urlscan.io logo urlscan.io
SecurityTrails logo

www.newsweek.com Open in urlscan Pro
54.146.60.106  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Submission: On July 22 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 16 domains to perform 51 HTTP transactions. The main IP is 54.146.60.106, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.newsweek.com.
TLS certificate: Issued by Amazon on August 28th 2018. Valid for: a year.
This is the only time www.newsweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.146.60.106 14618 (AMAZON-AES)
3 2600:9000:200... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 54.192.201.161 16509 (AMAZON-02)
1 35.186.195.222 15169 (GOOGLE)
3 151.139.128.10 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 3 35.236.211.40 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2.19.43.224 20940 (AKAMAI-ASN1)
1 52.94.220.16 16509 (AMAZON-02)
1 35.190.72.161 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2600:9000:200... 16509 (AMAZON-02)
1 35.190.36.172 15169 (GOOGLE)
51 20
1    54.146.60.106 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-146-60-106.compute-1.amazonaws.com
www.newsweek.com
3    2600:9000:200d:b600:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
sdk.privacy-center.org
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2600:9000:200d:de00:8:bd4:5580:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d275im4r3zngba.cloudfront.net
1    54.192.201.161 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-201-161.fra50.r.cloudfront.net
c.amazon-adsystem.com
1    35.186.195.222 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 222.195.186.35.bc.googleusercontent.com
query.fqtag.com
3    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
g.newsweek.com
2    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
3    35.236.211.40 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 40.211.236.35.bc.googleusercontent.com
i.clean.gg
3    2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2.19.43.224 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    52.94.220.16 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax.amazon-adsystem.com
1    35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 161.72.190.35.bc.googleusercontent.com
fqtag.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    2600:9000:200d:3400:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
dw7nrwnn2bkh1.cloudfront.net
1    35.190.36.172 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 172.36.190.35.bc.googleusercontent.com
cdn.fqtag.com
Domain Requested by
5 connect.facebook.net www.newsweek.com
d275im4r3zngba.cloudfront.net
3 www.google-analytics.com d275im4r3zngba.cloudfront.net
www.newsweek.com
3 i.clean.gg 1 redirects d275im4r3zngba.cloudfront.net
www.newsweek.com
3 g.newsweek.com www.newsweek.com
3 sdk.privacy-center.org www.newsweek.com
sdk.privacy-center.org
2 dw7nrwnn2bkh1.cloudfront.net www.newsweek.com
2 www.facebook.com www.newsweek.com
d275im4r3zngba.cloudfront.net
2 sb.scorecardresearch.com 1 redirects www.newsweek.com
1 cdn.fqtag.com d275im4r3zngba.cloudfront.net
1 www.google.de www.newsweek.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 staticxx.facebook.com d275im4r3zngba.cloudfront.net
1 fqtag.com d275im4r3zngba.cloudfront.net
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 query.fqtag.com www.newsweek.com
1 c.amazon-adsystem.com www.newsweek.com
c.amazon-adsystem.com
1 d275im4r3zngba.cloudfront.net www.newsweek.com
1 www.googletagmanager.com www.newsweek.com
1 www.googletagservices.com www.newsweek.com
1 www.newsweek.com
0 s.skimresources.com Failed d275im4r3zngba.cloudfront.net
0 gc.newsweek.com Failed www.newsweek.com
0 securepubads.g.doubleclick.net Failed www.googletagservices.com
0 d.newsweek.com Failed www.newsweek.com
51 27
Subject Issuer Validity Valid
*.newsweek.com
Amazon		 2018-08-28 -
2019-09-28		 a year crt.sh
*.privacy-center.org
Amazon		 2019-05-22 -
2020-06-22		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2018-12-18 -
2019-11-21		 a year crt.sh
forensiq.com
Let's Encrypt Authority X3		 2019-05-01 -
2019-07-30		 3 months crt.sh
g.newsweek.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-29 -
2019-09-27		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-06-06 -
2019-09-04		 3 months crt.sh
*.clean.gg
Let's Encrypt Authority X3		 2019-06-29 -
2019-09-27		 3 months crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2018-12-12 -
2019-12-10		 a year crt.sh
www.google.de
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Frame ID: 0CB8486AF1D91E1D036A2243EA1CD319
Requests: 49 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: FEE2075595D535ADE92BCACF8C1EA92F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3A8C0EB5325ACD35861F8323F07D87B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

51
Requests

67 %
HTTPS

57 %
IPv6

16
Domains

27
Subdomains

20
IPs

5
Countries

494 kB
Transfer

1684 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1563807926816&ns_c=UTF-8&c8=Couple%20Wins%20%24145M%2C%20Plans%20to%20Give%20It%20Away%3A%20%27Money%20Doesn%27t%20Bring%20You%20Happiness%27&c7=https%3A%2F%2Fwww.newsweek.com%2Feuromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1563807926816&ns_c=UTF-8&c8=Couple%20Wins%20%24145M%2C%20Plans%20to%20Give%20It%20Away%3A%20%27Money%20Doesn%27t%20Bring%20You%20Happiness%27&c7=https%3A%2F%2Fwww.newsweek.com%2Feuromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488&c9=
Request Chain 42
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-44450862-1&cid=1649798220.1563807927&jid=835671746&gjid=1880632491&_gid=661418541.1563807927&_u=aGBAgEAj~&z=225425049 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44450862-1&cid=1649798220.1563807927&jid=835671746&_v=j77&z=225425049 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44450862-1&cid=1649798220.1563807927&jid=835671746&_v=j77&z=225425049&slf_rd=1&random=812090632
Request Chain 46
  • https://i.clean.gg/1a HTTP 302
  • https://dw7nrwnn2bkh1.cloudfront.net/general.json

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
www.newsweek.com/ 		215 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.60.106 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-146-60-106.compute-1.amazonaws.com
Software
/
Resource Hash
c61c1bcc932ebe1f217068a682a6f50182a2399244d0e2509f4aca6d87c8f004
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.newsweek.com
:scheme
https
:path
/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 22 Jul 2019 15:05:26 GMT
content-type
text/html; charset=utf-8
cache-control
public, max-age=3600
content-encoding
gzip
x-b
V6.0-1 web2
age
0
vary
Accept-Encoding, User-Agent
x-cache
miss cached
x-cache-hits
0
x-forwarded-for
89.38.96.187
x-ua-device
desktop
x-geoip
NL
x-region
ZH
x-city
Naaldwijk
set-cookie
X-UA-Info=country|NL|state|ZH|city|Naaldwijk|ip|89.38.96.187|device|desktop|time|1563807926; path=/;
x-debug
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=86400; includeSubDomains
accept-ranges
bytes
loader.js
sdk.privacy-center.org/ 		1 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/loader.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:b600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
CloudFront /
Resource Hash
44e42798f3025e90fa3a2f81795839db3bd9220b9ef8b40d6b525be0edfbb1a3

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 14:27:31 GMT
content-encoding
gzip
server
CloudFront
age
2284
etag
"dbf2a4461be16765666cde413479008b"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50
content-length
621
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
x-amz-cf-id
QB5RHbI0beukaOtP2LAB_Iuk4xrxDV2DHD-ukINp4BGEJfKIqo5SVQ==
prebid.js
g.newsweek.com/www/js/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d0720006699b300a8a03045c627ef2caff2caf1beff6a79f5b449918e065ce5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 15:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"228 / 369 of 1000 / last-modified: 1563804329"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
11768
x-xss-protection
0
expires
Mon, 22 Jul 2019 15:05:26 GMT
gtm.js
www.googletagmanager.com/ 		105 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVS8NW5
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
788b51d7e82d24b48e190768ac9e23f24acbf36cff793e12b5c87305f4f21ee7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 15:05:26 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
29613
x-xss-protection
0
expires
Mon, 22 Jul 2019 15:05:26 GMT
script.js
d275im4r3zngba.cloudfront.net/ 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d275im4r3zngba.cloudfront.net/script.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:de00:8:bd4:5580:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c690fa9faebb578fc89057f8c853eb5181fb060740978df1ce51b0c2b64f22fc

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 14:56:25 GMT
content-encoding
gzip
last-modified
Thu, 18 Jul 2019 09:24:16 GMT
server
AmazonS3
age
542
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA50
x-amz-cf-id
7KpUp5BN-SxNpqkULyjbrYjDkIP4xsW4EsGuFQDwmJubp4cLbng4jQ==
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
74e6bec692626a972c7b9443c932be9e.js
g.newsweek.com/sys/js/ 		0
0
sdk.0c37977ecf9e4537a2d613b6f331bae66fcd791d.js
sdk.privacy-center.org/ 		277 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk.0c37977ecf9e4537a2d613b6f331bae66fcd791d.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:b600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
736a3ccf363efb0540819ab2cdfa15f6d5c7a6649fe6c9621ef23cf1df70926e

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 17 Jul 2019 17:14:28 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2019 17:14:21 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1563383616/ctime:1563383616/gid:0/gname:root/md5:b81c3ac1cdbee06d85b255530de22302/mode:33188/mtime:1563383616/uid:0/uname:root
age
424259
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA50
x-amz-cf-id
ek2UMPJOBvt4btMXAxoKmjzlnMMxqwkrV1K-2dVXhvVZfSFK0v7kmA==
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
advagg_font.js
g.newsweek.com/www/js/ 		0
0
7ef91e735a541f48a29b90baa48d1d96.js
g.newsweek.com/sys/js/ 		0
0
10fc9bcdb51326a5f88ed2663e6fc36c.js
g.newsweek.com/sys/js/ 		0
0
8225d98b36c095d438e00e89e2e91c5f.js
g.newsweek.com/sys/js/ 		0
0
e90a1fc21f531450bfd988595fc51859.js
g.newsweek.com/sys/js/ 		0
0
1597447c0452e3ae574a7551d0990124.js
g.newsweek.com/sys/js/ 		0
0
admarketplace.js
g.newsweek.com/www/js/ 		0
0
apstag.js
c.amazon-adsystem.com/aax2/ 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.201.161 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-201-161.fra50.r.cloudfront.net
Software
Server /
Resource Hash
63c98be8a8653cda80d5d1de76a4154ce5a1749873d1e96d01e0b99e2fe83ac3

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 21 Jul 2019 16:10:18 GMT
content-encoding
gzip
server
Server
age
82508
etag
29fbb7cffb3c643d5fca22f9b133be9b
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50
accept-ranges
bytes
x-amz-cf-id
sL-eOR7s3cfdXfTrQMHm9c8_1p3jUvvT1HWXdxH7yqP3btgNcI2g5Q==
via
1.1 da44a033908207250002410c047e8764.cloudfront.net (CloudFront)
b
query.fqtag.com/ 		82 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://query.fqtag.com/b?org=YQwTNw4Muk9XFo4QH9JJ&sk=Wxsob0fAt4ZFyMO18SqG&callback=fq_callback&p=www.newsweek.com_article&a=article&cmp=none&cb=1563807926655&url=none&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.195.222 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
222.195.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 22 Jul 2019 15:05:27 GMT
via
1.1 google
alt-svc
clear
content-length
82
icon-search-glass.svg
g.newsweek.com/www/images/ 		0
0
robotocondensed-regular-webfont.woff2
g.newsweek.com/www/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/fonts/robotocondensed-regular-webfont.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Origin
https://www.newsweek.com

Response headers

date
Mon, 22 Jul 2019 15:05:30 GMT
last-modified
Sat, 01 Jun 2019 09:09:29 GMT
server
Apache
access-control-allow-origin
*
etag
"1559380169"
x-hw
1563807930.cds070.fr8.hn,1563807930.cds110.fr8.c
content-type
application/octet-stream
status
200
cache-control
max-age=25920000
accept-ranges
bytes
content-length
20028
robotocondensed-bold-webfont.woff2
g.newsweek.com/www/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/fonts/robotocondensed-bold-webfont.woff2
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Origin
https://www.newsweek.com

Response headers

date
Mon, 22 Jul 2019 15:05:30 GMT
last-modified
Sat, 01 Jun 2019 09:09:29 GMT
server
Apache
access-control-allow-origin
*
etag
"1559380169"
x-hw
1563807930.cds070.fr8.hn,1563807930.cds061.fr8.c
content-type
application/octet-stream
status
200
cache-control
max-age=25920000
accept-ranges
bytes
content-length
20028
graphic
d.newsweek.com/widget/ 		0
0
Genericons.woff
g.newsweek.com/www/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.newsweek.com/www/fonts/Genericons.woff
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Origin
https://www.newsweek.com

Response headers

date
Mon, 22 Jul 2019 15:05:30 GMT
last-modified
Sat, 01 Jun 2019 09:09:29 GMT
server
Apache
access-control-allow-origin
*
etag
"1559380169"
x-hw
1563807930.cds070.fr8.hn,1563807930.cds137.fr8.c
content-type
application/octet-stream
status
200
cache-control
max-age=25920000
accept-ranges
bytes
content-length
13988
integrator.js
adservice.google.de/adsid/ 		109 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.newsweek.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 15:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.newsweek.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 15:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019070801.js
securepubads.g.doubleclick.net/gpt/ 		0
0
logo-n1.svg
g.newsweek.com/www/images/ 		0
0
icon-arrow-right.svg
g.newsweek.com/www/images/ 		0
0
ui-en.0c37977ecf9e4537a2d613b6f331bae66fcd791d.js
sdk.privacy-center.org/ 		159 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ui-en.0c37977ecf9e4537a2d613b6f331bae66fcd791d.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.0c37977ecf9e4537a2d613b6f331bae66fcd791d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:b600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f4beeab35a2855fa98d0ecdbe69fb970d5ec678edecae8b1146e418635ef494

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 15:01:28 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2019 17:14:13 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1562790519/ctime:1562790519/gid:0/gname:root/md5:c57b423f39dc86a65d7aa5633dcc09bf/mode:33188/mtime:1562790519/uid:0/uname:root
age
280
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA50
x-amz-cf-id
AYDKpKLIi0BAYf9l3GyDogrMtPaSQnYY5RdSiwzY1AQnttGXI1fXfg==
via
1.1 49c1155716008869942c0b84162e51aa.cloudfront.net (CloudFront)
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
99cae8131e5d36399be835658b98068c2adb6be1269d6b895582d3bb81a6876b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ethsPhEMbKNkJW+TldQ3SQ==
status
200
date
Mon, 22 Jul 2019 15:05:26 GMT
vary
Accept-Encoding
content-length
1779
x-fb-debug
sY73QUKc75dcnQQr9AM0Ucp1VxQV+11hMu9cMCxVVVq6dPIIo9SgUGpPPYnf7/BYVrQjpP4z6zlU9BUWygKzRQ==
x-fb-trip-id
997090344
x-fb-content-md5
8bb8e0b7a6c1966674955bacd46a6a71
etag
"55bdb3b0c360d9a145f1a216782f0f6f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 Jul 2019 15:25:10 GMT
counter.js
gc.newsweek.com/front/js/ 		0
0
1a
i.clean.gg/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.236.211.40 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
40.211.236.35.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Access-Control-Request-Method
POST
Origin
https://www.newsweek.com
Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-api-key

Response headers

date
Mon, 22 Jul 2019 15:05:30 GMT
server
nginx/1.15.10
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, OPTIONS
status
200
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Content-Type, Origin, Accept, Referer, Cache-Control, Content-Length, Accept-Language, User-Agent, Pragma, Accept-Encoding, x-api-key
content-length
0
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
1099
date
Mon, 22 Jul 2019 14:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Mon, 22 Jul 2019 16:47:08 GMT
fbevents.js
connect.facebook.net/en_US/ 		85 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
db04a49b93b18d92b102b50dff25ecb06f6aedd156f442bb8d4dc9f2e3a66a34
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
22680
x-xss-protection
0
pragma
public
x-fb-debug
roNft1zC4IKn/nE54wDIG7l7Efvl/7c21uOx4hTXOjeRujOlEcI/BMTyxyjSPGPrsH7obU+r/Vye8oZtGKoU7A==
x-fb-trip-id
997090344
date
Mon, 22 Jul 2019 15:05:27 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
87543X1557188.skimlinks.js
s.skimresources.com/js/ 		0
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=7922264&ns__t=1563807926816&ns_c=UTF-8&c8=Couple%20Wins%20%24145M%2C%20Plans%20to%20Give%20It%20Away%3A%20%27Money%20Doesn%27t%20Bring%20You%20Happiness%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1563807926816&ns_c=UTF-8&c8=Couple%20Wins%20%24145M%2C%20Plans%20to%20Give%20It%20Away%3A%20%27Money%20Doesn%27t%20Bring%20You%20Happiness%...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1563807926816&ns_c=UTF-8&c8=Couple%20Wins%20%24145M%2C%20Plans%20to%20Give%20It%20Away%3A%20%27Money%20Doesn%27t%20Bring%20You%20Happiness%27&c7=https%3A%2F%2Fwww.newsweek.com%2Feuromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488&c9=
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jul 2019 15:05:28 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=7922264&ns__t=1563807926816&ns_c=UTF-8&c8=Couple%20Wins%20%24145M%2C%20Plans%20to%20Give%20It%20Away%3A%20%27Money%20Doesn%27t%20Bring%20You%20Happiness%27&c7=https%3A%2F%2Fwww.newsweek.com%2Feuromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488&c9=
Pragma
no-cache
Date
Mon, 22 Jul 2019 15:05:28 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		199 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=aeafb53299b4776a8f7db48fe9c45ec0&ua=modern_es6
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
93e9d975165b4af444e482a8adfda551ec7b86680c22c6d9f21216d5975bd784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Origin
https://www.newsweek.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xHMm95LU/n3WVipQJWBkxg==
status
200
date
Mon, 22 Jul 2019 15:05:28 GMT
vary
Accept-Encoding
content-length
60377
x-fb-debug
X9zFSe7dp5llZCwCIaUXrGwbHEdXHyXwAB+WwoBtgl/Q8zspdF8C6mVlTOJCgEUMyTYfxhw6ccEua0AHBF2Q6Q==
x-fb-trip-id
997090344
x-fb-content-md5
0e68754b1c2fe6d093fcbbd9e68b5f61
etag
"682ef39fde821991089bf4bbf8f08ed0"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Tue, 21 Jul 2020 14:45:27 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		0
0
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 14:48:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
1038
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
856
x-xss-protection
0
expires
Mon, 22 Jul 2019 15:48:10 GMT
496391994180701
connect.facebook.net/signals/config/ 		301 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/496391994180701?v=2.9.1&r=stable
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8b45e8072389e7c0817a5f74b58ec5797f3514ac9d9cb2cc02479450af3b7119
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
73363
x-xss-protection
0
pragma
public
x-fb-debug
W+2fNrjLfZVbq/1fZ5jJV0sQ8hSWEVC3Y+L6fc3TB26lK06z4Sz8VqLjsiABT7xERUgsL8ZCkIWUze0gpyTiEw==
x-fb-trip-id
997090344
date
Mon, 22 Jul 2019 15:05:28 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		46 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3376&u=https%3A%2F%2Fwww.newsweek.com%2Feuromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488&pid=3019189907931563807927038&cb=427978331361563807927243&ws=1600x1200&v=7.31.03&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%7D%2C%7B%22sd%22%3A%22dfp-ad-right4%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%7D%2C%7B%22id%22%3A%22Newsweek_VideoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Afalse%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22cmpTimeout%22%3A200%2C%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.16 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
e9b8019d5ef356942173544f182a2c88c9176f03644f4987167e4903bd0e5d43

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Origin
https://www.newsweek.com

Response headers

Date
Mon, 22 Jul 2019 15:05:27 GMT
Server
Server
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
https://www.newsweek.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
46
implement-r.js
fqtag.com/tag/ 		988 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fqtag.com/tag/implement-r.js?org=YQwTNw4Muk9XFo4QH9JJ&p=www.newsweek.com_article_risk_Y&a=article&cmp=none&rd=none&rt=display&sl=1&fq=1
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
161.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d84524ef762a3c9d48d8ab37f151f2075522b9f254338068b5e00d5f2f4be1ba
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jul 2019 15:05:31 GMT
via
1.1 google
access-control-allow-origin
*
content-type
application/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
988
x-xss-protection
0
expires
0
xd_arbiter.php
staticxx.facebook.com/connect/ Frame FEE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 18 Jul 2020 01:01:59 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
k+9Sk7BQ7BbnYtyjOlGvD10PPRcxw1Q7SpiyxM7IUMlekyKAnz4cAsIsS5++fq1W3E080OxoMcWNlpLGSD8LjQ==
content-length
11466
x-fb-trip-id
997090344
date
Mon, 22 Jul 2019 15:05:28 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j77&a=759687889&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsweek.com%2Feuromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488&ul=en-us&de=UTF-8&dt=Couple%20Wins%20%24145M%2C%20Plans%20to%20Give%20It%20Away%3A%20%27Money%20Doesn%27t%20Bring%20You%20Happiness%27&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=835671746&gjid=1880632491&cid=1649798220.1563807927&tid=UA-44450862-1&_gid=661418541.1563807927&gtm=2wg7f1TVS8NW5&cd1=Aristos%20Georgiou&cd2=world&cd3=Newsweek&cd4=US&cd5=en&cd6=article&cd7=1279488&cd8=20190104&cd9=201901&cd10=newsweek.com%2Fworld%2Farticle&cd12=No&cd13=N&cd14=Y&cd15=Y&cd17=News%20%3E%20International%20News&cd18=related&cd19=web&cd20=13&cd21=6&cd22=article&cd23=web&cd24=N&cd25=Northern%20Ireland&cd26=ndef&cd27=nonpromoted&z=867387413
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jul 2019 07:39:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1149988
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-44450862-1&cid=1649798220.1563807927&jid=835671746&gjid=1880632491&_gid=661418541.1563807927&_u=aGBAgEAj~&z=225425049
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44450862-1&cid=1649798220.1563807927&jid=835671746&_v=j77&z=225425049
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44450862-1&cid=1649798220.1563807927&jid=835671746&_v=j77&z=225425049&slf_rd=1&random=812090632
42 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44450862-1&cid=1649798220.1563807927&jid=835671746&_v=j77&z=225425049&slf_rd=1&random=812090632
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jul 2019 15:05:31 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jul 2019 15:05:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-44450862-1&cid=1649798220.1563807927&jid=835671746&_v=j77&z=225425049&slf_rd=1&random=812090632
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredEvents.js
connect.facebook.net/signals/plugins/ 		1 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.1
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
m4TMG0aT/6ZeGtSs2t0Mr8z1snz1tecg7LnkTTYN3Ywe0i/G4mjg0G8aHUkU9c9eSl0KkEM9F9baiqNpDq05jA==
x-fb-trip-id
997090344
date
Mon, 22 Jul 2019 15:05:28 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=496391994180701&ev=PageView&dl=https%3A%2F%2Fwww.newsweek.com%2Feuromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488&rl=&if=false&ts=1563807928432&sw=1600&sh=1200&v=2.9.1&r=stable&ec=0&o=30&fbp=fb.1.1563807928431.305337104&it=1563807927069&coo=false&rqm=GET
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 15:05:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Mon, 22 Jul 2019 15:05:31 GMT
/
www.facebook.com/tr/ Frame 3A8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
9375
pragma
no-cache
cache-control
no-cache
origin
https://www.newsweek.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
accept-encoding
gzip, deflate, br
Origin
https://www.newsweek.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488

Response headers

status
200
content-type
text/plain
access-control-allow-origin
https://www.newsweek.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
date
Mon, 22 Jul 2019 15:05:28 GMT
general.json
dw7nrwnn2bkh1.cloudfront.net/
Redirect Chain
  • https://i.clean.gg/1a
  • https://dw7nrwnn2bkh1.cloudfront.net/general.json
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dw7nrwnn2bkh1.cloudfront.net/general.json
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.236.211.40 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
40.211.236.35.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 15:05:30 GMT
server
nginx/1.15.10
access-control-allow-origin
*
location
https://dw7nrwnn2bkh1.cloudfront.net/general.json
access-control-allow-methods
GET, POST, PUT, OPTIONS
status
302
access-control-max-age
86400
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Content-Type, Origin, Accept, Referer, Cache-Control, Content-Length, Accept-Language, User-Agent, Pragma, Accept-Encoding, x-api-key
content-length
0

Redirect headers

date
Mon, 22 Jul 2019 15:05:30 GMT
server
nginx/1.15.10
status
302
location
https://dw7nrwnn2bkh1.cloudfront.net/general.json
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Content-Type, Origin, Accept, Referer, Cache-Control, Content-Length, Accept-Language, User-Agent, Pragma, Accept-Encoding, x-api-key
content-length
0
general.json
dw7nrwnn2bkh1.cloudfront.net/ 		0
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dw7nrwnn2bkh1.cloudfront.net/general.json
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3400:6:266a:9940:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
null
Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-api-key

Response headers

date
Mon, 22 Jul 2019 15:05:31 GMT
via
1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA50
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, POST
status
200
access-control-max-age
600
x-cache
Miss from cloudfront
access-control-allow-origin
*
content-length
0
x-amz-cf-id
3p1DDRoi-OdsZLaNHZBesuHEbiDj15so4GLVhCjtW9FnRt9Jwo75tg==
access-control-allow-headers
content-type, x-api-key
general.json
dw7nrwnn2bkh1.cloudfront.net/ 		155 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dw7nrwnn2bkh1.cloudfront.net/general.json
Requested by
Host: www.newsweek.com
URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3400:6:266a:9940:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8abf6d441ef250c1f96c4d91f4c781b69041cbb51731f899385466db39da018c

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
Origin
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-api-key
cvYGNal5xGaRZYDiS2z80aL3JULuLgSOakuDmdmt
Content-Type
application/json

Response headers

date
Mon, 22 Jul 2019 04:41:55 GMT
via
1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
48760
x-cache
Hit from cloudfront
status
200
content-length
155
last-modified
Wed, 17 Jul 2019 01:31:58 GMT
server
AmazonS3
etag
"f6e8dba57efa5712ef56a0ad00e220bb"
access-control-max-age
600
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
x-amz-cf-pop
FRA50
accept-ranges
bytes
x-amz-cf-id
2pCLOGSfQro0wHtg1ilYHffNqSqyfYusUN_vaqtSckIKNdYivvre4w==
pixel.js
cdn.fqtag.com/1.20.289-def6df0/ 		60 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fqtag.com/1.20.289-def6df0/pixel.js
Requested by
Host: d275im4r3zngba.cloudfront.net
URL: https://d275im4r3zngba.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.36.172 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
172.36.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
22c6fc7b09e811efaee214dca5ee05c27f2b32e913f5afa8479387be980c8a0b

Request headers

Referer
https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 17 Jul 2019 23:01:50 GMT
content-encoding
gzip
age
403421
status
200
x-guploader-uploadid
AEnB2Uo4T3YciMJS1I0I6AJIbm0HCsUci27bI9tNoUMnFXa3r8uPGe4nEVg9v3EZGFr0TMpO2dEMQRuzR7sUOJGK8d3CRjp5xlwscEWC7JnN7EdBZ-OjDY4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
21349
last-modified
Wed, 17 Jul 2019 22:27:44 GMT
server
UploadServer
etag
"191172a10e4fad2d851b74adb149ce24"
x-goog-hash
crc32c=OpN7lw==, md5=GRFyoQ5PrS2FG3StsUnOJA==
content-language
en
x-goog-generation
1563402464578702
cache-control
public,max-age=31556926,no-transform
x-goog-stored-content-length
21349
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 16 Jul 2020 23:01:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
g.newsweek.com
URL
https://g.newsweek.com/www/js/prebid.js?v=2.24.0
Domain
g.newsweek.com
URL
https://g.newsweek.com/sys/js/74e6bec692626a972c7b9443c932be9e.js?v=1559117956
Domain
g.newsweek.com
URL
https://g.newsweek.com/www/js/advagg_font.js?t=
Domain
g.newsweek.com
URL
https://g.newsweek.com/sys/js/7ef91e735a541f48a29b90baa48d1d96.js?v=1563530734
Domain
g.newsweek.com
URL
https://g.newsweek.com/sys/js/10fc9bcdb51326a5f88ed2663e6fc36c.js?v=1558451630
Domain
g.newsweek.com
URL
https://g.newsweek.com/sys/js/8225d98b36c095d438e00e89e2e91c5f.js?v=1560244878
Domain
g.newsweek.com
URL
https://g.newsweek.com/sys/js/e90a1fc21f531450bfd988595fc51859.js?v=1562235721
Domain
g.newsweek.com
URL
https://g.newsweek.com/sys/js/1597447c0452e3ae574a7551d0990124.js?v=1550837102
Domain
g.newsweek.com
URL
https://g.newsweek.com/www/js/admarketplace.js?ver=1.5
Domain
g.newsweek.com
URL
https://g.newsweek.com/www/images/icon-search-glass.svg
Domain
d.newsweek.com
URL
https://d.newsweek.com/widget/graphic?path=video/css/video-js.min.css&mime=text/css&v=1563785656
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019070801.js
Domain
g.newsweek.com
URL
https://g.newsweek.com/www/images/logo-n1.svg
Domain
g.newsweek.com
URL
https://g.newsweek.com/www/images/icon-arrow-right.svg
Domain
gc.newsweek.com
URL
https://gc.newsweek.com/front/js/counter.js
Domain
s.skimresources.com
URL
https://s.skimresources.com/js/87543X1557188.skimlinks.js
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

Verdicts & Comments Add Verdict or Comment

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer number| _sf_startpt number| timerStart number| current_timestamp boolean| mobile_device boolean| bot_engine object| dfpSlots object| dfpEx number| brW number| brH function| LJ function| setCookie function| setCookieHours function| getCookie function| getUrlParameters function| checkDataCentre function| do_ready function| LSYE function| callbackCSS object| doFir object| docReady function| loadJS function| GCSS object| Drupal object| documentReady function| execFunc function| execDrupal function| multiLJ function| LC number| hb_debug object| pbjs object| googletag function| parseQueryString function| ibtGetCookie function| nwsetCookie function| nw_log function| getBrowser object| xuaInfo boolean| gdprAppliesGlobally function| __cmp object| didomiConfig string| site_name string| site_id string| site_domain number| site_ads string| ibtmedia_device string| is_uxab string| is_video_embed string| ibp1 string| ibp2 string| is_slideshow string| s_layout string| is_slideshow_firstpage string| s_player string| enable_sponsor_logo string| sponsor_logo_slot string| is_prod number| numPr number| rf string| admarketplace_apiUrl string| dfp_cat string| group_cat string| excl_label string| amzn_video_bid number| amzn_video_bid_flag string| prebid_video_bid string| prebid_cust_param string| NoPassFQ string| fbprom string| fbpromoc string| otherpromoc object| keyEx string| keyExC number| wo_on string| gdpr_video string| npa_consent string| consent_string number| is_gdpr string| dfp_adunit string| w1200 string| referrer string| pageRefresh number| fqv string| ts object| utm_result number| nonPersonalizedAds function| setDfpRefreshKV function| setDfpRefreshKey function| clearDfpRefreshKey function| verification_callback function| TrafficSource number| win_w number| win_h string| wo_browser string| wo_pageurl string| win_size string| wo_placement string| wo_section string| wo_layout string| wo_pagetype string| fq_pagetype string| wo_devicetype string| wo_domint string| wo_adblock string| ic11_morph undefined| il_geo string| wo_geocode string| wo_ip string| trsource string| pageFocus number| p object| didomiOnReady string| didomiCountry boolean| fqs_loaded boolean| fqsp_loaded boolean| fqs_load_timeout boolean| pbjs_loaded boolean| amznads2_loaded boolean| all_hb_loaded boolean| is_bot number| abt_rand string| abt string| purlen string| fq_ref function| extractHostname string| doc_hostname string| utm_source string| fq_source string| pb_videos object| videoAdUnit object| adUnits object| amzSlotCfg object| adUnitsLazy object| amzSlotCfgLazy object| PWT object| fqtag function| fq_callback object| fqs object| node function| amznVideoAPS function| amznVideoAPS_refresh number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT function| defineDFPSlot function| initAdserver number| hb_timeout_var function| prebidVideoAd_refresh object| apstag object| fonts object| font number| pos undefined| current_time undefined| key undefined| emb undefined| chren undefined| k object| ggeac object| googleToken object| googleIMState object| google_ltobserver object| google_js_reporting_queue function| processGoogleToken object| Didomi function| webpackJsonpDidomi object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| didomiEventListeners object| didomiState object| realRepid object| ibt_cter object| google_tag_manager object| google_lt_queue boolean| gaLoaded boolean| domLoaded function| analyticsEvent function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm string| GoogleAnalyticsObject function| ga object| _sf_async_config object| _cbq function| fbq function| _fbq object| gascrolldepth object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| fqPixel

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488(Line 227)
Message:
prebid_ads gpt.js loaded
console-api log URL: https://www.newsweek.com/euromillions-lottery-jackpot-northern-ireland-frances-connolly-patrick-1279488(Line 249)
Message:
prebid_ads_fq:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
adservice.google.com
adservice.google.de
c.amazon-adsystem.com
cdn.fqtag.com
connect.facebook.net
d.newsweek.com
d275im4r3zngba.cloudfront.net
dw7nrwnn2bkh1.cloudfront.net
fqtag.com
g.newsweek.com
gc.newsweek.com
i.clean.gg
query.fqtag.com
s.skimresources.com
sb.scorecardresearch.com
sdk.privacy-center.org
securepubads.g.doubleclick.net
staticxx.facebook.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.newsweek.com
c.amazon-adsystem.com
d.newsweek.com
g.newsweek.com
gc.newsweek.com
s.skimresources.com
securepubads.g.doubleclick.net
151.139.128.10
2.19.43.224
2600:9000:200d:3400:6:266a:9940:21
2600:9000:200d:b600:5:b7cc:d3c0:93a1
2600:9000:200d:de00:8:bd4:5580:21
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:817::2008
2a00:1450:4001:818::2004
2a00:1450:4001:818::200e
2a00:1450:4001:81b::2002
2a00:1450:400c:c06::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.186.195.222
35.190.36.172
35.190.72.161
35.236.211.40
52.94.220.16
54.146.60.106
54.192.201.161
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
22c6fc7b09e811efaee214dca5ee05c27f2b32e913f5afa8479387be980c8a0b
388af73744b09132aa6a876cf3534a0dc298c8f907d3f1d3747c9cc77e377709
44e42798f3025e90fa3a2f81795839db3bd9220b9ef8b40d6b525be0edfbb1a3
584c77a6f70354f4e4f5a7630ab2a362c2d946d99e8bfee1f0fbed2e085e6987
5f4beeab35a2855fa98d0ecdbe69fb970d5ec678edecae8b1146e418635ef494
63c98be8a8653cda80d5d1de76a4154ce5a1749873d1e96d01e0b99e2fe83ac3
736a3ccf363efb0540819ab2cdfa15f6d5c7a6649fe6c9621ef23cf1df70926e
788b51d7e82d24b48e190768ac9e23f24acbf36cff793e12b5c87305f4f21ee7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8abf6d441ef250c1f96c4d91f4c781b69041cbb51731f899385466db39da018c
8b45e8072389e7c0817a5f74b58ec5797f3514ac9d9cb2cc02479450af3b7119
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93e9d975165b4af444e482a8adfda551ec7b86680c22c6d9f21216d5975bd784
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
99cae8131e5d36399be835658b98068c2adb6be1269d6b895582d3bb81a6876b
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
b896263dd16c4f5f4009a72b04489499dcd90ce9658086dcb3eb4b01409f088b
c61c1bcc932ebe1f217068a682a6f50182a2399244d0e2509f4aca6d87c8f004
c690fa9faebb578fc89057f8c853eb5181fb060740978df1ce51b0c2b64f22fc
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d0720006699b300a8a03045c627ef2caff2caf1beff6a79f5b449918e065ce5d
d84524ef762a3c9d48d8ab37f151f2075522b9f254338068b5e00d5f2f4be1ba
db04a49b93b18d92b102b50dff25ecb06f6aedd156f442bb8d4dc9f2e3a66a34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b8019d5ef356942173544f182a2c88c9176f03644f4987167e4903bd0e5d43
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629