t.news.star-telegram.com
Open in
urlscan Pro
44.230.91.85
Public Scan
Submitted URL: https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbde&ac_cid=DM588779&ac_bid=-1450476849&p1=star-telegram&p2=%40MI...
Effective URL: https://t.news.star-telegram.com/webApp/mccUnsub?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&servicePrefName=market%20offers&ac_cid=DM5887...
Submission: On January 05 via api from US — Scanned from DE
Effective URL: https://t.news.star-telegram.com/webApp/mccUnsub?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&servicePrefName=market%20offers&ac_cid=DM5887...
Submission: On January 05 via api from US — Scanned from DE
Summary
This website contacted 23 IPs
in 8 countries
across 19 domains to perform 49 HTTP transactions.
The main IP is 44.230.91.85, located in
Boardman, United States and
belongs to AMAZON-02, US.
The main domain is t.news.star-telegram.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 22nd 2021. Valid for: a year.
This is the only time t.news.star-telegram.com was scanned on urlscan.io!
TLS certificate: Issued by Entrust Certification Authority - L1K on March 22nd 2021. Valid for: a year.
This is the only time t.news.star-telegram.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
54.191.76.37
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-76-37.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-76-37.us-west-2.compute.amazonaws.com
| t1.news.mcclatchydc.com |
3
44.230.91.85
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-91-85.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-91-85.us-west-2.compute.amazonaws.com
| t.news.star-telegram.com |
6
2600:9000:214f:1c00:7:65ff:7f00:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| res1.news.mcclatchydc.com |
7
104.111.219.128
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-128.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-128.deploy.static.akamaitechnologies.com
| media.mcclatchy.com | |
| media.star-telegram.com |
4
34.250.134.201
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-134-201.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-134-201.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
107.178.250.234
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
| js.matheranalytics.com |
3
2a00:1450:4001:80f::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
52.71.198.250
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-198-250.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-198-250.compute-1.amazonaws.com
| www.i.matheranalytics.com |
1
52.30.214.138
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-214-138.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-214-138.eu-west-1.compute.amazonaws.com
| mcclatchy.demdex.net |
2
13.36.218.177
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
| mcclatchy.sc.omtrdc.net |
9
151.101.2.49
(United States)
ASN54113 (FASTLY, US)
ASN54113 (FASTLY, US)
| lasteventf-tm.everesttech.net | |
| sync-tm.everesttech.net |
1
34.248.191.66
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
4
216.58.212.162
(United States)
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
| cm.g.doubleclick.net |
1
69.173.144.165
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
6
104.17.209.240
(None, )
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com | |
| siteintercept.qualtrics.com |
2
2.18.234.21
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
| dsum-sec.casalemedia.com |
2
185.33.221.90
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| ib.adnxs.com |
1
34.98.64.218
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
1
2a03:2880:f11c:8183:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Domain | Requested by | |
|---|---|---|
| 8 | sync-tm.everesttech.net | 8 redirects |
| 6 | media.star-telegram.com |
t.news.star-telegram.com
media.star-telegram.com |
| 6 | res1.news.mcclatchydc.com |
t.news.star-telegram.com
|
| 5 | siteintercept.qualtrics.com |
zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
siteintercept.qualtrics.com |
| 4 | cm.g.doubleclick.net |
3 redirects
t.news.star-telegram.com
|
| 4 | dpm.demdex.net |
media.star-telegram.com
t.news.star-telegram.com |
| 3 | www.google-analytics.com |
media.star-telegram.com
www.google-analytics.com |
| 3 | t.news.star-telegram.com |
t.news.star-telegram.com
|
| 2 | sync.search.spotxchange.com | 1 redirects |
| 2 | ib.adnxs.com | 1 redirects |
| 2 | dsum-sec.casalemedia.com | 1 redirects |
| 2 | mcclatchy.sc.omtrdc.net |
media.star-telegram.com
|
| 2 | js.matheranalytics.com |
1 redirects
t.news.star-telegram.com
|
| 1 | www.facebook.com | |
| 1 | image2.pubmatic.com | |
| 1 | us-u.openx.net | |
| 1 | zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com |
media.star-telegram.com
|
| 1 | pixel.rubiconproject.com |
t.news.star-telegram.com
|
| 1 | www.google.de |
t.news.star-telegram.com
|
| 1 | www.google.com |
t.news.star-telegram.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | lasteventf-tm.everesttech.net |
media.star-telegram.com
|
| 1 | mcclatchy.demdex.net |
media.star-telegram.com
|
| 1 | www.i.matheranalytics.com |
t.news.star-telegram.com
|
| 1 | media.mcclatchy.com |
t.news.star-telegram.com
|
| 1 | t1.news.mcclatchydc.com | 1 redirects |
| 49 | 27 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| news.mcclatchydc.com Entrust Certification Authority - L1K |
2021-03-22 - 2022-04-02 |
a year | crt.sh |
| www.mcclatchydc.com DigiCert SHA2 Secure Server CA |
2021-12-14 - 2022-12-14 |
a year | crt.sh |
| *.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA |
2020-01-28 - 2022-01-27 |
2 years | crt.sh |
| *.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-10-05 - 2022-03-04 |
5 months | crt.sh |
| *.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-03-22 - 2022-04-23 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| *.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-24 - 2022-09-24 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://t.news.star-telegram.com/webApp/mccUnsub?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&servicePrefName=market%20offers&ac_cid=DM588779&ac_bid=-1450476849
Frame ID: 827565B5D5CC522BAFE0306766BD74A8
Requests: 39 HTTP requests in this frame
Frame:
https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: 4AB6DC35DBFC1AFB6BC88A5ABEDF2B47
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
NewslettersPage URL History Show full URLs
-
https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbde&ac_cid=DM588779&ac_bid=-1450476849&p1=st...
HTTP 302
https://t.news.star-telegram.com/webApp/mccUnsub?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&servicePrefName=market%20... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbde&ac_cid=DM588779&ac_bid=-1450476849&p1=star-telegram&p2=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&p3=market%20offers&s=inRSTbzR7SaJcWM7CY7p6OpCJZtN4YVxIlzKakbmPzc
HTTP 302
https://t.news.star-telegram.com/webApp/mccUnsub?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&servicePrefName=market%20offers&ac_cid=DM588779&ac_bid=-1450476849 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://js.matheranalytics.com/s/ma12095/74930421/all/ml.js?cb=1583 HTTP 301
- https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js
- https://cm.everesttech.net/cm/dd?d_uuid=29192015413774442291785020333949722153 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YdX_WAAAAJRY6QP7
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjkxOTIwMTU0MTM3NzQ0NDIyOTE3ODUwMjAzMzM5NDk3MjIxNTM= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjkxOTIwMTU0MTM3NzQ0NDIyOTE3ODUwMjAzMzM5NDk3MjIxNTM=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEVyLS0rmz2vgya8kBNHPl8&google_cver=1?gdpr=0&gdpr_consent=
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWRYX1dBQUFBSlJZNlFQNw== HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WWRYX1dBQUFBSlJZNlFQNw==&google_tc=
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YdX_WAAAAJRY6QP7&expires=90
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdX_WAAAAJRY6QP7 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdX_WAAAAJRY6QP7&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=YdX_WAAAAJRY6QP7 HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYdX_WAAAAJRY6QP7
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=YdX_WAAAAJRY6QP7
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdX_WAAAAJRY6QP7
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YdX_WAAAAJRY6QP7&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YdX_WAAAAJRY6QP7&img=1&__user_check__=1&sync_id=6659f6e6-6e65-11ec-994c-1a7cb9e30506
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=YdX_WAAAAJRY6QP7&t=2592000&o=0
49 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
mccUnsub
t.news.star-telegram.com/webApp/ Redirect Chain
|
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WA-en-cf461481d56f1e56aa870f98218b501b.js
t.news.star-telegram.com/nl/gen/min/ |
37 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WA-d848f649e6daffd332438632254c310a.js
t.news.star-telegram.com/nl/gen/min/ |
284 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
138 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
50 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mcclatchy-fonts.css
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fort-worth-black.png
media.mcclatchy.com/email-assets/global/logos/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
star-telegram.js
media.star-telegram.com/misites/dfw/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
manage_newsletters_s_code.js
media.star-telegram.com/mistats/products/ |
93 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
manage_newsletters.js
media.star-telegram.com/mistats/products/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
finalizestats.js
media.star-telegram.com/mistats/ |
60 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.3.1.min.js
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mcclatchy-fonts.css
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
mcclatchy-serif-web-demi.woff
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
mcclatchy-sans-web-regular.woff
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
mcclatchy-sans-web-demi.woff
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
media.star-telegram.com/misites/all/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
micb.js
media.star-telegram.com/mistats/ |
127 KB 128 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ml.br.js
js.matheranalytics.com/static/ltm/ma12095/all/6/ Redirect Chain
|
140 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i
www.i.matheranalytics.com/ |
43 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
mcclatchy.demdex.net/ Frame 4AB6 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
mcclatchy.sc.omtrdc.net/ |
2 B 323 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
lasteventf-tm.everesttech.net/ |
0 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=YdX_WAAAAJRY6QP7
dpm.demdex.net/ Redirect Chain
|
42 B 943 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 215 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 69 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 448 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s21117097497890
mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEEVyLS0rmz2vgya8kBNHPl8&google_cver=1
dpm.demdex.net/ Frame 4AB6 Redirect Chain
|
42 B 943 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 4AB6 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 4AB6 Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame 4AB6 Redirect Chain
|
43 B 1003 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
12.8327016048e927965e51.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
55 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Frame 4AB6 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 4AB6 Redirect Chain
|
43 B 274 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
99 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 4AB6 Redirect Chain
|
1 B 547 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 4AB6 Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b.php
www.facebook.com/fr/ Frame 4AB6 Redirect Chain
|
43 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4.421260a34f7ea51f50e6.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
2 KB 902 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.5c0b718e7a75c4689460.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
28 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/mcclatchy-serif-web-demi.woff
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/mcclatchy-sans-web-regular.woff
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/mcclatchy-sans-web-demi.woff
Verdicts & Comments Add Verdict or Comment
116 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| Timeline_urlPrefix string| Timeline_parameters object| xtk_core object| xtk_formbase object| NL object| ROOT function| IEFixImage function| Navigator function| DateIsDateTime function| UIController function| HelpBubble function| HelpBubblePair function| ShowLoading function| isGecko function| isAppleWebKit function| isKonqueror function| isSafari function| isIOs function| isOmniweb function| isOpera function| isAol function| isIE function| getIEVersion function| isMozilla function| isNS object| MouseEventHelper object| HTMLHelper function| clone object| HelpBubbleHelper object| HelpBubbleOptions function| newDOMDocument function| firstChildElement function| nextSiblingElement function| findNodes function| findElement function| findChildElement function| elementValue function| getXPathValue function| setXPathValue function| internalCopyAttributes function| internalImportNode function| importNode function| importNodeAsHTML function| applyHTMLAttribute function| replaceContent function| escapeXmlString function| parseXMLString function| toXMLString function| createPOJsO function| convertToPOJsO function| E4XStyleAttribute object| XML function| XtkIEEvent function| XtkGeckoEvent function| NewEvent function| findXtkObject function| openView function| addSecurityToken function| isNeolaneConsole object| g_xtkContext object| REPORT_COLORS function| DebugConsole function| richTextArea function| AutoAdjustMatrixColumns function| onEnterPressed function| PerformClickAction function| HtmlDialog function| traverseXMLTree function| ReportList function| formatAndSetValue function| FormatHelper function| compileStyle function| addTable function| $ function| jQuery boolean| IE boolean| IE_LT_9 function| Spinner function| htmlPageForm object| mistats object| adobe function| Visitor object| s_c_il number| s_c_in string| s_account object| s function| s_doPlugins function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq function| AdCloudEvent boolean| mistats_messageHandler boolean| mitagsent object| _matherq string| GoogleAnalyticsObject function| mistats_ga object| _mather object| tid string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| s_i_mccltallmcclatchy string| h object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.64.1 object| _qsie33 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mcclatchydc.com/ | Name: uuid230 Value: eece1fe0-e5f0-40cf-a188-11afd4b84d9d |
|
| .mcclatchydc.com/ | Name: nlid Value: a98b7acf|ead91a9 |
|
| .demdex.net/ | Name: demdex Value: 29192015413774442291785020333949722153 |
|
| .star-telegram.com/ | Name: _sp_id.3a5a Value: 5c1065b666048c9b.1641414232.1.1641414232.1641414232 |
|
| .star-telegram.com/ | Name: _sp_ses.3a5a Value: * |
|
| .star-telegram.com/ | Name: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: 1 |
|
| .t.news.star-telegram.com/ | Name: _ga Value: GA1.4.2022987960.1641414232 |
|
| .t.news.star-telegram.com/ | Name: _gid Value: GA1.4.232527274.1641414232 |
|
| .t.news.star-telegram.com/ | Name: _gat_mistats_ga_UA-48279680-1 Value: 1 |
|
| .t.news.star-telegram.com/ | Name: _gat_mistats_ga_UA-48280268-1 Value: 1 |
|
| .star-telegram.com/ | Name: adcloud Value: {%22_les_v%22:%22y%2Cstar-telegram.com%2C1641416032%22} |
|
| .star-telegram.com/ | Name: mi_nr Value: 1641414232086-New |
|
| .star-telegram.com/ | Name: mi_s_vnmn Value: 1644006232087%26vn%3D1 |
|
| .star-telegram.com/ | Name: mi_iv Value: true |
|
| .star-telegram.com/ | Name: s_cc Value: true |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YdX_WAAAAJRY6QP7 |
|
| .dpm.demdex.net/ | Name: dpm Value: 29192015413774442291785020333949722153 |
|
| .star-telegram.com/ | Name: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18998%7CMCMID%7C29087021365837655541737111764396534174%7CMCAAMLH-1642019032%7C6%7CMCAAMB-1642019032%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1641421432s%7CNONE%7CMCAID%7CNONE%7CMCCIDH%7C-1404224927%7CMCSYNCSOP%7C411-19005%7CvVersion%7C5.2.0 |
|
| .t.news.star-telegram.com/ | Name: aam_segment Value: segID%3D20225604 |
|
| .t.news.star-telegram.com/ | Name: aam_uuid Value: 29192015413774442291785020333949722153 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlJIZSlTqDk1pcOUU2IOEuGVk3lduFaTe9LhAVofI0JP94CgzEcljsycpecdts |
|
| .casalemedia.com/ | Name: CMID Value: YdX.WDp0HHOvd3eQaXyXBwAA |
|
| .casalemedia.com/ | Name: CMPS Value: 3276 |
|
| .casalemedia.com/ | Name: CMPRO Value: 1189 |
|
| .casalemedia.com/ | Name: CMRUM3 Value: 5861d5fe582760YdX_WAAAAJRY6QP7 |
|
| .casalemedia.com/ | Name: CMST Value: YdX+WGHV-lgA |
|
| .adnxs.com/ | Name: uuid2 Value: 4837840337734160086 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4.FErk#WF']wIg2GVHpTHdS!]tbPl1MwL(!R7qUY$*V:!zOm(=sDMVO[sd%k*QzbtTrB.g4dkXm)zyobcmx5FjF0bA]t<*eETX+*LM)n/OUv |
|
| .demdex.net/ | Name: dextp Value: 771-1-1641414232130|144230-1-1641414232232|144231-1-1641414232332|144232-1-1641414232433|144233-1-1641414232534|144234-1-1641414232635|144235-1-1641414232735|144236-1-1641414232836|144237-1-1641414232941 |
|
| .pubmatic.com/ | Name: KRTBCOOKIE_218 Value: 4056-YdX_WAAAAJRY6QP7&KRTB&22978-YdX_WAAAAJRY6QP7&KRTB&23194-YdX_WAAAAJRY6QP7&KRTB&23209-YdX_WAAAAJRY6QP7 |
|
| .pubmatic.com/ | Name: PugT Value: 1641414232 |
|
| .pubmatic.com/ | Name: PUBMDCID Value: 3 |
|
| .spotxchange.com/ | Name: audience Value: 6659f69b-6e65-11ec-994c-1a7cb9e30506 |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
js.matheranalytics.com
lasteventf-tm.everesttech.net
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
media.mcclatchy.com
media.star-telegram.com
pixel.rubiconproject.com
res1.news.mcclatchydc.com
siteintercept.qualtrics.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.news.star-telegram.com
t1.news.mcclatchydc.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.i.matheranalytics.com
zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
res1.news.mcclatchydc.com
104.111.219.128
104.17.209.240
107.178.250.234
13.36.218.177
151.101.2.49
185.33.221.90
185.64.190.80
185.94.180.125
2.18.234.21
216.58.212.162
2600:9000:214f:1c00:7:65ff:7f00:93a1
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:400c:c06::9b
2a03:2880:f11c:8183:face:b00c:0:25de
34.248.191.66
34.250.134.201
34.98.64.218
44.230.91.85
52.30.214.138
52.71.198.250
54.191.76.37
69.173.144.165
01937c9481039111d9c0f243edc9dc1fd987dde3ecfa0e7082c3500f82477807
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12e06887bd5ae67f02a18a8ea4e224f62b6e03d54769f44433a4a07d27ee82c4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1684ec3991089049f8de457124ed686cd6ca98631debf625bc83f8497b93c659
270ba09a8836a011ab324f7ab43f2b77987f474a81a49b63b3c2e4811ce5b740
27becf92d37a8eecaf11b086e1654ea880638a0e4e4175bdc9a7bffc4722c235
28650f3b316ce39442a1b897893f21bc5c68b7411d84809dde206ec0e3a57057
319a3cc5c9b91c326cd8b31930650ec7afa7d00dfb4c8f59bf0d4ed0f5ca1526
3732f37105e3be3fbb952af43e6d7328595b6a2f55e83496529fbaa27aeb3be7
38aa843c2f5d3b7707c5511e97e487b72f7f60b69c6461b60939206183ad74e8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
465bac5b39f0fe54180175cacd91795b6456e48d19118c71072aa173e89aee1a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a36bfb7995c90e80bc907138d7f0dd0193ea597c39e0e2a03825456b108c5d9
5fd24048e2fd4eb81a23351cc474b3f4528ef7434d9318f5d972d8e1f5c733f4
666404287b2aa131dc865d96a21302e0d0770d4d90c6cd15499cac5b6e35dde2
6c7e49659df3cc23cc35fb2f6baabf8f04c10dfb852537c9e7e50e3bc54d50b3
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878227787bfdfdc233209277b711325be189981949e62797f2b8413f1931c261
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b93deb2f2f99a6dcd6ba15e31633e827712bebda802d21de182dcd417c5173c1
babce16260ef1082584ce9ca3cfd618c37412fca9b64d25dfa16f83e27e783d9
bc94c8670ae07c03753051472674688598c4c39bb429c5704d615f6654af4312
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f276aab37ac941b0903f435f987af0c08452dcf048f9e29ba048859de538cd
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f5f8bdd78a444992671b81c946f60612970f50e5fe59afb9961df4a20f57d7