![](/screenshots/7d241d85-965e-4df4-a68d-579c9e24bf97.png)
roanoke.com
Open in
urlscan Pro
192.104.183.209
Public Scan
Effective URL: https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11...
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from DE
Summary
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on July 13th 2022. Valid for: 3 months.
This is the only time roanoke.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com
www.roanoke.com | |
roanoke.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net
tags.crwdcntrl.net |
ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-128.txl50.r.cloudfront.net
tagan.adlightning.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-123-144.fra60.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-162-145.compute-1.amazonaws.com
trkn.us |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.205.102.34.bc.googleusercontent.com
a.leetemplates.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-246-220.vie50.r.cloudfront.net
cdn.segment.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-67-128.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
townnews.com
bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 13596 bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 17076 |
246 KB |
8 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93 |
559 KB |
7 |
roanoke.com
2 redirects
www.roanoke.com — Cisco Umbrella Rank: 359530 roanoke.com — Cisco Umbrella Rank: 169223 |
64 KB |
5 |
segment.com
cdn.segment.com — Cisco Umbrella Rank: 1355 |
37 KB |
3 |
adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1777 |
68 KB |
3 |
crwdcntrl.net
1 redirects
tags.crwdcntrl.net — Cisco Umbrella Rank: 1361 bcp.crwdcntrl.net — Cisco Umbrella Rank: 841 |
12 KB |
2 |
leetemplates.com
a.leetemplates.com — Cisco Umbrella Rank: 34033 |
19 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52 |
21 KB |
2 |
trkn.us
1 redirects
trkn.us — Cisco Umbrella Rank: 1966 |
1 KB |
2 |
adsrvr.org
1 redirects
insight.adsrvr.org — Cisco Umbrella Rank: 616 |
408 B |
2 |
gstatic.com
www.gstatic.com |
13 KB |
2 |
osano.com
cmp.osano.com — Cisco Umbrella Rank: 7475 |
92 KB |
1 |
google.de
ampcid.google.de — Cisco Umbrella Rank: 47106 |
458 B |
1 |
google.com
ampcid.google.com — Cisco Umbrella Rank: 1665 |
529 B |
1 |
googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 446 |
27 KB |
1 |
cloudfront.net
d1eoo1tco6rr5e.cloudfront.net |
668 B |
73 | 16 |
Domain | Requested by | |
---|---|---|
18 | bloximages.newyork1.vip.townnews.com |
roanoke.com
|
8 | www.googletagmanager.com |
roanoke.com
cmp.osano.com |
6 | roanoke.com |
1 redirects
roanoke.com
|
5 | cdn.segment.com |
cmp.osano.com
cdn.segment.com |
3 | tagan.adlightning.com |
roanoke.com
cmp.osano.com |
2 | bcp.crwdcntrl.net |
1 redirects
cmp.osano.com
|
2 | a.leetemplates.com |
storage.googleapis.com
|
2 | www.google-analytics.com |
cmp.osano.com
|
2 | trkn.us |
1 redirects
roanoke.com
|
2 | insight.adsrvr.org |
1 redirects
d1eoo1tco6rr5e.cloudfront.net
|
2 | www.gstatic.com |
roanoke.com
|
2 | cmp.osano.com |
roanoke.com
cmp.osano.com |
1 | ampcid.google.de |
www.google-analytics.com
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | storage.googleapis.com |
cmp.osano.com
|
1 | d1eoo1tco6rr5e.cloudfront.net |
cmp.osano.com
|
1 | bloximages.chicago2.vip.townnews.com |
roanoke.com
|
1 | tags.crwdcntrl.net |
roanoke.com
|
1 | www.roanoke.com | 1 redirects |
73 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
subscriberservicesdsi.lee.net |
www.stringr.com |
us59.dayforcehcm.com |
bloxcms.com |
townnews.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
roanoke.com ZeroSSL ECC Domain Secure Site CA |
2022-07-13 - 2022-10-11 |
3 months | crt.sh |
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1 |
2022-03-11 - 2023-04-11 |
a year | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2022-05-01 - 2023-06-02 |
a year | crt.sh |
cmp.osano.com Amazon |
2021-09-17 - 2022-10-16 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
*.adlightning.com Amazon |
2022-06-09 - 2023-07-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
storage.googleapis.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
a.leetemplates.com GTS CA 1D4 |
2022-07-30 - 2022-10-28 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
*.segment.com Amazon |
2022-01-12 - 2023-02-10 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
Frame ID: 0608DF5681A44438D548C9BDA7142E56
Requests: 68 HTTP requests in this frame
Frame:
https://cmp.osano.com/
Frame ID: D29A464DF36D2A045B3110A1F0EB7F02
Requests: 1 HTTP requests in this frame
Frame:
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 7C35AB8713D297E5A471ECEEC4C593B1
Requests: 2 HTTP requests in this frame
Frame:
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr
Frame ID: C5EE19FD207C4C518026A954E6FA13AB
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/7d241d85-965e-4df4-a68d-579c9e24bf97.png)
Page Title
Events | roanoke.comPage URL History Show full URLs
-
https://www.roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/...
HTTP 301
https://roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/... HTTP 301
https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/ev... Page URL
Detected technologies
![](/vendor/wappa/icons/Firebase.png)
Detected patterns
- /firebasejs/([\d.]+)/firebase
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/Segment.png)
Detected patterns
- cdn\.segment\.com/analytics\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Subscribe $1 for 6 months
Search URL Search Domain Scan URL
Title: Share video
Search URL Search Domain Scan URL
Title: My Membership
Search URL Search Domain Scan URL
Title: Join our Team
Search URL Search Domain Scan URL
Title: BLOX Content Management System
Search URL Search Domain Scan URL
Title: TownNews.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
HTTP 301
https://roanoke.com/calendar/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html HTTP 301
https://roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
- https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
- https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=roanoke.com&ord=1627737629 HTTP 302
- https://trkn.us/pixel/c?ppt=19160&g=sitewide&gid=44455&cv1=roanoke.com&ord=1627737629&ip=81.95.5.38&cuidchk=1
- https://bcp.crwdcntrl.net/5/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr HTTP 302
- https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20events/med=%23OpR%2372333%23Keyword%20%3A%20roanoke%20times/rb=%7B%22meta_tag%22%3A%22roanoke%20times%22%7D/rt=ifr
73 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
event_6a1b7fd6-a8e4-11ea-84b1-5cb9017befe7.html
roanoke.com/events/free-pubg-mobile-hack-2020-unlimited-bp-and-uc-generator-no-survey/ Redirect Chain
|
88 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ |
98 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.js
roanoke.com/shared-content/art/tncms/user/ |
12 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
32 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.f3739bd4d04bcee9e077d20b4f31f29c.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
21 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.cb897187c4718280fd69d2e6d6c3909d.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
2 KB 981 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ |
107 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.112f7ff365cd43379f336b81d31a7128.css
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ |
154 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lee.ds.css
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ |
95 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc.js
tags.crwdcntrl.net/c/6894/ |
38 KB 12 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
access.js
roanoke.com/shared-content/art/tncms/api/ |
86 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osano.js
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ |
402 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
roanoke.com.js
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ |
31 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messaging.js
roanoke.com/shared-content/art/tncms/api/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ |
200 B 276 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.js
roanoke.com/shared-content/art/tncms/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lee.common.js
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.46a248d75dc687aa8d928092f6b77fc7.js
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
254 KB 91 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7865cd82-57c8-11ec-b63a-27f596243789.png
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/custom/image/ |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.newyork1.vip.townnews.com/roanoke.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ |
978 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-tagline.png
bloximages.newyork1.vip.townnews.com/roanoke.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
op.js
tagan.adlightning.com/leeenterprises/ |
48 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
201 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
63aed8dd-4437-4697-b184-c5870410a7f1
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
483 KB 113 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b-92ee7c4-d632c55d.js
tagan.adlightning.com/leeenterprises/ |
82 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bl-12c5e29-daa2d324.js
tagan.adlightning.com/leeenterprises/ |
41 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
4f7f826d-526e-4d10-a54c-b3596b9dd466
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
e5482f9c-2980-43a9-9998-22141edc5d9d
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3fa67878-da41-4e8f-bb2c-e63da776c45a
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9c42c857-6459-46d5-8c88-95836c6a073f
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cmp.osano.com/ Frame D29A |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 7C35 Redirect Chain
|
138 B 668 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c
trkn.us/pixel/ Redirect Chain
|
42 B 780 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
b9a7e93a-2c14-4586-a541-b17a6f6fa9e0
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
afb787f0-aa25-4620-a05c-a3eff5b38af4
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
34f1e8f5-2970-41c6-8fef-b6688c3b65b2
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
116ea89a-23fe-42a1-8a74-cd614d01e947
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
4619865d-b834-4e84-b743-b310d48850a9
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
33bda852-f7e4-42bc-8aa4-ee4cbf8b6602
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8dece74e-cc1c-4d19-9c7a-b8cfff1bc1eb
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
insight.adsrvr.org/track/pxl/ Frame 7C35 |
70 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
160 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
119 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-gzip-2-17-3.js
storage.googleapis.com/lee-snowplow/static/ |
77 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
206 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 529 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8682c971-4d96-416a-a28a-587b5f55f1e3
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
46d8f5a5-0583-4490-b719-a882f9beeda0
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3a293763-3ba7-413c-b2c8-2d33e7f01088
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
01806efa-07e5-404f-b98c-1e4d85ae410e
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
56618068-1c29-48f7-a72e-5467a0fd3d44
https://roanoke.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
yy2
a.leetemplates.com/lee/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
yy2
a.leetemplates.com/lee/ |
2 B 19 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 458 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ |
95 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
190 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
destination
www.googletagmanager.com/gtag/ |
201 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 884 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
destination
www.googletagmanager.com/gtag/ |
190 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ |
861 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
870.bundle.323974846b6d45afb45e.js
cdn.segment.com/analytics-next/bundles/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajs-destination.bundle.35a8f6f19959bf2f455f.js
cdn.segment.com/analytics-next/bundles/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=982715575/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20roanoke%20%3A%20Total%20Site... Frame C5EE Redirect Chain
|
163 B 404 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
89 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| _cc6894 object| LOTCC boolean| tncms_access_control_sync boolean| LEE_DS_V3 undefined| __CSP_NONCE function| __uspapi function| __tcfapi object| Osano function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o object| leeMembershipPackages function| throttleFunction function| lee_trkLinkSrc function| resizeIframe function| randomizeChildren function| getUserToken object| sUserUUID object| sUserPPID undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli undefined| lee_ulld_iso8601 object| lee_glus undefined| lee_glusIE object| sub_last_login_iso8601 object| google_tag_manager object| b7RiCT2 function| b7RiCT3 object| xop object| google_tag_data string| GoogleAnalyticsObject function| ga object| form function| messagingCallback object| litHtmlVersions object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| __LEE object| d object| _snowplow_trackers object| GlobalSnowplowNamespace function| snowplow object| pl function| fbq function| _fbq object| _comscore object| oFeaturedPackage object| LVxEpr2 function| LVxEpr3 function| xblocker object| IayYJI function| IayYJM object| xblacklist object| analytics object| gaplugins object| gaGlobal object| Snowplow object| gaData object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| AnalyticsNext5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.roanoke.com/ | Name: spses.0ad7 Value: * |
|
.roanoke.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
.trkn.us/ | Name: barometric[cuid] Value: cuid_c6c55323-ed42-4b1e-a7e5-1b6c676faa83 |
|
.leetemplates.com/ | Name: sp Value: aa927ce7-ff9a-49d4-875d-a1404c8890cf |
|
.crwdcntrl.net/ | Name: _cc_cc Value: ctst |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.leetemplates.com
ampcid.google.com
ampcid.google.de
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
bloximages.newyork1.vip.townnews.com
cdn.segment.com
cmp.osano.com
d1eoo1tco6rr5e.cloudfront.net
insight.adsrvr.org
roanoke.com
storage.googleapis.com
tagan.adlightning.com
tags.crwdcntrl.net
trkn.us
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.roanoke.com
104.16.132.24
104.16.133.24
18.64.79.128
18.66.123.144
18.66.97.9
192.104.183.209
2600:9000:223c:4c00:3:b7e:8940:93a1
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4014:80a::200e
2a00:1450:4014:80e::2010
34.102.205.239
35.71.131.137
54.173.162.145
63.34.67.128
99.86.246.220
0284f9037395ddc566160e9265aa01ffc07c05f189473b81df3dc75990c1081d
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0e51aeb489aeb2e69b3f81b3f8219d03606d507bd12080d537861052cb78693c
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
18e8208ea447a26b0cd4f5f2751d1dd717e689a559474e61acb4e3e674403e4d
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
384d1a9859c551ed8f751789414dc042c907ba0e3e56817e62197bf3a435154d
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
41a254171524bbdf420ad79c0a1efca9e98f10304881b9f1499cfbd8a42f4d81
4430ef0e71e3a7c1a70c69d4d88cc797907e7cc0cf1b89f64389aea23b10bdce
4ed84ce525a93634474989bd62a5fc8dcb85ece93e35fcf7287e8bccebb03ed7
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
554dde865550f9aa301a830d666164be72b5e791b78ca7c0b35392286626558e
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce
849295b7bef2dec6e6f087a071d0012e51e2ceb10b3a0e7d5ad12319867c30de
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0ed90f3a2e9ef4b11fcf8ef7497d0256ef016d09ee840329dcdfb1d4e2e47f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
967175cc30e511bd54d9b2956b03c92222491ee29a27b28b718296b9bd6d35f4
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9bc9423a6c988faaed8ddede3463425766c0c4ef5fcd48b63e7d46a3d41e8425
9e24221b2d93ea7cf05e0250bd8826b1957a0c7ceed6544f1223f8bd8fddb4be
a0a54af5206113ff783f05f8e4583d54eddfa9c8ea4e1d1d0040b8bc3255c4f6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
ab1f968da755fc10a0db65e7ebea55004451a15f2f398679f43a1e5df1ed26f7
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
c06f2790c7f7bd13534d3817df0a0019afcda3ac72245276abc85675b813867e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca3fda4964ae8d619fc4ea84c7034a7b1453064e0af308b7a99aec4a8e61ca33
cae1be3a826c5161af68a012ca809275744695c95ea8886fa29ac4998600119f
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
e4c2f9c182b88af413462b9b9c650605179d6f1eae6f9e31d6dd83972b1f3424
e4c7ede23068b7bf007e9c1a996c09c068ab3d4953af7d3d9060a33f2b0e5bb4
e552cc000b25beb983a710aaf7dc6a5ad3d9adc1c977f5515ebd7bd5a83e02bf
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f