urlscan.io logo urlscan.io
SecurityTrails logo

news9.online Open in urlscan Pro
144.91.119.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://chewiesvine.com/vQUi
Effective URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateRefer...
Submission: On July 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 33 HTTP transactions. The main IP is 144.91.119.160, located in Germany and belongs to CONTABO, DE. The main domain is news9.online.
This is the only time news9.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 138.68.14.113 14061 (DIGITALOC...)
1 1 18.196.84.70 16509 (AMAZON-02)
1 1 34.102.149.68 15169 (GOOGLE)
21 144.91.119.160 51167 (CONTABO)
2 143.204.89.40 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a04:4e42:1b:... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.71.17.67 14618 (AMAZON-AES)
1 2600:9000:20e... 16509 (AMAZON-02)
1 198.145.13.14 2044 (IINET-2044)
1 34.205.22.72 14618 (AMAZON-AES)
33 11
1    138.68.14.113 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
chewiesvine.com
1    18.196.84.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
powells-hissease.com
1    34.102.149.68 (United States)

ASN15169 (GOOGLE, US)
www.paw13trk.com
21    144.91.119.160 (Germany)

ASN51167 (CONTABO, DE)
PTR: server34merc.flaunt7.com
news9.online
2    143.204.89.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
api.pushnami.com
1    2606:4700::6810:a010 (United States)

ASN13335 (CLOUDFLARENET, US)
static.getclicky.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
3    2a04:4e42:1b::622 (Ascension Island)

ASN54113 (FASTLY, US)
fast.wistia.net
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.71.17.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
trc.pushnami.com
1    2600:9000:20eb:3c00:4:3295:3180:21 (United States)

ASN16509 (AMAZON-02, US)
d3aeiy1z988kau.cloudfront.net
1    198.145.13.14 (United States)

ASN2044 (IINET-2044, US)
in.getclicky.com
1    34.205.22.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
psp.pushnami.com
Domain Requested by
21 news9.online news9.online
3 fast.wistia.net news9.online
fast.wistia.net
2 api.pushnami.com news9.online
api.pushnami.com
1 psp.pushnami.com api.pushnami.com
1 in.getclicky.com static.getclicky.com
1 d3aeiy1z988kau.cloudfront.net news9.online
1 trc.pushnami.com api.pushnami.com
1 www.googletagmanager.com news9.online
1 code.jquery.com news9.online
1 static.getclicky.com news9.online
1 www.paw13trk.com 1 redirects
1 powells-hissease.com 1 redirects
1 chewiesvine.com 1 redirects
33 13

This site contains links to these domains. Also see Links.

Domain
www.track4cr.com
Subject Issuer Validity Valid
*.pushnami.com
Amazon		 2020-05-16 -
2021-06-16		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-29 -
2021-05-07		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Frame ID: 66A3ABC90DDD81DED5E99F7495FB975B
Requests: 40 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/r7r2yo28kh?seo=false&videoFoam=true
Frame ID: A8D07DD2576B196684E65F401E606C9A
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 941B19A9B0B44839290D4B5E06E73DA7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://chewiesvine.com/vQUi HTTP 301
    https://powells-hissease.com/270fd515-56fc-413b-bb3f-642e9b2e0295 HTTP 302
    https://www.paw13trk.com/cmp/3R3S1/K6L72/?sub2=walijie4h13c5vh0iq6gsk70 HTTP 302
    http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • script /static\.getclicky\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

33
Requests

27 %
HTTPS

38 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

977 kB
Transfer

35802 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chewiesvine.com/vQUi HTTP 301
    https://powells-hissease.com/270fd515-56fc-413b-bb3f-642e9b2e0295 HTTP 302
    https://www.paw13trk.com/cmp/3R3S1/K6L72/?sub2=walijie4h13c5vh0iq6gsk70 HTTP 302
    http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
news9.online/gummy/1/
Redirect Chain
  • http://chewiesvine.com/vQUi
  • https://powells-hissease.com/270fd515-56fc-413b-bb3f-642e9b2e0295
  • https://www.paw13trk.com/cmp/3R3S1/K6L72/?sub2=walijie4h13c5vh0iq6gsk70
  • http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
41 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
e662646678a47846157a04352d3b984fe463d74ce3ef1598b70d05301c9275b7

Request headers

Host
news9.online
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Fri, 17 Jul 2020 15:27:17 GMT
Server
LiteSpeed

Redirect headers

status
302
server
nginx
date
Fri, 17 Jul 2020 15:27:17 GMT
content-type
text/html; charset=utf-8
content-length
194
location
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
set-cookie
uniqueClick_K6L72=645135fe-e398-4bce-aadc-d1b6cdee3c47:1594999637; Path=/; Expires=Sat, 18 Jul 2020 15:27:17 GMT transaction_id=b24859253611423dbdeaa35a30bc614a; Path=/; Expires=Thu, 15 Oct 2020 15:27:17 GMT
vary
Origin
x-eflow-request-id
e477b7ff-127a-4dfd-bfd8-a44fe800ac24
via
1.1 google
alt-svc
clear
style.css
news9.online/gummy/1/ 		257 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://news9.online/gummy/1/style.css
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
2946cebcdc2855801a758e1558bac064376367c65b8d27516f01b8f1ef0a4288

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 May 2020 16:10:41 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40215
Expires
Fri, 24 Jul 2020 15:27:17 GMT
5e617533de9a370012c4b45a
api.pushnami.com/scripts/v1/push/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/push/5e617533de9a370012c4b45a
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
94b03f2f22329e6a06b022e091044143b7d5d03eabbc83f2cb8f03421aa3f2b1

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

date
Fri, 17 Jul 2020 15:27:17 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache
content-encoding
gzip
x-amz-cf-id
J6KaQ5B44rc6LOzHX2inTAVzkag3Ds9tS4UQ-7So9RJ4zAut45c21w==
backfix.min.js
news9.online/gummy/1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://news9.online/gummy/1/backfix.min.js
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
5b42b91ac56fc39de5ca75a66c038e7f4933604735fe6af37bb4d1e84a2caf86

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 May 2020 16:10:33 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
734
Expires
Fri, 24 Jul 2020 15:27:17 GMT
js
static.getclicky.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.getclicky.com/js
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c29235c7537fb21c1de7b20aec0870b95532cdc39b60a00d45a72c2a7fb2376

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Age
200697
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Expires
Fri, 24 Jul 2020 15:27:17 GMT
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5b44fc7658a73240-FRA
cf-request-id
03fefc1dfb000032401c2ce200000001
X-Proxy-Cache
HIT
jquery-1.11.3.js
code.jquery.com/ 		278 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.js
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

date
Fri, 17 Jul 2020 15:27:17 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2015 16:20:58 GMT
server
nginx
status
200
etag
W/"553fb36a-456ea"
vary
Accept-Encoding
x-hw
1594999637.dop144.fr8.t,1594999637.cds237.fr8.hn,1594999637.cds166.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
84538
news-logo.png
news9.online/gummy/1/assets/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/news-logo.png
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
875c41160204b698b57069c53281926f5692b9814d162daccd3bc8ccf8428b1c

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:35 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
20498
Expires
Fri, 24 Jul 2020 15:27:17 GMT
E-v1.js
fast.wistia.net/assets/external/ 		658 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
942ae41b42352c12b8e0fd033cfdb1f8722f64383777142105756ed49d9abc14
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

date
Fri, 17 Jul 2020 15:27:17 GMT
content-encoding
gzip
vary
Accept-Encoding
age
217
x-cache
HIT, HIT
status
200
content-length
157111
x-served-by
cache-dca17780-DCA, cache-hhn4034-HHN
access-control-allow-origin
*
x-browser-version
0
last-modified
Thu, 16 Jul 2020 12:10:41 GMT
x-timer
S1594999638.596052,VS0,VE0
etag
"5f1043c1-265b7"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
unknown
x-ecma-v
es5
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 3
social.png
news9.online/gummy/1/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/social.png
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
88b5e4d7acdcb722057d272ec399714c94f27a2758ec9cfa90f3a7fdd509745d

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:38 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4996
Expires
Fri, 24 Jul 2020 15:27:17 GMT
couch.jpg
news9.online/gummy/1/assets/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/couch.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
476711eefaa9fbfde0c57def37da659091b5332b91445d3fbfd96432239e1a2b

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:35 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
44181
Expires
Fri, 24 Jul 2020 15:27:17 GMT
enedina.jpg
news9.online/gummy/1/assets/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/enedina.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
973169539a355bff16a4b66565a4a0cbc81a06d258c2b2c3fd3766710261459b

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:36 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
188886
Expires
Fri, 24 Jul 2020 15:27:17 GMT
prof1.jpg
news9.online/gummy/1/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof1.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
04ff7c611572164d5a5315deb503b637b7ea521d80b588b7e1ed9c6f6530e954

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:34 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Fri, 24 Jul 2020 15:27:17 GMT
prof2.jpg
news9.online/gummy/1/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof2.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
1b0ef95a5853d7356c04bbe3435d109d0dc7c3f0389ec21c38fa496060a2050f

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:35 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2709
Expires
Fri, 24 Jul 2020 15:27:17 GMT
prof3.jpg
news9.online/gummy/1/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof3.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
46d2e17326ca6f379791cda010486a85e02522df47bb7241246247616fd15dcc

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:35 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3429
Expires
Fri, 24 Jul 2020 15:27:17 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T7C3CRF
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers
prof4.jpg
news9.online/gummy/1/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof4.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
bd87c90a1434c0fc6c06707a2f202167068a3cadf4de1238396532822d91f8d2

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:36 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2671
Expires
Fri, 24 Jul 2020 15:27:17 GMT
prof5.jpg
news9.online/gummy/1/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof5.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
eee8b9f7893fef362d3d8281c357b3d94e01d4a866fd78f4d54369b1d8d85c0f

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:36 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2703
Expires
Fri, 24 Jul 2020 15:27:17 GMT
prof6.jpg
news9.online/gummy/1/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof6.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
f603766306d3250f3d973e808b62a9017d4673e914e2bd88594743a7484a8b0c

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:36 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2706
Expires
Fri, 24 Jul 2020 15:27:17 GMT
prof7.jpg
news9.online/gummy/1/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof7.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
50b84e4dc25d1061b340832abb0c37ed4bf466442d3c22ce3f1e31c74869975f

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:37 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2416
Expires
Fri, 24 Jul 2020 15:27:17 GMT
prof8.jpg
news9.online/gummy/1/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof8.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
06a91c1acacf4f3c85483dcc2ab2aab278ee491d3499a1b5b7757882d0160e09

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:37 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3168
Expires
Fri, 24 Jul 2020 15:27:17 GMT
prof9.jpg
news9.online/gummy/1/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof9.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
a3cd1ad82a78510c22eb5a4b49880d0cd1c4ba04344e15f2a49e3b4b4118624a

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:37 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1142
Expires
Fri, 24 Jul 2020 15:27:17 GMT
prof10.jpg
news9.online/gummy/1/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/prof10.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
402ad05367c06f112eb24cee4384cb5a9295c7bace034f01e298bed12126b467

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:37 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2889
Expires
Fri, 24 Jul 2020 15:27:17 GMT
right-before-after1.jpg
news9.online/gummy/1/assets/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/right-before-after1.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
b9a852c6303802562653979b745f1da461f8e90133e0ee6bbae9c6895517f232

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:38 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
135896
Expires
Fri, 24 Jul 2020 15:27:17 GMT
right-before-after2.jpg
news9.online/gummy/1/assets/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/right-before-after2.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
7d09d183d705306dc861ccfd99a53ace7e5dd2aa184aea145feb46bcc7af9ad0

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:38 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68695
Expires
Fri, 24 Jul 2020 15:27:17 GMT
right-before-after3.jpg
news9.online/gummy/1/assets/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/right-before-after3.jpg
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
530142595112e288c5115124f3e9af5613f600f09627f56cf76400e715bacd1a

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:39 GMT
Server
LiteSpeed
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
101155
Expires
Fri, 24 Jul 2020 15:27:17 GMT
s1-bottle.png
news9.online/gummy/1/assets/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://news9.online/gummy/1/assets/s1-bottle.png
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
144.91.119.160 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
server34merc.flaunt7.com
Software
LiteSpeed /
Resource Hash
380775b7d67f06a0c516126c7c385a3dd540b8b71d1bc1e54c64c14edb5b56bd

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:17 GMT
Last-Modified
Wed, 27 May 2020 16:10:39 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
78033
Expires
Fri, 24 Jul 2020 15:27:17 GMT
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/5e617533de9a370012c4b45a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
key
5e617533de9a370012c4b45a
content-type
application/x-www-form-urlencoded

Response headers

status
200
date
Fri, 17 Jul 2020 15:27:18 GMT
cache-control
no-cache
access-control-allow-origin
*
content-type
text/html; charset=utf-8
content-length
2
access-control-expose-headers
WWW-Authenticate,Server-Authorization
r7r2yo28kh
fast.wistia.net/embed/iframe/ Frame A8D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/embed/iframe/r7r2yo28kh?seo=false&videoFoam=true
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
fast.wistia.net
:scheme
https
:path
/embed/iframe/r7r2yo28kh?seo=false&videoFoam=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a

Response headers

status
200
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
*
timing-allow-origin
*
cache-control
public, no-cache
etag
W/"49872ee3c6bb6b5a5c99e8320f097dec"
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
x-request-id
ea3062f7ce621627c9acc04d0eee673f
x-runtime
0.011520
content-encoding
gzip
via
1.1 varnish (Varnish/6.0) 1.1 varnish 1.1 varnish
accept-ranges
bytes
date
Fri, 17 Jul 2020 15:27:17 GMT
age
71909
x-served-by
cache-dca17736-DCA, cache-hhn4034-HHN
x-cache
HIT, MISS
x-cache-hits
1, 0
x-timer
S1594999638.723712,VS0,VE92
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
x-ecma-v
es5
x-browser
unknown
x-browser-version
0
content-length
707
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Content-Type
image/png
truncated
/ 		178 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Content-Type
image/svg+xml
truncated
/ 		243 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Content-Type
image/svg+xml
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Content-Type
image/svg+xml
cbd.mp4
d3aeiy1z988kau.cloudfront.net/ 		33 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
http://d3aeiy1z988kau.cloudfront.net/cbd.mp4
Requested by
Host: news9.online
URL: http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Protocol
HTTP/1.1
Server
2600:9000:20eb:3c00:4:3295:3180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
Range
bytes=0-

Response headers

Date
Fri, 17 Jul 2020 15:27:19 GMT
Via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
Last-Modified
Tue, 12 May 2020 20:46:35 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
ETag
"726f0fd7a2b38a0c827f7583e683025c-20"
X-Cache
Miss from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-327155473/327155474
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
327155474
X-Amz-Cf-Id
5ZlbkyrCOoaCYQNu9COubVPaXmXpXVQdWSa81jVUms0m_pyeaNoKdQ==
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Content-Type
image/svg+xml
truncated
/ 		516 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Content-Type
image/svg+xml
iframeApi.js
fast.wistia.net/assets/external/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/iframeApi.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
faba2221e978b5a4bdc2403a3cc4999c9aa2019d15653b5dd8d38bad26c3e40b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

date
Fri, 17 Jul 2020 15:27:17 GMT
content-encoding
gzip
vary
Accept-Encoding
age
218
x-cache
HIT, HIT
status
200
content-length
11805
x-served-by
cache-dca17760-DCA, cache-hhn4034-HHN
access-control-allow-origin
*
x-browser-version
0
last-modified
Thu, 16 Jul 2020 12:10:41 GMT
x-timer
S1594999638.912518,VS0,VE1
etag
"5f1043c1-2e1d"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
unknown
x-ecma-v
es5
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 1
in.php
in.getclicky.com/ 		257 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
http://in.getclicky.com/in.php?site_id=101263028&type=pageview&href=%2Fgummy%2F1%2F%3Faff_enc%3D63CFP%26SID%3D4%26sub2%3Db24859253611423dbdeaa35a30bc614a%26affiliate_id%3D4%26AffiliateReferenceID%3Db24859253611423dbdeaa35a30bc614a&title=News9&res=1600x1200&lang=en&jsuid=1037639713&mime=js&x=0.7732193648975632
Requested by
Host: static.getclicky.com
URL: http://static.getclicky.com/js
Protocol
HTTP/1.1
Server
198.145.13.14 , United States, ASN2044 (IINET-2044, US),
Reverse DNS
Software
nginx /
Resource Hash
13a149915133e2f7a470f423cd2776e5ce996132208e904807d91c4c73e3e0ed

Request headers

Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Date
Fri, 17 Jul 2020 15:27:18 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Connection
close
Expires
Mon, 26 Jul 1997 05:00:00 GMT
hub
api.pushnami.com/scripts/v1/ Frame 941B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/5e617533de9a370012c4b45a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

:method
GET
:authority
api.pushnami.com
:scheme
https
:path
/scripts/v1/hub
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a

Response headers

status
200
content-type
text/html; charset=utf-8
date
Fri, 17 Jul 2020 14:39:32 GMT
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-headers
X-Requested-With
content-security-policy
default-src 'unsafe-inline' *
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
cache-control
no-cache
content-encoding
gzip
vary
accept-encoding
x-cache
Hit from cloudfront
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
hqe3zsgjjMLOVSTd90qpnb1nD9JUOZ7nQP4iki6hWsS1CUF9ny_FtA==
age
2866
truncated
/ 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd882c134a0d98ed3b6a87eb94b3e4e4b3c7787ee153518f9f75482e9ff10094

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148

Response headers

Content-Type
image/svg+xml
psp
psp.pushnami.com/api/ 		2 B
220 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/push/5e617533de9a370012c4b45a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.22.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
http://news9.online/gummy/1/?aff_enc=63CFP&SID=4&sub2=b24859253611423dbdeaa35a30bc614a&affiliate_id=4&AffiliateReferenceID=b24859253611423dbdeaa35a30bc614a
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
key
5e617533de9a370012c4b45a
content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Jul 2020 15:27:19 GMT
content-encoding
gzip
status
200
vary
accept-encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
http://news9.online
cache-control
no-cache
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| pushWrap function| showFbChkOptIn function| getUrlParams object| psfp object| Pushnami object| bajb_backdetect object| clicky_site_ids function| $ function| jQuery object| clicky_obj object| clicky object| clicky_custom object| _genericStats object| _genericStatsCustom object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| dayNames object| monthNames object| now object| timerObj function| startTimer function| countdown function| wistiaBindIframes object| wistiaApi function| wistiaDispatch boolean| _loaded number| NO_PINGY_101263028 function| CrossStorageClient object| pushnamiStorage function| uuid

3 Cookies

Domain/Path Name / Value
.news9.online/ Name: no_tracky_101263028
Value: 1
.news9.online/ Name: _jsuid
Value: 1037639713
.news9.online/ Name: _first_pageview
Value: 1

2 Console Messages

Source Level URL
Text
console-api error URL: https://api.pushnami.com/scripts/v1/push/5e617533de9a370012c4b45a(Line 341)
Message:
Pushnami - error not SSL
console-api log URL: https://api.pushnami.com/scripts/v1/push/5e617533de9a370012c4b45a(Line 373)
Message:
Tracking OK [object Response]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
chewiesvine.com
code.jquery.com
d3aeiy1z988kau.cloudfront.net
fast.wistia.net
in.getclicky.com
news9.online
powells-hissease.com
psp.pushnami.com
static.getclicky.com
trc.pushnami.com
www.googletagmanager.com
www.paw13trk.com
138.68.14.113
143.204.89.40
144.91.119.160
18.196.84.70
198.145.13.14
2001:4de0:ac19::1:b:1b
2600:9000:20eb:3c00:4:3295:3180:21
2606:4700::6810:a010
2a00:1450:4001:80b::2008
2a04:4e42:1b::622
34.102.149.68
34.205.22.72
52.71.17.67
04ff7c611572164d5a5315deb503b637b7ea521d80b588b7e1ed9c6f6530e954
06a91c1acacf4f3c85483dcc2ab2aab278ee491d3499a1b5b7757882d0160e09
13a149915133e2f7a470f423cd2776e5ce996132208e904807d91c4c73e3e0ed
1b0ef95a5853d7356c04bbe3435d109d0dc7c3f0389ec21c38fa496060a2050f
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
2946cebcdc2855801a758e1558bac064376367c65b8d27516f01b8f1ef0a4288
380775b7d67f06a0c516126c7c385a3dd540b8b71d1bc1e54c64c14edb5b56bd
3c29235c7537fb21c1de7b20aec0870b95532cdc39b60a00d45a72c2a7fb2376
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
402ad05367c06f112eb24cee4384cb5a9295c7bace034f01e298bed12126b467
46d2e17326ca6f379791cda010486a85e02522df47bb7241246247616fd15dcc
476711eefaa9fbfde0c57def37da659091b5332b91445d3fbfd96432239e1a2b
50b84e4dc25d1061b340832abb0c37ed4bf466442d3c22ce3f1e31c74869975f
530142595112e288c5115124f3e9af5613f600f09627f56cf76400e715bacd1a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b42b91ac56fc39de5ca75a66c038e7f4933604735fe6af37bb4d1e84a2caf86
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e
7d09d183d705306dc861ccfd99a53ace7e5dd2aa184aea145feb46bcc7af9ad0
875c41160204b698b57069c53281926f5692b9814d162daccd3bc8ccf8428b1c
88b5e4d7acdcb722057d272ec399714c94f27a2758ec9cfa90f3a7fdd509745d
942ae41b42352c12b8e0fd033cfdb1f8722f64383777142105756ed49d9abc14
94b03f2f22329e6a06b022e091044143b7d5d03eabbc83f2cb8f03421aa3f2b1
973169539a355bff16a4b66565a4a0cbc81a06d258c2b2c3fd3766710261459b
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a3cd1ad82a78510c22eb5a4b49880d0cd1c4ba04344e15f2a49e3b4b4118624a
b9a852c6303802562653979b745f1da461f8e90133e0ee6bbae9c6895517f232
bd87c90a1434c0fc6c06707a2f202167068a3cadf4de1238396532822d91f8d2
e662646678a47846157a04352d3b984fe463d74ce3ef1598b70d05301c9275b7
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eee8b9f7893fef362d3d8281c357b3d94e01d4a866fd78f4d54369b1d8d85c0f
f603766306d3250f3d973e808b62a9017d4673e914e2bd88594743a7484a8b0c
faba2221e978b5a4bdc2403a3cc4999c9aa2019d15653b5dd8d38bad26c3e40b
fd882c134a0d98ed3b6a87eb94b3e4e4b3c7787ee153518f9f75482e9ff10094