urlscan.io logo urlscan.io
SecurityTrails logo

memecoins.club Open in urlscan Pro
95.179.191.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/j7cN9MAgJp
Effective URL: https://memecoins.club/?r=1000000
Submission: On March 09 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 32 HTTP transactions. The main IP is 95.179.191.56, located in Amsterdam, Netherlands and belongs to AS-CHOOPA, US. The main domain is memecoins.club.
TLS certificate: Issued by R3 on January 14th 2022. Valid for: 3 months.
This is the only time memecoins.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.133 13414 (TWITTER)
1 1 67.199.248.10 396982 (GOOGLE-CL...)
9 150.95.8.141 58791 (GMOOSK-NE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 143.204.98.103 16509 (AMAZON-02)
1 2 2606:50c0:800... 54113 (FASTLY)
2 104.20.229.67 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 52.44.28.112 14618 (AMAZON-AES)
2 95.179.191.56 20473 (AS-CHOOPA)
5 148.251.13.139 24940 (HETZNER-AS)
32 12
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
9    150.95.8.141 (Japan)

ASN58791 (GMOOSK-NET GMO Internet,Inc, JP)
PTR: s41.xrea.com
cta.s41.xrea.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:10::6814:8681 (United States)

ASN13335 (CLOUDFLARENET, US)
cache1.value-domain.com
8    143.204.98.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-103.fra50.r.cloudfront.net
www.thesun.co.uk
2    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
r.ivyrc.com
2    104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)
secure.statcounter.com
c.statcounter.com
1    2606:4700:10::6814:8581 (United States)

ASN13335 (CLOUDFLARENET, US)
www.value-domain.com
2    52.44.28.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-28-112.compute-1.amazonaws.com
ps.popcash.net
2    95.179.191.56 (Amsterdam, Netherlands)

ASN20473 (AS-CHOOPA, US)
PTR: 95.179.191.56.vultr.com
memecoins.club
5    148.251.13.139 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.139.13.251.148.clients.your-server.de
ad.a-ads.com
static.a-ads.com
Apex Domain
Subdomains		 Transfer
9 xrea.com
cta.s41.xrea.com
77 KB
8 thesun.co.uk
www.thesun.co.uk — Cisco Umbrella Rank: 16457
811 KB
5 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 30142
static.a-ads.com
685 KB
2 memecoins.club
memecoins.club
15 KB
2 popcash.net
ps.popcash.net — Cisco Umbrella Rank: 74997
666 B
2 statcounter.com
secure.statcounter.com — Cisco Umbrella Rank: 14072
c.statcounter.com — Cisco Umbrella Rank: 7198
15 KB
2 ivyrc.com
r.ivyrc.com
2 KB
2 value-domain.com
cache1.value-domain.com
www.value-domain.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 3926
323 B
1 t.co
t.co — Cisco Umbrella Rank: 448
506 B
32 11
Domain Requested by
9 cta.s41.xrea.com t.co
cta.s41.xrea.com
8 www.thesun.co.uk cta.s41.xrea.com
4 ad.a-ads.com memecoins.club
2 memecoins.club ps.popcash.net
memecoins.club
2 ps.popcash.net 1 redirects t.co
2 r.ivyrc.com 1 redirects cta.s41.xrea.com
1 static.a-ads.com ad.a-ads.com
1 www.value-domain.com
1 c.statcounter.com secure.statcounter.com
1 secure.statcounter.com cta.s41.xrea.com
1 cache1.value-domain.com cta.s41.xrea.com
1 fonts.googleapis.com cta.s41.xrea.com
1 bit.ly 1 redirects
1 t.co
32 14
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.nukcdn.com
Amazon		 2021-05-17 -
2022-06-15		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-06 -
2022-12-06		 a year crt.sh
*.value-domain.com
AlphaSSL CA - SHA256 - G2		 2022-02-10 -
2023-03-14		 a year crt.sh
memecoins.club
R3		 2022-01-14 -
2022-04-14		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2021-12-08 -
2023-01-08		 a year crt.sh

This page contains 5 frames:

Primary Page: https://memecoins.club/?r=1000000
Frame ID: 0CD792A37161D5E2735D5493256D0877
Requests: 28 HTTP requests in this frame

Frame: https://ad.a-ads.com/1660691?size=320x100&background_color=333333&title_color=bbbbff&link_color=bbbbff&link_hover_color=bbbbff&title_hover_color=ffff00
Frame ID: D8CE57C59EE0C93810535AD69ADE0E36
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1692930?size=120x60&background_color=333333&title_color=bbbbff&link_color=bbbbff&link_hover_color=bbbbff&title_hover_color=ffff00
Frame ID: 75FCADC0C93C9D6D6373837D6029BDF0
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1642061?size=300x600&background_color=222222&title_color=bbbbff&link_color=bbbbff&link_hover_color=bbbbff&title_hover_color=ffff00
Frame ID: E88167C2EE6CA7EB063A001298962A0B
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1643760?size=728x90&background_color=333333&title_color=bbbbff&link_color=bbbbff&link_hover_color=bbbbff&title_hover_color=ffff00
Frame ID: 5D1093294DC4E22DCFC8109B0B2FD252
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Memecoins - cryptocurrencies with the best community

Page URL History Show full URLs

  1. https://t.co/j7cN9MAgJp Page URL
  2. https://bit.ly/3IVuiOR HTTP 301
    http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/ Page URL
  3. http://ps.popcash.net/go/1863/609808/ Page URL
  4. http://ps.popcash.net/ad/ad?p=1863&w=609808&t=5393ef94ec353640&r=aHR0cCUzQSUyRiUyRmN0YS5zNDEueHJlY... HTTP 303
    https://memecoins.club/?r=1000000 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

32
Requests

63 %
HTTPS

33 %
IPv6

11
Domains

14
Subdomains

12
IPs

5
Countries

1622 kB
Transfer

1921 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/j7cN9MAgJp Page URL
  2. https://bit.ly/3IVuiOR HTTP 301
    http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/ Page URL
  3. http://ps.popcash.net/go/1863/609808/ Page URL
  4. http://ps.popcash.net/ad/ad?p=1863&w=609808&t=5393ef94ec353640&r=aHR0cCUzQSUyRiUyRmN0YS5zNDEueHJlYS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
    https://memecoins.club/?r=1000000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://bit.ly/3IVuiOR HTTP 301
  • http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Request Chain 16
  • http://r.ivyrc.com/t.js HTTP 301
  • https://r.ivyrc.com/t.js

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
j7cN9MAgJp
t.co/ 		221 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/j7cN9MAgJp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 09 Mar 2022 14:12:49 GMT
vary
Origin
server
tsa_o
expires
Wed, 09 Mar 2022 14:17:49 GMT
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
175
content-encoding
gzip
x-xss-protection
0
strict-transport-security
max-age=0
x-response-time
123
x-connection-hash
6974aaf70a55f796c921f425de199ecc2c19cbd15e0ce2aed189ec37e1770d52
/
cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Redirect Chain
  • https://bit.ly/3IVuiOR
  • http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
58 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Requested by
Host: t.co
URL: https://t.co/j7cN9MAgJp
Protocol
HTTP/1.1
Server
150.95.8.141 , Japan, ASN58791 (GMOOSK-NET GMO Internet,Inc, JP),
Reverse DNS
s41.xrea.com
Software
Apache /
Resource Hash
24d729871754ffeed4434f8458434de14224e506120f4105d18c9f442ef6e561

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.co/j7cN9MAgJp

Response headers

Date
Wed, 09 Mar 2022 14:12:51 GMT
Server
Apache
X-Pingback
http://cta.s41.xrea.com/xmlrpc.php
Link
<http://cta.s41.xrea.com/wp-json/>; rel="https://api.w.org/", <http://cta.s41.xrea.com/wp-json/wp/v2/posts/63708>; rel="alternate"; type="application/json", <http://cta.s41.xrea.com/?p=63708>; rel=shortlink
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
13278
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

server
nginx
date
Wed, 09 Mar 2022 14:12:49 GMT
content-type
text/html; charset=utf-8
content-length
172
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
referrer-policy
unsafe-url
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
style.min.css
cta.s41.xrea.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cta.s41.xrea.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.1
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
HTTP/1.1
Server
150.95.8.141 , Japan, ASN58791 (GMOOSK-NET GMO Internet,Inc, JP),
Reverse DNS
s41.xrea.com
Software
Apache /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Feb 2022 22:07:40 GMT
Server
Apache
ETag
"145a9-5d8a293d867e7-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
11191
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C700italic%2C400%2C700&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1969b5f30036235ecb4a8bc60c69555de79b09227f20a5b0d371f2b99c44ced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 12:59:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Mar 2022 14:12:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 09 Mar 2022 14:12:53 GMT
style.css
cta.s41.xrea.com/wp-content/themes/twentytwelve/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cta.s41.xrea.com/wp-content/themes/twentytwelve/style.css?ver=20190507
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
HTTP/1.1
Server
150.95.8.141 , Japan, ASN58791 (GMOOSK-NET GMO Internet,Inc, JP),
Reverse DNS
s41.xrea.com
Software
Apache /
Resource Hash
6516e4a2ee96ac848dba66b3eb39c4524dcc07481ebd4b942ed7fd8037f03897

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 01:46:02 GMT
Server
Apache
ETag
"93e5-5cdb96cd440fe-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
8269
blocks.css
cta.s41.xrea.com/wp-content/themes/twentytwelve/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cta.s41.xrea.com/wp-content/themes/twentytwelve/css/blocks.css?ver=20190406
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
HTTP/1.1
Server
150.95.8.141 , Japan, ASN58791 (GMOOSK-NET GMO Internet,Inc, JP),
Reverse DNS
s41.xrea.com
Software
Apache /
Resource Hash
dd030e973a26c5f41da9b2a1cf5eb958e78d1a7ac52bddcd24c8d34afbacd2a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 01:45:58 GMT
Server
Apache
ETag
"2939-5cdb96ca2926d-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
1862
jquery.min.js
cta.s41.xrea.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cta.s41.xrea.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
HTTP/1.1
Server
150.95.8.141 , Japan, ASN58791 (GMOOSK-NET GMO Internet,Inc, JP),
Reverse DNS
s41.xrea.com
Software
Apache /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 01:48:34 GMT
Server
Apache
ETag
"15db1-5cdb975f1f5c4-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
30908
jquery-migrate.min.js
cta.s41.xrea.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cta.s41.xrea.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
HTTP/1.1
Server
150.95.8.141 , Japan, ASN58791 (GMOOSK-NET GMO Internet,Inc, JP),
Reverse DNS
s41.xrea.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 01:48:34 GMT
Server
Apache
ETag
"2bd8-5cdb975e8128e-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
4169
xrea_header.js
cache1.value-domain.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cache1.value-domain.com/xrea_header.js
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
HTTP/1.1
Server
2606:4700:10::6814:8681 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3ce8b96f60a35f4a8c8489badb30254fe0b7b8d63c98601d4055c22c6f43b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4204
Cf-Polished
origSize=1786
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Tue, 19 Jan 2021 02:56:21 GMT
Server
cloudflare
ETag
W/"60064a55-6fa"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
6e94688528b99096-FRA
Cf-Bgj
minify
NINTCHDBPICT000670172275.jpg
www.thesun.co.uk/wp-content/uploads/2021/08/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2021/08/NINTCHDBPICT000670172275.jpg
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
f7ca78f0eabf63c10e5f52c00597fb986ff83923dd5500b59281ece6d8136233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
x-rq
lhr4 109 84 443
last-modified
Wed, 09 Mar 2022 14:12:55 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"a4cc9a63e36810e0"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
260848
x-amz-cf-id
2Z9MhV4CQBGEAYVTeZtm99LcbDhDMdjxdUm4hocn3sx8wB0ub0IwrA==
expires
Thu, 09 Mar 2023 14:12:55 GMT
NINTCHDBPICT000669878566-1.jpg
www.thesun.co.uk/wp-content/uploads/2021/08/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2021/08/NINTCHDBPICT000669878566-1.jpg?strip=all&w=300&h=192&crop=1
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
7c36f60dec663c99981f405d8bae6d7c0efc7662006935edeb869cee3d405b3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
x-rq
lhr4 109 142 443
last-modified
Wed, 09 Mar 2022 14:12:55 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"eadb3523de84d1f4"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13738
x-amz-cf-id
57ftfvhFKcTL8yM9uxJ2TT0Utx5itOUouABeNWA-s-Xp9aL6cShthw==
expires
Thu, 09 Mar 2023 14:12:55 GMT
comp-ap-6469-hancock2.jpg
www.thesun.co.uk/wp-content/uploads/2021/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2021/08/comp-ap-6469-hancock2.jpg?strip=all&w=300&h=192&crop=1
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
6d2943bb910d028b3bef55515bd4cc97960968788462b68b823727d597c66007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
x-rq
lhr4 109 140 443
last-modified
Wed, 09 Mar 2022 14:12:55 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"60416dc0cfcddaa8"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
27316
x-amz-cf-id
BoyEA-BRBAP5XUsmAqV0Ge6OvREkGMXgTtQNZTIqxRjOpKFqqe5P4g==
expires
Thu, 09 Mar 2023 14:12:55 GMT
lv-comp-fetty-wap-daughter-2.jpg
www.thesun.co.uk/wp-content/uploads/2021/08/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2021/08/lv-comp-fetty-wap-daughter-2.jpg?strip=all&w=300&h=192&crop=1
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3a4c477211515815164a07cab5f9606b15b509bac7efeb120c9abb31fefad59b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
x-rq
lhr3 109 88 443
last-modified
Wed, 09 Mar 2022 14:12:55 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"3cef745c7a131366"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
26598
x-amz-cf-id
d5O4NNZAmUxw-1MZBiRqUrj6QvF2HKekXtMNYTIHbDw6mlKoV04zJA==
expires
Thu, 09 Mar 2023 14:12:55 GMT
lv-comp-terry-kennedy-man-beaten-dies.jpg
www.thesun.co.uk/wp-content/uploads/2021/08/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2021/08/lv-comp-terry-kennedy-man-beaten-dies.jpg?strip=all&w=300&h=192&crop=1
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
5e288de75b2d21e46c44e169e56fcf1a5bf3a5ae8315576f1107eb7d3ef62042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
x-rq
lhr4 109 195 443
last-modified
Wed, 09 Mar 2022 14:12:55 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"8a34c9a7be6e4090"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28580
x-amz-cf-id
SBoElzJVyIAKhb2MASA4GcbkI1nyhfR-mScpvYURCID-61wAf-RUDQ==
expires
Thu, 09 Mar 2023 14:12:55 GMT
NINTCHDBPICT000670143427.jpg
www.thesun.co.uk/wp-content/uploads/2021/08/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2021/08/NINTCHDBPICT000670143427.jpg?strip=all&w=300&h=192&crop=1
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
3e15f9830fa561705120f5f0a0938fb550e9a78002f6efeb2f007f86405ed06e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
x-rq
lhr3 109 140 443
last-modified
Wed, 09 Mar 2022 14:12:55 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"6d5d48e9790c10cb"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
38324
x-amz-cf-id
fAaBpKt8u7ahcKmQRho8qT-J9VNql9cm8xJDAxDDu4zB0jLHQAa3-w==
expires
Thu, 09 Mar 2023 14:12:55 GMT
comp-ap-6469-turkey.jpg
www.thesun.co.uk/wp-content/uploads/2021/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2021/08/comp-ap-6469-turkey.jpg?strip=all&w=300&h=192&crop=1
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
533cdbc06cd111d4b69145c8309307ab4e07d5d8b6de98b8a72fca2343492e22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
x-rq
lhr4 109 84 443
last-modified
Wed, 09 Mar 2022 14:12:55 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"672019ce41d8801f"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10930
x-amz-cf-id
iLw8iThydJCTzZh1KGTao0kV-WiRkBGdfiF8ccxcd6lFEuEWq7_EvQ==
expires
Thu, 09 Mar 2023 14:12:55 GMT
t.js
r.ivyrc.com/
Redirect Chain
  • http://r.ivyrc.com/t.js
  • https://r.ivyrc.com/t.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.ivyrc.com/t.js
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
d73386a6d266dc8b6b3e430e89e5fa2fae35cc488e33beac4f3ba9f5fd1681a2
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id
7768fc876a37b599b25ba5f9e2f17e2440930326
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60e46329-7b7"
age
433
x-cache
HIT
content-length
747
x-served-by
cache-hhn4053-HHN
access-control-allow-origin
*
last-modified
Tue, 06 Jul 2021 14:05:29 GMT
server
GitHub.com
x-github-request-id
D7B4:41F5:54B3BA:5879BB:621589BF
x-timer
S1646835175.338020,VS0,VE1
date
Wed, 09 Mar 2022 14:12:55 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 23 Feb 2022 01:21:28 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1

Redirect headers

X-Fastly-Request-ID
a24b0d609e9bc5655f4078f739d324eb256b3e4b
Date
Wed, 09 Mar 2022 14:12:55 GMT
Via
1.1 varnish
Age
3567
X-Cache
HIT
Connection
keep-alive
Content-Length
162
X-Served-By
cache-hhn4054-HHN
Server
GitHub.com
X-GitHub-Request-Id
4538:2E11:259B7FA:26D977A:6228A7F8
X-Timer
S1646835175.309915,VS0,VE1
Vary
Accept-Encoding
Content-Type
text/html
Location
https://r.ivyrc.com/t.js
Accept-Ranges
bytes
X-Cache-Hits
1
red.js
cta.s41.xrea.com/ 		626 B
738 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cta.s41.xrea.com/red.js
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
HTTP/1.1
Server
150.95.8.141 , Japan, ASN58791 (GMOOSK-NET GMO Internet,Inc, JP),
Reverse DNS
s41.xrea.com
Software
Apache /
Resource Hash
854a516f938688b63473934aa3c5d2366eded941685b62475119562c868034db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 01:49:58 GMT
Server
Apache
ETag
"272-5cdb97af10e25-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
393
wp-emoji-release.min.js
cta.s41.xrea.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cta.s41.xrea.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.1
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
HTTP/1.1
Server
150.95.8.141 , Japan, ASN58791 (GMOOSK-NET GMO Internet,Inc, JP),
Reverse DNS
s41.xrea.com
Software
Apache /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 01:48:45 GMT
Server
Apache
ETag
"4705-5cdb976970ec7-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
4930
counter.js
secure.statcounter.com/counter/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd5652900e428b78ad7d459209e5e0ad0d8b21542f1060acb1ed8c60a1f579b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Feb 2022 17:24:01 GMT
server
cloudflare
age
16841
etag
W/"61f96cb1-a37d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
6e946885ba305c44-FRA
expires
Wed, 09 Mar 2022 21:32:14 GMT
navigation.js
cta.s41.xrea.com/wp-content/themes/twentytwelve/js/ 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cta.s41.xrea.com/wp-content/themes/twentytwelve/js/navigation.js?ver=20141205
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
HTTP/1.1
Server
150.95.8.141 , Japan, ASN58791 (GMOOSK-NET GMO Internet,Inc, JP),
Reverse DNS
s41.xrea.com
Software
Apache /
Resource Hash
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 01:45:59 GMT
Server
Apache
ETag
"610-5cdb96ca89d48-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
656
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
RR-MAP-UK-STABBING-v2.jpg
www.thesun.co.uk/wp-content/uploads/2021/06/ 		409 KB
410 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thesun.co.uk/wp-content/uploads/2021/06/RR-MAP-UK-STABBING-v2.jpg
Requested by
Host: cta.s41.xrea.com
URL: http://cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
15d0a0fbdaabf6bf43c6259d50432a4e8335465eee7986434e94671ff4be41ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
x-rq
lhr3 109 196 443
last-modified
Wed, 09 Mar 2022 14:12:55 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"cc527b748af194ac"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/webp
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
content-length
419140
x-amz-cf-id
Dp1eD0b1_ixqR4hlIOZArhFeul_56bECBYlK8KIRAfZocVlsa5G6Iw==
expires
Thu, 09 Mar 2023 14:12:55 GMT
t.php
c.statcounter.com/ 		192 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12499144&u1=1402F57F10D54F09643ABD28E15698DC&java=1&security=d888c277&sc_snum=1&sess=fa717c&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&sc_ev_author=ct&resolution=1600&h=1200&camefrom=&u=http%3A//cta.s41.xrea.com/boy-16-fighting-for-life-after-being-stabbed-in-north-london/&t=Boy%2C%2016%2C%20fighting%20for%20life%20after%20being%20stabbed%20in%20North%20London%20%7C%20cta&invisible=1&sc_rum_e_s=5631&sc_rum_e_e=5638&sc_rum_f_s=0&sc_rum_f_e=5492&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e946886ec1a5c44-FRA
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
http://cta.s41.xrea.com
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
valueauth_bnr.png
www.value-domain.com/security/value-auth/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.value-domain.com/security/value-auth/img/valueauth_bnr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8581 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d662c01c639b9b1db7b6397d3226e4b4dff93c4f29cd73216a43a95e39ca2bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:12:56 GMT
vary
Accept
cf-cache-status
HIT
age
796
cf-polished
origFmt=png, origSize=29981
content-disposition
inline; filename="valueauth_bnr.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14802
last-modified
Wed, 21 Jul 2021 00:55:52 GMT
server
cloudflare
etag
"751d-5c797a1d72c4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
content-type
image/webp
expires
Wed, 09 Mar 2022 14:13:42 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6e94688a1b1a90fe-FRA
cf-bgj
imgq:100,h2pri
/
ps.popcash.net/go/1863/609808/ 		468 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/1863/609808/
Requested by
Host: t.co
URL: https://t.co/j7cN9MAgJp
Protocol
HTTP/1.1
Server
52.44.28.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-28-112.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://cta.s41.xrea.com/

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 09 Mar 2022 14:12:58 GMT
Server
nginx
Vary
Accept-Encoding
Content-Length
312
Connection
keep-alive
Primary Request /
memecoins.club/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=1863&w=609808&t=5393ef94ec353640&r=aHR0cCUzQSUyRiUyRmN0YS5zNDEueHJlYS5jb20lMkY=&vw=1600&vh=1200
  • https://memecoins.club/?r=1000000
33 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://memecoins.club/?r=1000000
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/1863/609808/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.179.191.56 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.191.56.vultr.com
Software
nginx/1.14.2 /
Resource Hash
79ba00f305ad82bd4bc21146b9fbf3a0c7aecc97cf438df9c5fae221797760de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://ps.popcash.net/go/1863/609808/

Response headers

Server
nginx/1.14.2
Date
Wed, 09 Mar 2022 14:12:59 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
no-cache
Expires
Wed, 09 Mar 2022 14:13:59 GMT
Cache-Control
public
Content-Encoding
gzip

Redirect headers

Date
Wed, 09 Mar 2022 14:12:59 GMT
Location
https://memecoins.club/?r=1000000
Server
nginx
Content-Length
0
Connection
keep-alive
320x100bsc.gif
memecoins.club/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://memecoins.club/320x100bsc.gif
Requested by
Host: memecoins.club
URL: https://memecoins.club/?r=1000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.179.191.56 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS
95.179.191.56.vultr.com
Software
nginx/1.14.2 /
Resource Hash
cc88b9f21851feed3c859af1ba6e7e00ed3027b61c286a8aa29c265072cfa298

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://memecoins.club/?r=1000000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:59 GMT
Last-Modified
Thu, 01 Jul 2021 19:42:24 GMT
Server
nginx/1.14.2
ETag
"60de1aa0-1940"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6464
1660691
ad.a-ads.com/ Frame D8CE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1660691?size=320x100&background_color=333333&title_color=bbbbff&link_color=bbbbff&link_hover_color=bbbbff&title_hover_color=ffff00
Requested by
Host: memecoins.club
URL: https://memecoins.club/?r=1000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.139.13.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
52429e5170213713958230a06d1bd341a4e39fc1a84b6b67f0127ca616394f65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://memecoins.club/

Response headers

Server
nginx
Date
Wed, 09 Mar 2022 14:12:59 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://memecoins.club/
Content-Encoding
gzip
1692930
ad.a-ads.com/ Frame 75FC 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1692930?size=120x60&background_color=333333&title_color=bbbbff&link_color=bbbbff&link_hover_color=bbbbff&title_hover_color=ffff00
Requested by
Host: memecoins.club
URL: https://memecoins.club/?r=1000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.139.13.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
03b6d486a46772ab43f44154dcf9b86354108234085c29e1ec619d0bd4244ce5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://memecoins.club/

Response headers

Server
nginx
Date
Wed, 09 Mar 2022 14:12:59 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://memecoins.club/
Content-Encoding
gzip
1642061
ad.a-ads.com/ Frame E881 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1642061?size=300x600&background_color=222222&title_color=bbbbff&link_color=bbbbff&link_hover_color=bbbbff&title_hover_color=ffff00
Requested by
Host: memecoins.club
URL: https://memecoins.club/?r=1000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.139.13.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
4c65907060404e918d63f978ae19bf3d38e4cacfe0a2b0e8d6c272d08a35516e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://memecoins.club/

Response headers

Server
nginx
Date
Wed, 09 Mar 2022 14:12:59 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://memecoins.club/
Content-Encoding
gzip
1643760
ad.a-ads.com/ Frame 5D10 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1643760?size=728x90&background_color=333333&title_color=bbbbff&link_color=bbbbff&link_hover_color=bbbbff&title_hover_color=ffff00
Requested by
Host: memecoins.club
URL: https://memecoins.club/?r=1000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.139.13.251.148.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
c5b5353021c6aeb98027a3ed09d01b60f8fada9e7d3afecc3241ebd402b8f776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://memecoins.club/

Response headers

Server
nginx
Date
Wed, 09 Mar 2022 14:12:59 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://memecoins.club/
Content-Encoding
gzip
truncated
/ Frame D8CE 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 75FC 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
728x90
static.a-ads.com/a-ads-banners/104028/ Frame 5D10 		674 KB
675 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/104028/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1643760?size=728x90&background_color=333333&title_color=bbbbff&link_color=bbbbff&link_hover_color=bbbbff&title_hover_color=ffff00
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.139.13.251.148.clients.your-server.de
Software
nginx /
Resource Hash
951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 09 Mar 2022 14:12:59 GMT
Last-Modified
Sun, 29 Dec 2019 17:09:03 GMT
Server
nginx
x-amz-request-id
FWAGFCZ0GMBF956T
ETag
"74ffa6390dd104c5c534c4f2f266f4d3"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
690629
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
3TC98TKnrka7oOabxFNTsHEKH4LZcc9h
x-amz-id-2
z+Z8jeN3e/ydV+jwhlfzikIFFHD18nOBy+y2cvJtmpNfHDTMvMigdCbkdQWLwzTCD9Cl33joeL4=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 5D10 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E881 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored

10 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 59238e6c-9a83-4781-9141-d6feab0b2540
.bit.ly/ Name: _bit
Value: m29ecN-34b5a2aaf5a4894f50-00S
www.thesun.co.uk/ Name: nuk_customer_country_code
Value: DE
www.thesun.co.uk/ Name: nuk_customer_region_code
Value: HE
cta.s41.xrea.com/ Name: first_visit
Value: true
.cta.s41.xrea.com/ Name: sc_is_visitor_unique
Value: rx12499144.1646835175.1402F57F10D54F09643ABD28E15698DC.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12499144.1646835175.0
.statcounter.com/ Name: is_visitor_unique
Value: 1646835175402167090
memecoins.club/ Name: PHPSESSID
Value: areocqeuiibsp2fbh3ksqs23hc
memecoins.club/ Name: r
Value: 1000000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
bit.ly
c.statcounter.com
cache1.value-domain.com
cta.s41.xrea.com
fonts.googleapis.com
memecoins.club
ps.popcash.net
r.ivyrc.com
secure.statcounter.com
static.a-ads.com
t.co
www.thesun.co.uk
www.value-domain.com
104.20.229.67
104.244.42.133
143.204.98.103
148.251.13.139
150.95.8.141
2606:4700:10::6814:8581
2606:4700:10::6814:8681
2606:50c0:8001::153
2a00:1450:4001:82b::200a
52.44.28.112
67.199.248.10
95.179.191.56
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03b6d486a46772ab43f44154dcf9b86354108234085c29e1ec619d0bd4244ce5
0d662c01c639b9b1db7b6397d3226e4b4dff93c4f29cd73216a43a95e39ca2bc
15d0a0fbdaabf6bf43c6259d50432a4e8335465eee7986434e94671ff4be41ba
24d729871754ffeed4434f8458434de14224e506120f4105d18c9f442ef6e561
3a4c477211515815164a07cab5f9606b15b509bac7efeb120c9abb31fefad59b
3e15f9830fa561705120f5f0a0938fb550e9a78002f6efeb2f007f86405ed06e
4c65907060404e918d63f978ae19bf3d38e4cacfe0a2b0e8d6c272d08a35516e
52429e5170213713958230a06d1bd341a4e39fc1a84b6b67f0127ca616394f65
533cdbc06cd111d4b69145c8309307ab4e07d5d8b6de98b8a72fca2343492e22
5e288de75b2d21e46c44e169e56fcf1a5bf3a5ae8315576f1107eb7d3ef62042
6516e4a2ee96ac848dba66b3eb39c4524dcc07481ebd4b942ed7fd8037f03897
6d2943bb910d028b3bef55515bd4cc97960968788462b68b823727d597c66007
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
79ba00f305ad82bd4bc21146b9fbf3a0c7aecc97cf438df9c5fae221797760de
7c36f60dec663c99981f405d8bae6d7c0efc7662006935edeb869cee3d405b3e
854a516f938688b63473934aa3c5d2366eded941685b62475119562c868034db
951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd5652900e428b78ad7d459209e5e0ad0d8b21542f1060acb1ed8c60a1f579b6
c5b5353021c6aeb98027a3ed09d01b60f8fada9e7d3afecc3241ebd402b8f776
cc88b9f21851feed3c859af1ba6e7e00ed3027b61c286a8aa29c265072cfa298
d73386a6d266dc8b6b3e430e89e5fa2fae35cc488e33beac4f3ba9f5fd1681a2
dd030e973a26c5f41da9b2a1cf5eb958e78d1a7ac52bddcd24c8d34afbacd2a6
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
ea3ce8b96f60a35f4a8c8489badb30254fe0b7b8d63c98601d4055c22c6f43b0
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78
f1969b5f30036235ecb4a8bc60c69555de79b09227f20a5b0d371f2b99c44ced
f7ca78f0eabf63c10e5f52c00597fb986ff83923dd5500b59281ece6d8136233