![](/screenshots/15c5aaec-6c80-4475-b4e6-7c3df3651c0b.png)
www.newsday.com
Open in
urlscan Pro
45.60.64.112
Public Scan
Submission: On July 29 via api from CH
Summary
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on June 3rd 2020. Valid for: a year.
This is the only time www.newsday.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN20446 (HIGHWINDS3, US)
projects.newsday.com | |
assets.projects.newsday.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-107.fra53.r.cloudfront.net
ak.sail-horizon.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-96.fra53.r.cloudfront.net
w.soundcloud.com |
ASN15169 (GOOGLE, US)
PTR: 151.208.227.35.bc.googleusercontent.com
web-sdk.urbanairship.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-58-124.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15133 (EDGECAST, US)
cdn.cookielaw.org | |
az416426.vo.msecnd.net | |
fp-cdn.azureedge.net | |
cdn.ayc0zsm69431gfebd.xyz | |
cdn.mg2connext.com |
ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-newsday-proxy-connext.azurewebsites.net |
ASN16509 (AMAZON-02, US)
paywall-ad-bucket.s3.amazonaws.com |
ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-120.fra6.r.cloudfront.net
c.amazon-adsystem.com |
ASN16625 (AKAMAI-AS, US)
PTR: a92-122-254-129.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com |
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
newsday-d.openx.net | |
eu-u.openx.net | |
us-u.openx.net |
ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-98-13.eu-west-1.compute.amazonaws.com
match.adsrvr.org |
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
cm.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
17 | www.newsday.com |
www.newsday.com
cdnjs.cloudflare.com |
10 | cdn.ayc0zsm69431gfebd.xyz |
cdnjs.cloudflare.com
cdn.ayc0zsm69431gfebd.xyz |
9 | cdn.cookielaw.org |
www.newsday.com
cdn.cookielaw.org |
3 | c.amazon-adsystem.com |
cdn1.htlbid.com
az416426.vo.msecnd.net |
2 | cm.g.doubleclick.net | 2 redirects |
2 | eu-u.openx.net | 2 redirects |
2 | eb2.3lift.com | 2 redirects |
2 | static.criteo.net |
cdn1.htlbid.com
az416426.vo.msecnd.net |
2 | securepubads.g.doubleclick.net |
cdn1.htlbid.com
securepubads.g.doubleclick.net |
2 | prod-newsday-proxy-connext.azurewebsites.net |
cdn.ayc0zsm69431gfebd.xyz
|
2 | geolocation.onetrust.com |
cdn.cookielaw.org
|
2 | loader-cdn.azureedge.net |
cdnjs.cloudflare.com
|
2 | www.google-analytics.com |
www.newsday.com
www.google-analytics.com |
2 | dpm.demdex.net |
www.newsday.com
|
2 | cdnjs.cloudflare.com |
www.newsday.com
|
2 | polyfill.io |
www.newsday.com
cdnjs.cloudflare.com |
2 | cdn.newsday.com |
www.newsday.com
|
2 | projects.newsday.com |
1 redirects
www.newsday.com
|
1 | us-u.openx.net | |
1 | match.adsrvr.org | |
1 | api-mg2.db-ip.com |
cdn.ayc0zsm69431gfebd.xyz
|
1 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
1 | bidder.criteo.com |
az416426.vo.msecnd.net
|
1 | ib.adnxs.com |
az416426.vo.msecnd.net
|
1 | newsday-d.openx.net |
az416426.vo.msecnd.net
|
1 | as-sec.casalemedia.com |
az416426.vo.msecnd.net
|
1 | ap.lijit.com |
az416426.vo.msecnd.net
|
1 | tlx.3lift.com |
az416426.vo.msecnd.net
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.ch |
securepubads.g.doubleclick.net
|
1 | paywall-ad-bucket.s3.amazonaws.com |
www.newsday.com
|
1 | d1wa9546y9kg0n.cloudfront.net |
cdn.ayc0zsm69431gfebd.xyz
|
1 | cdn.mg2connext.com |
www.newsday.com
|
1 | fp-cdn.azureedge.net |
cdnjs.cloudflare.com
|
1 | az416426.vo.msecnd.net |
loader-cdn.azureedge.net
|
1 | cdn1.htlbid.com |
cdnjs.cloudflare.com
|
1 | cm.everesttech.net | 1 redirects |
1 | newsday.demdex.net |
www.newsday.com
|
1 | api.sail-personalize.com |
ak.sail-horizon.com
|
1 | cookie-cdn.cookiepro.com |
www.newsday.com
|
1 | web-sdk.urbanairship.com |
www.newsday.com
|
1 | w.soundcloud.com |
www.newsday.com
|
1 | ak.sail-horizon.com |
www.newsday.com
|
1 | assets.projects.newsday.com |
www.newsday.com
|
85 | 44 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
incapsula.com GlobalSign CloudSSL CA - SHA256 - G3 |
2020-06-03 - 2021-06-04 |
a year | crt.sh |
mediakit.newsday.com Entrust Certification Authority - L1K |
2019-08-09 - 2021-08-29 |
2 years | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-07-08 - 2021-04-17 |
9 months | crt.sh |
cloudflare.com Cloudflare Inc ECC CA-3 |
2020-07-04 - 2021-07-04 |
a year | crt.sh |
ak.sail-horizon.com Amazon |
2020-02-07 - 2021-03-07 |
a year | crt.sh |
*.soundcloud.com GlobalSign RSA DV SSL CA 2018 |
2020-04-03 - 2021-07-09 |
a year | crt.sh |
*.urbanairship.com DigiCert SHA2 Secure Server CA |
2020-06-09 - 2022-07-14 |
2 years | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
cookiepro.com Cloudflare Inc ECC CA-3 |
2020-07-06 - 2021-07-06 |
a year | crt.sh |
sni9451gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2020-05-07 - 2021-05-12 |
a year | crt.sh |
api.sail-personalize.com Amazon |
2020-06-30 - 2021-07-30 |
a year | crt.sh |
j3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-06-30 - 2021-04-20 |
10 months | crt.sh |
*.vo.msecnd.net Microsoft IT TLS CA 2 |
2020-03-18 - 2022-03-18 |
2 years | crt.sh |
*.onetrust.com DigiCert SHA2 Secure Server CA |
2020-05-21 - 2022-07-27 |
2 years | crt.sh |
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2020-04-16 - 2022-04-21 |
2 years | crt.sh |
sni1ad09gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2019-11-22 - 2021-12-01 |
2 years | crt.sh |
sni9642gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2020-05-30 - 2021-04-20 |
a year | crt.sh |
sni1575gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA |
2020-05-30 - 2021-04-16 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
*.azurewebsites.net Microsoft IT TLS CA 5 |
2019-09-24 - 2021-09-24 |
2 years | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2021-03-12 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
c.amazon-adsystem.com Amazon |
2019-10-07 - 2020-09-29 |
a year | crt.sh |
*.google.ch GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.3lift.com Amazon |
2020-07-04 - 2021-08-05 |
a year | crt.sh |
*.lijit.com Go Daddy Secure Certificate Authority - G2 |
2020-03-11 - 2021-05-10 |
a year | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2020-03-02 - 2021-04-01 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2020-06-18 - 2021-08-17 |
a year | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
*.criteo.com DigiCert ECC Secure Server CA |
2020-06-22 - 2020-09-20 |
3 months | crt.sh |
in.applicationinsights.azure.com Microsoft IT TLS CA 4 |
2020-04-30 - 2022-04-30 |
2 years | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-18 - 2021-07-18 |
a year | crt.sh |
*.criteo.net DigiCert ECC Secure Server CA |
2020-06-22 - 2020-09-20 |
3 months | crt.sh |
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2019-03-07 - 2021-04-19 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.newsday.com/sports/hockey/islanders/island-ice-podcast-ubs-arena-jon-ledecky-tim-leiweke-jim-baumbach-1.47467601
Frame ID: AD37400155B877C69BC7427D3FDC3D20
Requests: 83 HTTP requests in this frame
Frame:
https://w.soundcloud.com/player/?url=https://api.soundcloud.com/tracks/866254918&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=false&show_artwork=false&color=0079c2
Frame ID: 4A4C4AAF5788490E65F0A75B0F5B8557
Requests: 1 HTTP requests in this frame
Frame:
https://newsday.demdex.net/dest5.html?d_nsid=0
Frame ID: 2E6335D5912F8ACC2328920289EA6342
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/15c5aaec-6c80-4475-b4e6-7c3df3651c0b.png)
Detected technologies
![](/vendor/wappa/icons/Java.png)
Detected patterns
- headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Detected patterns
- headers server /^Apache-Coyote(?:\/([\d.]+))?/i
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
Title: Obituaries
Search URL Search Domain Scan URL
Title: Scores
Search URL Search Domain Scan URL
Title: Top 100 Restaurants
Search URL Search Domain Scan URL
Title: Matt Davies
Search URL Search Domain Scan URL
Title: Special Sections
Search URL Search Domain Scan URL
Title: fbShare
Search URL Search Domain Scan URL
Title: Tweet
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Today’s paper
Search URL Search Domain Scan URL
Title: Newsday Charities
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Media Kit
Search URL Search Domain Scan URL
Title: Newsday Connect
Search URL Search Domain Scan URL
Title: Hometown Shopper
Search URL Search Domain Scan URL
Title: Reprints & permissions
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: More information
Search URL Search Domain Scan URL
Title: Â |Â View Full Legal Text
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://projects.newsday.com/shell/css/extra/paywall.min.css HTTP 302
- https://projects.newsday.com/gdpr/
- https://cm.everesttech.net/cm/dd?d_uuid=80747547343398011330882334080222964875 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XyFzRwAABIn2DBTJ
- https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
- https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
- https://eu-u.openx.net/w/1.0/pd?plm=10&ph=c68f8b79-0656-4705-9d2b-e9ac93a000b2&gdpr=0 HTTP 302
- https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=c68f8b79-0656-4705-9d2b-e9ac93a000b2&gdpr=0 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENlL9qjHWkU6q8bmE1Xjjas&google_cver=1
85 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
island-ice-podcast-ubs-arena-jon-ledecky-tim-leiweke-jim-baumbach-1.47467601
www.newsday.com/sports/hockey/islanders/ |
71 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nd-article-secondary.min.css
www.newsday.com/shell/css/ |
42 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
projects.newsday.com/gdpr/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-ENe1484b2b97da4cf1bd7f7a777f05562c.min.js
www.newsday.com/js/launch-prod/ |
176 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newsdayLogo.svg
www.newsday.com/img/newsday/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
subscriber-deals-220.png
assets.projects.newsday.com/projects-uploads/uploads/2020/04/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.jpg
cdn.newsday.com/polopoly_fs/1.43280809.1595983867!/httpImage/image.jpg_gen/derivatives/landscape_1280/ |
69 KB 70 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
polyfill.io/v3/ |
72 B 591 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cssrelpreload.min.js
cdnjs.cloudflare.com/ajax/libs/loadCSS/2.1.0/ |
1 KB 925 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spm.v1.min.js
ak.sail-horizon.com/spm/ |
119 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video.min.js
www.newsday.com/shell/js/ |
59 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.newsday.com/ |
135 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
w.soundcloud.com/player/ Frame 4A4C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-700.woff2
www.newsday.com/shell/fonts/Lato-700/ |
14 KB 14 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-regular.woff2
www.newsday.com/shell/fonts/Lato-regular/ |
14 KB 14 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-900.woff2
www.newsday.com/shell/fonts/Lato-900/ |
13 KB 14 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
www.newsday.com/shell/fonts/font-awesome/ |
75 KB 76 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua-sdk.min.js
web-sdk.urbanairship.com/notify/v1/ |
148 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
366 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
www.newsday.com/js/launch-prod/29e082cdf7d4/d4c7792a643b/691dd0a07a7f/hostedLibFiles/EP308220a2a4c4403f97fc1960100db40f/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visitorapi.min.js
cookie-cdn.cookiepro.com/adobe-extension/ |
61 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.google-analytics.com/gtm/ |
70 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simple
api.sail-personalize.com/v1/personalize/ |
288 B 455 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
www.newsday.com/logger/ |
43 B 441 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p.gif
www.newsday.com/logger/ |
43 B 317 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe-icon-set-weather.ttf
www.newsday.com/shell/fonts/weather/ |
80 KB 25 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() newsday.demdex.net/ Frame 2E63 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=XyFzRwAABIn2DBTJ
dpm.demdex.net/ Redirect Chain
|
42 B 932 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_Incapsula_Resource
www.newsday.com/ |
1 B 50 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
htlbid.js
cdn1.htlbid.com/v3/newsday.com/ |
231 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share.min.js
www.newsday.com/shell/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.min.js
loader-cdn.azureedge.net/prod/newsday/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientinfo
www.newsday.com/ |
102 B 278 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5713c53d-3211-42c9-a5b3-6dc8a2324a11.json
cdn.cookielaw.org/consent/5713c53d-3211-42c9-a5b3-6dc8a2324a11/ |
3 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCCPAiab.js
cdn.cookielaw.org/opt-out/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
polyfill.io/v3/ |
72 B 216 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
199 B 258 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ |
197 B 550 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image.jpg
cdn.newsday.com/polopoly_fs/1.43280809.1595983867!/httpImage/image.jpg_gen/derivatives/landscape_336/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader-config.json
loader-cdn.azureedge.net/prod/newsday/ |
912 B 802 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.1.0/ |
316 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fp.min.js
fp-cdn.azureedge.net/prod/newsday/ |
58 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t8y9347t.min.js
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
433 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/5713c53d-3211-42c9-a5b3-6dc8a2324a11/51dc7a70-3967-43ab-902d-4f7a5a5f5de4/ |
120 KB 23 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/6.1.0/assets/ |
23 KB 4 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.1.0/assets/ |
103 KB 21 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otTCF.js
cdn.cookielaw.org/scripttemplates/6.1.0/ |
77 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iab2Data.json
cdn.cookielaw.org/vendorlist/ |
132 KB 20 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
286 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
cdn.mg2connext.com/prod/fonts/ |
3 KB 3 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
d1wa9546y9kg0n.cloudfront.net/ |
6 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NEWSDAY_FIRST
prod-newsday-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/NSDY/configCode/ |
49 KB 8 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ |
631 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
49 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
102 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.ch/adsid/ |
109 B 829 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 829 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020072301.js
securepubads.g.doubleclick.net/gpt/ |
253 KB 89 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
auction
tlx.3lift.com/header/ |
19 B 279 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bid
ap.lijit.com/rtb/ |
47 B 724 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cygnus
as-sec.casalemedia.com/ |
24 B 988 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arj
newsday-d.openx.net/w/1.0/ |
174 B 477 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
prebid
ib.adnxs.com/ut/v3/ |
19 B 714 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cdb
bidder.criteo.com/ |
0 145 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bid
c.amazon-adsystem.com/e/dtb/ |
23 B 370 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 213 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ |
635 B 741 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.prebid.js
static.criteo.net/js/ld/ |
72 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.prebid.js
static.criteo.net/js/ld/ |
72 KB 22 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ Redirect Chain
|
70 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 114 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CustomAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Activation~ActivationOnlyFlow~MG2AuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
37 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MG2AuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Activation.js
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
21 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NewzwareAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Auth0AuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JanrainAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LikeButtons4.js
cdn.ayc0zsm69431gfebd.xyz/prod/newsday/ |
113 B 242 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
views
prod-newsday-proxy-connext.azurewebsites.net/api/ |
65 B 813 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
151 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| nd_css number| currentYear string| adzone string| sectionType string| pageType string| hasTopBCVid string| kw object| UA function| loadCSS function| $ function| jQuery object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| __core-js_shared__ object| Sailthru function| statisticLogger function| trim11 function| _typeof object| ndGlobal function| fs undefined| retry undefined| db undefined| app_details object| nd_theme object| hotjar object| queue object| nav object| weather undefined| Newsday object| polopoly string| thishost string| apidomain object| localStorageUserId function| loginHandler function| getManageVars function| updateDealsLink undefined| pquery undefined| mmnquery undefined| niquery string| siteUrl object| nd_push object| mg2 undefined| _contenttitle object| destination string| lookupurl object| userData object| newsletter object| nd_animation object| htlConfig function| nd_utilities function| hj function| logtext string| mtr_lvl string| defLogin boolean| mgtInit function| setDestUrl string| sessionStorageData function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper function| e object| google_tag_manager object| google_optimize object| sShare object| MG2Loader string| loaderVersion string| loaderBuild object| deferredResources function| jsonFeed function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| __tcfapi object| otStubData object| __otccpaooLocation object| LoaderConfig object| appInsights object| Optanon object| OneTrust object| AI object| Microsoft function| __extends function| _endsWith object| otIabModule string| html object| nxtBundle object| webpackJsonpnxtBundle object| NxtInner object| Connext object| CnnXt object| regeneratedIdSettings string| AnonDeviceIdRegenerated string| onStatsReady function| FpStatsReport function| Fprinting string| fpVersion string| fpBuild object| DeviceDetector function| Fingerprint2 object| Fingerprint boolean| htlbidLoaded function| pbjsChunk object| pbjs object| _pbjsGlobals object| googletag object| apstag object| htlbid boolean| htlbidStarted string| cachedRootDomain object| gPartners object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState boolean| google_plmetrics object| google_js_reporting_queue function| processGoogleToken boolean| apstagLOADED number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing boolean| prebidLoaded object| Criteo object| criteo_pubtag function| matherSegment string| conv_name string| adblock4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.newsday.com/ | Name: ai_session Value: 34Xb3|1596027720663.495|1596027720663.495 |
|
.newsday.com/ | Name: anonDeviceId Value: 204084ee3036c8ecea1123e426ae615c |
|
www.newsday.com/ | Name: ai_user Value: 7JZNB|2020-07-29T13:02:00.109Z |
|
www.newsday.com/sports/hockey/islanders | Name: crfgL0cSt0r Value: true |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.ch
adservice.google.com
ak.sail-horizon.com
ap.lijit.com
api-mg2.db-ip.com
api.sail-personalize.com
as-sec.casalemedia.com
assets.projects.newsday.com
az416426.vo.msecnd.net
bidder.criteo.com
c.amazon-adsystem.com
cdn.ayc0zsm69431gfebd.xyz
cdn.cookielaw.org
cdn.mg2connext.com
cdn.newsday.com
cdn1.htlbid.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
cookie-cdn.cookiepro.com
d1wa9546y9kg0n.cloudfront.net
dc.services.visualstudio.com
dpm.demdex.net
eb2.3lift.com
eu-u.openx.net
fp-cdn.azureedge.net
geolocation.onetrust.com
ib.adnxs.com
loader-cdn.azureedge.net
match.adsrvr.org
newsday-d.openx.net
newsday.demdex.net
paywall-ad-bucket.s3.amazonaws.com
polyfill.io
prod-newsday-proxy-connext.azurewebsites.net
projects.newsday.com
securepubads.g.doubleclick.net
static.criteo.net
tlx.3lift.com
us-u.openx.net
w.soundcloud.com
web-sdk.urbanairship.com
www.google-analytics.com
www.newsday.com
104.26.5.15
13.85.16.224
143.204.202.107
143.204.202.96
143.204.208.174
151.101.14.217
151.139.128.11
172.217.16.130
178.250.2.131
18.195.252.59
185.33.221.91
216.58.212.162
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b944
2606:4700::6810:84e5
2606:4700::6812:778
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:817::2002
2a02:2638:1::3
2a04:4e42::621
34.243.136.226
35.227.208.151
35.244.159.8
45.60.64.112
51.140.6.23
52.18.58.124
52.216.10.131
54.93.147.19
63.34.98.13
66.117.28.86
72.251.249.14
92.122.254.129
99.83.154.140
99.86.0.120
00ee6e51438fbcb094c3e305564e355735d81038a00d3ce0e37f65e2c6447e22
023ffd5e8037d3736eedfd1b7591ca9fa5c297ed7189b2884f6004825ee5b618
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04b3c03708137a971a33d1270334a8b83f9a08b64d2deda88882c55676c44703
0512379f11229440738393f985235054179f098257fba733fc164cca3f5561ef
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0919fc027e18a6e553180a7e7e9b814c1850a60c621ab42105cd70d26254b8f5
0be78260f92dd9f707e5aa6ed0f24ec94d754e449b6f1721802a5d1c982f58d6
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c9c6cf38f9febbc01a2be97c56082a691f981a0b3808c19cc7f23f031fa5745
12da975df4412a92b22fb948fcad5f6ce22179587d733b6dcdc0700a91b9b811
14a6ecd2218e8515971df3dbedaefdf08adc2f8ea4c6d375864fd30acb311689
197028c6f96c74527ef8305b69e8b182c5f04c4a0f48e309a9f980cba6f6470b
19cfca88e33cb1f56e957f1a653d3acad97f7cc927d0b2e329a80ead264578d3
1bce37b0c3ff3d6453f90916653c0135145446aa5f1d571cc7e5a4d61699fe92
22d55c6b0ddd2233c2f36bcf47fa41eaa233923cb4d01187f55daac3ec1ddacd
23b0e020be2d75338ac646ce3260b5dc427a1b2827f05f4d6da94b6e4bc1c017
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33adc03a82e845208a0153b28a4c819cf5f2ef0a0dcca76e0f06b135d4ad0b64
39b12879b984bcd9b78d8b9d7a0e5773015d521ec4cd60ba2b987eb17ca8099b
3f86430874b472be56c3e10b49bb4b97c36a81bc34f03afee79645d9fde91708
47687598392d1e8218af4b23a2d281c73e8eeb93e09e0d2e4ba53a79142f7c33
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee3cc2a89481d07d6f0d186b4e25fff9676a89bcfd3b9b11c0188091a942789
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53fcd3f63fc52720574bb2b659fb45ee3fc1b042be3e35f2db0d8e9ab27fbfee
62c69d66f715cf8cf1b69d6b887861aa5824f44c2e2008471159de6ec23909c7
6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862
6f69f3905c36a68320fc54fa51877587bf4925355e67d8e2ff81198b7be2a372
70c7abf6a00d9a1e7de179920643da04a08375e0f85121a9bed54bd198492fc2
725755477ee26f600917fd02d0375cf334e02d5675a9e50f03d875bab2dfcb75
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
764f35f431f4cf4a0fae454f04ce4d3fdcf60a73c79e07f8a98dc13a87ea0e84
7a86cabca5fe044ff06949a04acff8c29c17ad2536be393f5200dfacbdf60388
7b81076c2a90cc475f45fb1001706b9fe4023450c787f688f77ca77d3a7403a5
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
8460be69c42eef0eb0236e61c1e48d175bb667b5b8162af9e5cfa357fec35e19
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89cb33e044173e1b19cd0b4b4b7362eb72f5f95c9ff766438992b8e5471df662
8b45584e8fe3ef0c51492fce7ea147fa4760c6c75602adffbfa48cd1a1c987da
8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfd2edafe8ba64b8f92a9b43cf840b1de201514c6077d6391d3bd141fb38d1e
940234c6653cb00750c6666bdc7c0bd1cb978c1893bc9af44b42279b252794ac
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a1a25a33f9b02960b4f5d697b18bae7f015837ac93751abd24ca3de831d82915
a5e55fea61faba7927c97f899f0d068aefcd172ff98dbda0586f1cf397c72459
a7821df52ad5859ff922ff253243c3c91c2c37778cc8a6bba937d6935f044c59
a7c9d3e0be598db196e8ff011a57a00a769d4df32f05740c7e21150e8a0d91ba
a7f70529db93c49552871fbe1617f524aff59d0baf1407b8a0f69dafc867f669
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
b7127cc485c3d87adfd3a7e813c415a9ef15872ba8dec1cb1fc6a0a39af20dae
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
ba23e67b227f96b7870a12f1de05846d04cb5c580ce26f16382eedbfac620a82
be31d790c31b5492e47a666b767d66be19e5b03bf9d37754ca793ba38feb0210
c1e8dab94f1693cc74d65223ef9e1937671c6beb5856a3e8f660cc94399a5e93
c49cdc3d6e0f4bedc44ac67a36d81134537e77848bdab3b40c1873f6159c8673
c5535f20bd7a23f93279023fff23a5aadf535954c916740e95acc790263b0e5c
c69d27b59d597df613874a0a93972505baa58e04609e68b5d4158f5b0f997991
c8a77c2d859b109f9cb61189072f3d488b277973e7e3f37e49b93bad2fe591e8
cbe30ddcfd96c00b9cf7c0b18c2614150cee6ed1848226f090d807c6aed3fae1
ce0e82947fc90df920419b576758e86f98cda92b475dddd4e07fdf326b1ac5e5
d6693bb803beea7f996555bd7c5c402dc5c10db0911bc3537cac3f3dffba68d0
d82df2030f5c964b5795f854ffa1788ae4d1754a60a974762d101ca317ea76b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a88552d62d7c036729c839ebb5192249ed9176ff2c0f6c2b2ff70c3ae03c95
eddf8c8f87c9bc6802dfc8938a3d5ee8672a8f21bae9ba3dfa030a0fe7df2630
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f417c8684609c985892b865f7eb94cff24be37c964f4ad46d8d45bdfb9e8d8fd
fa2f781014fc46f65013028bd3f8189d1a100f25a5ef03d3a61adf998753e387
fb8dda9221a64450a8195dc4e776a3dcc0770c56bfa05ef2372ca87a0e841d74
fc5bc6bfeaa5a3d47dfb3f28e70a738f8ae04a11f7560d8e76434607aa8c724f
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe2fc1f3eb333becda323bd7b8e376e330488ecca881b136e3f0ead631b2485c