www.timesunion.com
Open in
urlscan Pro
151.101.192.200
Public Scan
Submission: On April 23 via manual from US
Summary
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on April 15th 2021. Valid for: a year.
This is the only time www.timesunion.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
32 | 151.101.192.200 151.101.192.200 | 54113 (FASTLY) (FASTLY) | |
1 | 2a04:4e42:200... 2a04:4e42:200::621 | 54113 (FASTLY) (FASTLY) | |
14 | 18.197.253.20 18.197.253.20 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.33.139.89 13.33.139.89 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 172.217.23.98 172.217.23.98 | 15169 (GOOGLE) (GOOGLE) | |
1 | 98.129.228.59 98.129.228.59 | 33070 (RMH-14) (RMH-14) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:202... 2600:9000:2021:9400:18:1fcd:34e:d2a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 34.224.142.75 34.224.142.75 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200e | 15169 (GOOGLE) (GOOGLE) | |
78 | 12 |
ASN54113 (FASTLY, US)
www.timesunion.com | |
treg.hearstnp.com | |
aps.hearstnp.com | |
s.hdnux.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-89.cph50.r.cloudfront.net
cdn.blueconic.net |
ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
static.chartbeat.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-142-75.compute-1.amazonaws.com
ping.chartbeat.net |
Domain | Requested by | |
---|---|---|
17 | www.timesunion.com |
www.timesunion.com
|
14 | nexus.ensighten.com |
www.timesunion.com
nexus.ensighten.com |
10 | s.hdnux.com |
www.timesunion.com
|
3 | ping.chartbeat.net |
www.timesunion.com
|
3 | treg.hearstnp.com |
www.timesunion.com
treg.hearstnp.com |
2 | securepubads.g.doubleclick.net |
aps.hearstnp.com
securepubads.g.doubleclick.net |
2 | aps.hearstnp.com |
www.timesunion.com
aps.hearstnp.com |
1 | ampcid.google.de |
www.google-analytics.com
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | static.chartbeat.com |
nexus.ensighten.com
|
1 | www.google-analytics.com |
nexus.ensighten.com
|
1 | p.ctpost.com |
www.timesunion.com
|
1 | cdn.blueconic.net |
www.timesunion.com
|
1 | polyfill.io |
www.timesunion.com
|
0 | s.ntv.io Failed |
nexus.ensighten.com
|
0 | s.skimresources.com Failed |
nexus.ensighten.com
|
0 | z-na.associates-amazon.com Failed |
nexus.ensighten.com
|
0 | 100007922.collect.igodigital.com Failed |
nexus.ensighten.com
|
0 | cdn-channels-pixel.ex.co Failed |
www.timesunion.com
|
0 | sb.scorecardresearch.com Failed |
nexus.ensighten.com
|
0 | insight.adsrvr.org Failed |
www.timesunion.com
|
0 | cdn.keywee.co Failed |
nexus.ensighten.com
|
0 | connect.facebook.net Failed |
nexus.ensighten.com
|
0 | www.googletagmanager.com Failed |
nexus.ensighten.com
|
0 | ak.sail-horizon.com Failed |
www.timesunion.com
|
0 | player.ex.co Failed |
www.timesunion.com
|
0 | realm.hearst3pcc.com Failed |
treg.hearstnp.com
|
0 | cdn.taboola.com Failed |
www.timesunion.com
|
0 | c.amazon-adsystem.com Failed |
aps.hearstnp.com
|
0 | z.moatads.com Failed |
aps.hearstnp.com
|
0 | scripts.webcontentassessor.com Failed |
aps.hearstnp.com
|
78 | 31 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hearst-newspapers.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-04-15 - 2022-04-16 |
a year | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-04-13 - 2022-03-26 |
a year | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
*.blueconic.net Thawte TLS RSA CA G1 |
2019-12-04 - 2022-02-01 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
p.ctpost.com R3 |
2021-03-26 - 2021-06-24 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.chartbeat.com Thawte RSA CA 2018 |
2020-06-01 - 2021-06-02 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.chartbeat.net Thawte RSA CA 2018 |
2020-12-01 - 2021-12-30 |
a year | crt.sh |
*.google.de GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.timesunion.com/news/article/Salem-police-fatally-shoot-suicidal-man-who-made-16074343.php
Frame ID: 8C87706A9E215A10C6AB3AC68E321F7F
Requests: 89 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Ensighten (Tag Managers) Expand
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Fastly (CDN) Expand
Detected patterns
- headers vary /Fastly-SSL/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
comScore (Analytics) Expand
Detected patterns
- html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
- script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
38 Outgoing links
These are links going to different origins than the main page.
Title: Subscribe
Search URL Search Domain Scan URL
Title: Obituaries
Search URL Search Domain Scan URL
Title: Subscriber Services
Search URL Search Domain Scan URL
Title: Business Directory
Search URL Search Domain Scan URL
Title: Events Calendar
Search URL Search Domain Scan URL
Title: Table Hopping
Search URL Search Domain Scan URL
Title: Kristi Gustafson Barlette
Search URL Search Domain Scan URL
Title: For Sale
Search URL Search Domain Scan URL
Title: For Rent
Search URL Search Domain Scan URL
Title: Mortgage Rates
Search URL Search Domain Scan URL
Title: Subscribe
Search URL Search Domain Scan URL
Title: Classifieds
Search URL Search Domain Scan URL
Title: Place Classified Ad
Search URL Search Domain Scan URL
Title: Legal Notices
Search URL Search Domain Scan URL
Title: Jobs Weekly
Search URL Search Domain Scan URL
Title: Job Fair
Search URL Search Domain Scan URL
Title: Place an Ad
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Our Company
Search URL Search Domain Scan URL
Title: Jobs at the TU
Search URL Search Domain Scan URL
Title: Obituaries
Search URL Search Domain Scan URL
Title: Puzzles Palace
Search URL Search Domain Scan URL
Title: Subscriber Services
Search URL Search Domain Scan URL
Title: Home Delivery
Search URL Search Domain Scan URL
Title: e-Edition
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
78 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Salem-police-fatally-shoot-suicidal-man-who-made-16074343.php
www.timesunion.com/news/article/ |
117 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.4.min.js
www.timesunion.com/js/core/libs/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
treg.js
treg.hearstnp.com/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3056-gdpr-min.css
www.timesunion.com/file/305/6/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3057-gdpr-min.js
www.timesunion.com/file/305/7/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.js
www.timesunion.com/js/ |
2 KB 749 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
article.main.css
www.timesunion.com/css/ |
195 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
polyfill.io/v3/ |
72 B 560 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
article.main.js
www.timesunion.com/js/ |
109 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loadAds.js
aps.hearstnp.com/Scripts/ |
803 KB 243 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/hearst/news/ |
91 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hearst.js
cdn.blueconic.net/ |
260 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/56/62/20901037/3/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/55/24/20894996/6/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/55/61/20896843/13/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/56/75/20901730/5/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/54/51/20892266/5/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/56/62/20901036/5/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/56/35/20899650/5/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/57/40/20903987/3/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/57/00/20901926/5/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ratio1x1_100.jpg
s.hdnux.com/photos/01/17/24/54/20794142/3/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hearst_newspapers_logo.svg
www.timesunion.com/img/core/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetJS
treg.hearstnp.com/assets/0x0F37E2EA8942C1C09347770075BC10D6BB404EFF/ |
392 KB 138 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
treg_comp.css
treg.hearstnp.com/assets/8d9caba88264bd8b9648090e4a2f8b1257115d15e/timesunion.com/css/ |
18 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
polyfill.min.js
polyfill.io/v3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetJS
aps.hearstnp.com/SRO/ |
5 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
f999472effec7a1ef427ab8ed55df47b4d250f60f376ce71f7293b353026f514
scripts.webcontentassessor.com/scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
62 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
moatheader.js
z.moatads.com/hearstnewsprebidheader515009925453/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
apstag.js
c.amazon-adsystem.com/aax2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
hearst.js
cdn.blueconic.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
loader.js
cdn.taboola.com/libtrc/hearstlocalnews-network/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
C3P0_RealmCookie
realm.hearst3pcc.com/utility/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.timesunion.com/img/logos/black/ |
327 KB 69 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
212 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
791 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
794 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelveticaNeue-Roman.woff2
www.timesunion.com/css/core/fonts/neuehelvetica/ |
28 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HelveticaNeue-HeavyCond.woff2
www.timesunion.com/css/core/fonts/neuehelvetica/ |
28 KB 29 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
93bca562-507f-4053-9ced-41b29f2f4e39
player.ex.co/player/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/hearst/news/ |
1 KB 629 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
624 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ChronicleDispCond-Roman_Web.woff2
www.timesunion.com/css/core/fonts/chronicle/ |
25 KB 25 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ChronicleTextG2-Roman_Web.woff2
www.timesunion.com/css/core/fonts/chronicle/ |
30 KB 30 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.timesunion.com/img/logos/white/ |
341 KB 84 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
314 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
918 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
848 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
spm.v1.min.js
ak.sail-horizon.com/spm/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
treg.main.css
www.timesunion.com/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
article
p.ctpost.com/ |
0 239 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revenue.min.js
www.timesunion.com/js/core/workers/ |
3 KB 1 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.min.js
www.timesunion.com/js/core/workers/ |
3 KB 1 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ee96b553c12a8535b0d510f9e6de3b6b.js
nexus.ensighten.com/hearst/news/code/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
108a32b519628030c62104975f1ae60b.js
nexus.ensighten.com/hearst/news/code/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f0ab0d9b9a2f81d983194bd71866a3c9.js
nexus.ensighten.com/hearst/news/code/ |
2 KB 854 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12b82063ca2d2f1a5a85a6fde088823a.js
nexus.ensighten.com/hearst/news/code/ |
151 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7e1b72bdbc584c9557cb97c8554074a6.js
nexus.ensighten.com/hearst/news/code/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8c234649f58e6ec01edb2e0d38bb147d.js
nexus.ensighten.com/hearst/news/code/ |
396 B 578 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3f07bbd3b079cb547507dada1face14b.js
nexus.ensighten.com/hearst/news/code/ |
1 KB 714 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc22d7032e6d556cde95d037de420c1f.js
nexus.ensighten.com/hearst/news/code/ |
326 B 508 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9350b157c53f8705a31ce7cf9fe32a85.js
nexus.ensighten.com/hearst/news/code/ |
428 B 610 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
324abaee15385e899da759afd29406c4.js
nexus.ensighten.com/hearst/news/code/ |
2 KB 866 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
pubads_impl_2021042101.js
securepubads.g.doubleclick.net/gpt/ |
301 KB 106 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
js
www.googletagmanager.com/gtag/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fbevents.js
connect.facebook.net/en_US/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
analytics.min.js
cdn.keywee.co/dist/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
insight.adsrvr.org/track/evnt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
beacon.js
sb.scorecardresearch.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0012000001fxZm9AAE
cdn-channels-pixel.ex.co/events/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
collect.js
100007922.collect.igodigital.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chartbeat_video.js
static.chartbeat.com/js/ |
69 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
insight.adsrvr.org/track/evnt/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
v2
z-na.associates-amazon.com/onetag/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
131678X1600318.skimlinks.js
s.skimresources.com/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
load.js
s.ntv.io/serve/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 538 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 169 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 467 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 168 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping
ping.chartbeat.net/ |
43 B 168 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- polyfill.io
- URL
- https://polyfill.io/v3/polyfill.min.js?features=IntersectionObserver%2CIntersectionObserverEntry%2CPromise%2CCustomEvent%2CArray.prototype.forEach%2CArray.prototype.entries
- Domain
- scripts.webcontentassessor.com
- URL
- https://scripts.webcontentassessor.com/scripts/f999472effec7a1ef427ab8ed55df47b4d250f60f376ce71f7293b353026f514
- Domain
- z.moatads.com
- URL
- https://z.moatads.com/hearstnewsprebidheader515009925453/moatheader.js
- Domain
- c.amazon-adsystem.com
- URL
- https://c.amazon-adsystem.com/aax2/apstag.js
- Domain
- cdn.blueconic.net
- URL
- https://cdn.blueconic.net/hearst.js
- Domain
- cdn.taboola.com
- URL
- https://cdn.taboola.com/libtrc/hearstlocalnews-network/loader.js
- Domain
- realm.hearst3pcc.com
- URL
- https://realm.hearst3pcc.com/utility/C3P0_RealmCookie?host=www.timesunion.com&operation=create&cb=1619187438556
- Domain
- player.ex.co
- URL
- https://player.ex.co/player/93bca562-507f-4053-9ced-41b29f2f4e39
- Domain
- ak.sail-horizon.com
- URL
- https://ak.sail-horizon.com/spm/spm.v1.min.js
- Domain
- www.googletagmanager.com
- URL
- https://www.googletagmanager.com/gtag/js?id=AW-729835018
- Domain
- connect.facebook.net
- URL
- https://connect.facebook.net/en_US/fbevents.js
- Domain
- cdn.keywee.co
- URL
- https://cdn.keywee.co/dist/analytics.min.js
- Domain
- insight.adsrvr.org
- URL
- https://insight.adsrvr.org/track/evnt/?adv=ctg2su6&ct=0:2dh2h9z&fmt=3
- Domain
- sb.scorecardresearch.com
- URL
- https://sb.scorecardresearch.com/beacon.js
- Domain
- cdn-channels-pixel.ex.co
- URL
- https://cdn-channels-pixel.ex.co/events/0012000001fxZm9AAE?integrationType=DEFAULT&template=design%2Farticle%2Fdynamic_two_column.tpl
- Domain
- 100007922.collect.igodigital.com
- URL
- https://100007922.collect.igodigital.com/collect.js
- Domain
- insight.adsrvr.org
- URL
- https://insight.adsrvr.org/track/evnt/?adv=ctg2su6&ct=0:doaf0nb&fmt=3
- Domain
- z-na.associates-amazon.com
- URL
- https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=4d1725f8-8e9d-4373-bac8-d19b9b5ed187
- Domain
- s.skimresources.com
- URL
- https://s.skimresources.com/js/131678X1600318.skimlinks.js
- Domain
- s.ntv.io
- URL
- https://s.ntv.io/serve/load.js
Verdicts & Comments Add Verdict or Comment
208 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| treg string| version undefined| check undefined| isMobile undefined| userAgent undefined| mobile undefined| iPhone undefined| faceBookApp undefined| mobileSafari undefined| richieApp undefined| instaGramApp undefined| googleSearchAppliance object| Oidc object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| realmiFrameResize string| socialProvider function| initializeModule object| HDN object| Article string| omni_channelPath string| omni_title string| omni_bizObjectId string| omni_className string| omni_publicationDate string| omni_sourceSite string| omni_authorName string| omni_authorTitle string| omni_premiumStatus string| omni_premiumEndDate string| omni_originalSource string| omni_pageNumber string| omni_breakingNewsFlag string| omni_localNewsFlag string| omni_isListView string| omni_paywallSite string| omni_displayTemplate object| aps object| googletag object| pbjs boolean| debugSGA string| APSpageUrl function| responsiveAds function| ga string| JuicePageUrl string| loadAd_UrlLocation number| DESKTOP number| MOBILE number| TABLET number| current_device number| CLIENT number| SERVER number| SERVER_COMPATIBLE function| onHearstAdEvent function| hearstSetAdPageType function| setDFPSlotTargeting function| hearstGetNextDynamicAdDivID function| hearstGetLastDynamicAdDivID function| setDfpSearchValues function| getHostName function| getDomain function| defineTags function| hearstUpdateSlotRenderInfo function| hearstGetVideoAdTagSize function| hearstGetVideoAdTag function| hearstPlaceDynamicAd function| hearstPlaceAd function| hearstRefreshAds function| hearstRefreshInterstitialAds function| moatYieldReady function| setMoatPrebidData function| StripAndPreserveQuerystringVars function| setPageTargettedUrl object| refreshed function| codeFromSlot function| setSlotTargeting function| getOmniContentType function| getQueryParam function| _getBlogOmniType object| apstag function| onHearstLogBadScript string| juiceMdHash function| disableAdServingBasedOnQueryStringValues object| ntvConfig object| ensBootstraps object| Bootstrapper function| bcImpression function| bcTrackEvent function| bcTrackData function| commerceConnectorAnalytics string| hnpSiteAmazonTag string| hnpSiteSkimlinksPublisherId boolean| __hrst_com_embed_debug object| __hrst_com_embed_setup object| abd function| ens_countImpression boolean| _taboolaNetworkMode object| _taboola string| _taboolaHDNPageLabel object| nextStory object| _scrollStatesCollectionContainer object| scrollStates object| _articleBodyScrollProgressCollectionContainer object| progressStates object| ggeac object| google_js_reporting_queue function| addAmazonLinkTags function| addAmazonLinkTagsLoop function| addAmazonOneTag function| addSkimlinks function| gtag object| dataLayer function| fbq function| _fbq function| getPixelId string| currentDomain function| fbTrackSlideshowView number| adBlockCheck function| kwa object| sites function| comScoreBeacon string| cScript string| excoPixelUrl function| onJuiceRefreshable function| omni_trackListView function| omni_trackListViewComplete function| omni_trackListViewPage function| omni_trackListViewHidePage function| setOrgId function| onJuiceEvent_SlotRendered object| HNPutilities object| site_settings object| helpers function| s_HearstLinkTracking function| omniModalLinkTrack function| omniModalLogin function| omniModalLoginFail function| omniModalSubscribe function| omniBlogPhotoLoad function| ens_track_slideshow function| pushGAClickEvent object| omni object| authUtilities object| s2nData object| gaDevIds object| gaplugins object| pageHostArr object| GAutilities object| cDim object| cMet object| gaFieldObject object| ess function| setCommonDimensions function| initializeGATracking string| GoogleAnalyticsObject object| _sf_async_config number| _sf_endpt object| _cbq function| setDetails object| getDetails string| ga_account object| cross_domains string| sitePlatform number| wcTemp number| wcStart number| wcEnd string| wcRange object| currentDomainArray string| monthlySession boolean| viewableCheck boolean| maskCheck function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| juiceservice number| APSpageID string| APSGenerationID boolean| APSResponsiveDesign object| definedTags object| google_tag_data object| gaGlobal object| gaData object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv string| userType string| _tbl_unified_id string| _tbl_user_type16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.timesunion.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
www.timesunion.com/ | Name: _cb_svref Value: null |
|
www.timesunion.com/ | Name: _chartbeat2 Value: .1619187439246.1619187439246.1.BWN3gtLPoByBsRL00DsD-SMClxo1i.1 |
|
www.timesunion.com/ | Name: _cb Value: DnGtJADM0IZuLQCgd |
|
.timesunion.com/ | Name: _gid Value: GA1.2.1876213508.1619187439 |
|
.timesunion.com/ | Name: _ga Value: GA1.2.2042362717.1619187439 |
|
.timesunion.com/ | Name: ga_cd35 Value: 1 |
|
www.timesunion.com/news/article | Name: realm.cookiesAndJavascript Value: true |
|
.timesunion.com/ | Name: ga_cd34 Value: 1 |
|
www.timesunion.com/ | Name: s_abd Value: {"first":false,"test":"","result":"","last":false} |
|
www.timesunion.com/ | Name: _cb_ls Value: 1 |
|
www.timesunion.com/ | Name: ab_bucket Value: 48 |
|
www.timesunion.com/ | Name: location_data Value: {"is_eu":true,"country_code":"DE","postal_code":"1"} |
|
.timesunion.com/ | Name: hnpdiudpf1 Value: ZJscAYVEVnKSkW+KoM1UfWRBL7qdrX5y4G4P7o2J5Ac= |
|
www.timesunion.com/ | Name: btype Value: web |
|
.timesunion.com/ | Name: hnpdiudpf2 Value: LFhZEwd/q/MmjkdLMIbFd3nLKJVtfzV/NkInx83Ajlw= |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
100007922.collect.igodigital.com
ak.sail-horizon.com
ampcid.google.com
ampcid.google.de
aps.hearstnp.com
c.amazon-adsystem.com
cdn-channels-pixel.ex.co
cdn.blueconic.net
cdn.keywee.co
cdn.taboola.com
connect.facebook.net
insight.adsrvr.org
nexus.ensighten.com
p.ctpost.com
ping.chartbeat.net
player.ex.co
polyfill.io
realm.hearst3pcc.com
s.hdnux.com
s.ntv.io
s.skimresources.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
securepubads.g.doubleclick.net
static.chartbeat.com
treg.hearstnp.com
www.google-analytics.com
www.googletagmanager.com
www.timesunion.com
z-na.associates-amazon.com
z.moatads.com
100007922.collect.igodigital.com
ak.sail-horizon.com
c.amazon-adsystem.com
cdn-channels-pixel.ex.co
cdn.blueconic.net
cdn.keywee.co
cdn.taboola.com
connect.facebook.net
insight.adsrvr.org
player.ex.co
polyfill.io
realm.hearst3pcc.com
s.ntv.io
s.skimresources.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
www.googletagmanager.com
z-na.associates-amazon.com
z.moatads.com
13.33.139.89
151.101.192.200
172.217.23.98
18.197.253.20
2600:9000:2021:9400:18:1fcd:34e:d2a1
2a00:1450:4001:802::200e
2a00:1450:4001:803::200e
2a00:1450:4001:827::200e
2a04:4e42:200::621
34.224.142.75
98.129.228.59
0276882edac66241215bae89f723e4afc32ce0579a39253aee0f99081696b69e
06be8aed4447f65ebf300538f6d83f4286326739fba7fd6edae55785c599e76e
0a84ee5dd4f5a792be9e7a4e78d8aca721ba82e07dcaa386c7a8f8f37591b10e
0f3fc4e50373da11ed5e0b0163086548a87533cacfc57450ea8af8f00095651a
10a15dc9cd63777b89e3968e378d2050fadc6b09c5d36c46cf3db7fed5a13e0d
10c4dd8cddfc41aef2e41e2a046fe30b318818d277cca21e6b087887324fa916
1701d2e6e4ed1c170f31f535511ec2cfe59467c72f3dd2aed0c6ca41d97b994c
249297d968d4a0a6eeabe915b130952402fd90fd5b31a516ddc202a4ed77f30d
2ac22b9e542a7d932895803f08daf4edb4e73f1f693367f4b82a714b6b75f3b6
2b2380774684f00c37392b3cffcf8683d27b12c8eebe59b0bd064ac7198a39e8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
35d616ee1f7ee1e53ae508801cc418b69b1f7f1acfc6e0fddcbc2e4071c74583
3da241f078e885a10b96341140e466b08e6aecbc6ed773faf55f7502c1f6b47d
42bfb49dbad9c01703620ffc0c8c6366c0abf6c061bf4537535401caa46dd454
453756fafa4a193856b5e3c456d098e39a491ef0e6c88e0d6ba192606d8a8568
475d1649822661c6a6fb4169c8e566daabbe7a8705fa0579d0aa358305e6792b
4878246b8f310765bb5ce00488bd6fa0e60416c37ad72a74d6844d686c49f7a9
4af0afb27a0d058cec1b37a1ac8fbdf3104fa7956bb3f45615f91060ced73b84
4ccae930f5726962c5cbdc4a6e9714c68ee2b48684d3f2962bd144ddad90863c
4cd95b921ad1961a6b1b4da1161bebf71651a5b5bd2b9f55819b26eb9871dba3
506a9b4ee60d512675acc57b9cf548631967e1213769ef10ab114e76dc65bd33
55159891f06e93e559b6d2dce77747d9c437c0536c39c722653584353b573047
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9
5b92db690b690594e58e5c88a5076e1a13563537efb283d1f7c8d04655934d92
5d2ef80e0b61455c4d02600007cfd4d61f80d43b6f3d4ef680d850624d3d909a
5f627b0b3cfeb4875c96277ab0e382817f4f1980038e641ec5dfe431734694f3
5ff2b8617fa276975de72e5530ebfaa4e35d7cf034add4cb3d6a78320c61819d
6390341c23ba53feca4aa10a1cf9c31f8382898a9ef0e29f010ba23c2079e96c
6580a4a100fcb8b00532c322298e4dda206b46f9eaf0c1bd38ba6e08baa60a14
6892cb80ce4903c56dfc994d4203144e5f8c3aa31e2cf2ebad1d3fa57eef7cdf
69b195f0fd17f2a4832a0545ad7d4b2ff2b967652df7b0968992d07271a8e0f3
6b11925ad1df28e464cdcaf31c5b40ab4762515116b4f840935b4c2eb4f2ec4b
7df5c7c2ad837ea8da08df61645471597d42a02824fbf23c0276d9fb9313813a
7f3fa1c39f3f55e837660a56be417a95506d0cd7917759eedbdf9649b69db144
820af8656c1761fbf5bfd02bc8578dd9c361a20f946f8dc06f9538cef8b3c917
8833e7fbdff53ae9da7a94583b442ea8c5bd315ce2e11926229ca7697b87aaad
9367770ebe619e6d0529bfe7ed29fd4f3e14fc2f2a76f36bf787167492fc88b3
93871cf6c9d69672ee3129a8bf3a949454687c6461c9b770589e6009a396c40d
95db5b8d580b9bf0283c5a999c5c197876ff82576608237b2d95e863bfcb40c3
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9c13db2f7cee2a230ad55cc3a8d665d6c928f30c7850b346dce00f261b951b25
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
b889c3ba20d61a1dbf81230dcb46989cb433fe33926fbc2da19db0be3279581f
ba4b2315a60b293d26dbf176d444350ec48718b2b342f6439b1f615281385c04
bc77b15d3d26572b2975ccab6fe3468f153f5e3fa424336d71941611aad4ecdd
c0240ec24bec7fc847e6869cb1b21a2119cd76c953343ba7a6f49d42168ac99e
c344841a7bc20bee307afb488cbf249fe70412658b4e1d4524697eea920b041f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc2afd25bc103ebece61ea016293f1d25148808ee599324bfe8a40f3f9d0a5f5
cc991a23338bb0ea88c299affc5fd3cd8d76b8f2cf47309c7db24a0c7bcc41a0
cdaf1ffa6d56b2d6d8b455b60b90b989e1217910232796a9c20e6341114b014b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1404840fb68ecad6f280a0310327db9f96c19be51ef309caae30573ee2efa83
d14430173056b41c927602fbef9383602e64b9052ba33ed89076b074dc61cb85
de4df11df191595c52a6ec8ad7dcc2048a03be959a82fdf392730b3d80f9cf67
dfb8587ddb042967b931263357c04ad94c49d0088017600f6d6e26096a285461
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec898204f7b54c5a047c4d535996dfdd37eb00cfc7f2a9286dee6195e907135a
f0c4bb5362540db4007dbea86518498235b05c15ae73de0d4936906c1463e3e6
f173e931167796a34a3ba7d8b3dc90bea6ed9d801b5823212bbc32bb88c9aa02
f37b9042d5e86a0318773ad32519e48fba2bf20c98777d8abfc1f2446af1f1e5
f59fe281e47c844a83295ee3d71813021e64eb00d3f13ba6d75b412166ba5a68
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46
ffacc747ec61b75def87b1873713498534b83ccbe1b37507f039d392cdeee2df