offers.theadvertiser.com
Open in
urlscan Pro
34.227.44.62
Public Scan
Effective URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Submission: On May 12 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on February 26th 2020. Valid for: a year.
This is the only time offers.theadvertiser.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-44-62.compute-1.amazonaws.com
offers.theadvertiser.com |
ASN16509 (AMAZON-02, US)
iuploads.scribblecdn.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-93-59.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net
cdn.parsely.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-16-105-54.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-113.deploy.static.akamaitechnologies.com
pixel.mathtag.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-130-103.eu-west-1.compute.amazonaws.com
resources.xg4ken.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-217-51.compute-1.amazonaws.com
10870841.collect.igodigital.com |
ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net
pubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-132-72.eu-west-1.compute.amazonaws.com
gannett.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-31-119.eu-west-3.compute.amazonaws.com
srepdata.montgomeryadvertiser.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-253-85.eu-west-1.compute.amazonaws.com
beacon.krxd.net |
Domain | Requested by | |
---|---|---|
13 | offers.theadvertiser.com |
1 redirects
offers.theadvertiser.com
|
8 | iuploads.scribblecdn.net |
offers.theadvertiser.com
|
5 | pixel.mathtag.com |
1 redirects
offers.theadvertiser.com
pixel.mathtag.com |
4 | platform.twitter.com |
offers.theadvertiser.com
platform.twitter.com |
3 | sb.scorecardresearch.com |
1 redirects
www.gannett-cdn.com
offers.theadvertiser.com |
3 | cdn.krxd.net |
www.gannett-cdn.com
cdn.krxd.net |
3 | dpm.demdex.net |
1 redirects
offers.theadvertiser.com
|
3 | www.facebook.com |
1 redirects
code.jquery.com
offers.theadvertiser.com |
3 | www.gannett-cdn.com |
offers.theadvertiser.com
www.gannett-cdn.com |
2 | srepdata.montgomeryadvertiser.com |
www.gannett-cdn.com
|
2 | connect.facebook.net |
www.gannett-cdn.com
connect.facebook.net |
2 | news.google.com |
www.gannett-cdn.com
news.google.com |
2 | fonts.googleapis.com |
offers.theadvertiser.com
|
1 | cx.atdmt.com | |
1 | beacon.krxd.net |
cdn.krxd.net
|
1 | consumer.krxd.net |
cdn.krxd.net
|
1 | cm.everesttech.net | 1 redirects |
1 | gannett.demdex.net |
www.gannett-cdn.com
|
1 | syndication.twitter.com |
offers.theadvertiser.com
|
1 | pay.google.com |
news.google.com
|
1 | pubads.g.doubleclick.net |
offers.theadvertiser.com
|
1 | 10870841.collect.igodigital.com |
www.gannett-cdn.com
|
1 | resources.xg4ken.com |
www.gannett-cdn.com
|
1 | cdn.parsely.com |
www.gannett-cdn.com
|
1 | ajax.googleapis.com |
cdnjs.cloudflare.com
|
1 | cdnjs.cloudflare.com |
offers.theadvertiser.com
|
1 | code.jquery.com |
offers.theadvertiser.com
|
1 | cl.exct.net | 1 redirects |
0 | widgets.twimg.com Failed |
offers.theadvertiser.com
|
62 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.theadvertiser.com |
cm.theadvertiser.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
offers.usatoday.com DigiCert SHA2 High Assurance Server CA |
2020-02-26 - 2021-03-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-04-28 - 2020-07-21 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
gannett.com DigiCert SHA2 High Assurance Server CA |
2020-04-13 - 2022-06-21 |
2 years | crt.sh |
*.scribblecdn.net Amazon |
2020-03-27 - 2021-04-27 |
a year | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
*.twimg.com DigiCert SHA2 High Assurance Server CA |
2019-11-12 - 2020-11-18 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-04-15 - 2020-07-14 |
3 months | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
cdn.krxd.net DigiCert SHA2 Secure Server CA |
2020-03-05 - 2021-03-06 |
a year | crt.sh |
*.parsely.com Amazon |
2019-08-30 - 2020-09-30 |
a year | crt.sh |
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA |
2019-12-16 - 2020-12-25 |
a year | crt.sh |
*.news.google.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
pixel.mathtag.com DigiCert SHA2 Secure Server CA |
2020-04-15 - 2021-07-15 |
a year | crt.sh |
*.xg4ken.com Go Daddy Secure Certificate Authority - G2 |
2017-12-17 - 2020-12-17 |
3 years | crt.sh |
*.collect.igodigital.com DigiCert SHA2 Secure Server CA |
2020-02-14 - 2021-02-18 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-04-15 - 2020-07-08 |
3 months | crt.sh |
syndication.twitter.com DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
srepdata.montgomeryadvertiser.com DigiCert SHA2 High Assurance Server CA |
2019-05-26 - 2020-08-28 |
a year | crt.sh |
consumer.krxd.net DigiCert SHA2 Secure Server CA |
2020-03-26 - 2021-03-27 |
a year | crt.sh |
beacon.krxd.net DigiCert SHA2 Secure Server CA |
2020-01-30 - 2021-01-30 |
a year | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2020-04-19 - 2020-07-18 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Frame ID: 9A5C0B02601B73BE9921E1A959F33BC7
Requests: 56 HTTP requests in this frame
Frame:
https://www.facebook.com/plugins/subscribe.php?&href=https%3A%2F%2Fwww.facebook.com%2Fdailyadvertiser&layout=standard&width=450&show_faces=false&colorscheme=light&font=
Frame ID: CF011C0C1DEDDFD07B64A15B16314623
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Foffers.theadvertiser.com
Frame ID: 76E5D0134943F6A3A49BB7A7572FA2E7
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/follow_button.2a008290075125adde2d7b849b06a0bb.en.html
Frame ID: 7AD23876AD59C89C8057DFC267E531FC
Requests: 1 HTTP requests in this frame
Frame:
https://pay.google.com/gp/p/ui/payframe?origin=https://offers.theadvertiser.com&mid=%{merchantId}
Frame ID: B02C09A1DD9D53FEDA30DBFD6E5764A4
Requests: 1 HTTP requests in this frame
Frame:
https://gannett.demdex.net/dest5.html?d_nsid=0
Frame ID: D227F9F20965C5F19512C2AF1C9F9A71
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 15F62B039F0DA01CB958C53F7121BCFD
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://cl.exct.net/?qs=557ea4dd6d35efd5ad29e8bdfc6d05f6f026b6f9a2e7f3d049dcc268216917a0f35c1153...
HTTP 302
http://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget... HTTP 302
https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget... Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Twitter (Widgets) Expand
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
comScore (Analytics) Expand
Detected patterns
- html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
- script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Do Not Sell My Info / Cookie Policy
Search URL Search Domain Scan URL
Title: Your California Rights / Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://cl.exct.net/?qs=557ea4dd6d35efd5ad29e8bdfc6d05f6f026b6f9a2e7f3d049dcc268216917a0f35c11530dda9da80ff825d6dbda3d1e613300d0515ccfeb6928ee4d81d21003
HTTP 302
http://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE HTTP 302
https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 32- https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CF4957F555EE9B727F000101%40AdobeOrg&d_nsid=0&ts=1589315784991 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CF4957F555EE9B727F000101%40AdobeOrg&d_nsid=0&ts=1589315784991
- https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=114093 HTTP 302
- https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=114093&mm_bnc&mm_bct&UUID=06e15ebb-08c8-4100-afce-445689683cb0
- https://sb.scorecardresearch.com/b?c1=2&name=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c2=6035223&ns__t=1589315785241&ns_c=UTF-8&cv=3.5&c8=The%20Daily%20Advertiser%20%7C%20theadvertiser.com&c7=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c9= HTTP 302
- https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c2=6035223&ns__t=1589315785241&ns_c=UTF-8&cv=3.5&c8=The%20Daily%20Advertiser%20%7C%20theadvertiser.com&c7=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c9=
- https://cm.everesttech.net/cm/dd?d_uuid=58487960146987123041508235490503909513 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrsIyQAAAYeOkBTJ
- https://www.facebook.com/tr/?id=167311730410202&ev=Microdata&dl=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&rl=&if=false&ts=1589315786984&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Daily%20Advertiser%20%7C%20theadvertiser.com%22%2C%22meta%3Adescription%22%3A%22The%20Daily%20Advertiser%20Local%20News%2C%20Sports%2C%20Weather%2C%20Classifieds.%22%2C%22meta%3Akeywords%22%3A%22The%20Daily%20Advertiser%20Local%20News%2C%20Sports%2C%20Weather%2C%20Classifieds.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1589315785480.699667137&it=1589315785045&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
- https://cx.atdmt.com/?c=14549463530493043695&f=AYzk-eKPWtga1dgBVEB4jpVjJcCx7rTbpo3g9mZZ5THV50jzwgv5CV4MZio7Nn7CrnYDOCStlJWNcPyxbEcJy_KQ&id=167311730410202&l=3&v=0
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
specialoffer-ln
offers.theadvertiser.com/ Redirect Chain
|
61 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 834 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
372 B 349 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ixp-runtime.min.js
offers.theadvertiser.com/Scripts/ |
47 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
liveball_api.js
offers.theadvertiser.com/Javascript/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
liveball-ui.js
offers.theadvertiser.com/Scripts/ |
3 KB 968 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.1.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
liveball-ui-facebook.min.js
offers.theadvertiser.com/Global/UxPlugins/facebook_flex/js/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
widget.js
widgets.twimg.com/j/2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
liveball-ui-twitter.min.js
offers.theadvertiser.com/Global/UxPlugins/twitter_flex/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ixp-microthemes.min.css
offers.theadvertiser.com/Templates/ |
187 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.css
offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/ |
204 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gciAnalytics.js
www.gannett-cdn.com/dc/ |
192 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-masthead-logo@2x.png
www.gannett-cdn.com/sites/theadvertiser/images/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
digital_clipart_lockup_2018-57a433a4c670d23e41b8dbc641af9a2713e76827.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/uncategorized/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
printdigital_clipart_lockup_2018-57a433a4c670d23e41b8dbc641af9a2713e76827.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/uncategorized/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circle_ipad_1-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/ |
92 KB 93 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circle_iphone_1-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/ |
89 KB 89 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circle_ipad_4-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/ |
80 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
circle_iphone_3-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/ |
84 KB 85 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get-help.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/shreveport/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LAB.min.js
cdnjs.cloudflare.com/ajax/libs/labjs/2.0.3/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KeyGrip.ashx
offers.theadvertiser.com/ |
70 B 192 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PMOY-TEALIUM-ION.json
www.gannett-cdn.com/dcc/prod/ |
38 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dark_gannett_map-646d0f988155a55f62ea12720d5a0b4fabf3d1d8.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/uncategorized/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
futura_today_bold.woff
offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/ |
36 KB 36 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
futura_today.woff
offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/ |
37 KB 37 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
futura_today_demi_bold.woff
offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/ |
37 KB 37 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
subscribe.php
www.facebook.com/plugins/ Frame CF01 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.2a008290075125adde2d7b849b06a0bb.html
platform.twitter.com/widgets/ Frame 76E5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.a9e51eea566eab199c00950f37200d0b.js
platform.twitter.com/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suudv45fg.js
cdn.krxd.net/controltag/ |
38 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.js
cdn.parsely.com/keys/offers.theadvertiser.com/ |
52 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beacon.js
sb.scorecardresearch.com/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swg.js
news.google.com/swg/js/v1/ |
128 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
pixel.mathtag.com/event/ Redirect Chain
|
2 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
131 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ktag.js
resources.xg4ken.com/js/v2/ |
11 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect.js
10870841.collect.igodigital.com/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activity;xsp=4391520;ord=PMOY
pubads.g.doubleclick.net/ |
42 B 650 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
follow_button.2a008290075125adde2d7b849b06a0bb.en.html
platform.twitter.com/widgets/ Frame 7AD2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
167311730410202
connect.facebook.net/signals/config/ |
475 KB 120 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payframe
pay.google.com/gp/p/ui/ Frame B02C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swg-button.css
news.google.com/swg/js/v1/ |
19 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jot
syndication.twitter.com/i/ |
43 B 337 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
0 248 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
cdn.krxd.net/ctjs/ |
249 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
pixel.mathtag.com/event/ |
597 B 920 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
gannett.demdex.net/ Frame D227 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
srepdata.montgomeryadvertiser.com/ |
48 B 497 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=XrsIyQAAAYeOkBTJ
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img
pixel.mathtag.com/misc/ |
43 B 479 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 15F6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 254 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e88225a2-3b7b-45e3-9cc2-a3130b91f0db
consumer.krxd.net/consent/get/ |
235 B 427 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
s88361574408450
srepdata.montgomeryadvertiser.com/b/ss/globaldesktopmobilesite/1/JS-2.17.0/ |
43 B 221 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optout_check
beacon.krxd.net/ |
80 B 239 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cx.atdmt.com/ Redirect Chain
|
42 B 407 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img
pixel.mathtag.com/misc/ |
43 B 635 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- widgets.twimg.com
- URL
- https://widgets.twimg.com/j/2/widget.js
Verdicts & Comments Add Verdict or Comment
72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| _lbapi_lb3id object| ixp function| _ object| ES6Promise undefined| $ undefined| jQuery function| _lbapi_XhrFactory object| _lbapi_nativeXhr boolean| _lbapi_asynchronous string| _lbapi_3id_param string| _lbapi_rnd_param string| _lbapi_tag_param function| _lbapi_urlencode function| _lbapi_idstg function| liveballConvert function| liveballTag function| liveballData function| liveballDataPost function| liveballScriptlet object| LBUI object| twttr object| utag_data string| gciAnalyticsUAID object| __core-js_shared__ object| core number| s_objectID number| s_giq function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| gciData object| gciDataQueue object| gciAnalytics object| jQuery11110029696529728795218 object| $LAB function| $dfl object| renderDynamicFooterLinks object| __twttrll object| __twttr object| gciAnalyticsConfig object| s_c_il number| s_c_in object| visitor object| gciKruxData object| PARSELY object| MathTag function| fbq function| _fbq function| ktag object| SUBSCRIPTIONS object| SWG function| udm_ object| _comscore object| COMSCORE object| ns_p object| Kenshoo_Constants object| Kenshoo_Toggles object| Kenshoo_Amp_Helpers object| Kenshoo_Helpers object| Ktag_Functions function| setup function| metric function| Krux object| _etmc object| _etmc_temp string| func_name object| args object| s_i_globaldesktopmobilesite18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: dextp Value: 3-1-1589315785693 |
|
.demdex.net/ | Name: demdex Value: 58487960146987123041508235490503909513 |
|
pay.google.com/ | Name: OTZ Value: 5450196_48_52_123900_48_436380 |
|
.pay.google.com/ | Name: _gid Value: GA1.3.1701321459.1589315785 |
|
.krxd.net/ | Name: _kuid_ Value: NZkTzkjl |
|
.pay.google.com/ | Name: _ga Value: GA1.3.594443143.1589315785 |
|
.theadvertiser.com/ | Name: LiveBall Value: uid=208490069&uky=PMQLTOEP&rid=221373871 |
|
.theadvertiser.com/ | Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE%22%2C%22sref%22:%22%22%2C%22sts%22:1589315785220%2C%22slts%22:0} |
|
.theadvertiser.com/ | Name: AMCVS_CF4957F555EE9B727F000101%40AdobeOrg Value: 1 |
|
.theadvertiser.com/ | Name: s_cc Value: true |
|
.theadvertiser.com/ | Name: AMCV_CF4957F555EE9B727F000101%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18395%7CMCMID%7C58656056612099625401487205514742432853%7CMCAAMLH-1589920585%7C6%7CMCAAMB-1589920585%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1589322985s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18402%7CvVersion%7C4.4.0 |
|
.theadvertiser.com/ | Name: gup_clientid Value: 4103ea4e-45b9-42b0-ae21-e58ecd598e3d |
|
.facebook.com/ | Name: fr Value: 0U1bK4jjOgp8l3kuT..BeuwjJ...1.0.BeuwjJ. |
|
.google.com/ | Name: NID Value: 204=SDnlVkbux0ZCVIMyHH5C3w3sc_yYLUBg_KeE-e0EYBVvz4Es4df-b5ISzYdl_IvuH3djHdwEoQO3sWWL7uVMEfaRrwJRNnCHaA6OGo4fWLvceB-g4EVYQ93KDitIQk31iHdaRCR18Sn6rXo9U3ucozefyf28JWiwXm2v99wCZ_A |
|
offers.theadvertiser.com/ | Name: ASP.NET_SessionId Value: scddwhdeyz0wi3et11et5vcl |
|
.pay.google.com/ | Name: _gat_UA1168580691 Value: 1 |
|
.theadvertiser.com/ | Name: _fbp Value: fb.1.1589315785480.699667137 |
|
.theadvertiser.com/ | Name: gup_anonid Value: 463a9633-f88a-4e28-93bf-7fb0bc4fe452 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
10870841.collect.igodigital.com
ajax.googleapis.com
beacon.krxd.net
cdn.krxd.net
cdn.parsely.com
cdnjs.cloudflare.com
cl.exct.net
cm.everesttech.net
code.jquery.com
connect.facebook.net
consumer.krxd.net
cx.atdmt.com
dpm.demdex.net
fonts.googleapis.com
gannett.demdex.net
iuploads.scribblecdn.net
news.google.com
offers.theadvertiser.com
pay.google.com
pixel.mathtag.com
platform.twitter.com
pubads.g.doubleclick.net
resources.xg4ken.com
sb.scorecardresearch.com
srepdata.montgomeryadvertiser.com
syndication.twitter.com
widgets.twimg.com
www.facebook.com
www.gannett-cdn.com
widgets.twimg.com
104.244.42.200
13.225.85.39
15.188.31.119
151.101.14.133
151.101.14.62
172.217.22.98
176.34.132.72
18.202.93.59
2.16.105.54
2001:4de0:ac19::1:b:1a
23.210.249.113
2600:9000:21f3:c00:15:a92b:8a80:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:85e5
2a00:1450:4001:816::200a
2a00:1450:4001:81f::200e
2a00:1450:4001:825::200a
2a00:1450:400c:c08::5c
2a02:26f0:64:39c::416d
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.227.44.62
34.252.253.85
52.30.130.103
54.173.217.51
66.117.28.86
004873741130c4c0aec4692ddf6ac8f57442ab746004efded91e189228c5daf8
0121a720f10748fd9965371b3842532d5d246b340c4be6c336c8ce1e3e19cb7f
0c2e1658ba427cead8bd5deb44839c9b904dbb0093e36394cb789bcc9512bbd6
0c9596e1cfcf93d9046009d87afee3a19a655f1fbb35ff605ea0b67643ad731f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a3a934d90549c670e4d6be1925c2ecd36ed991ba397d50ddc637e7a25f2d33a
31ee3daa595cf3dee0380cf39ddd17bb383f2b7d37e5024578d7c08f2e7dbf51
32e6d17b4dc09aa26d207c87820b41045c37dc268c8e2fedd7221267cdca6c0d
3bacf4265da725179ef0516dd2b15204d1b282bcc589972c8651e7905f5c974d
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5597a90c8d59debd9c8836178aab3a59d998bcd5c3ab72e666a1eb593d572ff1
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
592e35a583c401384ba6166b860a346ea7853f17287296c6a7c0c2468567330c
5dbb36b00cc77f4fe8efd685b65e57a5e8bec9595d1b37fa0dd70b935a267fa9
60e7f625414deaf6c019dddf9f1cdc61c01f77dea957f476b7ad2f907378bdb9
693e17c8231fa1c3a1832a2f0e1d89a7e09d2a6c94969a9404110acacf7783bd
699ed516861cc6e9abb0e8cc6e1c3354c33c1b17602fabbdfb726a12afec019a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7298c3e67b2e75b9a7b884d5356fdec39218fd94e6b877f916c71a12e30dcb43
79759fba4324b44884086263b681262191ccd9dc6634022db6f0c4b23e90c6ad
7a08ab689c595b640ecacb1cd07056ff1ddd812bee38199567c6ffa56a8d6933
81420fcc92a4155e39b78a3b06cc87266a3fe13b229f44e3fac0cfd8080880ea
88439a85c01a98f68413b379ae9ca3d51a1f59b8e878bfa2ff32b8c31427db8a
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
960e999a771307e0509e94791b6b2d5945517d5b807b61dba554d02efb401a18
96be21393ffdc9129af65365ccbd7dd7458c1eaac7982a02e3697e08566edf3d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a5dc65eda551046bc0e37effb1678b1968dd8313ff98390e7f22ee5cfeec3c63
ac58f841fd9b1de0ae4ba48f22ac7e876b0ffdd3573318d29db20daf03c3c6a4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
aee7a08524963039531cea18c1e2627893a24569ade53c8546db108c28fc1ecc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b514b2e543e3f70e05deb7bc17d21a7648a949efccb822b468899677a6ab2807
bf1fce150ff945b16370d23bed230287f97d36a1b0a13f62abeb89c2ca3f61e7
c452f6881d9f308f0fe743d47830fd35a67f18088be7212651b8c00e827053d4
c766f549854f94a15878453e06c7e65d45047211d8844af4af612a312ac7f247
c8a015b0a6c17d0601591acc2bba30e2c08e4fb5918ee8a90af14ac33555c5ea
cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3
d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63
d57b8fdf0c2fe9e2b05a355183f4514ca01ac959c63c5006a9211ad85c5a580e
dea5761dc4921ad7ac4a1af6eb72f872df9a66a75681c542bdd64b5b61d95f60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c70429bafad33fe2f1a58148546aea188a4f5e856ea3d3677808bae6a58ca5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17e60d77c02256a7c452b811447dc38de2da26e1016aa4a7fdf074d8ecefd9a
f2bfde2e7589a765a3ea64c97e51e3ca8757593c860daafde22200923fb76754
f6747131b6f4cbfab31e8c0b3dec455c5ac0191c1bf65db44db65053f3071bcd
fde43be5ba09c040a25f97f2f42dac6b282b15e971c4712f8ead4b93555a4953