urlscan.io logo urlscan.io
SecurityTrails logo

newsnewcnn4k.hs-sites-eu1.com Open in urlscan Pro
2606:4700:4400::ac40:9a03  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsnewcnn4k.hs-sites-eu1.com/#0.85
Effective URL: https://newsnewcnn4k.hs-sites-eu1.com/
Submission: On July 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 24 HTTP transactions. The main IP is 2606:4700:4400::ac40:9a03, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsnewcnn4k.hs-sites-eu1.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 14th 2022. Valid for: a year.
This is the only time newsnewcnn4k.hs-sites-eu1.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:440... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 142.93.150.145 14061 (DIGITALOC...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.65.208.22 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
1 172.65.192.122 13335 (CLOUDFLAR...)
1 172.65.236.181 13335 (CLOUDFLAR...)
1 172.65.193.34 13335 (CLOUDFLAR...)
1 172.65.240.166 13335 (CLOUDFLAR...)
1 1 67.202.114.216 32748 (STEADFAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 172.65.232.43 13335 (CLOUDFLAR...)
24 17
2    2606:4700:4400::ac40:9a03 (United States)

ASN13335 (CLOUDFLARENET, US)
newsnewcnn4k.hs-sites-eu1.com
5    2606:4700::6811:f0cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    142.93.150.145 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
panterafilmus.com
2    2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-scripts.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6810:d6ed (United States)

ASN13335 (CLOUDFLARENET, US)
f.hubspotusercontent10.net
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
1    172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hscollectedforms.net
1    172.65.236.181 (United States)

ASN13335 (CLOUDFLARENET, US)
app-eu1.hubspot.com
1    172.65.193.34 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hubspot.com
1    172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)
track-eu1.hubspot.com
1    67.202.114.216 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
1    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hsforms.com
Apex Domain
Subdomains		 Transfer
5 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 8127
16 KB
3 hubspot.com
app-eu1.hubspot.com — Cisco Umbrella Rank: 112991
forms-eu1.hubspot.com — Cisco Umbrella Rank: 49638
track-eu1.hubspot.com — Cisco Umbrella Rank: 39928
3 KB
3 panterafilmus.com
panterafilmus.com
502 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 13259
widgets.amung.us — Cisco Umbrella Rank: 14809
2 KB
2 gstatic.com
fonts.gstatic.com
51 KB
2 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 7801
6 KB
2 hs-sites-eu1.com
newsnewcnn4k.hs-sites-eu1.com
11 KB
1 hsforms.com
forms-eu1.hsforms.com — Cisco Umbrella Rank: 55587
517 B
1 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 49361
25 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 37695
16 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 38302
20 KB
1 hubspotusercontent10.net
f.hubspotusercontent10.net — Cisco Umbrella Rank: 35463
2 KB
1 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 35753
945 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
1 KB
24 14
Domain Requested by
5 cdn2.hubspot.net newsnewcnn4k.hs-sites-eu1.com
3 panterafilmus.com 1 redirects newsnewcnn4k.hs-sites-eu1.com
2 fonts.gstatic.com fonts.googleapis.com
2 static.hsappstatic.net newsnewcnn4k.hs-sites-eu1.com
2 newsnewcnn4k.hs-sites-eu1.com newsnewcnn4k.hs-sites-eu1.com
1 forms-eu1.hsforms.com
1 widgets.amung.us
1 whos.amung.us 1 redirects
1 track-eu1.hubspot.com
1 forms-eu1.hubspot.com js-eu1.hscollectedforms.net
1 app-eu1.hubspot.com static.hsappstatic.net
1 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
1 js-eu1.hs-banner.com js-eu1.hs-scripts.com
1 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
1 f.hubspotusercontent10.net newsnewcnn4k.hs-sites-eu1.com
1 js-eu1.hs-scripts.com newsnewcnn4k.hs-sites-eu1.com
1 fonts.googleapis.com newsnewcnn4k.hs-sites-eu1.com
24 17

This site contains no links.

Subject Issuer Validity Valid
hs-sites-eu1.com
Cloudflare Inc ECC CA-3		 2022-04-14 -
2023-04-13		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2022-05-06 -
2023-05-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
panterafilmus.com
R3		 2022-07-08 -
2022-10-06		 3 months crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2022-05-10 -
2023-05-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://newsnewcnn4k.hs-sites-eu1.com/
Frame ID: 5F1F56A2FF478A043B71AC0DE9A897AD
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log into Facebook | Facebook

Page Statistics

24
Requests

92 %
HTTPS

41 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

655 kB
Transfer

1184 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://panterafilmus.com/location HTTP 301
  • https://panterafilmus.com/location/
Request Chain 21
  • https://whos.amung.us/widget/rayf1991 HTTP 307
  • https://widgets.amung.us/classic/01/138.png

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsnewcnn4k.hs-sites-eu1.com/ 		59 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
9bb9b06e7e54c491f4cd277893efd6a670e3ffece4454ad73175483fdbdcf717

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
s-maxage=10,max-age=5
cache-tag
CT-50679458498,CG-26053900,P-26053900,PGS-ALL,SW-0,GC-50675531464,TS-null
cf-cache-status
DYNAMIC
cf-ray
72a421bdfca701fc-ZRH
content-encoding
br
content-type
text/html;charset=utf-8
date
Wed, 13 Jul 2022 18:37:47 GMT
edge-cache-tag
CT-50679458498,CG-26053900,P-26053900,PGS-ALL,SW-0,GC-50675531464,TS-null
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
x-hs-cache-config
BrowserCache-5s-EdgeCache-10s
x-hs-content-id
50679458498
x-hs-hub-id
26053900
x-hubspot-correlation-id
79332a84-8528-4506-8745-fc3843b0dfb8
x-powered-by
HubSpot
x-robots-tag
none
x-trace
2B066488F7730C36B7FF3B2276970D1C3AD98E2D3F000000000000000000
main.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1657729526827/hubspot/growth/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1657729526827/hubspot/growth/css/main.min.css
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df14da3463d5ebaf3829c92fc5263056af3c9e9c014fac2335994584308b949

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1657729528227
date
Wed, 13 Jul 2022 18:37:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4483
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7zuIuJVO3mhULFefQZ32mgR8a3bYRspfff5dZt0F1nE6bLVm9VNmL1LQ0v0EwwXxxQkbAnUnfnQUD9X91ceez%2BiebYM8XYN%2FF5ykQMhuWK6JYc4SW%2FrR4HJ5UTXDU%2BVQ3u3TMj2J8E5pZsDUkM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
last-modified
Wed, 13 Jul 2022 16:25:29 GMT
server
cloudflare
etag
W/"4feac708f277bf436022684eabf11e01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-P1
cf-ray
72a421c388690200-ZRH
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_-35056501883_Video.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-35056501883/1657729505393/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-35056501883/1657729505393/module_-35056501883_Video.min.css
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a9edf4867b6b2e0383e5fdf01403842eb7cbe9b6968f64ed03cea8682824ca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1657729505393
date
Wed, 13 Jul 2022 18:37:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7755
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYQBoj4dFUkkIN6mlzCr1HMaO13Hx2q7F1nmH%2FZ%2FsygigOIZfU9yeLtA8OP5yGPvdE3RBHRzvd99dt3u1VA%2FrL0IVYE6MURNbf6miSxiE1esQerAauj1GlgEWztfePWbJKFFRyXv9aPohsBeIgk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
last-modified
Wed, 13 Jul 2022 16:25:06 GMT
server
cloudflare
etag
W/"66b67208a55e88d33f65c4306be9a51b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-P1
cf-ray
72a421c3886e0200-ZRH
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_-47160443991_Testimonial.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-47160443991/1657729512960/ 		164 B
464 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-47160443991/1657729512960/module_-47160443991_Testimonial.min.css
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a99d93499d7fb132e6961bdcb5535c32afe144152f54022f37bed9640c637bd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1657729512960
date
Wed, 13 Jul 2022 18:37:47 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-P1
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKQiIcMT0K64TO935RtScrHRRXxobRwRU8JYWtrP3aHQxiqMHb%2BZpdkFNVPfdgSDTc%2FPHew%2BNPw8Fj23fN36304jNA5jshcNlb90RhvG2S2po7akvTbSRbKULsFtiVmbNLfO4c6G71M7JboagZM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
last-modified
Wed, 13 Jul 2022 16:25:13 GMT
server
cloudflare
etag
W/"425d66484c632501bf2175626c1e2b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
72a421c3886f0200-ZRH
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_-47160432302_Social_follow.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-47160432302/1657729515155/ 		149 B
464 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-47160432302/1657729515155/module_-47160432302_Social_follow.min.css
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917117ef1938301fa1bb09bc0ddbc428617483b821d96bfc922c53e9540ceb84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1657729515155
date
Wed, 13 Jul 2022 18:37:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4483
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUFW%2FeOx%2FetNhksDLGTA5D1XodCtTaSq%2FlFOFwg%2B26a6lculj%2BGyqa0qcWFwiGgRrW7iorVDWfzA3A6PEmCH2VfVd6i0qbKha2rUBL5Fjmq3W6ITZavGohVj0z0p6spuXUFgozOkM6V4yYRZxdo%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
last-modified
Wed, 13 Jul 2022 16:25:16 GMT
server
cloudflare
etag
W/"5fa495e5de52833a631ecae92d8830d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-P1
cf-ray
72a421c388710200-ZRH
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:regular,400,600|Source+Serif+Pro:regular,600&display=swap
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d55a815b583b2b022b5d0a7445587ab4e153f699ece2f53b3c68c0a8a68fa08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 18:37:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Jul 2022 18:37:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Jul 2022 18:37:47 GMT
/
panterafilmus.com/ 		716 KB
501 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://panterafilmus.com/?api=1&lan=twthk&ht=2&counter0=rayf1991
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
142.93.150.145 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b84dc89f233080fbc04cb8ce1d1be1396a8f0a6bc1befb6a0d09ee3ea3648957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:48 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
project.js
static.hsappstatic.net/cos-i18n/static-1.53/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/cos-i18n/static-1.53/bundles/project.js
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:47 GMT
via
1.1 fcd8545d1b62265bb65a45721c43e6ad.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1903899
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YtAf9O0RQI9fdwv8pos3m0kKyvbp004ZzZUrdCrK56GSBfg07WtrXFL3pi%2FQAej06kL1YGk%2BCyPUJ12jD4Gj8NyMDRfzDVUHHNRWXdUJKhnQ7XM80QUvcKTmr%2FTfdUZic7mjD0krCrD8Gq%2FIxXY8Hiae%2BY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
cache-control
public, max-age=31536000
x-amz-cf-pop
MXP63-P3
cf-ray
72a421c3ac5a01e7-ZRH
x-amz-cf-id
rv4HlV8gLoNxjaHg4lwl2jKFOMAYQnAKYfD4cQbCnn_L3O4i47-s_Q==
expires
Thu, 13 Jul 2023 18:37:47 GMT
module_-35056501883_Video.js
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/1657729505218/ 		69 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/1657729505218/module_-35056501883_Video.js
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a353383cf7ff12b2617401acd3e5c3ea18a6104b33e8cf151f6f97b5c833078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1657729505218
date
Wed, 13 Jul 2022 18:37:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7754
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQyZ9ONxBQj8rQeD3IOouPtb%2Fs05OAJqqTj0VDrYsKlmbmbmr%2BRC%2F3d5Co4Q814vgJnUtbTha%2FVZCPL%2FQGnjJLWBaTs%2B6FioFnkflqHuNfejHQ3l50fOga38LISu6AumRgb3dgZAbjSUQKfa%2Bxw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
last-modified
Wed, 13 Jul 2022 16:25:06 GMT
server
cloudflare
etag
W/"bf44679305935a5cc1e29c4c45894073"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop
IAD89-P1
cf-ray
72a421c388730200-ZRH
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
26053900.js
js-eu1.hs-scripts.com/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-scripts.com/26053900.js
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab5625f8415b3b831da6538845d4f7e131fd9838aad7d88eee2ade0188419ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:47 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 13 Jul 2022 18:14:52 GMT
server
cloudflare
x-hubspot-correlation-id
25b891ad-1da9-47b1-904a-ae085a6c9682
x-trace
2BBEBA335247B5F0C90B522A471F6CB9F88066908B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://newsnewcnn4k.hs-sites-eu1.com
access-control-max-age
3600
cache-control
public, max-age=30
access-control-allow-credentials
true
cf-ray
72a421c3cc319072-FRA
index.js
static.hsappstatic.net/HubspotToolsMenu/static-1.128/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/HubspotToolsMenu/static-1.128/js/index.js
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b8c8146d6359d62410c5da0c4573717f95f8a2e79fcdf1c3ab242a70d10488
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:47 GMT
via
1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1401683
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 25 Mar 2022 12:04:14 GMT
server
cloudflare
etag
W/"fabb1243bed29fd93cc5e0ce02ce9114"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4VA31U%2FkWGY5W9UBmo0YrMkQh2VGCsaOQ21bGbx3Ijo2c8Psj7Bfko43jaFKJX0pGWphByulO%2BvmewzyOhyNx7ncSVWS5vV25SuATMKvlmicV4U%2B1J2NKt295cmEjqQqxx7TPZlNhCksqhhG5WN1kXEntQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
ye98kzU383wl95_ydpYD.3IraNY6l134
cache-control
public, max-age=31536000
x-amz-cf-pop
DUS51-P2
cf-ray
72a421c3ac5c01e7-ZRH
x-amz-cf-id
5vHr61fJF6PWPjP2SxSFAgfh9126Fk9dj1dfy25zDatqErajqCrmrQ==
expires
Thu, 13 Jul 2023 18:37:47 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:regular,400,600|Source+Serif+Pro:regular,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsnewcnn4k.hs-sites-eu1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 22:12:12 GMT
x-content-type-options
nosniff
age
159935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:12:12 GMT
neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
fonts.gstatic.com/s/sourceserifpro/v15/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourceserifpro/v15/neIXzD-0qpwxpaWvjeD0X88SAOeasasatSyqxA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:regular,400,600|Source+Serif+Pro:regular,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6889a7789d4db6452dd58c9f2b0ae003221eae0cfe30e2402d0d941f7f371fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsnewcnn4k.hs-sites-eu1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 19:59:51 GMT
x-content-type-options
nosniff
age
599876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20864
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:27:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jul 2023 19:59:51 GMT
testimonial.jpg
f.hubspotusercontent10.net/hubfs/7303166/Growth/ 		998 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.hubspotusercontent10.net/hubfs/7303166/Growth/testimonial.jpg
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:d6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f115244dfd6718dcc562f980267b123751db3b58b09353e3f66015722ed3f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-50633374630,FD-50632926845,P-7303166,FLS-ALL
age
46828
x-amz-server-side-encryption
AES256
edge-cache-tag
F-50633374630,FD-50632926845,P-7303166,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="testimonial.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
x-amz-request-id
Q4PPP6M9BPEP13W8
cf-bgj
imgq:85,h2pri
etag
"46089d56167c5ec1519287d413d9373d"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis
1626100401806
date
Wed, 13 Jul 2022 18:37:47 GMT
via
1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
ZRH50-C1
x-hs-alternate-content-type
text/plain
cf-polished
qual=85, origFmt=jpeg, origSize=2212
x-cache
RefreshHit from cloudfront
cache-tag
F-50633374630,FD-50632926845,P-7303166,FLS-ALL
x-amz-meta-index-tag
all
content-length
998
x-amz-id-2
PUXgew/8bmGqUe+t5oYFQ748j3hMJL2dZxm60ulxx3SLan1F5b8zCtV29K/KQ2PdJ6JNZ6ewrco=
last-modified
Mon, 12 Jul 2021 14:33:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-version-id
x534.r25IuHaM4oCIPNI0U346OfWxUOh
accept-ranges
bytes
cf-ray
72a421c65ac1cc36-ZRH
x-amz-cf-id
4_n6fZpxpX5biCg9-Y9FcvqpDLCW1ulgJQAJh4XcJQyCWSQ5RTCk8w==
26053900.js
js-eu1.hs-analytics.net/analytics/1657737300000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1657737300000/26053900.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26053900.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6090a27e1e1efa2726ea468fcfdbdd5c704db3c9022d21e80b89d8132b53e2d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:47 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
CQC03H5APWFZ3Q5E
x-amz-server-side-encryption
AES256
x-amz-id-2
wQHceO0WdLyM9YBFqpj4mEX0HKKWmiYJyA32rks8UjSZNSu9KT/caiAmlppd4cO6SAb1/sZHrXA=
last-modified
Tue, 12 Jul 2022 22:07:03 GMT
server
cloudflare
etag
W/"6f604e5a1aa1269017bc18b22a9d99d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
72a421c65fb29280-FRA
expires
Wed, 13 Jul 2022 18:42:47 GMT
26053900.js
js-eu1.hs-banner.com/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/26053900.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26053900.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6093e4047d84c2131513a7660bce23af63c911cda86e5a33538ee623b8149112

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:47 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
DSSHB8BZJ7V5X43X
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
vvi8XRj7/CQMu1GLGf2WYyZC+h6NWz/+tEvf5k98sVwvAA1dO3Ds4OXHA6d6iPMpKNuBkyJcY5E=
timing-allow-origin
*
last-modified
Tue, 12 Jul 2022 22:06:59 GMT
server
cloudflare
etag
W/"561aeb68b2fd5275ba013007e77aabf4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
375lAhyDfWJmYPcLnWjMgMUf7TTZ3pD8
access-control-allow-origin
https://newsnewcnn4k.hs-sites-eu1.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
72a421c66b6c9162-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 13 Jul 2022 18:42:47 GMT
collectedforms.js
js-eu1.hscollectedforms.net/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26053900.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5

Request headers

Referer
https://newsnewcnn4k.hs-sites-eu1.com/
Origin
https://newsnewcnn4k.hs-sites-eu1.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:47 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
55804
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.278/bundles/project.js&cfRay=729ecf5aef2390ee-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
72a421c65f829bf4-FRA
last-modified
Thu, 19 May 2022 12:56:36 UTC
server
cloudflare
etag
W/"9bdc82a581dc188ff306ce5ac3c3e170"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
x-amz-version-id
w6kD440dVLHBLSxXlQNkz9NYzxhkbh3c
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
FRA50-C1
content-type
application/javascript; charset=utf-8
x-amz-cf-id
HWR8hHmrB6SoLnrvJ9Q8W1BysklIVJUAcCse2L88LUZIJmBHVtm-Lg==
x-hs-target-asset
collected-forms-embed-js/static-1.278/bundles/project.js
has-permission
app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=26053900&callback=jsonpHandler
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/HubspotToolsMenu/static-1.128/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode
false
server
cloudflare
x-hubspot-correlation-id
0603f64c-a66f-41b9-a950-6f712fadb5f7
x-trace
2BA0A33D241285667A02C9DD733E8336B11B761D73000000000000000000
date
Wed, 13 Jul 2022 18:37:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
cf-cache-status
DYNAMIC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=72a421c66d0d922b&resource=unknown"}]}
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
72a421c66d0d922b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
json
forms-eu1.hubspot.com/collected-forms/v1/config/ 		116 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=26053900&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.193.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa8845fe3c90f71c4d7a96edddf191eef2e6966656fe22a225b35e075c9cab50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
beb94802-7d68-44da-b970-49310b98088f
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYQ9WvTGpoHja3ZWYsbjqMZuDghVHA%2FqkmPLgn5tu1kUSxKsUSoauEqQ%2FA4ngKAQSsAVqTUIs9pG4myB%2BIRuKlOrjOYJ60URB6Hsq4JKBQvJzOc0srdtAUig5JADcSP%2FpSutO4gxtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://newsnewcnn4k.hs-sites-eu1.com
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
72a421c71ee1926d-FRA
access-control-allow-headers
*
__ptq.gif
track-eu1.hubspot.com/ 		45 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=26053900&pi=50679458498&ct=landing-page&ccu=http%3A%2F%2Fnewsnewcnn4k.hs-sites-eu1.com&cpi=50679458498&lpi=50679458498&lvi=50679458498&pu=https%3A%2F%2Fnewsnewcnn4k.hs-sites-eu1.com%2F%230.85&t=Privatenews4k&cts=1657737468750&vi=076690d739f92e7556675d35aaa5ea1c&nc=true&u=205882892.076690d739f92e7556675d35aaa5ea1c.1657737468744.1657737468744.1657737468744.1&b=205882892.1.1657737468745&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:48 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
99c7ae9d-9693-4a63-8f65-9465c574c3c4
cf-ray
72a421cc0fa590a2-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
last-modified
Wed, 13 Jul 2022 18:37:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzfkwupDfEZkFDS7Gh%2BctBw4bevaz1RTxdlyeMo1PLZYqGlIZrVw81jBjZgS0V%2BXdXGPC6c2bONUwXMjTV%2Fv9yVmkpSFuJ2XnT%2BMls%2BPLYhrqfXti8CygJaib2goc54esm3bqHVOpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
/
panterafilmus.com/location/
Redirect Chain
  • https://panterafilmus.com/location
  • https://panterafilmus.com/location/
1 KB
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://panterafilmus.com/location/
Protocol
HTTP/1.1
Server
142.93.150.145 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
788561ed324caca628ee7ee6bb111ae0616f41f9569d7f6af5ed406a07492ecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:48 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
481
Vary
Accept-Encoding
Content-Type
application/javascript

Redirect headers

Location
https://panterafilmus.com/location/
Date
Wed, 13 Jul 2022 18:37:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
243
Content-Type
text/html; charset=iso-8859-1
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
138.png
widgets.amung.us/classic/01/
Redirect Chain
  • https://whos.amung.us/widget/rayf1991
  • https://widgets.amung.us/classic/01/138.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/classic/01/138.png
Protocol
H2
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d183bf492f8bf46a9a1db01f0fa6816f303bea2057c89b496674ffc6eef3f3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:49 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
age
338047
etag
"4c149ecd-63c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
72a421ce3f31cc5a-ZRH
content-length
1596
expires
Sun, 10 Jul 2022 20:43:42 GMT

Redirect headers

location
https://widgets.amung.us/classic/01/138.png
date
Wed, 13 Jul 2022 18:37:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsnewcnn4k.hs-sites-eu1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:48 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-hubspot-correlation-id
8f00fc68-3665-46b3-84e6-dfd966ce571b
cf-ray
72a421cc3e7c8fe0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
server
cloudflare
x-trace
2B4B81097F9B07DD12E5584AF2EA48573EA373ACE9000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
perf
newsnewcnn4k.hs-sites-eu1.com/_hcms/ 		2 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newsnewcnn4k.hs-sites-eu1.com/_hcms/perf
Requested by
Host: newsnewcnn4k.hs-sites-eu1.com
URL: https://newsnewcnn4k.hs-sites-eu1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://newsnewcnn4k.hs-sites-eu1.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/json

Response headers

cf-ray
72a421de68df01fc-ZRH
date
Wed, 13 Jul 2022 18:37:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
31deeffd-f501-4b6a-b13c-df42a7b969f7
x-trace
2B978CF63913542C3464DCC223ACAFFD157DD765CA000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-credentials
false
x-robots-tag
none
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_35056501883 function| i18n_getmessage function| i18n_getlanguage object| _hsq object| _hsp function| jsonpHandler object| __hsCollectedFormsDebug boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt undefined| to_object string| a boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime function| checking function| creatingInput function| searchingForms

5 Cookies

Domain/Path Name / Value
.hubspot.com/ Name: __cf_bm
Value: MQBcEJkjWzpKv9m39AL2pzDvSAeAIEBrR8hjNEI8V0M-1657737467-0-AYooOKcyU7UyZA0Wnwpu9gdNDvpxiASEaZrVUB7UI9S1WaJ1d4H9ySSaK7cVOCxywb1BYDFhb1bMOvIBsMhioH0=
.hs-sites-eu1.com/ Name: __hstc
Value: 205882892.076690d739f92e7556675d35aaa5ea1c.1657737468744.1657737468744.1657737468744.1
.hs-sites-eu1.com/ Name: hubspotutk
Value: 076690d739f92e7556675d35aaa5ea1c
.hs-sites-eu1.com/ Name: __hssrc
Value: 1
.hs-sites-eu1.com/ Name: __hssc
Value: 205882892.1.1657737468745

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-eu1.hubspot.com
cdn2.hubspot.net
f.hubspotusercontent10.net
fonts.googleapis.com
fonts.gstatic.com
forms-eu1.hsforms.com
forms-eu1.hubspot.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
newsnewcnn4k.hs-sites-eu1.com
panterafilmus.com
static.hsappstatic.net
track-eu1.hubspot.com
whos.amung.us
widgets.amung.us
142.93.150.145
172.65.192.122
172.65.193.34
172.65.202.201
172.65.208.22
172.65.232.43
172.65.236.181
172.65.238.60
172.65.240.166
2606:4700:10::6816:4bab
2606:4700:4400::ac40:9a03
2606:4700::6810:d6ed
2606:4700::6811:9d2
2606:4700::6811:f0cc
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
67.202.114.216
0a9edf4867b6b2e0383e5fdf01403842eb7cbe9b6968f64ed03cea8682824ca1
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
2d55a815b583b2b022b5d0a7445587ab4e153f699ece2f53b3c68c0a8a68fa08
4d183bf492f8bf46a9a1db01f0fa6816f303bea2057c89b496674ffc6eef3f3b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5df14da3463d5ebaf3829c92fc5263056af3c9e9c014fac2335994584308b949
6090a27e1e1efa2726ea468fcfdbdd5c704db3c9022d21e80b89d8132b53e2d2
6093e4047d84c2131513a7660bce23af63c911cda86e5a33538ee623b8149112
6889a7789d4db6452dd58c9f2b0ae003221eae0cfe30e2402d0d941f7f371fe8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
788561ed324caca628ee7ee6bb111ae0616f41f9569d7f6af5ed406a07492ecf
7a353383cf7ff12b2617401acd3e5c3ea18a6104b33e8cf151f6f97b5c833078
8309531b6b2107c16edd77efa774374f935a7924a84c7bae72973f19b962e0e5
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8f115244dfd6718dcc562f980267b123751db3b58b09353e3f66015722ed3f30
917117ef1938301fa1bb09bc0ddbc428617483b821d96bfc922c53e9540ceb84
9bb9b06e7e54c491f4cd277893efd6a670e3ffece4454ad73175483fdbdcf717
a99d93499d7fb132e6961bdcb5535c32afe144152f54022f37bed9640c637bd9
ab5625f8415b3b831da6538845d4f7e131fd9838aad7d88eee2ade0188419ec9
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b84dc89f233080fbc04cb8ce1d1be1396a8f0a6bc1befb6a0d09ee3ea3648957
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8b8c8146d6359d62410c5da0c4573717f95f8a2e79fcdf1c3ab242a70d10488
fa8845fe3c90f71c4d7a96edddf191eef2e6966656fe22a225b35e075c9cab50