www.salon.com
Open in
urlscan Pro
2600:9000:2156:4000:1a:b9b9:50c0:93a1
Public Scan
Submission: On May 28 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon on February 17th 2022. Valid for: a year.
This is the only time www.salon.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
static.chartbeat.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-96.dus51.r.cloudfront.net
mediaproxy.salon.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net
media.salon.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-39.dus51.r.cloudfront.net
assets.salon.com |
ASN13335 (CLOUDFLARENET, US)
global.proper.io | |
abcheck.proper.io |
ASN15169 (GOOGLE, US)
www.google-analytics.com | |
fundingchoicesmessages.google.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-175-195.compute-1.amazonaws.com
carbon-cdn.ccgateway.net | |
script-api.ccgateway.net |
ASN16509 (AMAZON-02, US)
secure.quantserve.com | |
pixel.quantserve.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-79-234.us-west-2.compute.amazonaws.com
a.ad.gt |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-94-26.compute-1.amazonaws.com
ping.chartbeat.net |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN32934 (FACEBOOK, US)
graph.facebook.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-140-196.compute-1.amazonaws.com
pogo.ccgateway.net | |
privacy-location-edge.ccgateway.net |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-185-37.us-west-2.compute.amazonaws.com
id.halo.ad.gt |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-101-198.us-west-2.compute.amazonaws.com
p.ad.gt |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-81-176.us-west-2.compute.amazonaws.com
pixels.ad.gt |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-65-0.us-west-2.compute.amazonaws.com
ids.ad.gt |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
salon.com
www.salon.com — Cisco Umbrella Rank: 65938 mediaproxy.salon.com — Cisco Umbrella Rank: 78924 media.salon.com — Cisco Umbrella Rank: 131775 assets.salon.com — Cisco Umbrella Rank: 132093 |
239 KB |
9 |
ccgateway.net
carbon-cdn.ccgateway.net — Cisco Umbrella Rank: 9223 pogo.ccgateway.net — Cisco Umbrella Rank: 11377 script-api.ccgateway.net — Cisco Umbrella Rank: 9856 privacy-location-edge.ccgateway.net — Cisco Umbrella Rank: 9896 |
25 KB |
6 |
ad.gt
a.ad.gt — Cisco Umbrella Rank: 4262 id.halo.ad.gt — Cisco Umbrella Rank: 4465 p.ad.gt — Cisco Umbrella Rank: 4774 pixels.ad.gt — Cisco Umbrella Rank: 4659 ids.ad.gt — Cisco Umbrella Rank: 3698 |
30 KB |
5 |
google.com
www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2111 |
89 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
22 KB |
4 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
152 KB |
4 |
proper.io
global.proper.io — Cisco Umbrella Rank: 7781 abcheck.proper.io — Cisco Umbrella Rank: 8866 |
140 KB |
3 |
chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1204 mab.chartbeat.com — Cisco Umbrella Rank: 2093 |
24 KB |
2 |
gstatic.com
fonts.gstatic.com |
169 KB |
2 |
facebook.com
graph.facebook.com — Cisco Umbrella Rank: 139 |
984 B |
2 |
4dex.io
script.4dex.io — Cisco Umbrella Rank: 1742 |
24 KB |
2 |
quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 890 pixel.quantserve.com — Cisco Umbrella Rank: 412 |
10 KB |
1 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 67 |
2 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42 |
4 KB |
1 |
reddit.com
www.reddit.com — Cisco Umbrella Rank: 2817 |
1 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6117 |
501 B |
1 |
scroll.com
static.scroll.com — Cisco Umbrella Rank: 5203 |
7 KB |
1 |
propervideo.io
player.propervideo.io — Cisco Umbrella Rank: 21221 |
28 KB |
1 |
quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 862 |
2 KB |
1 |
chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1105 |
201 B |
62 | 20 |
Domain | Requested by | |
---|---|---|
6 | script-api.ccgateway.net |
carbon-cdn.ccgateway.net
|
5 | www.google-analytics.com |
www.salon.com
www.google-analytics.com |
5 | www.salon.com |
www.salon.com
|
4 | fundingchoicesmessages.google.com |
securepubads.g.doubleclick.net
|
3 | securepubads.g.doubleclick.net |
global.proper.io
securepubads.g.doubleclick.net |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | graph.facebook.com |
www.salon.com
|
2 | script.4dex.io |
global.proper.io
script.4dex.io |
2 | abcheck.proper.io |
www.salon.com
|
2 | a.ad.gt |
www.salon.com
p.ad.gt |
2 | global.proper.io |
www.salon.com
global.proper.io |
2 | assets.salon.com |
www.salon.com
|
2 | media.salon.com |
www.salon.com
|
2 | static.chartbeat.com |
www.salon.com
|
1 | ids.ad.gt |
www.salon.com
|
1 | pixels.ad.gt |
p.ad.gt
|
1 | privacy-location-edge.ccgateway.net |
script-api.ccgateway.net
|
1 | p.ad.gt |
a.ad.gt
|
1 | id.halo.ad.gt |
a.ad.gt
|
1 | lh3.googleusercontent.com |
www.salon.com
|
1 | fonts.googleapis.com | |
1 | pogo.ccgateway.net |
carbon-cdn.ccgateway.net
|
1 | www.reddit.com |
www.salon.com
|
1 | pixel.quantserve.com |
www.salon.com
|
1 | www.google.de |
www.salon.com
|
1 | www.google.com |
www.salon.com
|
1 | static.scroll.com |
www.salon.com
|
1 | player.propervideo.io |
www.salon.com
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | ping.chartbeat.net |
www.salon.com
|
1 | mab.chartbeat.com |
static.chartbeat.com
|
1 | secure.quantserve.com |
www.salon.com
|
1 | carbon-cdn.ccgateway.net |
www.salon.com
|
1 | mediaproxy.salon.com |
www.salon.com
|
62 | 35 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
salon.com Amazon |
2022-02-17 - 2023-03-18 |
a year | crt.sh |
*.chartbeat.com Thawte RSA CA 2018 |
2022-05-06 - 2023-06-03 |
a year | crt.sh |
proper.io Cloudflare Inc ECC CA-3 |
2022-05-07 - 2023-05-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
ccgateway.net R3 |
2022-05-01 - 2022-07-30 |
3 months | crt.sh |
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-22 - 2022-09-21 |
a year | crt.sh |
*.ad.gt Amazon |
2022-05-10 - 2023-06-08 |
a year | crt.sh |
*.chartbeat.net Thawte RSA CA 2018 |
2021-12-01 - 2022-12-30 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-11 - 2023-05-11 |
a year | crt.sh |
*.scroll.com R3 |
2022-04-27 - 2022-07-26 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-03-06 - 2022-06-04 |
3 months | crt.sh |
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-17 - 2022-08-16 |
6 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
halo.ad.gt Amazon |
2022-04-04 - 2023-05-03 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/
Frame ID: 3A0111D368638D4CD51014BF9C821B90
Requests: 62 HTTP requests in this frame
Screenshot
Page Title
Russian hackers exploited a Google flaw to hack journalists | Salon.comDetected technologies
Chartbeat (Analytics) ExpandDetected patterns
- chartbeat\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Quantcast Measure (Analytics) Expand
Detected patterns
- \.quantserve\.com/quant\.js
Page Statistics
17 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Shutterstock
Search URL Search Domain Scan URL
Title: Accelerated Mobile Pages
Search URL Search Domain Scan URL
Title: John Gruber wrote
Search URL Search Domain Scan URL
Title: to share many of the same visual features
Search URL Search Domain Scan URL
Title: in an essay
Search URL Search Domain Scan URL
Title: report
Search URL Search Domain Scan URL
Title: more viruses utilizing previously unknown vulnerabilities
Search URL Search Domain Scan URL
Title: had published on Oct. 11
Search URL Search Domain Scan URL
Title: ThreatConnect had archived
Search URL Search Domain Scan URL
Title: his Bellingcat colleagues
Search URL Search Domain Scan URL
Title: altering them
Search URL Search Domain Scan URL
Title: even an advanced web user might be fooled
Search URL Search Domain Scan URL
Title: Safe Browsing
Search URL Search Domain Scan URL
Title: blocked
Search URL Search Domain Scan URL
Title: follow him on Twitter
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.salon.com/2017/09/24/russian-hackers-exploited-a-google-flaw-and-google-wont-fix-it/ |
181 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat_mab.js
static.chartbeat.com/js/ |
22 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
salon-logo.svg
www.salon.com/design/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
computer_hacker3.jpg
mediaproxy.salon.com/width/1200/https://media.salon.com/2016/12/ |
91 KB 92 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2016-10-12-message1-1024x638.png
media.salon.com/2017/09/ |
25 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-redirect-notice1.png
media.salon.com/2017/09/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
assets.salon.com/design/assets/ |
195 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
salon.min.js
global.proper.io/ |
68 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat.js
static.chartbeat.com/js/ |
35 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script
carbon-cdn.ccgateway.net/ |
42 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
assets.salon.com/design/assets/ |
59 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
317
a.ad.gt/api/v1/u/matches/ |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 146 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ |
227 B 528 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
salon_is_ad_free_check.php
www.salon.com/ajax/ |
77 B 425 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
82 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.14.1.js
global.proper.io/payloads/ |
513 KB 127 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
abcheck.proper.io/ |
842 B 984 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.gif
abcheck.proper.io/ |
842 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 441 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
player.propervideo.io/new_rtp/ |
124 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scroll.js
static.scroll.com/js/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_counts.php
www.salon.com/ajax/ |
250 B 509 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
localstore.js
script.4dex.io/ |
483 B 943 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=385825059;labels=tags.Accelerated%20Mobile%20Pages%2Ctags.All%20Salon%2Ctags.AMP%2Ctags.APT28%2Ctags.computer%20hacking%2Ctags.Fancy%20Bear%2Ctags.Google%2Ctags.hackers%2Ctags.Hacking%2Ctag...
pixel.quantserve.com/ |
35 B 372 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubads_impl_2022052501.js
securepubads.g.doubleclick.net/gpt/ |
365 KB 124 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
257 B 162 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
graph.facebook.com/v3.3/ |
296 B 746 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info.json
www.reddit.com/api/ |
120 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5376056
fundingchoicesmessages.google.com/i/ |
93 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adagio.js
script.4dex.io/ |
72 KB 23 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxU86HkAOMX1g074eCLfX0zcjdp10HiIFDMyzWKyzDdkeMntDE0xx6NACq3UCxqIVyQ6_w0vz82Ul0sjWBjVhEM=
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AGSKWxUk9nZMeWCR1YfxMXzVRg7f1ZAm4tYirBVbCu29NzxH2bHygpg9ryvW6Q5AMXOiUxTGwtLdGbcGwuj4RPfhvd4=
fundingchoicesmessages.google.com/f/ |
283 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
graph.facebook.com/v3.0/ |
297 B 238 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
save_social_counts.php
www.salon.com/ajax/ |
43 B 408 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
classification
pogo.ccgateway.net/v1/p/25616daa17/ |
195 B 348 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.js
script-api.ccgateway.net/script/launcher/1/ |
1 KB 642 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
userId
script-api.ccgateway.net/ |
225 B 345 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
realtime.js
script-api.ccgateway.net/script/launcher/1/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
script-api.ccgateway.net/script/launcher/3/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
60 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ox7mB4USqjJKDjfyyFN8wg_nUmEfXWTiUIOqMuGxgD0vVLX6AzxZQVJtS_-oSbZQOitgEVhIBy1y9-IQ7dXNctSgd1ArO-3svCdSyDUl1pK8Sod70EtP=h60
lh3.googleusercontent.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
AGSKWxVmFKnXpzWmmi6CDlUtZDNWsDk0KQg7SlfD1vIdhcc5C0b3_pCc-WuzWgDeFb2zimzG57_kBp8VU6z20ay4rI3eZT2Yvzg8X4NIrEWpeWJUti6ZxpZ8mDddNj4sS9qiIw1j6jK8F7VRZo6iYQRR88zSdZ-S-hQh5AKrK_VPRuUz85h4o0b39FhVh12p
fundingchoicesmessages.google.com/el/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
317
id.halo.ad.gt/api/v1/partner/ |
52 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
317
p.ad.gt/api/v1/p/ |
31 KB 10 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v129/ |
124 KB 124 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getProfileRealtime
script-api.ccgateway.net/ |
202 B 327 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle
script-api.ccgateway.net/script/ |
24 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
privacy-location-edge.ccgateway.net/privacy/ |
2 B 188 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
a.ad.gt/api/v1/ |
0 102 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getpixels
pixels.ad.gt/api/v1/ |
0 52 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ecommerce.js
www.google-analytics.com/plugins/ua/ |
1 KB 763 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
halo_match
ids.ad.gt/api/v1/ |
43 B 475 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
268 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| __tti object| salon_config object| propervideotag undefined| testDropProper undefined| testDropProperVideo undefined| testDropRevContent undefined| testDropQuantCast object| testDropLaterpay object| properSpecialOps function| visual_change function| disable_btn function| show_modal function| toggle_mobile_nav function| disclaimerButton function| kill_modal function| getCookie function| parseCookie function| setCookie function| focustime function| getRTPVersion boolean| adsRemovedWith function| proper_callback_function undefined| style object| propertag boolean| use_adblock boolean| load_proper_message_var object| script function| handle_toggle function| remove function| updateInput function| handle_newsletter function| load_proper_message number| counter object| _sf_async_config object| _cbq string| GoogleAnalyticsObject function| ga object| cookies string| CustomerConnectAnalytics function| cca function| display_onload function| insert_ad object| adWrapper object| _qevents object| observers object| global_items string| device_type number| req_id function| lazy_load function| on_intersection function| classic_lazy_load function| throttle function| guid function| get_device_type object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| verify_email function| add_loader function| close_loader function| update_social_shares function| randNum function| get_social_shares function| transform_number function| change_display function| expire_token function| add_to_db function| enable_btn boolean| lazy_loaded_related_articles boolean| lazy_loaded_trending_articles function| get_trending_articles function| get_related_articles function| $ function| jQuery boolean| lazy_loaded_video_player boolean| lazy_loaded_rev_content function| loadAllAds function| load_rev_content function| load_propervideo_only function| load_rumble function| lazy_load_video_player string| live_src_code string| test_src_code function| getUrlParameter function| goBack function| view_in_app function| getAPIRoot function| deleteCookie function| parseJwt function| oauthLogin function| getLatestJWLivestream function| switch_description function| stripe_checkout object| PushlySDK function| pushly function| add_pushly string| shared_cookie_name function| isSharedPremiumUser function| generateGUID function| storeGUID function| getAlerts object| NProgress function| adFreeCheck function| lpAccessDenied function| lpHasAccess function| SelectionSharer boolean| lazy_loaded_twitter boolean| featured_started function| lazy_load_twitter function| track_all_video_events function| trackEvent function| carousel_logic object| loginModal function| signup_password_validation function| switch_logins function| show_signup function| salon_register function| logOut function| toggle_display function| salon_login function| salon_forgot_username function| salon_forgot_password function| link_accounts function| new_social_account function| other_login function| change_resend_button function| send_verification function| switch_profile_view object| changesForm function| change_password function| new_password_validation function| handle_save function| save_article_request function| replace_save_button function| delete_saved_article function| check_save function| handle_subscription function| delete_account function| enable_button undefined| save_recipe_score undefined| update_stars object| googletag object| d1 object| d2 boolean| payload_loaded function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| lpAccess function| lazy_load_0e6fd811_89aeda4d_1 object| sharedPremium object| Scroll function| lazy_load_91ffbac2_741fcb1e_4 function| lazy_load_4d0b0fa2_4b854ca0_5 object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properSpaNewSection function| properSpaNewPageView function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device object| amazon_crid_map object| ADAGIO string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId number| alias_accountId object| ProperMediaVideo function| propervideo_log function| propervideo_display object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| _cbm object| sas object| apntag object| _ADAGIO object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| N2ZkNTNkMjU2YWNmOTVmMWxvYWRlcl9qcw== string| N2ZkNTNkMjU2YWNmOTVmMWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| dealIdMappings function| SovrnHandler function| DealIdMapper object| carbonRealtime object| carbonAudiences object| carbonContextual object| _ccScriptSettings object| _ccLauncherSettings object| ContextualEngine boolean| eventOk function| ccao object| _ccReady object| _ccApiReady object| carbonApi object| carbon object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__ object| data object| auvars string| _carbonUID object| carbonUIDCache object| carbonReady object| ccRealTime object| _ccSettings object| ccRefresh object| pogoClassification object| intentIds object| iabIds object| iabNames object| classification object| analysis boolean| BrandSafetyChecked function| docReady object| au object| autag boolean| __halo__loaded__ string| __sync__call__21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.proper.io/ | Name: __cf_bm Value: ndo7r7AI7CX95Vzyhr8fStzht7M6dTb6_UG67Zm8w1Q-1653716647-0-AUB8q1agjWUtDmGwCHRw96sItFIK5BN6ZK4xsiNLYWWJLPF4i761Mvoi3TNz5qCGh+5tm7YVrEWYYxUCMCtb0qRKQSHkOjSEDM+QRUlS05s1 |
|
www.salon.com/ | Name: _cb_ls Value: 1 |
|
.salon.com/ | Name: _ga Value: GA1.2.1374256828.1653716647 |
|
.salon.com/ | Name: _gid Value: GA1.2.811176031.1653716647 |
|
.salon.com/ | Name: _gat Value: 1 |
|
www.salon.com/ | Name: _cb Value: ls946D-K6ahCJSsTT |
|
www.salon.com/ | Name: _chartbeat2 Value: .1653716647093.1653716647093.1.BG3uZFCCwRP6uSwj-BMHfpQCyBdw6.1 |
|
www.salon.com/ | Name: _cb_svref Value: null |
|
www.salon.com/ | Name: proper_rtp_split_test Value: {"version_id":"14567","release_ts":"2022-05-11 12:57:40"} |
|
www.salon.com/ | Name: salon-page-view-count Value: 1 |
|
.quantserve.com/ | Name: mc Value: 6291b6a7-456c7-17c8f-9296e |
|
.salon.com/ | Name: __qca Value: P0-723326522-1653716647203 |
|
www.salon.com/ | Name: GLAM-JID Value: d2c351095ef14aa787830baad5b4090f |
|
www.salon.com/ | Name: GLAM-AID Value: f17083c27e4b48a1b95f37642da2f8c4 |
|
www.salon.com/ | Name: GLAM-SID Value: 1641e8f15e4f46f294a71c625410e778 |
|
www.salon.com/ | Name: __j_state Value: %7B%22landing_url%22%3A%22https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F%22%2C%22pageViews%22%3A1%2C%22prevPvid%22%3A%229ed1049e4ef641a4aeac9668497cbd34%22%2C%22extreferer%22%3A%22https%3A%2F%2Fwww.salon.com%2F2017%2F09%2F24%2Frussian-hackers-exploited-a-google-flaw-and-google-wont-fix-it%2F%22%2C%22user_worth%22%3A0%7D |
|
.ad.gt/ | Name: au_idmatch Value: eyJhcG4iOiAxNjUzNzE2NjQ3NDc3LCAidHRkIjogMTY1MzcxNjY0NzQ3NywgInB1YiI6IDE2NTM3MTY2NDc0NzcsICJhZHgiOiAxNjUzNzE2NjQ3NDc3LCAiZ29vIjogMTY1MzcxNjY0NzQ3NywgInRhYm9vbGEiOiAxNjUzNzE2NjQ3NDc3LCAicHBudCI6IDE2NTM3MTY2NDc0NzcsICJvcGVueCI6IDE2NTM3MTY2NDc0NzcsICJtZWRpYW1hdGgiOiAxNjUzNzE2NjQ3NDc3LCAicnViIjogMTY1MzcxNjY0NzQ3NywgInNvbiI6IDE2NTM3MTY2NDc0NzcsICJhZG8iOiAxNjUzNzE2NjQ3NDc3LCAidW5ydWx5IjogMTY1MzcxNjY0NzQ3NywgImltcHIiOiAxNjUzNzE2NjQ3NDc3LCAic21hcnQiOiAxNjUzNzE2NjQ3NDc3LCAiYmVlcyI6IDE2NTM3MTY2NDc0Nzd9 |
|
.salon.com/ | Name: _au_1d Value: AU1D-0100-001653716648-FSDZFC5B-RR9V |
|
.ad.gt/ | Name: last_seenhaloid Value: 1653716648609 |
|
.ad.gt/ | Name: au_id Value: AU1D-0100-001653716648-FSDZFC5B-RR9V |
|
.ad.gt/ | Name: first_seenhaloid Value: 1653716648609 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.ad.gt
abcheck.proper.io
assets.salon.com
carbon-cdn.ccgateway.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.proper.io
graph.facebook.com
id.halo.ad.gt
ids.ad.gt
lh3.googleusercontent.com
mab.chartbeat.com
media.salon.com
mediaproxy.salon.com
p.ad.gt
ping.chartbeat.net
pixel.quantserve.com
pixels.ad.gt
player.propervideo.io
pogo.ccgateway.net
privacy-location-edge.ccgateway.net
rules.quantcount.com
script-api.ccgateway.net
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.scroll.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.reddit.com
www.salon.com
108.157.4.39
142.250.185.98
143.204.98.86
151.101.65.140
18.212.140.196
18.66.248.96
199.232.198.217
2600:9000:2156:1000:18:1fcd:351:7bc1
2600:9000:2156:4000:1a:b9b9:50c0:93a1
2600:9000:2156:dc00:6:44e3:f8c0:93a1
2606:4700:20::681a:9a9
2606:4700::6811:4e22
2606:4700::6812:9fea
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2001
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c0c::9b
2a00:1450:4014:80f::2004
2a03:2880:f02d:110:face:b00c:0:2
2a04:4e42:400::714
3.237.175.195
34.213.65.0
35.85.185.37
44.238.79.234
44.238.81.176
52.35.101.198
54.144.94.26
03d8dc74cc5aa46f5f3882b5fab69af56378dc2612f0e29abe1a7d130cdb143b
04d64f65072f624d3a1c5c29b27f02e1d8c09aad3d1f7b1a2b86f200cdc883aa
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0cfd01f61f14eb6d881159ad18587bb4501c97ae7db9bbc9c5dd04a35362cb03
128be2e1ad1399c61699819fade0a30b0d2568edaf1aaab63817e84a01cec08a
13c92346bfd7fb1b53db267a60bb73b6d95bd22507ea532fc32b7b8450812ea8
1418cb33f82d9eee795bca31dbb5bd23368911fdac2b2be0906e2716924ff4a0
174afa98e9d7085550f7e3571b0f0e8f508e7ff57079e906ed4de774bec3291d
19e0cfeae6e0bdd6aecd6fc545877f22b49c71a2c577205964a2d09f9b2133c0
25c142f7703a2c89cc00bbac6ce2eaf031c568d2a56e4ace61a5399ee56d792a
2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2
31274f730a367bcd3b8c3a37bcd766e87b55ef404dbc1b53b80972ca22a6cadf
3a2d91b4600490b04e97b5c5836072ee4039b1e5d050f2b00c3393b141f21f6f
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4be319fc7e78bf1beb5b73bb76e33e445bf3170ebcd66fd72639743115287a2a
607e27232a5f02827957e1606e340e9bbcaf2639f6c3ae7b76408b3c9b80b910
64d61308c1dc0334a7216e8c2de635d049b30de734d66828145e48e7239ca1fb
66314e762c531def9ac157895a5d2d03df051962c06498f5c4766d84aea54a5c
69d0ee97430201210603cc8a845338656a738d9e8bea14527a88fe0468bb8555
6c02f985f5f5b415611b0c1317611b428066dab3a4106b616ffcee9ecf00c163
6d36a7a813d3cf634ae099e469e3df96591eecc89dc1eee25071a61598ff29d6
724d8103b0f0c11ca3fa1e038bdff1597c0cb4d26affeb102931fc2161ac16e4
792dec560a8b93eac992b9239290e904d46e511bd35b2322669ce667dfacc02b
7c44874e212bb59909bbc1963a75d2c326cae854268a8f9b57a222de325d7b5d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872879eacbd34981b531900f9e2b72e11eebee77020d6e57f30be621da44cc9d
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74
954fd071f46811c32f5edab36b414e7d27bbfc966d0c8a62d70f2a859c93c812
98764a7c95826f6e2e21b53ec6cf1362a1da212b4ea06ac0d9b4f733fa742d85
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e3bd9ca72cca8292110c5997304f488bda24eef809cde49f9b2cdb704f5b54
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
c2a4727b85eca4ced605b91d5203a0253af1ff2d95bad11f4a940498c6236c46
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb338f5cc1eac500c2f8da2f842c0316336c51b31c1c6093208623b3f5392ef
d3d72607588b893dad2a6066ae3ac00669f3c7a43b81e61d53475621d119b5b7
d652bacb2b991900019ecfd47f77fa785a78e38b6a9c56236e5d4614310e248e
d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3
d783bf33379246ddaebb6219871feebfd4b37a04900a52c1f2f20cc629609fd7
d88629f2d052b43650ca1c2cf2a0b03c34115c30b86e9f97f3d87785f3134954
db2c15c2e76a2f6e8ec9e2bef69f55e123e4949840caf2c0fcb5b606fb56a361
df5137425e7de7419e6a429ba54ae05b9e7c3bf00a7cdda775669ffe68223cf2
e0e84783540e62585d05c10a810d6a0346b417debc129354e93c40e822400ec4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58389f33d709198801d55333d51d3f0dfdc244e84799ae17bfbe12b5b7e703b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f230a444e08c75e1ef387df50bb23b6cc0a63386bed85918c3d6e5b88d5c09d5
f66339260da03102c69ec8a696415cbd22eabe62027187d06dace003f5a6557d