t.news.star-telegram.com
Open in
urlscan Pro
44.230.91.85
Public Scan
Submitted URL: https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbdf&ac_cid=DM588779&ac_bid=-1450476849&p1=star-telegram&p2=%40MI...
Effective URL: https://t.news.star-telegram.com/webApp/mccPrefCenter?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&ac_cid=DM588779&ac_bid=-1450476849
Submission: On January 05 via api from US — Scanned from DE
Effective URL: https://t.news.star-telegram.com/webApp/mccPrefCenter?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&ac_cid=DM588779&ac_bid=-1450476849
Submission: On January 05 via api from US — Scanned from DE
Summary
This website contacted 23 IPs
in 8 countries
across 19 domains to perform 52 HTTP transactions.
The main IP is 44.230.91.85, located in
Boardman, United States and
belongs to AMAZON-02, US.
The main domain is t.news.star-telegram.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 22nd 2021. Valid for: a year.
This is the only time t.news.star-telegram.com was scanned on urlscan.io!
TLS certificate: Issued by Entrust Certification Authority - L1K on March 22nd 2021. Valid for: a year.
This is the only time t.news.star-telegram.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
35.82.144.234
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-144-234.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-144-234.us-west-2.compute.amazonaws.com
| t1.news.mcclatchydc.com |
3
44.230.91.85
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-91-85.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-91-85.us-west-2.compute.amazonaws.com
| t.news.star-telegram.com |
5
2600:9000:2240:2e00:7:65ff:7f00:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| res1.news.mcclatchydc.com |
7
104.111.219.128
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-128.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-128.deploy.static.akamaitechnologies.com
| media.mcclatchy.com | |
| media.star-telegram.com |
4
54.155.2.252
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-2-252.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-2-252.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
107.178.250.234
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
| js.matheranalytics.com |
3
2a00:1450:4001:80f::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
52.71.198.250
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-198-250.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-198-250.compute-1.amazonaws.com
| www.i.matheranalytics.com |
1
34.247.200.0
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-200-0.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-200-0.eu-west-1.compute.amazonaws.com
| mcclatchy.demdex.net |
2
15.188.95.229
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
| mcclatchy.sc.omtrdc.net |
11
151.101.66.49
(United States)
ASN54113 (FASTLY, US)
ASN54113 (FASTLY, US)
| lasteventf-tm.everesttech.net | |
| sync-tm.everesttech.net |
1
52.36.102.242
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-102-242.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-102-242.us-west-2.compute.amazonaws.com
| cm.everesttech.net |
3
142.250.185.66
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
| cm.g.doubleclick.net |
1
69.173.144.165
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
2
2.18.234.21
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
| dsum-sec.casalemedia.com |
6
104.17.208.240
(None, )
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com | |
| siteintercept.qualtrics.com |
2
185.33.220.216
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 872.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| ib.adnxs.com |
1
34.98.64.218
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
1
2a03:2880:f11c:8183:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
| Domain | Requested by | |
|---|---|---|
| 10 | sync-tm.everesttech.net | 10 redirects |
| 6 | media.star-telegram.com |
t.news.star-telegram.com
media.star-telegram.com |
| 5 | siteintercept.qualtrics.com |
zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
siteintercept.qualtrics.com |
| 5 | res1.news.mcclatchydc.com |
t.news.star-telegram.com
res1.news.mcclatchydc.com |
| 4 | dpm.demdex.net |
media.star-telegram.com
t.news.star-telegram.com |
| 3 | cm.g.doubleclick.net |
2 redirects
t.news.star-telegram.com
|
| 3 | www.google-analytics.com |
media.star-telegram.com
www.google-analytics.com |
| 3 | t.news.star-telegram.com |
t.news.star-telegram.com
|
| 2 | sync.search.spotxchange.com | 1 redirects |
| 2 | ib.adnxs.com | 1 redirects |
| 2 | dsum-sec.casalemedia.com | 1 redirects |
| 2 | mcclatchy.sc.omtrdc.net |
media.star-telegram.com
|
| 2 | js.matheranalytics.com |
1 redirects
t.news.star-telegram.com
|
| 1 | www.facebook.com | |
| 1 | image2.pubmatic.com | |
| 1 | us-u.openx.net | |
| 1 | zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com |
media.star-telegram.com
|
| 1 | pixel.rubiconproject.com | |
| 1 | cm.everesttech.net | 1 redirects |
| 1 | lasteventf-tm.everesttech.net |
media.star-telegram.com
|
| 1 | mcclatchy.demdex.net |
media.star-telegram.com
|
| 1 | www.google.co.uk |
t.news.star-telegram.com
|
| 1 | www.google.com |
t.news.star-telegram.com
|
| 1 | www.i.matheranalytics.com |
t.news.star-telegram.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | media.mcclatchy.com |
t.news.star-telegram.com
|
| 1 | t1.news.mcclatchydc.com | 1 redirects |
| 52 | 27 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| news.mcclatchydc.com Entrust Certification Authority - L1K |
2021-03-22 - 2022-04-02 |
a year | crt.sh |
| www.mcclatchydc.com DigiCert SHA2 Secure Server CA |
2021-12-14 - 2022-12-14 |
a year | crt.sh |
| *.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA |
2020-01-28 - 2022-01-27 |
2 years | crt.sh |
| www.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| www.google.co.uk GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
| *.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-10-05 - 2022-03-04 |
5 months | crt.sh |
| *.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020 |
2021-03-22 - 2022-04-23 |
a year | crt.sh |
| *.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-24 - 2022-09-24 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://t.news.star-telegram.com/webApp/mccPrefCenter?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&ac_cid=DM588779&ac_bid=-1450476849
Frame ID: 19B41D6571A67AC6F043F92085F9F0BB
Requests: 43 HTTP requests in this frame
Frame:
https://mcclatchy.demdex.net/dest5.html?d_nsid=0
Frame ID: E908979F1DD5CCC842D343758E19BE30
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Manage Newsletter SubscriptionsPage URL History Show full URLs
-
https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbdf&ac_cid=DM588779&ac_bid=-1450476849&p1=st...
HTTP 302
https://t.news.star-telegram.com/webApp/mccPrefCenter?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&ac_cid=DM588779&ac_b... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://t1.news.mcclatchydc.com/r/?id=ha98b7acf%2Cead91a9%2Cbb2fbdf&ac_cid=DM588779&ac_bid=-1450476849&p1=star-telegram&p2=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&s=HgXPjV7djmY4CsTUEhJeljxxgPbERozLpKrEoLcJt84
HTTP 302
https://t.news.star-telegram.com/webApp/mccPrefCenter?id=%40MILPbNfmMVxjTmQZcVlw8g%3D%3D&ac_cid=DM588779&ac_bid=-1450476849 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://js.matheranalytics.com/s/ma12095/74930421/all/ml.js?cb=1583 HTTP 301
- https://js.matheranalytics.com/static/ltm/ma12095/all/6/ml.br.js
- https://cm.everesttech.net/cm/dd?d_uuid=15240059814556659400061667698098871890 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YdX0mQAAAI0KwgRD
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTUyNDAwNTk4MTQ1NTY2NTk0MDAwNjE2Njc2OTgwOTg4NzE4OTA= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTUyNDAwNTk4MTQ1NTY2NTk0MDAwNjE2Njc2OTgwOTg4NzE4OTA=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOdB2h5vwadJJohovHCoaUk&google_cver=1?gdpr=0&gdpr_consent=
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=YdX0mQADYIA4wAAm HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWRYMG1RQURZSUE0d0FBbQ==&_test=YdX0mQADYIA4wAAm
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=YdX0mQADYAY9VwAm HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YdX0mQADYAY9VwAm&expires=90&_test=YdX0mQADYAY9VwAm
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdX0mQADYIA4wAAm HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YdX0mQADYIA4wAAm&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=YdX0mQADYAY9VwAm HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYdX0mQADYAY9VwAm
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=YdX0mQADYAY9VwAm
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdX0mQADYAY9VwAm
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YdX0mQADYAY9VwAm&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YdX0mQADYAY9VwAm&img=1&__user_check__=1&sync_id=974bd559-6e5f-11ec-b263-153cf9b00506
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=YdX0mQADYAY9VwAm&t=2592000&o=0
52 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
mccPrefCenter
t.news.star-telegram.com/webApp/ Redirect Chain
|
27 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WA-en-cf461481d56f1e56aa870f98218b501b.js
t.news.star-telegram.com/nl/gen/min/ |
37 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
WA-d848f649e6daffd332438632254c310a.js
t.news.star-telegram.com/nl/gen/min/ |
284 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
138 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
50 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fort-worth-black.png
media.mcclatchy.com/email-assets/global/logos/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spacer.png
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
73 B 404 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
star-telegram.js
media.star-telegram.com/misites/dfw/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
manage_newsletters_s_code.js
media.star-telegram.com/mistats/products/ |
93 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
manage_newsletters.js
media.star-telegram.com/mistats/products/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
finalizestats.js
media.star-telegram.com/mistats/ |
60 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.3.1.min.js
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
147 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
mcclatchy-serif-web-demi.woff
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
mcclatchy-sans-web-regular.woff
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
mcclatchy-sans-web-demi.woff
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
mcclatchy-serif-web-regular.woff
res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fa-solid-900.woff2
res1.news.mcclatchydc.com/res/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fa-solid-900.woff
res1.news.mcclatchydc.com/res/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
common.js
media.star-telegram.com/misites/all/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
micb.js
media.star-telegram.com/mistats/ |
127 KB 128 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fa-solid-900.ttf
res1.news.mcclatchydc.com/res/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ml.br.js
js.matheranalytics.com/static/ltm/ma12095/all/6/ Redirect Chain
|
140 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 215 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 69 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
7 B 451 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
i
www.i.matheranalytics.com/ |
43 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.co.uk/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
mcclatchy.demdex.net/ Frame E908 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
mcclatchy.sc.omtrdc.net/ |
2 B 323 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
lasteventf-tm.everesttech.net/ |
0 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=YdX0mQAAAI0KwgRD
dpm.demdex.net/ Redirect Chain
|
42 B 943 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s24930601981463
mcclatchy.sc.omtrdc.net/b/ss/mccltallmcclatchy/10/JS-2.22.0/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEOdB2h5vwadJJohovHCoaUk&google_cver=1
dpm.demdex.net/ Frame E908 Redirect Chain
|
42 B 943 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Frame E908 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame E908 Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame E908 Redirect Chain
|
43 B 1003 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
ib.adnxs.com/ Frame E908 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
12.8327016048e927965e51.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
55 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame E908 Redirect Chain
|
43 B 274 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
99 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame E908 Redirect Chain
|
1 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4.421260a34f7ea51f50e6.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
2 KB 902 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.5c0b718e7a75c4689460.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
28 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame E908 Redirect Chain
|
43 B 549 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b.php
www.facebook.com/fr/ Frame E908 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/mcclatchy-serif-web-demi.woff
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/mcclatchy-sans-web-regular.woff
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/mcclatchy-sans-web-demi.woff
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/mcclatc_mid_prod3/mcclatchy-serif-web-regular.woff
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/webfonts/fa-solid-900.woff2
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/webfonts/fa-solid-900.woff
- Domain
- res1.news.mcclatchydc.com
- URL
- https://res1.news.mcclatchydc.com/res/webfonts/fa-solid-900.ttf
Verdicts & Comments Add Verdict or Comment
116 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| Timeline_urlPrefix string| Timeline_parameters object| xtk_core object| xtk_formbase object| NL object| ROOT function| IEFixImage function| Navigator function| DateIsDateTime function| UIController function| HelpBubble function| HelpBubblePair function| ShowLoading function| isGecko function| isAppleWebKit function| isKonqueror function| isSafari function| isIOs function| isOmniweb function| isOpera function| isAol function| isIE function| getIEVersion function| isMozilla function| isNS object| MouseEventHelper object| HTMLHelper function| clone object| HelpBubbleHelper object| HelpBubbleOptions function| newDOMDocument function| firstChildElement function| nextSiblingElement function| findNodes function| findElement function| findChildElement function| elementValue function| getXPathValue function| setXPathValue function| internalCopyAttributes function| internalImportNode function| importNode function| importNodeAsHTML function| applyHTMLAttribute function| replaceContent function| escapeXmlString function| parseXMLString function| toXMLString function| createPOJsO function| convertToPOJsO function| E4XStyleAttribute object| XML function| XtkIEEvent function| XtkGeckoEvent function| NewEvent function| findXtkObject function| openView function| addSecurityToken function| isNeolaneConsole object| g_xtkContext object| REPORT_COLORS function| DebugConsole function| richTextArea function| AutoAdjustMatrixColumns function| onEnterPressed function| PerformClickAction function| HtmlDialog function| traverseXMLTree function| ReportList function| formatAndSetValue function| FormatHelper function| compileStyle function| addTable function| $ function| jQuery boolean| IE boolean| IE_LT_9 function| Spinner function| htmlPageForm object| mistats object| adobe function| Visitor object| s_c_il number| s_c_in string| s_account object| s function| s_doPlugins function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq function| AdCloudEvent boolean| mistats_messageHandler boolean| mitagsent object| _matherq string| GoogleAnalyticsObject function| mistats_ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _mather object| tid string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| s_i_mccltallmcclatchy string| h object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.64.1 object| _qsie33 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mcclatchydc.com/ | Name: uuid230 Value: 43cc7149-35ef-43a3-b62b-2014cc22fa34 |
|
| .mcclatchydc.com/ | Name: nlid Value: a98b7acf|ead91a9 |
|
| .t.news.star-telegram.com/ | Name: _ga Value: GA1.4.1599056077.1641411737 |
|
| .t.news.star-telegram.com/ | Name: _gid Value: GA1.4.658210177.1641411737 |
|
| .t.news.star-telegram.com/ | Name: _gat_mistats_ga_UA-48279680-1 Value: 1 |
|
| .t.news.star-telegram.com/ | Name: _gat_mistats_ga_UA-48280268-1 Value: 1 |
|
| .star-telegram.com/ | Name: _sp_id.3a5a Value: 356e50899981f188.1641411737.1.1641411737.1641411737 |
|
| .star-telegram.com/ | Name: _sp_ses.3a5a Value: * |
|
| .demdex.net/ | Name: demdex Value: 15240059814556659400061667698098871890 |
|
| .star-telegram.com/ | Name: AMCVS_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: 1 |
|
| .star-telegram.com/ | Name: adcloud Value: {%22_les_v%22:%22y%2Cstar-telegram.com%2C1641413537%22} |
|
| .star-telegram.com/ | Name: mi_nr Value: 1641411737237-New |
|
| .star-telegram.com/ | Name: mi_s_vnmn Value: 1644003737238%26vn%3D1 |
|
| .star-telegram.com/ | Name: mi_iv Value: true |
|
| .star-telegram.com/ | Name: s_cc Value: true |
|
| .t.news.star-telegram.com/ | Name: aam_segment Value: segID%3D20225604 |
|
| .t.news.star-telegram.com/ | Name: aam_uuid Value: 15240059814556659400061667698098871890 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlmQK378IG3lD5GuLOzsu-XJVAyXHzMfP25qyL1L9FcDG4ppCr6GKOAT52C3aM |
|
| .dpm.demdex.net/ | Name: dpm Value: 15240059814556659400061667698098871890 |
|
| .star-telegram.com/ | Name: AMCV_3B6E35F15A82BBB00A495D91%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18998%7CMCMID%7C15831605716200808030001628422533114341%7CMCAAMLH-1642016537%7C6%7CMCAAMB-1642016537%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1641418937s%7CNONE%7CMCAID%7CNONE%7CMCCIDH%7C-1450945%7CMCSYNCSOP%7C411-19005%7CvVersion%7C5.2.0 |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YdX0mQADYAY9VwAm |
|
| .casalemedia.com/ | Name: CMID Value: YdX0mbh3w0WW23qDGG8EtQAA |
|
| .casalemedia.com/ | Name: CMPS Value: 5210 |
|
| .casalemedia.com/ | Name: CMPRO Value: 1156 |
|
| .casalemedia.com/ | Name: CMRUM3 Value: 5861d5f4992760YdX0mQADYIA4wAAm |
|
| .casalemedia.com/ | Name: CMST Value: YdX0mWHV9JkA |
|
| .adnxs.com/ | Name: uuid2 Value: 6108144792702061137 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4.FErk#WF']wIg2GVPijcP>!]tbPl1MwL(!R7qUY$*VOP)POYN'GrYm-_AE%6ZpUj5/j/X%W#.wL5oa9/sZwfzrVv9V/.<wEexQ67Oe!@GR6*SqHg |
|
| .pubmatic.com/ | Name: KRTBCOOKIE_218 Value: 4056-YdX0mQADYAY9VwAm&KRTB&22978-YdX0mQADYAY9VwAm&KRTB&23194-YdX0mQADYAY9VwAm&KRTB&23209-YdX0mQADYAY9VwAm |
|
| .pubmatic.com/ | Name: PugT Value: 1641411737 |
|
| .pubmatic.com/ | Name: PUBMDCID Value: 3 |
|
| .spotxchange.com/ | Name: audience Value: 974bd522-6e5f-11ec-b263-153cf9b00506 |
|
| .demdex.net/ | Name: dextp Value: 771-1-1641411737310|144230-1-1641411737410|144231-1-1641411737511|144232-1-1641411737612|144233-1-1641411737713|144234-1-1641411737815|144235-1-1641411737916|144236-1-1641411738016|144237-1-1641411738117 |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
js.matheranalytics.com
lasteventf-tm.everesttech.net
mcclatchy.demdex.net
mcclatchy.sc.omtrdc.net
media.mcclatchy.com
media.star-telegram.com
pixel.rubiconproject.com
res1.news.mcclatchydc.com
siteintercept.qualtrics.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.news.star-telegram.com
t1.news.mcclatchydc.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.i.matheranalytics.com
zne4ggyw07imid52z-mcclatchy.siteintercept.qualtrics.com
res1.news.mcclatchydc.com
104.111.219.128
104.17.208.240
107.178.250.234
142.250.185.66
15.188.95.229
151.101.66.49
185.33.220.216
185.64.190.80
185.94.180.126
2.18.234.21
2600:9000:2240:2e00:7:65ff:7f00:93a1
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2003
2a00:1450:400c:c06::9c
2a03:2880:f11c:8183:face:b00c:0:25de
34.247.200.0
34.98.64.218
35.82.144.234
44.230.91.85
52.36.102.242
52.71.198.250
54.155.2.252
69.173.144.165
01937c9481039111d9c0f243edc9dc1fd987dde3ecfa0e7082c3500f82477807
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12e06887bd5ae67f02a18a8ea4e224f62b6e03d54769f44433a4a07d27ee82c4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1684ec3991089049f8de457124ed686cd6ca98631debf625bc83f8497b93c659
24b81be7eec9bbc755b014e61684ac5612973b0d73633d4c43226f7e3996e7d2
270ba09a8836a011ab324f7ab43f2b77987f474a81a49b63b3c2e4811ce5b740
28650f3b316ce39442a1b897893f21bc5c68b7411d84809dde206ec0e3a57057
319a3cc5c9b91c326cd8b31930650ec7afa7d00dfb4c8f59bf0d4ed0f5ca1526
3732f37105e3be3fbb952af43e6d7328595b6a2f55e83496529fbaa27aeb3be7
38aa843c2f5d3b7707c5511e97e487b72f7f60b69c6461b60939206183ad74e8
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
4041bed86bb10bd9b2cfec6cb3dd4705a7f4d248c6d55e9f63906bf66b59796d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
465bac5b39f0fe54180175cacd91795b6456e48d19118c71072aa173e89aee1a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a36bfb7995c90e80bc907138d7f0dd0193ea597c39e0e2a03825456b108c5d9
666404287b2aa131dc865d96a21302e0d0770d4d90c6cd15499cac5b6e35dde2
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
878227787bfdfdc233209277b711325be189981949e62797f2b8413f1931c261
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b93deb2f2f99a6dcd6ba15e31633e827712bebda802d21de182dcd417c5173c1
babce16260ef1082584ce9ca3cfd618c37412fca9b64d25dfa16f83e27e783d9
bd635a67abfa8304e0688c19f33c41207dfadb79c8c8cc7703939b464ab5247e
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
df4fbba6df2c329173b9b97299fac3b2fbe4a60c315ca88a8274f3662f386a59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e658c5daf3e185d51b81b34762fb1e19e0d559c1261bfc2c2dd1178a2e8c05
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec2cc99b7d1be6fb64d9ce3622e5584e39002529d87a71ffad76435b800de309
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f5f8bdd78a444992671b81c946f60612970f50e5fe59afb9961df4a20f57d7
f9e89cc75070a2966feb791f8c86ed3e860fd118e02b7b588890f8b5c781e158
fa379372489fcf4b2ba5e76b6c7bf8f28dfdeea3b7a86d17e9b9dc3ab0908039