www.courierherald.com
Open in
urlscan Pro
141.193.213.11
Public Scan
Submitted URL: http://www.courierherald.com//
Effective URL: https://www.courierherald.com/
Submission: On June 30 via api from US — Scanned from DE
Effective URL: https://www.courierherald.com/
Submission: On June 30 via api from US — Scanned from DE
Summary
This website contacted 16 IPs
in 2 countries
across 13 domains to perform 56 HTTP transactions.
The main IP is 141.193.213.11, located in
United States and
belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US.
The main domain is www.courierherald.com.
TLS certificate: Issued by E1 on May 21st 2024. Valid for: 3 months.
This is the only time www.courierherald.com was scanned on urlscan.io!
TLS certificate: Issued by E1 on May 21st 2024. Valid for: 3 months.
This is the only time www.courierherald.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
38
141.193.213.11
(United States)
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
| www.courierherald.com |
1
2600:9000:21f3:1400:16:b713:7e40:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| h712.courierherald.com |
1
2a00:1450:4001:80b::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
184.25.158.186
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a184-25-158-186.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-25-158-186.deploy.static.akamaitechnologies.com
| www.accuweather.com |
2
18.244.18.38
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net
| sb.scorecardresearch.com |
1
2a00:1450:4001:81d::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagservices.com |
3
13.224.186.120
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net
| c.amazon-adsystem.com |
2
18.173.205.83
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-83.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-83.fra56.r.cloudfront.net
| embed.sendtonews.com | |
| embedcdn.sendtonews.com |
1
142.250.186.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
| securepubads.g.doubleclick.net |
1
18.245.31.123
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-123.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-123.fra56.r.cloudfront.net
| config.aps.amazon-adsystem.com |
1
13.33.173.196
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-33-173-196.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-33-173-196.fra60.r.cloudfront.net
| aax.amazon-adsystem.com |
2
2a00:1450:4001:829::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| fundingchoicesmessages.google.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 39 |
courierherald.com
1 redirects
www.courierherald.com h712.courierherald.com |
569 KB |
| 5 |
amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 746 aax.amazon-adsystem.com — Cisco Umbrella Rank: 494 |
81 KB |
| 2 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744 |
129 KB |
| 2 |
sendtonews.com
1 redirects
embed.sendtonews.com — Cisco Umbrella Rank: 15819 embedcdn.sendtonews.com — Cisco Umbrella Rank: 18504 |
4 KB |
| 2 |
scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 188 |
3 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
6 KB |
| 1 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 |
145 KB |
| 1 |
isu.pub
image.isu.pub — Cisco Umbrella Rank: 41356 |
36 KB |
| 1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 324 |
31 KB |
| 1 |
accuweather.com
www.accuweather.com — Cisco Umbrella Rank: 13742 |
1 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
72 KB |
| 1 |
jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3338 |
41 KB |
| 0 |
newzware.com
Failed
everettweb.newzware.com Failed |
|
| 56 | 13 |
| Domain | Requested by | |
|---|---|---|
| 38 | www.courierherald.com |
1 redirects
www.courierherald.com
|
| 3 | c.amazon-adsystem.com |
www.courierherald.com
c.amazon-adsystem.com |
| 2 | fundingchoicesmessages.google.com |
securepubads.g.doubleclick.net
|
| 2 | sb.scorecardresearch.com |
www.courierherald.com
|
| 1 | fonts.googleapis.com | |
| 1 | aax.amazon-adsystem.com |
c.amazon-adsystem.com
|
| 1 | config.aps.amazon-adsystem.com |
c.amazon-adsystem.com
|
| 1 | securepubads.g.doubleclick.net |
www.googletagservices.com
|
| 1 | image.isu.pub |
www.courierherald.com
|
| 1 | embedcdn.sendtonews.com |
www.courierherald.com
|
| 1 | embed.sendtonews.com | 1 redirects |
| 1 | www.googletagservices.com |
www.courierherald.com
|
| 1 | www.accuweather.com |
www.courierherald.com
|
| 1 | www.googletagmanager.com |
www.courierherald.com
|
| 1 | cdn.jwplayer.com |
www.courierherald.com
|
| 1 | h712.courierherald.com |
www.courierherald.com
|
| 0 | everettweb.newzware.com Failed |
www.courierherald.com
|
| 56 | 17 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.courierherald.com E1 |
2024-05-21 - 2024-08-19 |
3 months | crt.sh |
| d287.tacomadailyindex.com Amazon RSA 2048 M03 |
2024-06-06 - 2025-07-05 |
a year | crt.sh |
| jwplayer.com Amazon RSA 2048 M02 |
2023-10-27 - 2024-11-23 |
a year | crt.sh |
| *.google-analytics.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| *.accuweather.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-14 - 2024-07-23 |
a year | crt.sh |
| *.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA |
2023-12-11 - 2024-12-10 |
a year | crt.sh |
| *.g.doubleclick.net WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| c.amazon-adsystem.com Amazon RSA 2048 M01 |
2023-12-30 - 2024-12-04 |
a year | crt.sh |
| *.isu.pub GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-04-06 - 2025-05-08 |
a year | crt.sh |
| config.aps.amazon-adsystem.com Amazon RSA 2048 M02 |
2024-01-21 - 2025-02-19 |
a year | crt.sh |
| alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03 |
2024-03-29 - 2025-04-28 |
a year | crt.sh |
| *.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| upload.video.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.courierherald.com/
Frame ID: 16FCBA5D3855E5F5C1A1F5954B001E4B
Requests: 56 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.courierherald.com//
HTTP 307
https://www.courierherald.com// HTTP 301
https://www.courierherald.com/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
DoubleClick for Publishers (DFP)
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
comScore
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.courierherald.com//
HTTP 307
https://www.courierherald.com// HTTP 301
https://www.courierherald.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 35- https://embed.sendtonews.com/player2/embedcode.php?fk=AscZbHFP&cid=4312&floatwidth=400 HTTP 302
- https://embedcdn.sendtonews.com/easy-stn-player/7.32.20/embed.js
56 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H3 |
Primary Request
/
www.courierherald.com/ Redirect Chain
|
169 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fa-regular-400.woff2
www.courierherald.com/wp-content/themes/momentous-spiech/fonts/ |
1 KB 1 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fa-brands-400.woff2
www.courierherald.com/wp-content/themes/momentous-spiech/fonts/ |
2 KB 2 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fa-solid-900.woff2
www.courierherald.com/wp-content/themes/momentous-spiech/fonts/ |
2 KB 2 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
marketplace.css
www.courierherald.com/wp-content/plugins/marketplace-shortcode-block-momentous/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
weather-bug.css
www.courierherald.com/wp-content/plugins/weather-bug-momentous/css/ |
2 KB 719 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.ui.all.css
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/css/ |
37 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
epass-css.css
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
style.min.css
www.courierherald.com/wp-includes/css/dist/block-library/ |
111 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
wpba-frontend.css
www.courierherald.com/wp-content/plugins/wp-better-attachments/assets/css/ |
852 B 621 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
style.css
www.courierherald.com/wp-content/uploads/maxmegamenu/ |
65 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
config.js
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
site-min.js
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ |
47 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery-1.7.2.js
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ |
93 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.ui.core.min.js
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery-ui.min.js
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ |
197 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
nwJQuery.js
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ |
35 B 219 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
e-pass-min.js
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ |
82 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
comscore.js
www.courierherald.com/wp-content/plugins/soundpress-comscore/js/ |
353 B 396 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
hb-amzn-uam.js
www.courierherald.com/wp-content/plugins/soundpress-header-bidding-amzn/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
picturefill.min.js
www.courierherald.com/wp-content/plugins/wp-retina-2x/app/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.min.js
www.courierherald.com/wp-includes/js/jquery/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery-migrate.min.js
www.courierherald.com/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
marketplace.js
www.courierherald.com/wp-content/plugins/marketplace-shortcode-block-momentous/js/ |
1 KB 712 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
nwstartconfig_ECH.js
everettweb.newzware.com/ss70v2/sound/custom/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
h712.courierherald.com/ |
138 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
NOZVn4NA.js
cdn.jwplayer.com/libraries/ |
110 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
198 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
child-theme.min.css
www.courierherald.com/wp-content/themes/momentous-spiech/css/ |
179 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3.svg
www.accuweather.com/images/weathericons/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
beacon.js
sb.scorecardresearch.com/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
98 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
310 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
36676409_web1_News-Enum-TIP-ECH-240626_1.jpg
www.courierherald.com/wp-content/uploads/2024/06/ |
121 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
36676409_web1_News-Enum-TIP-ECH-240626_1-570x475.jpg
www.courierherald.com/wp-content/uploads/2024/06/ |
87 KB 87 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1x1.trans.gif
www.courierherald.com/wp-content/plugins/lazy-load/images/ |
42 B 249 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.32.20/ Redirect Chain
|
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
in-house-ad-wide.jpg
www.courierherald.com/wp-content/themes/momentous-spiech/img/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
page_1_thumb_large.jpg
image.isu.pub/240626091809-3d11dd15b7dfc335fd9027e7a1dd1e76/jpg/ |
35 KB 36 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
spi-logo.png
www.courierherald.com/wp-content/themes/momentous-spiech/img/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
epass.js
www.courierherald.com/wp-content/plugins/soundpress-paywall-newzware/javascript/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
child-theme.min.js
www.courierherald.com/wp-content/themes/momentous-spiech/js/ |
87 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.sonar.min.js
www.courierherald.com/wp-content/plugins/lazy-load/js/ |
1 KB 927 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
lazy-load.js
www.courierherald.com/wp-content/plugins/lazy-load/js/ |
902 B 665 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
hoverIntent.min.js
www.courierherald.com/wp-includes/js/ |
1 KB 915 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
maxmegamenu.js
www.courierherald.com/wp-content/plugins/megamenu/js/ |
33 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b
sb.scorecardresearch.com/ |
0 225 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/ |
466 KB 145 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f4e5f220-2efc-45a1-869f-0b293f8aec73
config.aps.amazon-adsystem.com/configs/ |
563 B 838 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config
c.amazon-adsystem.com/cdn/prod/ |
0 307 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bid
aax.amazon-adsystem.com/e/dtb/ |
23 B 361 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
22692889424
fundingchoicesmessages.google.com/i/ |
199 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AGSKWxUHDVZmGpuyCLsHQLYWANiHg2-kydOe2a38E0tv8wie17EcK7In9oTetIAVWppNQHHJfeRCodZuYeUnzJhOR89Zvau7-rjs21iYHeV8rw4IIfJdyot95PQuuSnq-Fk6fJeysoDptQ==
fundingchoicesmessages.google.com/f/ |
431 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
child-theme.min.css
www.courierherald.com/wp-content/themes/momentous-spiech/css/ |
179 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
109 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- everettweb.newzware.com
- URL
- https://everettweb.newzware.com/ss70v2/sound/custom/nwstartconfig_ECH.js
Verdicts & Comments Add Verdict or Comment
375 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| php_vars number| nwviewportwidth number| nwviewportheight string| nwSite string| nwPubDate string| nwProtocol string| nwServer string| nwEdition string| nwUserCkSubscripDays number| nwuserCkDefaultDays string| nwContentId string| nwECopyAccess string| nwDayPassAccess string| nwMeterAccess string| nwMustRegister string| nwMeterThreshold number| nwMeterDefaultDays string| nwContentCallback string| nwIllegalChars number| nwPasswordLength string| nwDoNonSubCheck string| nwSkipConfirmation string| nwTheme string| uiVersion string| nwLabelColor string| nwInputFontSize string| nwInputFontColor string| nwFacebook string| nwGoogle string| nwDialogWidth string| nwDialogHeading string| nwECopy string| nwDayPass string| nwTerm string| nwWelcome string| nwMeterUsed string| nwLoginIcon string| nwLoginInstruct string| nwLoginIdLabel string| nwPasswordLabel string| nwButtonLogin string| nwButtonCancel string| nwButtonRegister string| nwInvalidLogin string| nwNoValidSubscrip string| nwInsufficientFunds string| nwForgotPasswordLinkText string| nwPurchaseOptionsHeading string| nwDayPassHeading string| nwECopyHeading string| nwTermSubscripHeading string| nwDayPassBuyButtonText string| nwECopyBuyButtonText string| nwTermSubscripBuyButtonText string| nwCancelButtonText string| nwDayPassIconURL string| nwTermIconURL string| nwECopyIconURL string| nwTermBuyIconURL string| nwDayPassBuyIconURL string| nwECopyBuyIconURL string| nwPublicTerminalText string| nwRegistrationHeading string| nwNonSubRegistrationHeading string| nwAccountFieldText string| nwLastNameFieldText string| nwFirstNameFieldText string| nwEmailFieldText string| nwEmailConfirmFieldText string| nwUserNameFieldText string| nwPasswordFieldText string| nwConfirmPasswordFieldText string| nwRegisterButtonText string| nwUserRegistrationText string| nwUserChoiceSub string| nwUserChoiceNonSub string| nwRegistrationIconURL string| nwRegAuthButton string| nwConfirmButton string| nwECopyConfirmButton string| nwConfirmCancelButton string| nwConfirmUpdateButton string| nwPurchaseConfirmHeading string| nwECopyPurchaseConfirmHeading string| nwEPassRatesHeading string| nwLabelSunday string| nwLabelMonday string| nwLabelTuesday string| nwLabelWednesday string| nwLabelThursday string| nwLabelFriday string| nwLabelSaturday string| nwECopyCreditAmts string| nwConfirmSaleText string| nwECopyConfirmSaleText string| nwRegisteredMessage string| nwRegisteredAuthorized string| nwNonSubAccountFound string| nwNonSubAccountFail string| nwAlertText string| nwMessageText string| nwMeterUpMessage string| nwIsTeaserBlock string| nwTeaserId string| nwRegisteringMessage string| nwContentWidth string| nwLabelStyle string| nwPublicTerminalTextStyle string| nwHeadingStyle string| nwLogoutMessage string| nwLogoutID string| nwFloatLogout string| nwLogoutText string| nwLogoutStyle string| nwLogoutDivStyle string| nwLogoutDivHTML string| nwNoLogoutMessage number| nwReauthTimeMin string| nwLogAdvDivContent string| nwLogAdvStyle boolean| nwInitLogin string| nwLowerCaseMessage number| nwDefaultPurchasePanel string| nwTwitter string| nwInvalidAccount string| nwFacebookJS string| nwFacebookAPIKey string| nwFacebookInitialize string| nwFacebookLoginInstruction string| nwRegisterWithFacebookButton string| nwLoginWithFacebookButton string| nwDeleteAllOnLogout string| nwShowAccountManageButton string| nwAccountManageButton string| nwCookieDomain string| nwNonSubRegistrationPanelChecked string| nwSubRegistrationPanelChecked string| nwDebug string| nwMobileButtonWidth string| nwAfterLogin string| nwNoShowOptionsAfterLogin string| nwAfterLogout boolean| nwIsLoggedIn string| nwLoggedInAndAuthorizedCallback string| nwAfterRegistrationCallback string| nwCustomRegistrationPanel string| nwCustomPurchasePanel string| nwCustomLoginTable string| nwNoSubscriptionSelectedMessage function| newzware_offerClicked function| newzware_afterRegistration function| newzware_getWebLogin boolean| nwResizable string| nwShowLogout string| nwSSO string| nwShowMeterMessage string| nwMeterBoxHTML string| nwUseJQueryInputStyle string| nwUseInputStyle object| nwInputJQueryStyle object| nwInputStyle string| nwUseMainDivStyle object| nwMainDivStyle string| nwAppId number| nwMeterBoxOpenThreshold string| nwJQueryEffect string| nwLoadThemeSeparate string| nwJQueryDialogClass string| nwVerifyEmail string| nwValidateEmailMessage string| nwForceEmailAsUserName number| nwMeterBoxSlideBoxWidth boolean| nwNoActionOnInit string| nwShowLoginCallback string| nwShowRegistrationCallback string| nwShowPurchaseCallback string| nwMeterLimitReachedCallback boolean| nwMeterExpireEndOfMonth string| nwPromoCk string| nwFacebookInvalidMessage object| nw_exdate object| _0x7a9c number| nwNetworkType function| newzware_v function| newzware_vc string| nwAuthURL string| nwWebLoginURL string| nwForgotURL string| nwForgotAcctURL string| nwCCCheckURL string| nwNonSubCheckURL string| nwCreateGenURL string| nwCreateSubURL string| nwValidateSubURL string| nwDayPassURL string| nwVariableURL string| nwSSMURL string| nwSSMLoginURL string| nwMeterURL string| nwLogoutURL string| nwPulseURL string| nwCurrURL string| nwAuthCk string| nwUserCk string| nwUserLgCk string| nwUserSecCk string| nwMeterCk string| nwVariable string| nwCompName string| nwCookiesDisabledURL string| nwPrRateIdCk string| nwAlert1 string| nwAlert2 string| nwHighlight1 string| nwHighlight2 string| nwMainHTML string| nwLoginAdditionalText string| nwRegistrationOptionBuff string| nwRegistrationOptionsPanel string| nwLoginTable string| nwTermOption string| nwECopyOption string| nwDayPassOption string| nwPurchasePanel string| nwRegistrationPanel string| nwAuthorizePanel string| nwConfirmPanel string| nwEOptionBuff object| nwECopyArr number| gg string| nwECopyPanel undefined| $ function| jQuery function| DP_jQuery_1719787031804 function| nwJQuery object| _0xc507 object| todayDate string| newzwareFilesAdded string| nwNetwork boolean| nwSSOTried boolean| nwMeterDone function| newzware_loadTheme function| newzware_epassInit function| newzware_isAuthorized function| newzware_checkPulse function| newzware_start function| newzware_login function| newzware_purchaseCancelled function| newzware_loginCancelled function| newzware_isMainVisible function| newzware_showProcessing function| newzware_doLogin function| newzware_registrationAuthorize function| newzware_nwtrim function| newzware_authorization function| newzware_parseDate function| newzware_getUH function| newzware_createMainPanel function| newzware_createLoginPanel function| newzware_createPurchasePanel function| newzware_createRegistrationPanel function| newzware_facebookLogin function| newzware_doFacebookSubRegistration function| newzware_facebookInit function| newzware_createRegistrationOptionsPanel function| newzware_createAuthorizePanel function| newzware_createConfirmPanel function| newzware_createECopyPanel function| newzware_showPurchasePanel function| newzware_showConfirmationPanel function| newzware_showECopyConfirmationPanel function| newzware_cancelConfirmation function| newzware_cancelECopyConfirmation function| newzware_cancelRegistration function| newzware_showRegistrationPanel function| newzware_hideAuthorizePanel function| newzware_hideLoginShowRegistration function| newzware_hideLoginShowPurchase function| newzware_hideRegistrationShowPurchase function| newzware_hideRegistrationShowAuthorize function| newzware_hideLogout function| newzware_afterLogout function| newzware_afterLogin function| newzware_showLogout function| newzware_doLogout function| newzware_showContent function| newzware_hideAll function| newzware_hidePurchase function| newzware_clearMessage function| newzware_showLogin function| newzware_hideMain function| newzware_showMain function| newzware_cookiesEnabled function| newzware_setSessionCookie function| newzware_setCookieMin function| newzware_setCookie function| newzware_getCookie function| newzware_deleteCookie function| newzware_dayPass function| newzware_ecopy function| newzware_confirmSingleDaySale function| newzware_confirmECopySale function| newzware_purchaseDayPass function| newzware_doSSMRedirect function| newzware_autoLogin function| newzware_purchaseTermSubscription function| newzware_purchaseECopy string| newzware_hex_chr function| newzware_rhex function| newzware_str2blks_MD5 function| newzware_add function| newzware_rol function| newzware_cmn function| newzware_ff function| newzware_gg function| newzware_hh function| newzware_ii function| newzware_calcMD5 function| newzware_setRegistrationType function| newzware_hideRegistrationBlocks function| newzware_showRegistrationChoice function| newzware_doFacebookNonSubRegistration function| newzware_registerNonSubUsingFacebook function| newzware_createGeneralAccount function| newzware_registerUsingFacebook function| newzware_createOnlineAccount function| newzware_showMessage function| newzware_hasIllegalChars function| newzware_forgotPassword function| newzware_forgotAccount function| newzware_updateBillingInformation function| randomString function| newzware_loadJSCSSFile function| newzware_checkLoadJSCSSFile function| newzware_autoLoginAndStart function| newzware_meterBoxOpen function| newzware_meterBoxClose function| newzware_getDaysForMonthMeter function| newzware_attachLoginEvent object| _comscore object| googletag object| gptAdSlots function| gptAllowRefresh function| readCookie function| amzn_uam object| apstag object| picturefillCFG function| picturefill object| COMSCORE object| ns_p object| ggeac object| google_tag_data object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ODMzYjhmM2FkMzk5ZDU5ZGxvYWRlcl9qcw== string| ODMzYjhmM2FkMzk5ZDU5ZGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.courierherald.com/ | Name: spi-adslots Value: %5B%22f4e5f220-2efc-45a1-869f-0b293f8aec73%22%2C%201036994%2C%20%5B%5B1%2C%20%22%5B970%2C%2090%5D%22%5D%2C%20%5B3%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%20%5B320%2C%2050%5D%22%5D%2C%20%5B5%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B7%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B9%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B11%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%2C%20%5B13%2C%20%22%5B970%2C%2090%5D%2C%20%5B728%2C%2090%5D%2C%5B320%2C%2050%5D%22%5D%5D%5D |
|
| www.courierherald.com/ | Name: spi-check Value: 0 |
|
| www.courierherald.com/ | Name: nwssmcookie Value: ssm |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aax.amazon-adsystem.com
c.amazon-adsystem.com
cdn.jwplayer.com
config.aps.amazon-adsystem.com
embed.sendtonews.com
embedcdn.sendtonews.com
everettweb.newzware.com
fonts.googleapis.com
fundingchoicesmessages.google.com
h712.courierherald.com
image.isu.pub
sb.scorecardresearch.com
securepubads.g.doubleclick.net
www.accuweather.com
www.courierherald.com
www.googletagmanager.com
www.googletagservices.com
everettweb.newzware.com
13.224.186.120
13.33.173.196
141.193.213.11
142.250.186.130
18.173.205.83
18.244.18.38
18.245.31.123
184.25.158.186
2600:9000:21f3:1400:16:b713:7e40:93a1
2600:9000:225e:3200:1:a3fa:7cc0:93a1
2a00:1450:4001:80b::2008
2a00:1450:4001:81d::2002
2a00:1450:4001:829::200e
2a00:1450:4001:831::200a
2a04:4e42:400::311
02015fcb7f0f8292a9cb674ec0468c9fb3a6255ed42212a6dee9dd48e58142f7
033ce432d750dea22adc9a6c46276b2a50976eb2b080f61cfb501d41db84a697
048a1ba9ec466a8f77009cea46046dfe87ce0a4395ddea61c5a28ae22d9b86da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b35f88d468214d1e8ea6b50a1161cddd4984b46d3c9b13d05f00438bf894083
0d9b877a2e9efb6c5b5861744942ea2a1747afa8e2beb8aabe8df3239393835d
0e26826816d33e016e63fb3e4a3b3f3f3322e414d3ace91a72233f1ef0d4a1a3
1a84f4b042e52d040243a70753ae4a5f73d668db1230c7c4b3c4ace8c2d8923c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
21723f9e62192432357d5b0acf81294a2f6c556e15baf54bb6fb22063cdfc042
22c29473716ed14198adc9db4ea074c19b2bce1caba9d7075b5a35777f902dcd
2497be576209dfcaa67b233fd5eeedf5a33312df082bf1f5b4762779184ec8f4
2b50108439624bd6f2bbb1505248373ed0ae1f0869b89122ad876122a1790bd8
2dcc36995c012ae179ca5ccec2537bbffdab860370e6ab08923cad2d465ae3a4
343e172044532b028c3a2338d33cbee3806fb1fb0d75ab67363b00846d3c3f61
369b58a37cf3ff50fd35c5f7b0236dc3a59d0070e64bf5b44eda6619b442876b
40a7f2b25ea8c45af8993aa57c19e576ea8eab5cbe9f467d45d4be7a537e7a47
421b0faff285cf2b6818cb7b02408e87a6644ba061155f667478bf64de3555a4
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
4935432e6e97e6f3c964614e450e9987fa6a8a611603a4629b1860eca26769c0
4974da1b771471af5171877ac47c688572a43e6bd9c2e5783a6a2cf8f87ae719
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b1b91d4348039d0843f70e65c2475e66a32de75e1d819bc30fcd32e167ce853
5b9d3e991ad83a7f0cffec0fc457e29efdbded31858aaaa522c1ad8558b8298a
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
714f6ca7585a0755e2ef205abe8bc6bf4acd268d74c3c2dbd29c7c51aef215ee
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75d55c9c4cdf4c4a5d77e125e63f6968e4b0f90aa25d09e0dd87cbbbb4ff8ca1
88e0924ab9a16f8bcbc8c048b17fc0041e3cc04e2f1d6182f48dae99d077bc7b
8b1b1a3d3b0776f3677a4e833aa94fd7ffc10e954e09f5155367dafbb518da70
8bbe22678685d1fb25aed5e01b54536e319016c76821542feda04523164a73e5
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9c1ee2b3835d8abdb9529227f5b9a50ecfe9059243583edd5fe705d74d249535
9d5eade4f5bd166671086011165c1739f3335e292d1e554ad9a0a51fb09f3bd0
a52cde3d406218f408a48978e897ca16dc1a79f2e5f831ec19b56150fba08d80
afe890ce65aba591367aa05711dbd0962eb5d61ef5e0f09233bf0249f27b8ab4
b2a6adece78c334848537841e6c63d7f9d9e592a916f3b8d4270fa835aeb810c
bd01d6e94eb24a63834edf697290631166d60f806ededeeaa751dca13c44914f
c3dd5c4ff63478b87ed9670be1b4c688725d53c9ff84a233cfec8ff2bb83a72d
c78b8ee6c01cbe5ade691a7a50236b48b8ce19122ca779fdcde116661ec2e4b3
c87a91dcf5fd730e26227b53ee364b2166092cec3314404d4fa8b02de25e18f0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b0e1aa7522a7391880d46c9ae92d9f00b3d22bb3efda2725b76c6239275897
e7424e00a70f2e7a2028064186d9f1add9009fe03cbb6697919d143577f023fb
e78a5cd335efaf6ce8eb0b8e51970831b87246ac7134fa6c66f385cdcd5a3a8d
ecfda2a1a2411ea1f4ad1904a83069d02229ef72ce33c2ba195e2d432ef12757
ed207a3218934c63d8ace813cbc259812d16d5b892fee83fc795ae164de915c6
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2340f2e35ebe2fe438aae44087cc2cbdad6a9662dc5e1aa681ba5b709e53754
f5bab9dacab0dbef8bfb4004681742e7d88f3f0a7c45a4e129c372e126239e94
fdab17aad52e2d97a9b3ef5ddefc9440960cb6b9fa859b2944b8ec399aa395b7