helenair.secondstreetapp.com
Open in
urlscan Pro
199.19.89.15
Public Scan
Effective URL: http://helenair.secondstreetapp.com/Nurses/
Submission: On April 15 via manual from US
Summary
This is the only time helenair.secondstreetapp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 199.19.89.15 199.19.89.15 | 54105 (SSM-NET) (SSM-NET - Second Street) | |
13 | 104.18.131.43 104.18.131.43 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 93.184.220.113 93.184.220.113 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 5 | 192.104.182.209 192.104.182.209 | 10668 (LEE-ASN) (LEE-ASN - Lee Enterprises) | |
1 | 192.104.182.109 192.104.182.109 | 10668 (LEE-ASN) (LEE-ASN - Lee Enterprises) | |
2 | 2a00:1450:400... 2a00:1450:4001:816::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
5 | 13.35.253.61 13.35.253.61 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
6 | 2a00:1450:400... 2a00:1450:4001:81f::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 13.35.254.197 13.35.254.197 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 2a00:1450:400... 2a00:1450:4001:815::2011 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 34.206.226.69 34.206.226.69 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 2a00:1450:400... 2a00:1450:400c:c08::9c | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 13.35.253.102 13.35.253.102 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 3 | 2.16.186.80 2.16.186.80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:808::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 23.23.34.202 23.23.34.202 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 34.200.171.196 34.200.171.196 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 34.196.42.225 34.196.42.225 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 2 | 34.250.96.102 34.250.96.102 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
64 | 26 |
ASN54105 (SSM-NET - Second Street, US)
PTR: 199-19-89-15.secondstreetmedia.com
helenair.secondstreetapp.com | |
embed-563868.secondstreetapp.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
bloximages.chicago2.vip.townnews.com |
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
tags.crwdcntrl.net |
ASN10668 (LEE-ASN - Lee Enterprises, Inc., US)
PTR: cms.chicago2.vip.townnews.com
helenair.com |
ASN10668 (LEE-ASN - Lee Enterprises, Inc., US)
PTR: cms.chicago2.vip.townnews.com
helenair.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-61.fra6.r.cloudfront.net
tagan.adlightning.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-197.fra6.r.cloudfront.net
static.parsely.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-226-69.compute-1.amazonaws.com
srv-2019-04-15-14.config.parsely.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-102.fra6.r.cloudfront.net
cdn.blueconic.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com
b.scorecardresearch.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-34-202.compute-1.amazonaws.com
lee.blueconic.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-200-171-196.compute-1.amazonaws.com
srv-2019-04-15-14.pixel.parsely.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-196-42-225.compute-1.amazonaws.com
srv-2019-04-15-14.pixel.parsely.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-96-102.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net |
Domain | Requested by | |
---|---|---|
13 | bloximages.chicago2.vip.townnews.com |
helenair.secondstreetapp.com
|
6 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com helenair.secondstreetapp.com |
6 | helenair.com |
1 redirects
helenair.secondstreetapp.com
|
5 | tagan.adlightning.com |
helenair.secondstreetapp.com
tagan.adlightning.com |
4 | www.facebook.com |
helenair.secondstreetapp.com
connect.facebook.net |
3 | b.scorecardresearch.com |
1 redirects
helenair.secondstreetapp.com
|
3 | survey.g.doubleclick.net |
helenair.secondstreetapp.com
survey.g.doubleclick.net |
3 | embed-563868.secondstreetapp.com |
1 redirects
helenair.secondstreetapp.com
embed-563868.secondstreetapp.com |
2 | bcp.crwdcntrl.net |
1 redirects
tagan.adlightning.com
|
2 | srv-2019-04-15-14.pixel.parsely.com |
helenair.secondstreetapp.com
|
2 | lee.blueconic.net |
cdn.blueconic.net
tagan.adlightning.com |
2 | connect.facebook.net |
helenair.secondstreetapp.com
connect.facebook.net |
2 | fonts.gstatic.com |
helenair.secondstreetapp.com
|
2 | stats.g.doubleclick.net |
1 redirects
helenair.secondstreetapp.com
|
2 | static.parsely.com |
helenair.secondstreetapp.com
static.parsely.com |
2 | www.googletagmanager.com |
helenair.secondstreetapp.com
|
2 | helenair.secondstreetapp.com |
bloximages.chicago2.vip.townnews.com
|
1 | www.google.de |
helenair.secondstreetapp.com
|
1 | www.google.com | 1 redirects |
1 | cdn.blueconic.net |
www.googletagmanager.com
|
1 | ampcid.google.de |
www.google-analytics.com
|
1 | adservice.google.de |
survey.g.doubleclick.net
|
1 | srv-2019-04-15-14.config.parsely.com |
static.parsely.com
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | fonts.googleapis.com |
helenair.secondstreetapp.com
|
1 | tags.crwdcntrl.net |
helenair.secondstreetapp.com
|
64 | 26 |
This site contains links to these domains. Also see Links.
Domain |
---|
helenair.com |
www.facebook.com |
twitter.com |
www.youtube.com |
www.instagram.com |
webport05.voiceport.net |
www.swmtmarketing.com |
lee.net |
bloxcms.com |
townnews.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bloximages.chicago2.vip.townnews.com GeoTrust RSA CA 2018 |
2018-04-06 - 2020-04-05 |
2 years | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
helenair.com Let's Encrypt Authority X3 |
2019-03-09 - 2019-06-07 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-03-26 - 2019-06-18 |
3 months | crt.sh |
*.secondstreetapp.com RapidSSL RSA CA 2018 |
2018-05-15 - 2020-08-17 |
2 years | crt.sh |
*.adlightning.com Amazon |
2018-08-31 - 2019-09-30 |
a year | crt.sh |
*.google.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-03-26 - 2019-06-18 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-03-08 - 2019-06-06 |
3 months | crt.sh |
www.google.de Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
http://helenair.secondstreetapp.com/Nurses/
Frame ID: 75E7393BD57EA64B61BD73BE9D7B8D6A
Requests: 61 HTTP requests in this frame
Frame:
https://embed-563868.secondstreetapp.com/embed/0cda4fe3-efbb-4a6b-8789-c15763eb5ee3/referrals/b0d5a278-f974-487e-b58a-98e918197ef5/
Frame ID: DB8B72E09AB52F3FA1548FB028CAEA47
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 526093109C3ADDA4E23D0FC3F4AAB1BE
Requests: 1 HTTP requests in this frame
Frame:
http://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=970740244/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20secondstreetapp%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364068%23Townnews%20%3A%20Site%20Section%20%3A%20Nurses/int=%23OpR%2372332%23Site%20Section%20%3A%20Nurses/int=%23OpR%2374650%23secondstreetapp.com%20%3A%20Total%20Site%20Traffic/med=%23OpR%2372333%23Keyword%20%3A%20Second%20Street%20Template/rb=%7B%22meta_tag%22%3A%22Second%20Street%20Template%22%7D/rt=ifr
Frame ID: A28717E261297E7E355963EC459CEB22
Requests: 1 HTTP requests in this frame
74 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: Become a member
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Title: Log In
Search URL Search Domain Scan URL
Title: Dashboard
Search URL Search Domain Scan URL
Title: Saved items
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Local
Search URL Search Domain Scan URL
Title: Crime
Search URL Search Domain Scan URL
Title: State & Regional
Search URL Search Domain Scan URL
Title: Government & Politics
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: National
Search URL Search Domain Scan URL
Title: Obituaries
Search URL Search Domain Scan URL
Title: Share a story
Search URL Search Domain Scan URL
Title: Find an Obituary
Search URL Search Domain Scan URL
Title: Opinion
Search URL Search Domain Scan URL
Title: Submit a letter
Search URL Search Domain Scan URL
Title: Letters
Search URL Search Domain Scan URL
Title: Editorial
Search URL Search Domain Scan URL
Title: Guest/Columnists
Search URL Search Domain Scan URL
Title: Sports
Search URL Search Domain Scan URL
Title: High School
Search URL Search Domain Scan URL
Title: Carroll College
Search URL Search Domain Scan URL
Title: College
Search URL Search Domain Scan URL
Title: Local
Search URL Search Domain Scan URL
Title: National
Search URL Search Domain Scan URL
Title: Entertainment
Search URL Search Domain Scan URL
Title: Event Calendar
Search URL Search Domain Scan URL
Title: Music
Search URL Search Domain Scan URL
Title: Movies
Search URL Search Domain Scan URL
Title: Food
Search URL Search Domain Scan URL
Title: TV Guide
Search URL Search Domain Scan URL
Title: Announcements
Search URL Search Domain Scan URL
Title: Outdoors
Search URL Search Domain Scan URL
Title: Print Edition
Search URL Search Domain Scan URL
Title: Archives
Search URL Search Domain Scan URL
Title: Weekly Ads
Search URL Search Domain Scan URL
Title: Buy & Sell
Search URL Search Domain Scan URL
Title: Place an Ad
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Homes
Search URL Search Domain Scan URL
Title: Cars
Search URL Search Domain Scan URL
Title: Business Directory
Search URL Search Domain Scan URL
Title: Today's Deal
Search URL Search Domain Scan URL
Title: Customer Service
Search URL Search Domain Scan URL
Title: Manage My Account
Search URL Search Domain Scan URL
Title: Newsletter sign-up
Search URL Search Domain Scan URL
Title: Subscribe
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Mobile Apps
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: 35°
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Obituaries
Search URL Search Domain Scan URL
Title: Sports
Search URL Search Domain Scan URL
Title: E-edition
Search URL Search Domain Scan URL
Title: Buy & Sell
Search URL Search Domain Scan URL
Title: Special Sections
Search URL Search Domain Scan URL
Title: 20 Under 40
Search URL Search Domain Scan URL
Title: Online Features
Search URL Search Domain Scan URL
Title: Email Delivery
Search URL Search Domain Scan URL
Title: Subscribe to Print or Digital
Search URL Search Domain Scan URL
Title: Manage Active Subscription
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Advertise
Search URL Search Domain Scan URL
Title: Work here
Search URL Search Domain Scan URL
Title: BLOX Content Management System
Search URL Search Domain Scan URL
Title: TownNews.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- http://helenair.com/template/second-street/data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAQAAAADCAQAAAAe/WZNAAAAEElEQVR42mM8U88ABowYDABAxQPltt5zqAAAAABJRU5ErkJggg== HTTP 301
- https://helenair.com/template/second-street/data:image/png;base64,ivborw0kggoaaaansuheugaaaaqaaaadcaqaaaae/wznaaaaeeleqvr42mm8u88abowydabaxqpltt5zqaaaaabjru5erkjggg==/
- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
- https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-54716522-2&cid=1741460267.1555337428&jid=1952081476&gjid=706602562&_gid=247985292.1555337428&_u=aGDAgUArAAQC~&z=1430440469 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54716522-2&cid=1741460267.1555337428&jid=1952081476&_v=j73&z=1430440469 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54716522-2&cid=1741460267.1555337428&jid=1952081476&_v=j73&z=1430440469&slf_rd=1&random=624027478
- http://b.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1555337428313&ns_c=UTF-8&cv=3.1&c8=Second%20Street%20Template%20%7C%20helenair.com&c7=http%3A%2F%2Fhelenair.secondstreetapp.com%2FNurses%2F%23%2Freferrals%2Fb0d5a278-f974-487e-b58a-98e918197ef5&c9= HTTP 302
- http://b.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1555337428313&ns_c=UTF-8&cv=3.1&c8=Second%20Street%20Template%20%7C%20helenair.com&c7=http%3A%2F%2Fhelenair.secondstreetapp.com%2FNurses%2F%23%2Freferrals%2Fb0d5a278-f974-487e-b58a-98e918197ef5&c9=
- https://embed-563868.secondstreetapp.com/embed/0cda4fe3-efbb-4a6b-8789-c15763eb5ee3/referrals/b0d5a278-f974-487e-b58a-98e918197ef5 HTTP 302
- https://embed-563868.secondstreetapp.com/embed/0cda4fe3-efbb-4a6b-8789-c15763eb5ee3/referrals/b0d5a278-f974-487e-b58a-98e918197ef5/
- http://bcp.crwdcntrl.net/5/c=6894/rand=970740244/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20secondstreetapp%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364068%23Townnews%20%3A%20Site%20Section%20%3A%20Nurses/int=%23OpR%2372332%23Site%20Section%20%3A%20Nurses/int=%23OpR%2374650%23secondstreetapp.com%20%3A%20Total%20Site%20Traffic/med=%23OpR%2372333%23Keyword%20%3A%20Second%20Street%20Template/rb=%7B%22meta_tag%22%3A%22Second%20Street%20Template%22%7D/rt=ifr HTTP 302
- http://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=970740244/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20secondstreetapp%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364068%23Townnews%20%3A%20Site%20Section%20%3A%20Nurses/int=%23OpR%2372332%23Site%20Section%20%3A%20Nurses/int=%23OpR%2374650%23secondstreetapp.com%20%3A%20Total%20Site%20Traffic/med=%23OpR%2372333%23Keyword%20%3A%20Second%20Street%20Template/rb=%7B%22meta_tag%22%3A%22Second%20Street%20Template%22%7D/rt=ifr
64 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
helenair.secondstreetapp.com/Nurses/ |
86 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.8aebbe9627939cd5a7c8e4f6930a23bd.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ |
107 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.eae60e6723b7e06f036457c5c2f42caa.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme-basic.4cce04b95f9b49884d7452d4a02f3f09.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ |
40 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lee-ds.min.css
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_flex/resources/styles/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc.js
tags.crwdcntrl.net/c/6894/ |
37 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 796 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.d1a4f9eb1701d7bb8dd985a2ca0981e5.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ |
96 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user.js
helenair.com/shared-content/art/tncms/user/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.9ef2deb39dff2c51bd3efbbfc097b065.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ |
36 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.2298fa2c06ac9b301ef502070168c6dc.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
40 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.9329546da5f585bc9c9c9b7f9d6df105.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.d7e566f2ec7f9a8512220af2ca01f265.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.ads.advertisements.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ |
205 B 261 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking.js
helenair.com/shared-content/art/tncms/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.4a9fdca450d57375be3be7a06b5bc5f0.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
251 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracker.js
helenair.com/shared-content/art/stats/common/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
helenair.com/template/second-street/data:image/png;base64,ivborw0kggoaaaansuheugaaaaqaaaadcaqaaaae/wznaaaaeeleqvr42mm8u88abowydabaxqpltt5zqaaaaabjru5erkjggg==/ Redirect Chain
|
0 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
74 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6d2d34e8-3c71-11e9-9a98-5bee59d50ddf.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/custom/image/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
embed.js
embed-563868.secondstreetapp.com/Scripts/dist/ |
54 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2acba3de-e86e-11e8-a24a-af2ef26954b0.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/custom/image/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blacklist_script.js
tagan.adlightning.com/leeenterprises/ |
86 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocking_script.js
tagan.adlightning.com/leeenterprises/ |
49 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
op.js
tagan.adlightning.com/leeenterprises/ |
44 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracker.gif
helenair.com/shared-content/art/stats/common/ |
0 113 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p.js
static.parsely.com/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
survey
survey.g.doubleclick.net/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 444 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
helenair.com
srv-2019-04-15-14.config.parsely.com/config/ |
384 B 802 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prompt_embed_static.js
survey.g.doubleclick.net/insights/consumersurveys/static/417424023245591329/ |
369 KB 133 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.sync.js
adservice.google.de/adsid/ |
113 B 175 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 373 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ |
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prompt
survey.g.doubleclick.net/gk/ |
0 410 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
www.googletagmanager.com/ |
151 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v15/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 947 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ Redirect Chain
|
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lee.js
cdn.blueconic.net/ |
125 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
53 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beacon.js
b.scorecardresearch.com/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ptrack-v1.1.1-engagedtime-slots.js
static.parsely.com/code/ |
37 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 102 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1681248518843474
connect.facebook.net/signals/config/ |
174 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b2
b.scorecardresearch.com/ Redirect Chain
|
0 248 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 199 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
json
lee.blueconic.net/DG/DEFAULT/rest/rpc/ |
2 B 525 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
srv-2019-04-15-14.pixel.parsely.com/plogger/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
embed-563868.secondstreetapp.com/embed/0cda4fe3-efbb-4a6b-8789-c15763eb5ee3/referrals/b0d5a278-f974-487e-b58a-98e918197ef5/ Frame DB8B Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b-e058b82.js
tagan.adlightning.com/leeenterprises/ |
49 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bl-e058b82-55aaee6a.js
tagan.adlightning.com/leeenterprises/ |
86 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
helenair.secondstreetapp.com/tncms/subscription/leefalcon/ |
1 KB 934 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
lee.blueconic.net/DG/DEFAULT/rest/rpc/ |
14 B 716 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ Frame 5260 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
srv-2019-04-15-14.pixel.parsely.com/plogger/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=970740244/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20secondstreetapp%20%3A%20Tota... Frame A287 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
76 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer object| _cc6894 object| LOTCC boolean| LEE_DS function| $ function| jQuery object| google_tag_manager string| GoogleAnalyticsObject function| ga object| TNCMS function| originalLeave function| objectFitImages object| localCookieStorage object| sessionCookieStorage object| cookieStorage object| SelectorQueries object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.browser object| eb.platform object| o function| TNStats_Tracker object| TNTracker object| google_tag_data object| gaplugins object| PARSELY object| _402 function| _402_Show object| googleToken object| googleIMState function| processGoogleTokenSync object| gaGlobal object| gaData object| webmonitoring object| jstiming402 object| paidtasksshim function| postscribe function| fbq function| _fbq object| _comscore function| udm_ object| ns_p object| COMSCORE object| __core-js_shared__ object| blueConicPreListeners function| BCClass object| blueConicClient function| janrainCaptureWidgetOnLoad object| MH_0x3990 function| MH_0x16e6 function| blacklist object| leeenterprises-ADL_BLACKLIST object| Bl_0x41ed function| Bl_0x373c function| blocker function| l9irooq5mo object| Gw_0x2618 function| Gw_0x25f0 function| op function| -8ji1nd4wp34 boolean| -1kvguv0lguf4 object| -yyb6cjrxo8w object| bHasSyncCookie object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| $sNavScroll object| bc_json1544 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.secondstreetapp.com/ | Name: _parsely_visitor Value: {%22id%22:%2250dae3ea-6199-42c2-b5fa-8084e8ed1ed6%22%2C%22session_count%22:1%2C%22last_session_ts%22:1555337438949} |
|
.facebook.com/ | Name: fr Value: 0g2WvvdSivdeDAZ4K..BctJDc...1.0.BctJDc. |
|
.secondstreetapp.com/ | Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22http://helenair.secondstreetapp.com/Nurses/#/referrals/b0d5a278-f974-487e-b58a-98e918197ef5%22%2C%22sref%22:%22%22%2C%22sts%22:1555337438949%2C%22slts%22:0} |
|
.secondstreetapp.com/ | Name: _fbp Value: fb.1.1555337428865.191509308 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.de
ampcid.google.com
ampcid.google.de
b.scorecardresearch.com
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
cdn.blueconic.net
connect.facebook.net
embed-563868.secondstreetapp.com
fonts.googleapis.com
fonts.gstatic.com
helenair.com
helenair.secondstreetapp.com
lee.blueconic.net
srv-2019-04-15-14.config.parsely.com
srv-2019-04-15-14.pixel.parsely.com
static.parsely.com
stats.g.doubleclick.net
survey.g.doubleclick.net
tagan.adlightning.com
tags.crwdcntrl.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.18.131.43
13.35.253.102
13.35.253.61
13.35.254.197
192.104.182.109
192.104.182.209
199.19.89.15
2.16.186.80
23.23.34.202
2a00:1450:4001:806::2003
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2011
2a00:1450:4001:816::2002
2a00:1450:4001:816::2008
2a00:1450:4001:818::200e
2a00:1450:4001:81f::200e
2a00:1450:400c:c08::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.196.42.225
34.200.171.196
34.206.226.69
34.250.96.102
93.184.220.113
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0f3f6ac5746b2e02812dacda4069ba192dd1c327ca7bb05a79b3fe4dcf78dea6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
125d46686c153a543d0336becdc095cb3f902211c406e51b72270d2165e22545
1ef65a8b0945be297b4de2890c3150d92cb59132d70b03746b25507da58e54ce
1f7e7fe7a913213ba7ca814a81b418125c82bfb19b1bffedf3ead51dc67ae7be
2c2848cae35af4251c468d24da898b01fbc00099d27bc9351ecd7c80b0d98bb9
31ad14b78f953f8113572a4d1925a38073bf5887b3c0addfde7f26972ed24d48
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3e6b5fa285638ad36fb0547cf744af0b43021767808322effc60de11e0614f0f
49114b2ec4e3716765add6712126663b15584b133126191c7c460c9a8e979621
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
517a12853ebeb6d0b22e9d38143296bb6d5b7e78109cb722e045eea355ae36b0
57d505a36ed776023a0cb8d8525f5aebb58a22a8bbe708714591c1b58a1a2d83
5dbf8a6350cbbd26fd8c83783de30102e6108834bfbc441cc70138e421b4ec6a
5ef1eb55c113d010a1ff7ece8835a8e4688824dbc1620fb39d5726a724fb2ed4
63d2328a64a24e2b784d4c195755f06d43f78e461676b00aaa39bfc9725a22e1
657e742c7928d20d1cc0aaefdba516df57932b5c190fe012994310edce47b4ad
6c38e8e7c5be83f9d9994a17c1faa8205491d0d485732bf8e4bce836768e7d75
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
76c9ff51412a9b567d3d146db04d04e6d82a5d623e029f77bb95764b32fa1ec0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ba22b18e57a313eb32ebff65f03d51b5cac32ab871037faedb606fb35341d74
8df874dc9f8ebd1f818861a527b95af0b4cfa3e4f4befd7990372f5b9d195999
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c20cc8bec233783149dd32f42fa3f04ab05cc16e8107f0a808aeb73fe7f0401
9e7f7739435570bfdd1a282301e5d262f136a87f2b172fe5ad26ff3e9c91e2ea
a2c82ca8f3d795788cbb8a548cdf248dab92c3c3fe7ace6801e85fe947b736da
a5e3f430e106b6bb7dcf3f4ae9e3146a0d4df08db1053e5e36932e4698bc0f19
ad749b30d1e8c520b546c68e9c0ed1750a5307a2a30b4f7925f666476d40e9c3
c0e820f09742011fe0e43e33672ce56c277182152d685843f24cc14b55566490
c3f7b2513899b1c406772d9c66f7c564e60b0d3d1245d475bd4776174ebf9a6b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb0b2be2b1de2d4d919e85fd05f6a37563ecd1bd7088f072dc1167183bb861d5
cbfc00e8e34c96ef442ea8ee5b96fc2be1515a2f3b0443cce51ecbbf4d92105b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
dfb1f7382421f28c416725643f49025c8dff428be75972dadd41d8ca9ae7b89a
e1579558e2ee5636fd7e0bc497a63f24775c4290eeb05180d095e71a1ad72b7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eb2945506d174304a52ab03b3e2b62c04c2e7480696fb5d24d264f318d70bee4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0acc00cf737dff40ba112aa64afc2709f7c25df5817e031f698afc762049aa6
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fbc7f51f58f1c8aa2a8eb7a768b6324c75ecbf9b0cde1a3a2b478c78f5498e8e