADWQ== date Tue, 15 Oct 2024 10:08:54 GMT content-type text/css last-modified Mon, 14 Oct 2024 10:58:38 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	jquery-ui.css d84m3d9lv2bko.cloudfront.net/stylesheets/	33 KB 34 KB	111ms 55ms	Stylesheet text/css	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/stylesheets/jquery-ui.css Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `94d4f74e8bfad03d7953570f73480f3e5bf06d780eb814131f37f34a72ef23e0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "a3451ac06aaa58fad293bd21d6debd69" age 2617951 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 34078 x-amz-cf-id jVVfdGJCncxhXk96WTreHGkQU8n9ExVjN__J7xrG1_7RPaWvT7p0Tw== date Tue, 15 Oct 2024 10:08:54 GMT content-type text/css last-modified Mon, 14 Oct 2024 10:58:51 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	require.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/	81 KB 81 KB	116ms 59ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `da8936c02cb9af21f788c1943dd8e7c11c9cffbe3acee3e0883ea8942cd14fcc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "43abce728c6099a4ccf7ba721ab000d1" age 2617939 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 82444 x-amz-cf-id aQf1jSy8_DkELjHHW2JtXZHrqJS0c1DcX5qMOcwqfyVtYvJBr-ZQ2A== date Tue, 15 Oct 2024 10:09:06 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:58:11 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	accounts-pdf.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/app/	6 KB 6 KB	137ms 81ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/app/accounts-pdf.js Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `69d4189e16db7ee64eaefe4f3b259abdf5b283b6a54efadc7925a34231e1be87` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "248a4bea4da9a1f6c719bb2c55311985" age 2617939 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 5640 x-amz-cf-id qRSfDgXe6BapDJcX0fovzEJgqZ7tdthsMQNHPsNJ5FBr6ULMpAruNQ== date Tue, 15 Oct 2024 10:09:06 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:52 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	details-polyfill.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/lib/	6 KB 6 KB	138ms 82ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/lib/details-polyfill.js Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `3f4a89fce3cd20777bc80a638ed53c3adffc5ecd70cddff8d07cd65e74c38e5a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "81ca9a556597cc5d65c311658813f644" age 2617939 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 5801 x-amz-cf-id wJ4-cyudG54rnxdwuIbVWJgF7BZkeo-wQHsdccWYTF-S73_5rElCNA== date Tue, 15 Oct 2024 10:09:06 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:57 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	generate-document.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/app/	6 KB 6 KB	162ms 106ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/app/generate-document.js Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `7ed6315ce40ddd1332b1551f582764490532d8a3428f9276dfe187f0b64211a8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "7363b38a515c8bef0445396f1d26defe" age 2617938 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 6138 x-amz-cf-id WEywBC6ztu2r5zhJadxf7BhhD0Xew0C8DWTZQvHZlCTUkT1AhTXKEg== date Tue, 15 Oct 2024 10:09:07 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:53 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	update-filing-history-link.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/app/	733 B 1 KB	159ms 104ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/app/update-filing-history-link.js Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `6cd2e6ac6636d20620006ffaca13f1fa33f1f4ca407724d38a62a1b3b7190925` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "1a48725f6fe1d0a4f06b6bb7f8128585" age 2617938 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 733 x-amz-cf-id itgeA21aKBWUsalcmg_De4wAt9ClQ7QqarZ-kH9bYCXA2BcE2qYGSw== date Tue, 15 Oct 2024 10:09:07 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:54 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	jquery-1.12.4.min.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/	95 KB 95 KB	139ms 84ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/jquery-1.12.4.min.js Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "4f252523d4af0b478c810c2547a63e19" age 2617938 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 97163 x-amz-cf-id GEE4Es2MrW9Sz3Nx9jJNwAUpw-2kWr-AD2mrI3mMg4UlJZaZgS8nkA== date Tue, 15 Oct 2024 10:09:07 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:58 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	cookie-consent-1.0.0.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/app/cookie-consent/	6 KB 6 KB	160ms 105ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/app/cookie-consent/cookie-consent-1.0.0.js Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `e35d080744aa63bd519307797437075b9d63947f7d712b0ed26c42603583383a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "4f1b23ffc88798dd94d5d16c098d14c9" age 2617938 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 5937 x-amz-cf-id Cj12IgcP1UgkfIUqhtmm9Ht-QhWBjLg4hU1ny21qXsyYD_FhIqHFAg== date Tue, 15 Oct 2024 10:09:07 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:52 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	scc-c2.min.js Show response img1.wsimg.com/signals/js/clients/scc-c2/ Redirect Chain https://img1.wsimg.com/traffic-assets/js/tccl.min.js https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js	105 KB 21 KB	14ms 14ms	Script text/javascript	23.52.40.177 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Server 23.52.40.177 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-40-177.deploy.static.akamaitechnologies.com Software / Resource Hash `1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers content-encoding gzip x-amz-meta-version 0.4.7 etag "6a7950cc31489069917bf817b62b2bfe" x-amz-version-id 4pexUB2ckSZgPfbjokD3loiC8DEV2lsi expires Thu, 14 Nov 2024 17:51:24 GMT date Thu, 14 Nov 2024 17:21:24 GMT last-modified Tue, 24 Sep 2024 20:55:06 GMT content-type text/javascript vary Accept-Encoding x-amz-id-2 ya8H/gvTVyPFcfmSyBE3V3izdti7/c4HCpUap0azmsTN+42PsSATzZsEgIsqDLVa+ser1Q7t/Vg= cache-control max-age=1800 timing-allow-origin * x-amz-request-id 258C83KMKB1H0YWR accept-ranges bytes access-control-allow-origin * content-length 20968 x-amz-server-side-encryption AES256 Redirect headers expires Fri, 14 Nov 2025 17:21:24 GMT cache-control max-age=31536000 location https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js content-length 0 access-control-allow-origin * date Thu, 14 Nov 2024 17:21:24 GMT timing-allow-origin *
GET		895477da-ce25-4cad-9ca0-16d1a5eebe3a https://www.nubiantravel.com/	0 0

GET H2	200	print.css d84m3d9lv2bko.cloudfront.net/stylesheets/	2 KB 2 KB	50ms 49ms	Stylesheet text/css	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/stylesheets/print.css Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `950902eb8e778c93ff0be1c1298bdc245297e26334d9e38ae874ae1b84985958` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "8321b5d27bfd632130bb39659bcf1662" age 2617950 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 2015 x-amz-cf-id _HL06Dio2oY2AdkQWqe_4miHx-IrtngQAiu2SDW5zTwRjSV7wcDPFQ== date Tue, 15 Oct 2024 10:08:55 GMT content-type text/css last-modified Mon, 14 Oct 2024 10:58:52 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	404	jquery.js www.nubiantravel.com/	0 0	115ms 115ms	Script text/html	118.139.176.146
General Check archive.org Show headers Download Go to Full URL https://www.nubiantravel.com/jquery.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 118.139.176.146 Singapore, Singapore, ASN (), Reverse DNS 146.176.139.118.host.secureserver.net Software Apache / PHP/8.2.24 Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers link <https://www.nubiantravel.com/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 content-encoding br expires Wed, 11 Jan 1984 05:00:00 GMT content-length 8016 date Thu, 14 Nov 2024 17:21:24 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/8.2.24 vary Accept-Encoding server Apache
GET H2	200	require-global-config.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/	5 KB 6 KB	9ms 9ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/require-global-config.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `ca27fd17665bc886e4047a38857b8e374e3e1aaf14e4add71357883ecbb1eb21` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "9a735632509289045c05881ba598e3dc" age 2617937 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 5506 x-amz-cf-id BEgdFerS2DuYvCIZ3s8te3CyJmlmEwVtpaDIo6KCYHpaXsOqRARQAw== date Tue, 15 Oct 2024 10:09:08 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:57 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	search-button.png d84m3d9lv2bko.cloudfront.net/images/search/	588 B 994 B	20ms 18ms	Image image/png	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Show image Full URL https://d84m3d9lv2bko.cloudfront.net/images/search/search-button.png Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/stylesheets/ch.gov.uk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `0ae3883c51ecbc0e0c43a3bf60d67bce3a010c7a33334731dad0ba12e1f48295` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://d84m3d9lv2bko.cloudfront.net/stylesheets/ch.gov.uk.css Response headers cache-control max-age=315360000, public etag "795debf6237fda4dd26d4dbd27bd97b4" age 2617937 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 588 x-amz-cf-id 2axzLwB3XjZbi34bcnuGAa2AZpa0a_5JPcGUNWS1qidxwxZNmgkmig== date Tue, 15 Oct 2024 10:09:08 GMT content-type image/png last-modified Mon, 14 Oct 2024 10:57:46 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	icon-important-red.png d84m3d9lv2bko.cloudfront.net/images/icon/	3 KB 4 KB	20ms 18ms	Image image/png	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Show image Full URL https://d84m3d9lv2bko.cloudfront.net/images/icon/icon-important-red.png Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/stylesheets/ch.gov.uk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `425d55854bb84f63f2935746782d00d910f85908081ecab606c3eddc34a8ea49` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://d84m3d9lv2bko.cloudfront.net/stylesheets/ch.gov.uk.css Response headers cache-control max-age=315360000, public etag "cbfeaf0e19ef0bf853413e85d02f342d" age 2617784 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 3565 x-amz-cf-id 803Cf64f-5d_mJr7g_XpxIRsvaC_xvzpxhFLbCtZBHeAsprCmFywWQ== date Tue, 15 Oct 2024 10:11:41 GMT content-type image/png last-modified Mon, 14 Oct 2024 10:57:46 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	govuk-crest.png d84m3d9lv2bko.cloudfront.net/images/	4 KB 4 KB	20ms 19ms	Image image/png	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Show image Full URL https://d84m3d9lv2bko.cloudfront.net/images/govuk-crest.png Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/stylesheets/govuk-frontend/v3.11.0/govuk-frontend-3.11.0.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://d84m3d9lv2bko.cloudfront.net/stylesheets/govuk-frontend/v3.11.0/govuk-frontend-3.11.0.min.css Response headers cache-control max-age=315360000, public etag "bcd5768bd7721641ee71ba103bb38900" age 2617937 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 3584 x-amz-cf-id C1CWepJkQ3eM2T6rV4lM2AHTCHB1TUyCenG7ZMeAmZri3Lr-atui0w== date Tue, 15 Oct 2024 10:09:08 GMT content-type image/png last-modified Mon, 14 Oct 2024 10:57:42 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET		light-94a07e06a1-v2.woff2 d84m3d9lv2bko.cloudfront.net/fonts/	0 0

GET		bold-b542beb274-v2.woff2 d84m3d9lv2bko.cloudfront.net/fonts/	0 0

GET H2	200	feedback.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/app/	699 B 1 KB	7ms 7ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/app/feedback.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `6ebac0d4f945399bc492ad12fbb7c5d3e4812da7d61c7fd9aabfff4586f4f49c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "c97e0a15065bc95ad08c957234645726" age 2617936 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 699 x-amz-cf-id iTv-gibkDpFecFCc9mvWB35d_pCLmCZ1fsKqWb7T3bDM6vwA5TB8yQ== date Tue, 15 Oct 2024 10:09:09 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:53 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	ch_default.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/app/	449 B 865 B	7ms 7ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/app/ch_default.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `199c1f1063eee3a0591fdcf3b2e0e8b16465c803e9f4fddfbf14c5e3643cd8b8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "6e50b2c9bbdac07f208bd5f2c7f419d1" age 2617937 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 449 x-amz-cf-id Wa73-HK_y4fsH8rCBXmCxcGW3yLxXES9rdL6Xj9pkBVYuj6n1cFqow== date Tue, 15 Oct 2024 10:09:08 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:52 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	scc-c2.min.js Show response img1.wsimg.com/signals/js/clients/scc-c2/ Redirect Chain https://img1.wsimg.com/traffic-assets/js/tccl.min.js https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js	105 KB 0	0ms 0ms	Script text/javascript	23.52.40.177 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Server 23.52.40.177 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-52-40-177.deploy.static.akamaitechnologies.com Software / Resource Hash `1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers content-encoding gzip x-amz-meta-version 0.4.7 etag "6a7950cc31489069917bf817b62b2bfe" x-amz-version-id 4pexUB2ckSZgPfbjokD3loiC8DEV2lsi expires Thu, 14 Nov 2024 17:51:24 GMT date Thu, 14 Nov 2024 17:21:24 GMT last-modified Tue, 24 Sep 2024 20:55:06 GMT content-type text/javascript vary Accept-Encoding x-amz-id-2 ya8H/gvTVyPFcfmSyBE3V3izdti7/c4HCpUap0azmsTN+42PsSATzZsEgIsqDLVa+ser1Q7t/Vg= cache-control max-age=1800 timing-allow-origin * x-amz-request-id 258C83KMKB1H0YWR accept-ranges bytes access-control-allow-origin * content-length 20968 x-amz-server-side-encryption AES256 Redirect headers expires Fri, 14 Nov 2025 17:21:24 GMT cache-control max-age=31536000 location https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js content-length 0 access-control-allow-origin * date Thu, 14 Nov 2024 17:21:24 GMT timing-allow-origin *
GET H2	200	modernizr.custom.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/	8 KB 8 KB	15ms 14ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/modernizr.custom.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `9fc69c542e0c3039cf43fbd865ecf0351b82ab66558df2c347b33e4d3c6c19ab` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "b7fc53ce79a37c6ba41cd56648591451" age 2617936 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 8159 x-amz-cf-id tBFKLIZ9AqBTYoLvjXEwYrG79511ocY0YDc5NUSdn_MJTDNqwC7CVQ== date Tue, 15 Oct 2024 10:09:09 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:58:11 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	MobileMenu.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/lib/	694 B 1 KB	15ms 13ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/lib/MobileMenu.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `ae0114ac6cfea36338eafb2ae4b921f196165a4b51fcecfadad7019c62bf1c4b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "f1d99f3997905e49a0e072b0a61d213b" age 2617936 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 694 x-amz-cf-id N2eoeOapvT8QUJi-jbuG8cKZqy7gPvOfVhc4KQcpEE1EIGmLU3SZJA== date Tue, 15 Oct 2024 10:09:09 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:55 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	jquery-ui.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/	232 KB 232 KB	14ms 13ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/jquery-ui.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `3dbb478ba380ba8891df3120e3c9cce10d2fedb87ce95c58099944ed9d2252a8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "530a05c7ca80418866d2d14f79b56a88" age 2617923 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 237109 x-amz-cf-id Pqm1_i_iQ3QUiXFV-pwIjHGYifLHEqk1nU30yLjV0MMuF-ymkRWfVQ== date Tue, 15 Oct 2024 10:09:22 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:58:01 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	jquery.simplePagination.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/flaviusmatis-simplePagination/	9 KB 9 KB	76ms 75ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/flaviusmatis-simplePagination/jquery.simplePagination.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `44bd7fcfb2a7485bbcd41c9a38ac3d91908079ee63d2db4e8021f39c98c254b8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "afb12993b811012ffce5caaa64d1f87b" age 2617926 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 9060 x-amz-cf-id W67mjFNfg2pjeLu_RyjX37dW4lCe6XwWZRMx91_ii51Y-RJoDihjKg== date Tue, 15 Oct 2024 10:09:19 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:57 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	jquery.html5-placeholder-shim.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/	3 KB 4 KB	77ms 77ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/jquery.html5-placeholder-shim.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `b4f630faa026499a5bd3902e54fe8959fced11125f518e3a25bae95412538088` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "6408666160766474722fa8051395936e" age 2617926 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 3373 x-amz-cf-id A7EXLrRzsSLfA1AA6GM-Od7INvcrRspvZkYK5tYOYc7nWSxKQAqpQQ== date Tue, 15 Oct 2024 10:09:19 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:58:01 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	wp-emoji-release.min.js Show response www.nubiantravel.com/wp-includes/js/	18 KB 5 KB	25ms 24ms	Script text/javascript	118.139.176.146
General Check archive.org Show headers Download Go to Full URL https://www.nubiantravel.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7 Requested by Host: www.nubiantravel.com URL: https://www.nubiantravel.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 118.139.176.146 Singapore, Singapore, ASN (), Reverse DNS 146.176.139.118.host.secureserver.net Software Apache / Resource Hash `4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers content-encoding br etag "1051ee6-4926-61bdf6e5539c0-br" accept-ranges bytes content-length 4667 date Thu, 14 Nov 2024 17:21:24 GMT last-modified Thu, 27 Jun 2024 13:51:43 GMT vary Accept-Encoding server Apache content-type text/javascript
GET H2	200	mustache.named.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/	16 KB 17 KB	75ms 73ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/mustache.named.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `fe4a4eeeeab1bf5b4cc8cb7e665a09c75dc5ff38d77940342cbb89492a0c9c7d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "eed215008e0c3f1c6234a3f354822f3e" age 2617936 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 16678 x-amz-cf-id 0o3ZWOTWd0euyfAee6NW0zPNXKamS9pLiQfrbS_QtlQRMaTc7fYm7w== date Tue, 15 Oct 2024 10:09:09 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:58:11 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	Feedback.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/lib/	5 KB 5 KB	76ms 74ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/lib/Feedback.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `b3ce4983e54ba520910bb791e6d598a5aae401f1e477f872c384897b5adb12be` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "1504b143b010936cf2ad8b223a73a7e3" age 2617935 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 4638 x-amz-cf-id eJ2WEuoEC55Ax1itJJzZfMAVTiC3IwO40lBwqfiufPM4afGjhikxOw== date Tue, 15 Oct 2024 10:09:09 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:55 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	search.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/app/	975 B 1 KB	70ms 70ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/app/search.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `d907938c14b34994b29feeaa757656ac0c35e956b2cb3068a1086544a10fcdc0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "d4eb58b62ab5065414c35181db5297f8" age 2617923 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 975 x-amz-cf-id xKouOMxaPk49r_BnyFEI3gidMCwtPg-I5QcS0o-_KxXIo0ra-nbSHw== date Tue, 15 Oct 2024 10:09:22 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:53 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET		light-f591b13f7d-v2.woff d84m3d9lv2bko.cloudfront.net/fonts/	0 0

GET		bold-affa96571d-v2.woff d84m3d9lv2bko.cloudfront.net/fonts/	0 0

GET H2	200	jquery-ui-i18n.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/	61 KB 61 KB	9ms 9ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/jquery-ui-i18n.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `d11858db4b8ee8752af51cd291e4e835634efbd47b9b2d0de776f1d191af468b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "3e533e79520c92b88eaca61b2a77a338" age 2617916 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 61968 x-amz-cf-id YZ-myoheZ8Ist46h1_Rrhd_r5Aac48gZlpqLTvCcDj2ejK7QPI2dDQ== date Tue, 15 Oct 2024 10:09:29 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:58:00 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	jquery-mustache.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/	7 KB 7 KB	10ms 10ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/jquery-mustache.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `1cc4c501a5a4d0e41c577424b20e0e65c524a7871867345169f2a784d95eb5ea` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "dbfc7fb1600e4c503896f0c1168758a1" age 2617922 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 6740 x-amz-cf-id 1IMCTmyYeGhO-Bw-vJh1DuA8Pw-xpTPVhIV00mdGbaCr1-WPH5lX_w== date Tue, 15 Oct 2024 10:09:22 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:59 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	Search.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/lib/	22 KB 23 KB	12ms 11ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/lib/Search.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `36220a126235f33a1bdd15718aea72f8cceb9a77989ed3f88a9fd4b6c600493c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "1ad8f95c372dfd7b34bb24b51a8299c4" age 2617922 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 22902 x-amz-cf-id KS9mfydEZI-7rpIqCSfGVNiQm1Op5CXwmiaLEi4ORUJ4FCO8Ir511w== date Tue, 15 Oct 2024 10:09:23 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:57:55 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	jquery.ajaxmanager.js Show response d84m3d9lv2bko.cloudfront.net/javascripts/vendor/	9 KB 10 KB	10ms 9ms	Script application/javascript	2600:9000:23d2:5000:7:39da:8600:21
General Check archive.org Show headers Download Go to Full URL https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/jquery.ajaxmanager.js Requested by Host: d84m3d9lv2bko.cloudfront.net URL: https://d84m3d9lv2bko.cloudfront.net/javascripts/vendor/require.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23d2:5000:7:39da:8600:21 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash `e93f4cb25d0114b952c0327c920a4ea129170e68b32a4c46a4cb5ccb662873c1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers cache-control max-age=315360000, public etag "032f9133b5849fad513939dc74cd8995" age 2617916 via 1.1 89e0f7fe83654daab1249038dbcbb4ce.cloudfront.net (CloudFront) expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes x-cache Hit from cloudfront content-length 9304 x-amz-cf-id kpw-NgvEpiOaF5gmogst3GIyBroCCZFkWaoTbDglpYG0sMMqh-zttg== date Tue, 15 Oct 2024 10:09:29 GMT content-type application/javascript last-modified Mon, 14 Oct 2024 10:58:01 GMT server AmazonS3 x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256
GET H2	200	cropped-SSS-32x32.png www.nubiantravel.com/wp-content/uploads/2024/11/	2 KB 2 KB	10ms 10ms	Other image/png	118.139.176.146
General Check archive.org Show headers Download Go to Full URL https://www.nubiantravel.com/wp-content/uploads/2024/11/cropped-SSS-32x32.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 118.139.176.146 Singapore, Singapore, ASN (), Reverse DNS 146.176.139.118.host.secureserver.net Software Apache / Resource Hash `ddcab6aad263e9e4b435fad9edd4576097d7e85f0f230a85244d6f698668f3e2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.nubiantravel.com/ Response headers accept-ranges bytes content-length 1722 etag "fa64af-6ba-6268d1e189b7b" date Thu, 14 Nov 2024 17:21:24 GMT last-modified Sun, 10 Nov 2024 11:16:37 GMT content-type image/png server Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.nubiantravel.com
URL: blob:https://www.nubiantravel.com/895477da-ce25-4cad-9ca0-16d1a5eebe3a

Domain: d84m3d9lv2bko.cloudfront.net
URL: https://d84m3d9lv2bko.cloudfront.net/fonts/light-94a07e06a1-v2.woff2

Domain: d84m3d9lv2bko.cloudfront.net
URL: https://d84m3d9lv2bko.cloudfront.net/fonts/bold-b542beb274-v2.woff2

Domain: d84m3d9lv2bko.cloudfront.net
URL: https://d84m3d9lv2bko.cloudfront.net/fonts/light-f591b13f7d-v2.woff

Domain: d84m3d9lv2bko.cloudfront.net
URL: https://d84m3d9lv2bko.cloudfront.net/fonts/bold-affa96571d-v2.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings object| global function| requirejs function| require function| define object| config object| elements function| $ function| jQuery object| CookieConsent object| _paq string| path string| docTitle function| startPiwik function| stopAnalytics function| bindPiwikListener object| _trfd object| html5 object| Modernizr function| yepnope object| twemoji object| wp function| DP_jQuery_1731604884424 object| jQuery112403868032116128064 object| Mustache

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.nubiantravel.com/ Message: Access to font at 'https://d84m3d9lv2bko.cloudfront.net/fonts/light-94a07e06a1-v2.woff2' from origin 'https://www.nubiantravel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d84m3d9lv2bko.cloudfront.net/fonts/light-94a07e06a1-v2.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.nubiantravel.com/ Message: Access to font at 'https://d84m3d9lv2bko.cloudfront.net/fonts/bold-b542beb274-v2.woff2' from origin 'https://www.nubiantravel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d84m3d9lv2bko.cloudfront.net/fonts/bold-b542beb274-v2.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.nubiantravel.com/jquery.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.nubiantravel.com/ Message: Access to font at 'https://d84m3d9lv2bko.cloudfront.net/fonts/light-f591b13f7d-v2.woff' from origin 'https://www.nubiantravel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d84m3d9lv2bko.cloudfront.net/fonts/light-f591b13f7d-v2.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.nubiantravel.com/ Message: Access to font at 'https://d84m3d9lv2bko.cloudfront.net/fonts/bold-affa96571d-v2.woff' from origin 'https://www.nubiantravel.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d84m3d9lv2bko.cloudfront.net/fonts/bold-affa96571d-v2.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d84m3d9lv2bko.cloudfront.net
img1.wsimg.com
www.nubiantravel.com
d84m3d9lv2bko.cloudfront.net
www.nubiantravel.com
118.139.176.146
23.52.40.177
2600:9000:23d2:5000:7:39da:8600:21
0ae3883c51ecbc0e0c43a3bf60d67bce3a010c7a33334731dad0ba12e1f48295
1985bb3d865aabd954e8057d212b75a4464fbc0c3a0d598c3069ca18c6caa4d1
199c1f1063eee3a0591fdcf3b2e0e8b16465c803e9f4fddfbf14c5e3643cd8b8
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a
1cc4c501a5a4d0e41c577424b20e0e65c524a7871867345169f2a784d95eb5ea
351bfc206431dbaec8dac01ac161b2795113ddb8cd3b3d8b801f4b66301a82af
36220a126235f33a1bdd15718aea72f8cceb9a77989ed3f88a9fd4b6c600493c
3dbb478ba380ba8891df3120e3c9cce10d2fedb87ce95c58099944ed9d2252a8
3f4a89fce3cd20777bc80a638ed53c3adffc5ecd70cddff8d07cd65e74c38e5a
425d55854bb84f63f2935746782d00d910f85908081ecab606c3eddc34a8ea49
44bd7fcfb2a7485bbcd41c9a38ac3d91908079ee63d2db4e8021f39c98c254b8
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69d4189e16db7ee64eaefe4f3b259abdf5b283b6a54efadc7925a34231e1be87
6cd2e6ac6636d20620006ffaca13f1fa33f1f4ca407724d38a62a1b3b7190925
6ebac0d4f945399bc492ad12fbb7c5d3e4812da7d61c7fd9aabfff4586f4f49c
7ed6315ce40ddd1332b1551f582764490532d8a3428f9276dfe187f0b64211a8
94d4f74e8bfad03d7953570f73480f3e5bf06d780eb814131f37f34a72ef23e0
950902eb8e778c93ff0be1c1298bdc245297e26334d9e38ae874ae1b84985958
9fc69c542e0c3039cf43fbd865ecf0351b82ab66558df2c347b33e4d3c6c19ab
ae0114ac6cfea36338eafb2ae4b921f196165a4b51fcecfadad7019c62bf1c4b
b3ce4983e54ba520910bb791e6d598a5aae401f1e477f872c384897b5adb12be
b4f630faa026499a5bd3902e54fe8959fced11125f518e3a25bae95412538088
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
c3b0a77354d8b085eb7c2d3283be2d76a2eb160c226b9cf8241b37d4bdad479f
ca27fd17665bc886e4047a38857b8e374e3e1aaf14e4add71357883ecbb1eb21
d11858db4b8ee8752af51cd291e4e835634efbd47b9b2d0de776f1d191af468b
d907938c14b34994b29feeaa757656ac0c35e956b2cb3068a1086544a10fcdc0
da8936c02cb9af21f788c1943dd8e7c11c9cffbe3acee3e0883ea8942cd14fcc
ddcab6aad263e9e4b435fad9edd4576097d7e85f0f230a85244d6f698668f3e2
e35d080744aa63bd519307797437075b9d63947f7d712b0ed26c42603583383a
e93f4cb25d0114b952c0327c920a4ea129170e68b32a4c46a4cb5ccb662873c1
fe4a4eeeeab1bf5b4cc8cb7e665a09c75dc5ff38d77940342cbb89492a0c9c7d