www.expressnews.com
Open in
urlscan Pro
151.101.112.200
Public Scan
Effective URL: https://www.expressnews.com/news/article/Minnesota-extends-COVID-19-state-of-emergency-for-16101272.php?_hsmi=88974744&_hsen...
Submission: On April 15 via api from DE
Summary
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on April 13th 2021. Valid for: 22 days.
This is the only time www.expressnews.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 199.60.103.254 199.60.103.254 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
32 | 151.101.112.200 151.101.112.200 | 54113 (FASTLY) (FASTLY) | |
1 | 2a04:4e42:400... 2a04:4e42:400::621 | 54113 (FASTLY) (FASTLY) | |
12 | 18.197.253.20 18.197.253.20 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 99.84.156.18 99.84.156.18 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 34.251.18.147 34.251.18.147 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 142.250.185.66 142.250.185.66 | 15169 (GOOGLE) (GOOGLE) | |
1 | 98.129.228.59 98.129.228.59 | 33070 (RMH-14) (RMH-14) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:20e... 2600:9000:20e8:5800:18:1fcd:34e:d2a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 35.171.219.207 35.171.219.207 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE) | |
75 | 14 |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com |
ASN54113 (FASTLY, US)
www.expressnews.com | |
treg.hearstnp.com | |
aps.hearstnp.com | |
s.hdnux.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-18.txl52.r.cloudfront.net
cdn.blueconic.net |
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
static.chartbeat.com |
Domain | Requested by | |
---|---|---|
19 | www.expressnews.com |
info.silobreaker.com
www.expressnews.com |
12 | nexus.ensighten.com |
www.expressnews.com
nexus.ensighten.com |
8 | s.hdnux.com |
www.expressnews.com
|
3 | treg.hearstnp.com |
www.expressnews.com
treg.hearstnp.com |
2 | ping.chartbeat.net |
www.expressnews.com
|
2 | securepubads.g.doubleclick.net |
aps.hearstnp.com
securepubads.g.doubleclick.net |
2 | aps.hearstnp.com |
www.expressnews.com
aps.hearstnp.com |
2 | info.silobreaker.com | 1 redirects |
1 | ampcid.google.de |
www.google-analytics.com
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | static.chartbeat.com |
nexus.ensighten.com
|
1 | www.google-analytics.com |
nexus.ensighten.com
|
1 | p.ctpost.com |
www.expressnews.com
|
1 | insight.adsrvr.org |
www.expressnews.com
|
1 | cdn.blueconic.net |
www.expressnews.com
|
1 | polyfill.io |
www.expressnews.com
|
0 | s.ntv.io Failed |
nexus.ensighten.com
|
0 | s.skimresources.com Failed |
nexus.ensighten.com
|
0 | z-na.associates-amazon.com Failed |
nexus.ensighten.com
|
0 | sb.scorecardresearch.com Failed |
nexus.ensighten.com
|
0 | cdn.keywee.co Failed |
nexus.ensighten.com
|
0 | static.ads-twitter.com Failed |
nexus.ensighten.com
|
0 | connect.facebook.net Failed |
nexus.ensighten.com
|
0 | 100007923.collect.igodigital.com Failed |
nexus.ensighten.com
|
0 | ak.sail-horizon.com Failed |
www.expressnews.com
|
0 | realm.hearst3pcc.com Failed |
treg.hearstnp.com
|
0 | cdn.taboola.com Failed |
www.expressnews.com
|
0 | c.amazon-adsystem.com Failed |
aps.hearstnp.com
|
0 | z.moatads.com Failed |
aps.hearstnp.com
|
0 | scripts.webcontentassessor.com Failed |
aps.hearstnp.com
|
75 | 30 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
info.silobreaker.com Cloudflare Inc ECC CA-3 |
2020-06-30 - 2021-06-30 |
a year | crt.sh |
hearst-newspapers.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-04-13 - 2021-05-05 |
22 days | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-04-13 - 2022-03-26 |
a year | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
*.blueconic.net Thawte TLS RSA CA G1 |
2019-12-04 - 2022-02-01 |
2 years | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2021-03-18 - 2022-04-19 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
p.ctpost.com R3 |
2021-03-26 - 2021-06-24 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.chartbeat.com Thawte RSA CA 2018 |
2020-06-01 - 2021-06-02 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.chartbeat.net Thawte RSA CA 2018 |
2020-12-01 - 2021-12-30 |
a year | crt.sh |
*.google.de GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.expressnews.com/news/article/Minnesota-extends-COVID-19-state-of-emergency-for-16101272.php?_hsmi=88974744&_hsenc=p2ANqtz-_0OBVnBqAeSzbP_e-365H_IVXSJGXM6tQBozVaBqbvkD2_NMcTeK0BjatwvamfR60gyp9LcxyZULoW6R77TcASpz3Zt5kxt9G-LfaB75opXt9v_ew
Frame ID: BCBABD792DE6AEC244E4D1F3C7B8E79F
Requests: 87 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://info.silobreaker.com/e2t/tc/VW7NQy672gJJW3gYtJV1Y_yjYW5JQdxX4qqk8xN2SX24p2-HwrV1-WJV7CgBW7VSLNd42... Page URL
-
https://info.silobreaker.com/events/public/v1/track/tc/VW7NQy672gJJW3gYtJV1Y_yjYW5JQdxX4qqk8xN2SX24p2-Hwr...
HTTP 307
https://www.expressnews.com/news/article/Minnesota-extends-COVID-19-state-of-emergency-for-16101272.php?... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Subscribe
Search URL Search Domain Scan URL
Title: Subscribe
Search URL Search Domain Scan URL
Title: Newsletters
Search URL Search Domain Scan URL
Title: e-Edition
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Our Company
Search URL Search Domain Scan URL
Title: Advertising
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://info.silobreaker.com/e2t/tc/VW7NQy672gJJW3gYtJV1Y_yjYW5JQdxX4qqk8xN2SX24p2-HwrV1-WJV7CgBW7VSLNd42qxNXTW1K2B1Y1CBT8bW69Ddkb248C6zW6yKtKq24yzDxW8dbPTW6dkZ2vW14Tx-32yjBBSW3vHs6j351gF_W2LBg9V6_2DhMW5wyYny7-zC5wW5flCxf3ytTtSW3XwpxJ3lv4LxW54sBBK7cJ8RlW77f0X_5fSp7rMC_2Qx4xyBjW7RQVqY1bZ_58W2vD0Mx6jYdV4W8-kyqQ4TmsJCV_lzsp4HY1d3W4ygs7m3sL93xW85WPT13wgCDtW6T9PL1278ncRW8lrhkx5vn2P-W8tgLyP25mX_cN9hcBpKNXHgpVgZct18rV8cWVH92CP6C-hV63hJk1 Page URL
-
https://info.silobreaker.com/events/public/v1/track/tc/VW7NQy672gJJW3gYtJV1Y_yjYW5JQdxX4qqk8xN2SX24p2-HwrV1-WJV7CgBW7VSLNd42qxNXTW1K2B1Y1CBT8bW69Ddkb248C6zW6yKtKq24yzDxW8dbPTW6dkZ2vW14Tx-32yjBBSW3vHs6j351gF_W2LBg9V6_2DhMW5wyYny7-zC5wW5flCxf3ytTtSW3XwpxJ3lv4LxW54sBBK7cJ8RlW77f0X_5fSp7rMC_2Qx4xyBjW7RQVqY1bZ_58W2vD0Mx6jYdV4W8-kyqQ4TmsJCV_lzsp4HY1d3W4ygs7m3sL93xW85WPT13wgCDtW6T9PL1278ncRW8lrhkx5vn2P-W8tgLyP25mX_cN9hcBpKNXHgpVgZct18rV8cWVH92CP6C-hV63hJk1?_ud=bc87a45a-7510-4022-854e-35a05c29b48a&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p
HTTP 307
https://www.expressnews.com/news/article/Minnesota-extends-COVID-19-state-of-emergency-for-16101272.php?_hsmi=88974744&_hsenc=p2ANqtz-_0OBVnBqAeSzbP_e-365H_IVXSJGXM6tQBozVaBqbvkD2_NMcTeK0BjatwvamfR60gyp9LcxyZULoW6R77TcASpz3Zt5kxt9G-LfaB75opXt9v_ew Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
75 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
VW7NQy672gJJW3gYtJV1Y_yjYW5JQdxX4qqk8xN2SX24p2-HwrV1-WJV7CgBW7VSLNd42qxNXTW1K2B1Y1CBT8bW69Ddkb248C6zW6yKtKq24yzDxW8dbPTW6dkZ2vW14Tx-32yjBBSW3vHs6j351gF_W2LBg9V6_2DhMW5wyYny7-zC5wW5flCxf3ytTtSW3Xwpx...
info.silobreaker.com/e2t/tc/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Minnesota-extends-COVID-19-state-of-emergency-for-16101272.php
www.expressnews.com/news/article/ Redirect Chain
|
98 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
www.expressnews.com/js/core/libs/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
treg.js
treg.hearstnp.com/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3056-gdpr-min.css
www.expressnews.com/file/305/6/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3057-gdpr-min.js
www.expressnews.com/file/305/7/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.js
www.expressnews.com/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
article.main.css
www.expressnews.com/css/ |
191 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
polyfill.io/v3/ |
72 B 565 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
article.main.js
www.expressnews.com/js/ |
109 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loadAds.js
aps.hearstnp.com/Scripts/ |
804 KB 243 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/hearst/news/ |
91 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hearst.js
cdn.blueconic.net/ |
260 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetJS
treg.hearstnp.com/assets/0xD890E7C3FCCF38D6E5D92381710C36405579FA2B/ |
398 KB 140 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/45/64/20864262/3/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/47/04/20869401/5/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/45/63/20864223/3/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/46/20/20866049/7/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/44/52/20859566/13/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/46/31/20866664/5/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/46/40/20867073/5/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/46/32/20866695/3/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
insight.adsrvr.org/track/evnt/ |
70 B 261 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hearst_newspapers_logo.svg
www.expressnews.com/img/core/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
treg_comp.css
treg.hearstnp.com/assets/64c13c836de9ef79450433439d6ffcc7c1bc7220c/expressnews.com/css/ |
16 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
polyfill.min.js
polyfill.io/v3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetJS
aps.hearstnp.com/SRO/ |
5 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d65ba7cd6a96847162fb556c3a5dc7b7e66de309481ec4e558b4e9dc40515858
scripts.webcontentassessor.com/scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
62 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
moatheader.js
z.moatads.com/hearstnewsprebidheader515009925453/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
apstag.js
c.amazon-adsystem.com/aax2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
hearst.js
cdn.blueconic.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
loader.js
cdn.taboola.com/libtrc/hearstlocalnews-expressnews/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
insight.adsrvr.org/track/evnt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
C3P0_RealmCookie
realm.hearst3pcc.com/utility/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.expressnews.com/img/logos/white/ |
9 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
212 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
791 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
794 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
624 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
926 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.expressnews.com/img/logos/black/ |
28 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
314 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
931 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
848 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
source-sans-pro-v11-latin-regular.woff2
www.expressnews.com/css/core/fonts/sourcesans/ |
16 KB 16 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
source-sans-pro-v11-latin-700.woff2
www.expressnews.com/css/core/fonts/sourcesans/ |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
source-sans-pro-v11-latin-600.woff2
www.expressnews.com/css/core/fonts/sourcesans/ |
15 KB 16 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lora-v12-latin-regular.woff2
www.expressnews.com/css/core/fonts/lora/ |
24 KB 24 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
source-sans-pro-v11-latin-300.woff2
www.expressnews.com/css/core/fonts/sourcesans/ |
15 KB 16 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lora-v12-latin-700.woff2
www.expressnews.com/css/core/fonts/lora/ |
25 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/hearst/news/ |
999 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
spm.v1.min.js
ak.sail-horizon.com/spm/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
treg.main.css
www.expressnews.com/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
article
p.ctpost.com/ |
0 239 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revenue.min.js
www.expressnews.com/js/core/workers/ |
3 KB 2 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.min.js
www.expressnews.com/js/core/workers/ |
3 KB 1 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2021040804.js
securepubads.g.doubleclick.net/gpt/ |
296 KB 104 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
975d5b3655cff7f01ad1e16afd0045f8.js
nexus.ensighten.com/hearst/news/code/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4ab2f834185fa81d77e75d61e357f21d.js
nexus.ensighten.com/hearst/news/code/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5dde0ec1873adfb32b64f25656a74a4b.js
nexus.ensighten.com/hearst/news/code/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f0ab0d9b9a2f81d983194bd71866a3c9.js
nexus.ensighten.com/hearst/news/code/ |
2 KB 845 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3bf646efb7d05217b92eef289ac60fed.js
nexus.ensighten.com/hearst/news/code/ |
150 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2d142b3467fe0550ee67fc3493b55f71.js
nexus.ensighten.com/hearst/news/code/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8c234649f58e6ec01edb2e0d38bb147d.js
nexus.ensighten.com/hearst/news/code/ |
396 B 569 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3f07bbd3b079cb547507dada1face14b.js
nexus.ensighten.com/hearst/news/code/ |
1 KB 705 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
collect.js
100007923.collect.igodigital.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fbevents.js
connect.facebook.net/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
uwt.js
static.ads-twitter.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
analytics.min.js
cdn.keywee.co/dist/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
beacon.js
sb.scorecardresearch.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
v2
z-na.associates-amazon.com/onetag/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
131678X1600844.skimlinks.js
s.skimresources.com/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat_video.js
static.chartbeat.com/js/ |
69 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
insight.adsrvr.org/track/evnt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
load.js
s.ntv.io/serve/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 539 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 169 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 468 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 168 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- polyfill.io
- URL
- https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver%2CIntersectionObserverEntry%2CPromise%2CCustomEvent%2CArray.prototype.forEach%2CArray.prototype.entries
- Domain
- scripts.webcontentassessor.com
- URL
- https://scripts.webcontentassessor.com/scripts/d65ba7cd6a96847162fb556c3a5dc7b7e66de309481ec4e558b4e9dc40515858
- Domain
- z.moatads.com
- URL
- https://z.moatads.com/hearstnewsprebidheader515009925453/moatheader.js
- Domain
- c.amazon-adsystem.com
- URL
- https://c.amazon-adsystem.com/aax2/apstag.js
- Domain
- cdn.blueconic.net
- URL
- https://cdn.blueconic.net/hearst.js
- Domain
- cdn.taboola.com
- URL
- https://cdn.taboola.com/libtrc/hearstlocalnews-expressnews/loader.js
- Domain
- insight.adsrvr.org
- URL
- https://insight.adsrvr.org/track/evnt/?adv=ctg2su6&ct=0:2dv77v9&fmt=3
- Domain
- realm.hearst3pcc.com
- URL
- https://realm.hearst3pcc.com/utility/C3P0_RealmCookie?host=www.expressnews.com&operation=create&cb=1618485652610
- Domain
- ak.sail-horizon.com
- URL
- https://ak.sail-horizon.com/spm/spm.v1.min.js
- Domain
- 100007923.collect.igodigital.com
- URL
- https://100007923.collect.igodigital.com/collect.js
- Domain
- connect.facebook.net
- URL
- https://connect.facebook.net/en_US/fbevents.js
- Domain
- static.ads-twitter.com
- URL
- https://static.ads-twitter.com/uwt.js
- Domain
- cdn.keywee.co
- URL
- https://cdn.keywee.co/dist/analytics.min.js
- Domain
- sb.scorecardresearch.com
- URL
- https://sb.scorecardresearch.com/beacon.js
- Domain
- z-na.associates-amazon.com
- URL
- https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=4d1725f8-8e9d-4373-bac8-d19b9b5ed187
- Domain
- s.skimresources.com
- URL
- https://s.skimresources.com/js/131678X1600844.skimlinks.js
- Domain
- insight.adsrvr.org
- URL
- https://insight.adsrvr.org/track/evnt/?adv=ctg2su6&ct=0:wx5gdn3&fmt=3
- Domain
- s.ntv.io
- URL
- https://s.ntv.io/serve/load.js
Verdicts & Comments Add Verdict or Comment
210 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| treg string| version undefined| check undefined| isMobile undefined| userAgent undefined| mobile undefined| iPhone undefined| faceBookApp undefined| mobileSafari undefined| richieApp undefined| instaGramApp undefined| googleSearchAppliance object| Oidc object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| realmiFrameResize string| socialProvider function| initializeModule object| HDN object| Article string| omni_channelPath string| omni_title string| omni_bizObjectId string| omni_className string| omni_publicationDate string| omni_sourceSite string| omni_authorName string| omni_authorTitle string| omni_premiumStatus string| omni_premiumEndDate string| omni_originalSource string| omni_pageNumber string| omni_breakingNewsFlag string| omni_localNewsFlag string| omni_isListView string| omni_paywallSite string| omni_displayTemplate object| aps object| googletag object| pbjs boolean| debugSGA string| APSpageUrl function| responsiveAds function| ga string| JuicePageUrl string| loadAd_UrlLocation number| DESKTOP number| MOBILE number| TABLET number| current_device number| CLIENT number| SERVER number| SERVER_COMPATIBLE function| onHearstAdEvent function| hearstSetAdPageType function| setDFPSlotTargeting function| hearstGetNextDynamicAdDivID function| hearstGetLastDynamicAdDivID function| setDfpSearchValues function| getHostName function| getDomain function| defineTags function| hearstUpdateSlotRenderInfo function| hearstGetVideoAdTagSize function| hearstGetVideoAdTag function| hearstPlaceDynamicAd function| hearstPlaceAd function| hearstRefreshAds function| hearstRefreshInterstitialAds function| moatYieldReady function| setMoatPrebidData function| StripAndPreserveQuerystringVars function| setPageTargettedUrl object| refreshed function| codeFromSlot function| setSlotTargeting function| getOmniContentType function| getQueryParam function| _getBlogOmniType object| apstag function| onHearstLogBadScript string| juiceMdHash function| disableAdServingBasedOnQueryStringValues object| ntvConfig object| ensBootstraps object| Bootstrapper function| bcImpression function| bcTrackEvent function| bcTrackData function| commerceConnectorAnalytics string| hnpSiteAmazonTag string| hnpSiteSkimlinksPublisherId boolean| __hrst_com_embed_debug object| __hrst_com_embed_setup object| abd function| ens_countImpression boolean| _taboolaNetworkMode object| _taboola string| _taboolaHDNPageLabel object| nextStory object| _scrollStatesCollectionContainer object| scrollStates object| _articleBodyScrollProgressCollectionContainer object| progressStates object| ggeac object| google_js_reporting_queue string| juiceservice number| APSpageID string| APSGenerationID boolean| APSResponsiveDesign object| definedTags function| omni_trackListView function| omni_trackListViewComplete function| omni_trackListViewPage function| omni_trackListViewHidePage function| setOrgId string| currentDomain function| addAmazonLinkTags function| addAmazonLinkTagsLoop function| addAmazonOneTag function| addSkimlinks function| ens_slideshowPageView function| ens_virtualPageView function| ens_customEvent function| ens_specialEvent function| fbq function| _fbq function| twq function| kwa object| sites function| comScoreBeacon string| cScript function| onJuiceRefreshable function| onJuiceEvent_SlotRendered object| HNPutilities object| site_settings object| helpers function| s_HearstLinkTracking function| omniModalLinkTrack function| omniModalLogin function| omniModalLoginFail function| omniModalSubscribe function| omniBlogPhotoLoad function| ens_track_slideshow function| pushGAClickEvent object| omni object| authUtilities object| s2nData object| gaDevIds object| gaplugins object| pageHostArr object| GAutilities object| cDim object| cMet object| gaFieldObject object| ess function| setCommonDimensions function| initializeGATracking string| GoogleAnalyticsObject object| _sf_async_config number| _sf_endpt object| _cbq function| setDetails object| getDetails string| ga_account object| cross_domains string| sitePlatform number| wcTemp number| wcStart number| wcEnd string| wcRange object| currentDomainArray string| monthlySession function| trackSpotIm boolean| viewableCheck boolean| maskCheck function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| google_tag_data object| gaGlobal object| gaData object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv function| stopSetInterval function| updatePaymeterDetails string| userType string| _tbl_unified_id string| _tbl_user_type14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.expressnews.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
www.expressnews.com/ | Name: _cb_svref Value: null |
|
www.expressnews.com/ | Name: _chartbeat2 Value: .1618485654033.1618485654033.1.CjjFkEDFVbfoHlLl0D84iit2kFVS.1 |
|
.expressnews.com/ | Name: _ga Value: GA1.2.853536333.1618485654 |
|
www.expressnews.com/ | Name: _cb Value: BIMnj1C-HV5bBGhnIL |
|
.expressnews.com/ | Name: _gid Value: GA1.2.1031113146.1618485654 |
|
.expressnews.com/ | Name: hnpdiudpf2 Value: wGTJ6tScLr8aWDuGO2S4Tr+LApdinhhNy/V0GleOWs4= |
|
.expressnews.com/ | Name: ga_cd35 Value: 1 |
|
.expressnews.com/ | Name: ga_cd34 Value: 1 |
|
www.expressnews.com/ | Name: _cb_ls Value: 1 |
|
www.expressnews.com/ | Name: location_data Value: {"is_eu":true,"country_code":"CH","postal_code":"1"} |
|
www.expressnews.com/ | Name: s_abd Value: {"first":false,"test":"","result":"","last":false} |
|
www.expressnews.com/ | Name: ab_bucket Value: 46 |
|
.expressnews.com/ | Name: hnpdiudpf1 Value: gnbh+lMNwTSea0gA4XrF/OgkllXcGvAbbcwQM5d5VaY= |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
100007923.collect.igodigital.com
ak.sail-horizon.com
ampcid.google.com
ampcid.google.de
aps.hearstnp.com
c.amazon-adsystem.com
cdn.blueconic.net
cdn.keywee.co
cdn.taboola.com
connect.facebook.net
info.silobreaker.com
insight.adsrvr.org
nexus.ensighten.com
p.ctpost.com
ping.chartbeat.net
polyfill.io
realm.hearst3pcc.com
s.hdnux.com
s.ntv.io
s.skimresources.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
static.ads-twitter.com
static.chartbeat.com
treg.hearstnp.com
www.expressnews.com
www.google-analytics.com
z-na.associates-amazon.com
z.moatads.com
100007923.collect.igodigital.com
ak.sail-horizon.com
c.amazon-adsystem.com
cdn.blueconic.net
cdn.keywee.co
cdn.taboola.com
connect.facebook.net
insight.adsrvr.org
polyfill.io
realm.hearst3pcc.com
s.ntv.io
s.skimresources.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
static.ads-twitter.com
z-na.associates-amazon.com
z.moatads.com
142.250.185.66
151.101.112.200
18.197.253.20
199.60.103.254
2600:9000:20e8:5800:18:1fcd:34e:d2a1
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:82b::200e
2a04:4e42:400::621
34.251.18.147
35.171.219.207
98.129.228.59
99.84.156.18
0bf7764d17b80f7e0b3340c60a6d221bbaadf91857c6e36e7f914ad9478dc77c
0ca5dfccf231ca5addf1f3d050de02f670a0ad26b3395a188dc787397e2310de
10c4dd8cddfc41aef2e41e2a046fe30b318818d277cca21e6b087887324fa916
10d3671743954ab15ec7bd3809709547da963ed3dcf6b989d67f228fd57d6ec1
1851a4758fa23827c8ef2d994b9bf4b8d0b3b54570f55cb5e5d5e7836a69b502
190a92f1106c8bf217acc3d201a0a6c729c2a0068ffc121d3625ec7cedad4040
2388f1edd6a088ac459df1fb5512c32ae133c1bba5a5c0138b5d330903dfacf3
256a7cf4ed78c8761050c350c848fb17ff6231a827305f5cc6e655001f30e12c
258a95bd9dcd3545955ae55be83c44ebb2158700603df8eb994ab9f5b1cf1302
307ab77aa0fb6a53dbd8c4a11eb3f26aed8e81ee8809ac933b517b6908a23ce2
338eab6862c9fbfd64156221ff6761e869079c9cbd820076efbd3ebec2dd696b
362a56ab2f7aead5463cbff68b799c26cce33ebdec6860c8e7c4da7241ceb9e2
3f3e8c28db98006fbea2fe416fbbf16f94d9d67c11be0501cf88db8b2f7e4da8
4878246b8f310765bb5ce00488bd6fa0e60416c37ad72a74d6844d686c49f7a9
48e003aee40abce30a73766b1ec068e13e73420c2a51bb8b73327753f335786c
4dad99c8a1bfab4ca451e8532522dff4bf21dacb0aecf414b61bc4a35b0febda
523af80c9c94e7a4be0ad7d86503e99bc5ff796c71656e7957812833958854a9
5851fb67d868be69b04bf99aaeb2e126bc31ce404ab69467a74dfed2727043b1
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5c113f3fb7ca50352a8ac77a56577a9211ea46c9bf55019216e5b3e8e78181e3
5ff2b8617fa276975de72e5530ebfaa4e35d7cf034add4cb3d6a78320c61819d
60d4510456420f2f255ee71b60c9b001b92cb92dbd78ca9d89b26aa00b3b788a
613afc2160db55777211c732d01feb9ebe68a72936b30e5b8e3c25fb73c7c89c
63f3a386a63016e8adf56dbc32b1e62ad23298ab9b8efe70c0d5a3cdc730dff9
6580a4a100fcb8b00532c322298e4dda206b46f9eaf0c1bd38ba6e08baa60a14
67500e22c87683026d455364552ca857042373cfc2b4cd8529f0bc3ff07afa7a
6ad929972710d08db457f7da8b52c398f38eedd9f82ff73a9693e2837f97bcba
6c73ee8e1b8e7c63d76fa7cfbc3548f47b34f6be773d2d059473b9762e927d54
6dd9088f15687cb4fefc9bcce5a08ecb6636c93956b4258404a3d7a6bf48954f
820af8656c1761fbf5bfd02bc8578dd9c361a20f946f8dc06f9538cef8b3c917
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
944b42f1941caec3786138da40b1ada38e7beff1c5e396ed8441d4c36f391ae8
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ac54832d5d539780c72f58a9cb353ea8b328d8c8c049b7c0bc653922e4983554
b14fe7e7cb76179a5ca982f6cb47242e0a49e79c656f41fb0b88dc2bc5a63f9c
b202c3ebcdf3eefa62d9d495cb65a4ad036137eed31b37d1cb8394c79ea91f7e
ba4b2315a60b293d26dbf176d444350ec48718b2b342f6439b1f615281385c04
bc77b15d3d26572b2975ccab6fe3468f153f5e3fa424336d71941611aad4ecdd
bd57ebda268d2e7c3fcfb345f05a2bf82fa6be93c8ba6251d8e181c0a8ee224c
bf5cfcf834033f9c43098fdd1e0f67e4beedbd008d9ed65af1123cdab1b63837
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
c09055f0d3ce5ac45f886c935226d1e4cb0f7488525e9f8b298f26fc0171e5a8
c40fa9a347181da26ccfc2e7413d900f9e2549f68150f3dd09e13b6aac505221
c4b089676582a333d24ce88c44a6273118f7fe7e24bc3574df0d155d8be20f1f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
cc372fadf8a8cf35a89223ee44ebfc4dac12a9796c4ecdc8d581d04f6473c597
cdaf1ffa6d56b2d6d8b455b60b90b989e1217910232796a9c20e6341114b014b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c5d5baea154fefa1e608cd2f95739ab4a587a9028975ba793b22505828ad53
d1404840fb68ecad6f280a0310327db9f96c19be51ef309caae30573ee2efa83
d1757e1e150541e5c1f71d80838785869568c61edbb926941feb03c460399ac8
d50f1882a10fe5d13ac34728c3408970352750db51ea3d10ebc0802fb97c9bee
d8381e66783011957eabadb622d7899061bf93e78fff38ebfe00ab743d6c8e60
dfb8587ddb042967b931263357c04ad94c49d0088017600f6d6e26096a285461
e16ac25aa46fc72563d49f528668155ed2253bf34fb59e262e2399d39aeec0b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ddf3c522c855368c13d9bb8979d8d7b8e7ed797a5f2320473938f5f7c441c
e868bd6a9b3b4d6ba676e7a32c479a56f5c84bb1eee019b699cec84f0fd1f14f
f173e931167796a34a3ba7d8b3dc90bea6ed9d801b5823212bbc32bb88c9aa02
f3ae7d155ad6ba2b08b02e7f3dc75db68a3e247c0439e97ce2439c36cd32643f
f59fe281e47c844a83295ee3d71813021e64eb00d3f13ba6d75b412166ba5a68
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
ffacc747ec61b75def87b1873713498534b83ccbe1b37507f039d392cdeee2df