www.thefirstnews.com
Open in
urlscan Pro
3.120.55.39
Public Scan
Effective URL: https://www.thefirstnews.com/
Submission: On January 12 via api from CH — Scanned from DE
Summary
TLS certificate: Issued by RapidSSL RSA CA 2018 on May 5th 2020. Valid for: 2 years.
This is the only time www.thefirstnews.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-55-39.eu-central-1.compute.amazonaws.com
www.thefirstnews.com |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
thefirstnews-cms.s3.eu-central-1.amazonaws.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
www.instagram.com |
ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ads.businessclick.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-63.fra60.r.cloudfront.net
images.thefirstnews.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
thefirstnews.com
1 redirects
www.thefirstnews.com images.thefirstnews.com |
978 KB |
7 |
gstatic.com
fonts.gstatic.com |
214 KB |
7 |
amazonaws.com
thefirstnews-cms.s3.eu-central-1.amazonaws.com |
669 KB |
5 |
yandex.com
2 redirects
mc.yandex.com — Cisco Umbrella Rank: 29691 |
2 KB |
4 |
linkedin.com
3 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 433 www.linkedin.com — Cisco Umbrella Rank: 624 px4.ads.linkedin.com — Cisco Umbrella Rank: 5443 |
3 KB |
3 |
wp.pl
1 redirects
px.wp.pl — Cisco Umbrella Rank: 290437 dot.wp.pl — Cisco Umbrella Rank: 62898 |
3 KB |
3 |
twitter.com
platform.twitter.com — Cisco Umbrella Rank: 546 syndication.twitter.com — Cisco Umbrella Rank: 767 |
133 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 88 |
497 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33 |
20 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126 |
113 KB |
2 |
adform.net
1 redirects
track.adform.net — Cisco Umbrella Rank: 3624 |
809 B |
2 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3317 |
48 KB |
2 |
instagram.com
1 redirects
www.instagram.com — Cisco Umbrella Rank: 980 |
5 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 258 fonts.googleapis.com — Cisco Umbrella Rank: 37 |
32 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6151 |
501 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 8 |
501 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
446 B |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 828 |
2 KB |
1 |
businessclick.com
ads.businessclick.com — Cisco Umbrella Rank: 80197 |
453 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
36 KB |
72 | 20 |
Domain | Requested by | |
---|---|---|
28 | images.thefirstnews.com |
www.thefirstnews.com
|
7 | fonts.gstatic.com |
fonts.googleapis.com
|
7 | thefirstnews-cms.s3.eu-central-1.amazonaws.com |
www.thefirstnews.com
thefirstnews-cms.s3.eu-central-1.amazonaws.com |
5 | mc.yandex.com |
2 redirects
www.thefirstnews.com
|
5 | www.thefirstnews.com |
1 redirects
www.thefirstnews.com
thefirstnews-cms.s3.eu-central-1.amazonaws.com |
2 | www.facebook.com |
www.thefirstnews.com
|
2 | dot.wp.pl |
1 redirects
www.thefirstnews.com
|
2 | px.ads.linkedin.com | 2 redirects |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | connect.facebook.net |
www.thefirstnews.com
connect.facebook.net |
2 | track.adform.net |
1 redirects
www.thefirstnews.com
|
2 | mc.yandex.ru |
1 redirects
www.thefirstnews.com
|
2 | platform.twitter.com |
www.thefirstnews.com
platform.twitter.com |
2 | www.instagram.com |
1 redirects
www.thefirstnews.com
|
1 | www.google.de |
www.thefirstnews.com
|
1 | www.google.com |
www.thefirstnews.com
|
1 | syndication.twitter.com |
platform.twitter.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | px4.ads.linkedin.com |
www.thefirstnews.com
|
1 | www.linkedin.com | 1 redirects |
1 | px.wp.pl |
www.thefirstnews.com
|
1 | snap.licdn.com |
www.thefirstnews.com
|
1 | ads.businessclick.com |
www.thefirstnews.com
|
1 | fonts.googleapis.com |
www.thefirstnews.com
|
1 | www.googletagmanager.com |
www.thefirstnews.com
|
1 | ajax.googleapis.com |
www.thefirstnews.com
|
72 | 26 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
twitter.com |
www.youtube.com |
www.linkedin.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.thefirstnews.com RapidSSL RSA CA 2018 |
2020-05-05 - 2022-06-04 |
2 years | crt.sh |
*.s3.eu-central-1.amazonaws.com Amazon |
2021-03-26 - 2022-03-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-20 - 2022-10-19 |
a year | crt.sh |
*.businessclick.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-06-29 - 2022-06-29 |
a year | crt.sh |
mc.yandex.ru Yandex CA |
2021-12-22 - 2022-06-03 |
5 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2021-07-15 - 2022-07-20 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-10-21 - 2022-01-19 |
3 months | crt.sh |
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-03-05 - 2022-03-14 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-06 - 2023-01-05 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.thefirstnews.com/
Frame ID: AE2D16760C18C907CFA3595DE3B17E7F
Requests: 70 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fwww.thefirstnews.com
Frame ID: D250B72D8C660DA3B68AC6896C8EB667
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
The First News - entertaining, engaging and informative news on PolandPage URL History Show full URLs
-
http://www.thefirstnews.com/
HTTP 301
https://www.thefirstnews.com/ Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Twitter (Widgets) Expand
Detected patterns
- //platform\.twitter\.com/widgets\.js
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.thefirstnews.com/
HTTP 301
https://www.thefirstnews.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://www.instagram.com/embed.js HTTP 302
- https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
- https://track.adform.net/Serving/TrackPoint/?pm=1585592&ADFPageName=view&ADFdivider=| HTTP 302
- https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1585592&ADFPageName=view&ADFdivider=|
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=940084&time=1641969444116&url=https%3A%2F%2Fwww.thefirstnews.com%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D940084%26time%3D1641969444116%26url%3Dhttps%253A%252F%252Fwww.thefirstnews.com%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=940084&time=1641969444116&url=https%3A%2F%2Fwww.thefirstnews.com%2F&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=940084&time=1641969444116&url=https%3A%2F%2Fwww.thefirstnews.com%2F&liSync=true&e_ipv6=AQII-qVhzVHPrgAAAX5NAWZ9F29TkbqNpdmOyDanflxxIGrE9Y6LCy03oN2jA7Dl4e-RVk2IbkNUX5Ul-mb8zYzo3efivQ
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9516.uoKxeBHEWcnN9aAnrMqDyYchIPqrEyTwl_9jOmHwNs3BbTa5uNXuiPWss-OYCflk.iyaJMr8i9G80aZLLEy0kNc9236g%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9516.qigtMDYpsN9NKKnNNExD20E0IfAvFmUMduqWi5gF01I8YUt_iNDvWb5-k_pRNYdHPLQZS13QvkstnI7e_HAkHA%2C%2C.UlPyrrGZMf3-XpWDun_XisPC8ME%2C
- https://dot.wp.pl/s9453638484/px.gif?srv=thefirstnews_conv&action=conversion&par=transId%3Dundefined%26gwpAction%3Dview%26surl%3D%26shost%3Dundefined%26ssid%3D170c9e1a14c34d4b6fddbcf2bed5f104&pg=https%3A//www.thefirstnews.com/ HTTP 301
- https://dot.wp.pl/r1641969444/pxn?srv=thefirstnews_conv&action=conversion&par=transId%3Dundefined%26gwpAction%3Dview%26surl%3D%26shost%3Dundefined%26ssid%3D170c9e1a14c34d4b6fddbcf2bed5f104&pg=https%3A//www.thefirstnews.com/
- https://mc.yandex.com/watch/48968504?wmode=7&page-url=https%3A%2F%2Fwww.thefirstnews.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A301%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1223611493270%3Ahid%3A871438332%3Az%3A0%3Ai%3A20220112063724%3Aet%3A1641969444%3Ac%3A1%3Arn%3A34387517%3Arqn%3A1%3Au%3A1641969444975792279%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641969443678%3Ads%3A0%2C15%2C18%2C1%2C32%2C0%2C%2C236%2C1%2C%2C%2C%2C305%3Adsn%3A0%2C15%2C18%2C1%2C32%2C0%2C%2C238%2C1%2C%2C%2C%2C305%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641969444%3At%3AThe%20First%20News%20-%20entertaining%2C%20engaging%20and%20informative%20news%20on%20Poland&t=gdpr(14)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/48968504/1?wmode=7&page-url=https%3A%2F%2Fwww.thefirstnews.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A301%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1223611493270%3Ahid%3A871438332%3Az%3A0%3Ai%3A20220112063724%3Aet%3A1641969444%3Ac%3A1%3Arn%3A34387517%3Arqn%3A1%3Au%3A1641969444975792279%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641969443678%3Ads%3A0%2C15%2C18%2C1%2C32%2C0%2C%2C236%2C1%2C%2C%2C%2C305%3Adsn%3A0%2C15%2C18%2C1%2C32%2C0%2C%2C238%2C1%2C%2C%2C%2C305%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641969444%3At%3AThe%20First%20News%20-%20entertaining%2C%20engaging%20and%20informative%20news%20on%20Poland&t=gdpr%2814%29aw%281%29ti%282%29
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.thefirstnews.com/ Redirect Chain
|
122 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f47829f40dfc3a1feeae23839132db36.css
thefirstnews-cms.s3.eu-central-1.amazonaws.com/assets/ |
134 KB 134 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
91 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/ Redirect Chain
|
15 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widgets.js
platform.twitter.com/ |
96 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ads.businessclick.com/tpj/b2d772a9-e5a9-4243-b3f9-a7518691dd11/ |
117 B 453 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-header.svg
images.thefirstnews.com/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
placeholder.jpg
www.thefirstnews.com/front/img/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
text-exclusive.svg
images.thefirstnews.com/img/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
77pn5kcqmtv5v7wjkkmzrk.png
thefirstnews-cms.s3.eu-central-1.amazonaws.com/ |
179 KB 180 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ayhg7bm9msn6627nuk7gzb.jpeg
thefirstnews-cms.s3.eu-central-1.amazonaws.com/ |
145 KB 145 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-footer.png
images.thefirstnews.com/img/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pap-footer.png
www.thefirstnews.com/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7422e0e2825398c470343c7381cd7dfc.js
thefirstnews-cms.s3.eu-central-1.amazonaws.com/assets/ |
139 KB 140 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch.js
mc.yandex.ru/metrika/ |
134 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.adform.net/Serving/TrackPoint/ Redirect Chain
|
35 B 395 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
px.wp.pl//exdotdynamic/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-search.svg
thefirstnews-cms.s3.eu-central-1.amazonaws.com/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
weather-sprites-icons.png
thefirstnews-cms.s3.eu-central-1.amazonaws.com/img/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v16/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v16/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Icons_v2.woff
thefirstnews-cms.s3.eu-central-1.amazonaws.com/fonts/ |
2 KB 3 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga6Law1J5X9T9RW6j9bNdOwzfRmecf1I.woff2
fonts.gstatic.com/s/notoserif/v16/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga6Iaw1J5X9T9RW6j9bNfFkWaCi_.woff2
fonts.gstatic.com/s/notoserif/v16/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getBanners
www.thefirstnews.com/api/ |
668 B 489 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en929k7y5qgf3ilcr040b.png
images.thefirstnews.com/1000x667/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wvgx0ueighihm6lrzn35un.jpeg
images.thefirstnews.com/500x333/ |
50 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5w2fo2x0gd80q00scev5xm.png
images.thefirstnews.com/500x333/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x6zk6wlcbzdy4bexo08i9.png
images.thefirstnews.com/500x333/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xro0aev8l3ux8rj9xudci.jpeg
images.thefirstnews.com/500x333/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
941mqx11d1g4jc1l9i2h.jpeg
images.thefirstnews.com/500x333/ |
64 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0fl0l26gpsdogxafnm1858.jpeg
images.thefirstnews.com/500x333/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jerz97vi1tj5nhpb6dqv8.jpeg
images.thefirstnews.com/500x333/ |
15 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t6zpwgbtyiirtcznffke.png
images.thefirstnews.com/500x333/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jhwecn0r5nk3s3brxeahzh.jpeg
images.thefirstnews.com/500x333/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ybhvfykxklqrj61sqmfy.png
images.thefirstnews.com/500x333/ |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
55savz1ku4pfbna33m2t8s.jpeg
images.thefirstnews.com/380x253/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mo6dbta3rse68xwqi4uva.png
images.thefirstnews.com/500x333/ |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65pt4ho5v8ic5nkeijpeql.png
images.thefirstnews.com/295x197/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69v3srqn1ssj6vz7r7u9wd.jpeg
images.thefirstnews.com/295x197/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
k740tm0cgb4qheock8vc.jpeg
images.thefirstnews.com/295x197/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pppqlzaz7cjlfsbtwqgim.jpeg
images.thefirstnews.com/295x197/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6x2d7bxrvdwk4vey3qw6e9.jpeg
images.thefirstnews.com/500x333/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en929k7y5qgf3ilcr040b.png
images.thefirstnews.com/500x333/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1ivs7kc89at9pxgwb4lwn.jpeg
images.thefirstnews.com/500x333/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hft99x9zqlut8bc74w37n.png
images.thefirstnews.com/500x333/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65pt4ho5v8ic5nkeijpeql.png
images.thefirstnews.com/500x333/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
229448461297095
connect.facebook.net/signals/config/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2juq11a9v6um9yebxnxsn.jpeg
images.thefirstnews.com/ |
126 KB 125 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ao5zh7mno1bp9jqnqfmr3b.png
images.thefirstnews.com/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9kjuxttd2woh0pj7vo5xln.png
images.thefirstnews.com/ |
93 KB 94 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 155 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget_iframe.e37c957bd3ae00473b95800b99e19cff.html
platform.twitter.com/widgets/ Frame D250 |
319 KB 103 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 136 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxn
dot.wp.pl/r1641969444/ Redirect Chain
|
0 131 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 406 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 446 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
syndication.twitter.com/ Frame D250 |
232 B 447 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/48968504/ Redirect Chain
|
331 B 413 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
86 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery function| gtag object| dataLayer string| _linkedin_partner_id object| _linkedin_data_partner_ids function| fbq function| _fbq string| gwpClientId object| gwpPxInfo string| gwpAction string| gwpReferer number| tt object| gwpProducts object| gwpExtParams string| gwpTransaction object| requestParams object| time function| checkWeatherStatus function| getFormattedWarsawTime function| addClassConditions function| setWeatherDateSpan function| setWarsawTempTimeSpan function| Cookies object| tfnJS boolean| areBannersSet function| getElementsBannerNameByModule function| setBannersByData function| hideBanners function| $getTopBox function| $getRightTopBox function| $getRightLowBox function| $getRightLowBox2 function| isElementInView function| removeElementsByAtrrAndID function| send function| removeIdFromSessionStorage function| addDataToSessionStorage function| addIdToSessionStorage function| isIdInSessionStorage function| setSessionStorage function| getSessionStorageData function| getElementIdByAttrName function| removeElementByAttrIfIdInStorage function| sendGoogleAnalyticsEventBanner function| getElementIdsIfInViewPortAddToSS function| isIdInElements function| lambdaConvertImg function| convertWithoutResizing function| convert function| closest object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __s object| instgrm function| lintrk boolean| _already_called_lintrk object| __twttrll object| twttr object| __twttr object| Ya object| yaCounter48968504 object| gaplugins object| gaGlobal object| gaData function| gwp_isInt function| gwp_getTransId function| gwp_getExtParams function| gwp_getProducts function| gwp_getPrice function| gwp_getQuantity function| getFromCookie function| setToCookie function| getSetSSID function| gwp_documentReferrer string| gwpSn string| gwpDotAction string| gwpPar object| gwpDot function| S430 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ads.businessclick.com/ | Name: __bc_trace Value: 0IY4wiTSm9WMo3P86p6n31xg221ztVC4 |
|
.ads.businessclick.com/ | Name: __bc_prof Value: e30.8v2XF2kKtNPsy4-3JP8Jn6oxF8M |
|
.adform.net/ | Name: C Value: 1 |
|
.adform.net/ | Name: uid Value: 8802930967539700297 |
|
.thefirstnews.com/ | Name: _ym_uid Value: 1641969444975792279 |
|
.thefirstnews.com/ | Name: _ym_d Value: 1641969444 |
|
.thefirstnews.com/ | Name: _ga Value: GA1.2.1054204709.1641969444 |
|
.thefirstnews.com/ | Name: _gid Value: GA1.2.498675109.1641969444 |
|
.thefirstnews.com/ | Name: _gat_gtag_UA_117334769_1 Value: 1 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 3527779971fake |
|
www.thefirstnews.com/ | Name: base_referer Value: |
|
www.thefirstnews.com/ | Name: ssid Value: 170c9e1a14c34d4b6fddbcf2bed5f104 |
|
.thefirstnews.com/ | Name: _fbp Value: fb.1.1641969444269.1258847669 |
|
.thefirstnews.com/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 2769351047fake |
|
.facebook.com/ | Name: fr Value: 0YedLE7qplanKg3ho..Bh3nck...1.0.Bh3nck. |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQK0bUDsd0avnwAAAX5NAWWWp_roVxjgPOsUvOxlAc67QIv4MLBjwOp__YFaxtAtzRApHYBndoODgA |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQKipOzEYOJ3WQAAAX5NAWWWQYasfacUyZi4ML7Iljm_gkZL_Cx_utyaHMiHczh0nPsEHFqx3HWdK3i8o8HtRQ |
|
.ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
.linkedin.com/ | Name: bcookie Value: "v=2&5c034f46-e743-4113-8e52-373abbf28588" |
|
.linkedin.com/ | Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2523:u=1:x=1:i=1641969444:t=1642055844:v=2:sig=AQEZCtgwcYZqrHRKM-exzgzf3I0qL9WP" |
|
.yandex.com/ | Name: yandexuid Value: 4626017331641969444 |
|
.yandex.com/ | Name: yuidss Value: 4626017331641969444 |
|
mc.yandex.com/ | Name: yabs-sid Value: 483932731641969444 |
|
.yandex.com/ | Name: i Value: 12CaRWHAHoSD+dKxO6SAiRKkIhM3QXdJ7+89vVaf9QKLEbJe6DNYTBgKR1RNfvvFt9mP+Yru9wMkOP4N6x9qvKkkqkU= |
|
.yandex.com/ | Name: ymex Value: 1673505444.yrts.1641969444#1673505444.yrtsi.1641969444 |
|
.wp.pl/ | Name: statid Value: 04aab8ddc9c71f960fe619f48c8b612c:22691b:1641969444:v3 |
|
.linkedin.com/ | Name: lang Value: v=2&lang=de-de |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&202201120637241f36d387-2f64-4315-8ee4-3a503210bff7AQFRwORc2pGU7Sz9g2ByJ7R8U1L-wq7E" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE2NDE5Njk0NDQ7MjswMjEcShjcw1AJzQnJXtl/VxclbmV7KFS0Fo6XMiE/UhfySA== |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.businessclick.com
ajax.googleapis.com
connect.facebook.net
dot.wp.pl
fonts.googleapis.com
fonts.gstatic.com
images.thefirstnews.com
mc.yandex.com
mc.yandex.ru
platform.twitter.com
px.ads.linkedin.com
px.wp.pl
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
syndication.twitter.com
thefirstnews-cms.s3.eu-central-1.amazonaws.com
track.adform.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.instagram.com
www.linkedin.com
www.thefirstnews.com
104.244.42.72
108.174.10.14
13.32.121.63
212.77.100.251
212.77.100.82
212.77.99.29
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:1ec:21::14
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9a
2a00:1450:4019:801::2004
2a02:26f0:6c00::210:ba0a
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:e5:face:b00c:0:4420
3.120.55.39
37.157.6.241
52.219.169.186
03e6117e1fd88531e17c14d077671a3354fc2a6fc47350c957f5499bbd21ff4d
0e73d785c9e285d08c0632395f3dc5ed99afb8b8bc32acb56bad9f5ff326da37
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
15b2a2ca4ea32fe1787a7fb603c12f0363132fb9a775e1c2fa43851af5d13c88
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
161f39f7b8f8545fa59d6f59d004aab08e1e2c9db19267c0470396f0b58d6a6c
18a7a29489626785e9f96d890e366909787b80ad977baeec8149de3c1f7e85dd
1917266b5e255ae3d61850ea05665febf066066427b0eec9463d7b437bb2efd7
19da53e76b2598e867acdac6465865c6c3dc95a486be7a78f1df163414a12599
1c12a9aaa260a13834e577b34397f67779b74782ef9b796d0dcfc2b475f01655
1c71efbd7b64a7c1b17ee0e49c10a2b9f31c05f0a804e6737ff69f018a1a847b
287459c8f61f1da85bbb78866ac8266aed3b25f448c82c685ede6e6c89e25c9b
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2aeb18571dabf4a006cd9197695aded397209d3ebc0922ffe93fc65723d56691
392b2b039656d2b359ca041cde5cef5c9e11e7f28821ba82329960e6e293a510
40b265ee59a65384db83799df7780649fee92b7988426bee0e46e247e7d5fe70
40c421ae992d7824c3ac0c406080615a35e4ab7dc1b319f25cc935b1b03aa8da
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555d33efdbc692e442ef645bb95735059e58af0a8e3da7d1e7b1bc001776ff1e
5a19a32f7b13fdfeab23ac18abaecf4788478b25d137087d27de6e36fc9f71eb
63e9a79f86aac067b820ecbe7db1f343d33357ccb758238b0cd2148794a9b61b
71e2b1af8abf6fff3233c80c59ccae754ad883649ac05b973b83f551535698f7
72173e016fa901f7cefdad433603a366150a60982c6c39b52d420cb657ddacc4
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183
7785de664670d4429d93f52d5a7b51a1493de014e928614f968440bb869c822d
7cef884d835d940e1a79682e2903448ee835399930d1220bfa67fadabb7943e1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f787e80eb887603b9ed73c7849b8f0ee043b828866ce845b1db94276945c41
85808dfd43302feb45e1938ac376c879de2b5f39fa82ff5a47b095155ee22cf8
88268af30d10d59b6f84b309845e6da193fe0303bf169da63e98c41e32b849c7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9156745d368eb0e7cf009e8edc257c5d2cd16b4c922300d53592db781180e1ca
93d058f2a331f04fbe74786d01c50adde19e56db580b140c8e8ca023c19552d7
97a341207a1fa5b0794e7dfe0d6bc7548f2d22d54cb5743ec34073c072107132
9b336b5bca30964ffd2f34b914f1c934085f12a51ffcd56c42ac272532c6128a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a50d778813cc963f6429370ef211a998be69895f841075cfdcfa6d2844425938
a80dec789a77a39f02f84e791a7848c9364506f817983bcd6388ae802069856a
a86d19b2ef92c6011e5752082ebdc0b6059b1700cb07752b6b20792f0297c23f
aed8677c5e6c42d4ef2f4669ac39a669833425a36cee51460ca01529ba935e3e
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b490c16cdba5d285a899e27ebbb5e597a260e83bf6a1f519843dabbc348622ae
b7f7be2a7490b46c602b01f691aeaca2148f377cb0c2d456fe86ceb636ef5554
c08080b1b1e82faf05af06f293877cea52e84c0621204880089d90338d6a5ee8
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c41540293c53e2c72d625425b5af6c66ed98d6aaccedba4e4b0c0b369e20b45a
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
d2899678a238b6cf5dddc00d6b78d53b4c7882688e9c391e26d80fa3bd90614e
d34062b49294099708df21e079686b7d42e6c33fe94c2d795b9664a92bdbaf4b
da783fc2e40c8e6f5389c4d3be3e1762ddfe5687b7e47ddce8c392999d2b8fef
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e000eb22a1ca678433926144ec8f009d1db167a8fa9940ec558d3d3de23122f6
e37f310b221a50378b92629e722ae4672038ba33b172cd013c9e0fb65259a892
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed857074e3bc2916026e2768bb5d0c810adefe6b63cd7e316db5a91f72380708
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f73b5fb1a9fc82997be393486ac26f07ae4fea10243cf0165e0f557147b1f335
f7990e01eabaccff9e3c6697b64bd874f030c2f66bbc82206a166d2e5cd0bf78
f7b2b54081c596ca0fe6341db6bdeb5e572e19dab5c991bd57d42fe71831e8c1
f7f35c54183d5bd9dd5a9c40340613f94a714f326d30281c064484f36f74ce5a
fa2ee78026a9ad3b33b03d5ff033dc40f1827eb94b0cb2ab6dd95534d812073f
fadb8a3a835d7c900c06b768943e6e05b2863dfe840b4354f8b76cc4dc5e99c1
fe051c81a09b8d3472706bf45a5dc583ff126be549180ba1b7d5d935b1ea902a
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3