![](/screenshots/3c47b468-b74e-4b14-8464-021507c64da4.png)
weidennews.biz.id
Open in
urlscan Pro
2606:4700:3035::6815:56eb
Public Scan
Submission: On January 12 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on January 8th 2024. Valid for: 3 months.
This is the only time weidennews.biz.id was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ogden_images.s3.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-126.cdg50.r.cloudfront.net
get.s-onetag.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-242-3.us-east-2.compute.amazonaws.com
pd.sharethis.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-21-140.compute-1.amazonaws.com
bcp.crwdcntrl.net |
ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com | |
mwzeom.zeotap.com |
ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net |
ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com | |
de.tynt.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-238-66.deploy.static.akamaitechnologies.com
t.sharethis.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-69.cdg52.r.cloudfront.net
onetag-geo.s-onetag.com |
ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
lex.33across.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.70.86.34.bc.googleusercontent.com
i.simpli.fi |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-191-83-3.us-east-2.compute.amazonaws.com
sync.sharethis.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-54-215.compute-1.amazonaws.com
ps.eyeota.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-52-165-115.deploy.static.akamaitechnologies.com
tags.bluekai.com | |
stags.bluekai.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-56.cdg52.r.cloudfront.net
tags.crwdcntrl.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-7-64-229.deploy.static.akamaitechnologies.com
tags.bkrtx.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-120.cdg50.r.cloudfront.net
data-beacons.s-onetag.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-116-142.compute-1.amazonaws.com
track2.securedvisit.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-79.cdg50.r.cloudfront.net
api.intentiq.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-112-24.compute-1.amazonaws.com
i.liadm.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
weidennews.biz.id
weidennews.biz.id |
259 KB |
10 |
sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 20639 t.sharethis.com — Cisco Umbrella Rank: 7726 sync.sharethis.com — Cisco Umbrella Rank: 4415 |
17 KB |
5 |
s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5297 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6989 data-beacons.s-onetag.com — Cisco Umbrella Rank: 9474 |
15 KB |
4 |
crwdcntrl.net
1 redirects
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431 tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 |
13 KB |
4 |
gstatic.com
fonts.gstatic.com |
86 KB |
3 |
liadm.com
3 redirects
i.liadm.com — Cisco Umbrella Rank: 979 |
2 KB |
3 |
lijit.com
1 redirects
ap.lijit.com — Cisco Umbrella Rank: 998 ce.lijit.com |
2 KB |
3 |
bluekai.com
2 redirects
tags.bluekai.com — Cisco Umbrella Rank: 1261 stags.bluekai.com — Cisco Umbrella Rank: 1624 |
1 KB |
3 |
linkedin.com
1 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 778 |
1 KB |
3 |
rlcdn.com
3 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 764 |
1 KB |
3 |
simpli.fi
1 redirects
i.simpli.fi — Cisco Umbrella Rank: 6388 um.simpli.fi |
1 KB |
3 |
33across.com
1 redirects
cdn-tc.33across.com — Cisco Umbrella Rank: 36737 lex.33across.com — Cisco Umbrella Rank: 6320 |
1 KB |
3 |
doubleclick.net
3 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 338 |
1 KB |
3 |
tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 19456 ic.tynt.com — Cisco Umbrella Rank: 15905 de.tynt.com — Cisco Umbrella Rank: 2424 |
9 KB |
3 |
dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 9697 t.dtscout.com — Cisco Umbrella Rank: 8357 |
5 KB |
3 |
gannett-cdn.com
www.gannett-cdn.com — Cisco Umbrella Rank: 18118 |
268 KB |
2 |
rezync.com
2 redirects
live.rezync.com |
2 KB |
2 |
ml314.com
1 redirects
ml314.com — Cisco Umbrella Rank: 3210 |
556 B |
2 |
eyeota.net
2 redirects
ps.eyeota.net — Cisco Umbrella Rank: 1645 |
1 KB |
2 |
pippio.com
1 redirects
pippio.com — Cisco Umbrella Rank: 1480 |
824 B |
2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 594 |
674 B |
2 |
zeotap.com
1 redirects
spl.zeotap.com — Cisco Umbrella Rank: 4422 mwzeom.zeotap.com — Cisco Umbrella Rank: 4630 |
907 B |
2 |
histats.com
s10.histats.com — Cisco Umbrella Rank: 8421 s4.histats.com — Cisco Umbrella Rank: 7990 |
5 KB |
2 |
amazonaws.com
ogden_images.s3.amazonaws.com |
344 KB |
2 |
capitalgazette.com
www.capitalgazette.com — Cisco Umbrella Rank: 365163 |
40 KB |
2 |
townnews.com
bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 27551 |
69 KB |
2 |
thetravelimages.com
static1.thetravelimages.com — Cisco Umbrella Rank: 232068 |
198 KB |
2 |
kxnet.com
www.kxnet.com |
78 KB |
1 |
rfihub.com
1 redirects
p.rfihub.com |
1 KB |
1 |
intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 2042 |
|
1 |
securedvisit.com
track2.securedvisit.com — Cisco Umbrella Rank: 7102 |
178 B |
1 |
bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 9143 |
16 KB |
1 |
onaudience.com
1 redirects
pixel.onaudience.com — Cisco Umbrella Rank: 3785 |
400 B |
1 |
dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 8870 |
599 B |
1 |
townsquare.media
townsquare.media — Cisco Umbrella Rank: 47104 |
200 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115 |
1 KB |
0 |
ib-ibi.com
Failed
global.ib-ibi.com Failed |
|
84 | 37 |
Domain | Requested by | |
---|---|---|
21 | weidennews.biz.id |
weidennews.biz.id
|
4 | t.sharethis.com |
pd.sharethis.com
t.sharethis.com |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | i.liadm.com | 3 redirects |
3 | px.ads.linkedin.com |
1 redirects
weidennews.biz.id
|
3 | idsync.rlcdn.com | 3 redirects |
3 | sync.sharethis.com |
weidennews.biz.id
|
3 | cm.g.doubleclick.net | 3 redirects |
3 | bcp.crwdcntrl.net |
1 redirects
weidennews.biz.id
tags.crwdcntrl.net |
3 | pd.sharethis.com |
e.dtscout.com
weidennews.biz.id t.sharethis.com |
3 | get.s-onetag.com |
e.dtscout.com
get.s-onetag.com |
3 | www.gannett-cdn.com |
weidennews.biz.id
|
2 | live.rezync.com | 2 redirects |
2 | ap.lijit.com |
1 redirects
weidennews.biz.id
|
2 | tags.bluekai.com |
1 redirects
tags.bkrtx.com
|
2 | ml314.com |
1 redirects
weidennews.biz.id
|
2 | ps.eyeota.net | 2 redirects |
2 | pippio.com | 1 redirects |
2 | match.adsrvr.org | 2 redirects |
2 | i.simpli.fi |
weidennews.biz.id
|
2 | lex.33across.com |
1 redirects
weidennews.biz.id
|
2 | t.dtscout.com |
e.dtscout.com
|
2 | ogden_images.s3.amazonaws.com |
weidennews.biz.id
|
2 | www.capitalgazette.com |
weidennews.biz.id
|
2 | bloximages.newyork1.vip.townnews.com |
weidennews.biz.id
|
2 | static1.thetravelimages.com |
weidennews.biz.id
|
2 | www.kxnet.com |
weidennews.biz.id
|
1 | ce.lijit.com | |
1 | um.simpli.fi | 1 redirects |
1 | p.rfihub.com | 1 redirects |
1 | api.intentiq.com |
data-beacons.s-onetag.com
|
1 | track2.securedvisit.com |
data-beacons.s-onetag.com
|
1 | stags.bluekai.com | 1 redirects |
1 | data-beacons.s-onetag.com |
get.s-onetag.com
|
1 | tags.bkrtx.com |
pd.sharethis.com
|
1 | tags.crwdcntrl.net |
cdn-tc.33across.com
|
1 | cdn-tc.33across.com |
de.tynt.com
|
1 | de.tynt.com |
cdn.tynt.com
|
1 | onetag-geo.s-onetag.com |
get.s-onetag.com
|
1 | ic.tynt.com |
weidennews.biz.id
|
1 | mwzeom.zeotap.com |
weidennews.biz.id
|
1 | spl.zeotap.com | 1 redirects |
1 | pixel.onaudience.com | 1 redirects |
1 | t.dtscdn.com |
e.dtscout.com
|
1 | cdn.tynt.com |
e.dtscout.com
|
1 | e.dtscout.com |
s4.histats.com
|
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
weidennews.biz.id
|
1 | townsquare.media |
weidennews.biz.id
|
1 | fonts.googleapis.com |
weidennews.biz.id
|
0 | global.ib-ibi.com Failed | |
84 | 51 |
This site contains links to these domains. Also see Links.
Domain |
---|
wordpress.org |
codevibrant.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
weidennews.biz.id GTS CA 1P5 |
2024-01-08 - 2024-04-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
usatoday.com R3 |
2023-11-30 - 2024-02-28 |
3 months | crt.sh |
*.kxnet.com R3 |
2023-12-05 - 2024-03-04 |
3 months | crt.sh |
static1.thetravelimages.com R3 |
2023-12-31 - 2024-03-30 |
3 months | crt.sh |
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1 |
2023-03-13 - 2024-04-12 |
a year | crt.sh |
tls.automattic.com R3 |
2023-12-01 - 2024-02-29 |
3 months | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-07-03 |
9 months | crt.sh |
www6.townsquaremedia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-13 - 2024-10-13 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-13 - 2024-05-11 |
a year | crt.sh |
histats.com R3 |
2023-11-23 - 2024-02-21 |
3 months | crt.sh |
dtscout.com GTS CA 1P5 |
2023-11-20 - 2024-02-18 |
3 months | crt.sh |
*.s-onetag.com Amazon RSA 2048 M03 |
2023-11-04 - 2024-12-01 |
a year | crt.sh |
sharethis.com Amazon RSA 2048 M02 |
2023-05-22 - 2024-06-19 |
a year | crt.sh |
*.tynt.com Sectigo RSA Domain Validation Secure Server CA |
2023-09-05 - 2024-09-30 |
a year | crt.sh |
dtscdn.com GTS CA 1P5 |
2023-11-15 - 2024-02-13 |
3 months | crt.sh |
cert1-prod.aut.a24365.net R3 |
2024-01-09 - 2024-04-08 |
3 months | crt.sh |
*.33across.com Sectigo RSA Domain Validation Secure Server CA |
2023-09-06 - 2024-09-30 |
a year | crt.sh |
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-07 - 2024-12-07 |
a year | crt.sh |
*.crwdcntrl.net Amazon RSA 2048 M01 |
2023-10-08 - 2024-11-05 |
a year | crt.sh |
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-06 - 2024-12-05 |
a year | crt.sh |
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-11 - 2024-12-11 |
a year | crt.sh |
securedvisit.com Amazon RSA 2048 M03 |
2023-08-16 - 2024-09-13 |
a year | crt.sh |
*.intentiq.com Amazon RSA 2048 M02 |
2023-04-11 - 2024-05-08 |
a year | crt.sh |
www.linkedin.com DigiCert SHA2 Secure Server CA |
2023-11-03 - 2024-05-03 |
6 months | crt.sh |
This page contains 9 frames:
Primary Page:
https://weidennews.biz.id/
Frame ID: 7188EC7333AD569FE0D1A4D532399860
Requests: 66 HTTP requests in this frame
Frame:
https://t.dtscout.com/idg/?su=6D0017050286575EB42A2FAF9B98540B
Frame ID: D7CFD949FF1A5FB049A062953669E118
Requests: 1 HTTP requests in this frame
Frame:
https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 3544F3E68A7181964ABEB9673EB62546
Requests: 3 HTTP requests in this frame
Frame:
https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: F01F8A2EA504E7E26AA98E6E271EC219
Requests: 1 HTTP requests in this frame
Frame:
https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 9ABFC3E6BBE0E2F88FBCF5B4DF20C0FF
Requests: 7 HTTP requests in this frame
Frame:
https://pd.sharethis.com/pd/test_oracle
Frame ID: 3931B4ACEF24F05D72EFB3674CF83193
Requests: 2 HTTP requests in this frame
Frame:
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK_bYHhQqNYkMbEaMN_85hg&google_cver=1
Frame ID: 3E5AAB9D58C2BEBD9EFAF7BF2E4C141A
Requests: 1 HTTP requests in this frame
Frame:
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=71092
Frame ID: 9E9395A5EA678993CC10D798CB3EBEDA
Requests: 1 HTTP requests in this frame
Frame:
https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 2ADCAA89B9F877302EFD1023B27888DE
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/3c47b468-b74e-4b14-8464-021507c64da4.png)
Page Title
Weiden News - Every voice matters, every story finds its courseDetected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Proudly powered by WordPress
Search URL Search Domain Scan URL
Title: CodeVibrant
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 49- https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=6D0017050286575EB42A2FAF9B98540B HTTP 302
- https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D0017050286575EB42A2FAF9B98540B
- https://pixel.onaudience.com/?partner=137085098&mapped=6D0017050286575EB42A2FAF9B98540B HTTP 302
- https://spl.zeotap.com/?zdid=1332&zcluid=ceb459fdb3c250d1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f2efd8b4-358a-4885-55df-0e8603d0763d&reqId=6909a1f4-9672-483e-623f-eb1eb4cac60b&zcluid=ceb459fdb3c250d1&zdid=1332 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f2efd8b4-358a-4885-55df-0e8603d0763d&reqId=6909a1f4-9672-483e-623f-eb1eb4cac60b&zcluid=ceb459fdb3c250d1&zdid=1332&google_tc= HTTP 302
- https://mwzeom.zeotap.com/mw?google_gid=CAESEJdME7MD7qD_iQYaMdE18O4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f2efd8b4-358a-4885-55df-0e8603d0763d&reqId=6909a1f4-9672-483e-623f-eb1eb4cac60b&zcluid=ceb459fdb3c250d1&zdid=1332
- https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1705028658703.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DSports%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fweidennews.biz.id%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D HTTP 302
- https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1705028658703.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3DSports%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fweidennews.biz.id%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D&b=1
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
- https://sync.sharethis.com/ttd?uid=b5bf6f73-b9a4-403f-b4c0-cc41e62af86e&gdpr=0&gdpr_consent=
- https://idsync.rlcdn.com/386076.gif?partner_uid=ZHOACGWgrDIAAAAJDCiwAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhPQUNHV2dyRElBQUFBSkRDaXdBdz09EAAaDQiz2IKtBhIFCOgHEABCAEoA HTTP 307
- https://pippio.com/api/sync?pid=5324&it=1&iv=5fc080f7cf2505b3568c1a33ffd27171e6a5afc31ce8f13ef743adf1aeeffa7a791426b5417dce21&_=2 HTTP 307
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5fc080f7cf2505b3568c1a33ffd27171e6a5afc31ce8f13ef743adf1aeeffa7a791426b5417dce21&rand=09371897 HTTP 302
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=5fc080f7cf2505b3568c1a33ffd27171e6a5afc31ce8f13ef743adf1aeeffa7a791426b5417dce21&rand=09371897&expected_cookie=b01426e4-7979-4ce9-8cd2-c4ff28335c48
- https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
- https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
- https://sync.sharethis.com/eyeota?uid=2PE4D6jIIsP-rkjwDUoK8FTesQKc07XnrTWylJjBpsbA&gdpr=0&gdpr_consent=
- https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHOACGWgrDIAAAAJDCiwAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
- https://idsync.rlcdn.com/395886.gif?partner_uid=3641289986299396120 HTTP 307
- https://ml314.com/csync.ashx?fp=fad4ad914a6eeab93ea4510bdda217ad9a90ebea21589c758216d9d40ba1fb49f4cb09cee1a4f8eb&person_id=3641289986299396120&eid=50082
- https://tags.bluekai.com/site/59574?id=ZHOACGWgrDIAAAAJDCiwAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
- https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
- https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHOACGWgrDIAAAAJDCiwAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=3452492 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=VnhJN09Id005OVlWb2JPaw%3D%3D HTTP 302
- https://tags.bluekai.com/site/2981?id=&google_gid=CAESEK_bYHhQqNYkMbEaMN_85hg&google_cver=1
- https://ap.lijit.com/readerinfo/v2 HTTP 307
- https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
- https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H-g4jSZHbJitN_MlR-ezo-VY&rnd=40845 HTTP 303
- https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H-g4jSZHbJitN_MlR-ezo-VY&rnd=40845&_li_chk=true&previous_uuid=d484750f4dcb4b2f86a80141f3f403e7 HTTP 303
- https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d484750f-4dcb-4b2f-86a8-0141f3f403e7 HTTP 302
- https://p.rfihub.com/cm?pub=39342&in=1&userid=d14c72c4-8756-4401-b421-ece69d3b660e%3A1705028662.8951766&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd14c72c4-8756-4401-b421-ece69d3b660e%253A1705028662.8951766%26pid%3D500040%26it%3D1%26iv%3Dd14c72c4-8756-4401-b421-ece69d3b660e%253A1705028662.8951766%26_%3D1705028662.8970184&cb=1705028662.8970618 HTTP 302
- https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978758895014667414&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dd14c72c4-8756-4401-b421-ece69d3b660e%253A1705028662.8951766%26pid%3D500040%26it%3D1%26iv%3Dd14c72c4-8756-4401-b421-ece69d3b660e%253A1705028662.8951766%26_%3D1705028662.8970184 HTTP 302
- https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=d14c72c4-8756-4401-b421-ece69d3b660e%3A1705028662.8951766&pid=500040&it=1&iv=d14c72c4-8756-4401-b421-ece69d3b660e%3A1705028662.8951766&_=1705028662.8970184 HTTP 303
- https://pippio.com/api/sync?it=1&pid=500040&_=1705028662.8970184&iv=d14c72c4-8756-4401-b421-ece69d3b660e:1705028662.8951766
- https://um.simpli.fi/lj_match?r=3869 HTTP 302
- https://ce.lijit.com/merge?pid=2&3pid=31DD810F6339484FA586F7C8BBCB6B76
- https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H-g4jSZHbJitN_MlR-ezo-VY&rnd=64928 HTTP 303
- https://x.bidswitch.net/sync?ssp=liveintent&user_id=d484750f-4dcb-4b2f-86a8-0141f3f403e7 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=d484750f-4dcb-4b2f-86a8-0141f3f403e7 HTTP 302
- https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0a07d0b7-93ee-4599-be7e-c846aee44320&ssp=liveintent&gdpr=&gdpr_consent= HTTP 302
- https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10595069976883270443&ssp=liveintent&gdpr=&gdpr_consent=
84 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
weidennews.biz.id/ |
140 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
weidennews.biz.id/wp-includes/css/dist/block-library/ |
107 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lightslider.min.css
weidennews.biz.id/wp-content/themes/azure-news/assets/library/lightslider/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boxicons.min.css
weidennews.biz.id/wp-content/themes/azure-news/assets/library/box-icons/css/ |
66 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
weidennews.biz.id/wp-content/themes/azure-news/ |
96 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
azure-news-responsive.css
weidennews.biz.id/wp-content/themes/azure-news/assets/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
azure-news-preloader.css
weidennews.biz.id/wp-content/themes/azure-news/assets/css/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
weidennews.biz.id/wp-includes/js/jquery/ |
86 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
weidennews.biz.id/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
99541525-7627-448f-9d28-e895a00a0851
https://weidennews.biz.id/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72158504007-01082024-um-2-h-7.jpg
www.gannett-cdn.com/authoring/authoring-images/2024/01/09/PDTF/ |
75 KB 75 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cold-bus-pk.00_00_21_12.Still001.jpg
www.kxnet.com/wp-content/uploads/sites/16/2024/01/ |
39 KB 39 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_6451.jpeg
static1.thetravelimages.com/wordpress/wp-content/uploads/2024/01/ |
98 KB 99 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65a086e466164.image.jpg
bloximages.newyork1.vip.townnews.com/kwwl.com/content/tncms/assets/v3/editorial/8/72/872e1e46-7192-504a-9dcf-8a78f214e852/ |
34 KB 34 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TBS-L-CARROLLTONPOLICESHOOTING-01.jpg
www.capitalgazette.com/wp-content/uploads/2024/01/ |
20 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1-11-1b-mich-fb.jpg
ogden_images.s3.amazonaws.com/www.miningjournal.net/images/2024/01/10232227/ |
172 KB 172 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72152426007-img-0879.PNG
www.gannett-cdn.com/authoring/authoring-images/2024/01/08/PAPP/ |
118 KB 118 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
godaddy.jpg
townsquare.media/site/673/files/2020/06/ |
200 KB 200 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
core.min.js
weidennews.biz.id/wp-includes/js/jquery/ui/ |
21 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tabs.min.js
weidennews.biz.id/wp-includes/js/jquery/ui/ |
12 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.cookie.js
weidennews.biz.id/wp-content/themes/azure-news/assets/library/jquery-cookie/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lightslider.min.js
weidennews.biz.id/wp-content/themes/azure-news/assets/library/lightslider/js/ |
31 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.marquee.js
weidennews.biz.id/wp-content/themes/azure-news/assets/library/js-marquee/ |
24 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.sticky.min.js
weidennews.biz.id/wp-content/themes/azure-news/assets/library/sticky/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
theia-sticky-sidebar.min.js
weidennews.biz.id/wp-content/themes/azure-news/assets/library/sticky-sidebar/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
navigation.js
weidennews.biz.id/wp-content/themes/azure-news/assets/js/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main-scripts.js
weidennews.biz.id/wp-content/themes/azure-news/assets/js/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
keyboard-accessibility.js
weidennews.biz.id/wp-content/themes/azure-news/assets/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72158504007-01082024-um-2-h-7.jpg
www.gannett-cdn.com/authoring/authoring-images/2024/01/09/PDTF/ |
75 KB 75 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cold-bus-pk.00_00_21_12.Still001.jpg
www.kxnet.com/wp-content/uploads/sites/16/2024/01/ |
39 KB 39 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_6451.jpeg
static1.thetravelimages.com/wordpress/wp-content/uploads/2024/01/ |
98 KB 99 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65a086e466164.image.jpg
bloximages.newyork1.vip.townnews.com/kwwl.com/content/tncms/assets/v3/editorial/8/72/872e1e46-7192-504a-9dcf-8a78f214e852/ |
34 KB 35 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TBS-L-CARROLLTONPOLICESHOOTING-01.jpg
www.capitalgazette.com/wp-content/uploads/2024/01/ |
20 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
boxicons.woff2
weidennews.biz.id/wp-content/themes/azure-news/assets/library/box-icons/fonts/ |
113 KB 114 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ |
38 KB 39 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-emoji-release.min.js
weidennews.biz.id/wp-includes/js/ |
18 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1-11-1b-mich-fb.jpg
ogden_images.s3.amazonaws.com/www.miningjournal.net/images/2024/01/10232227/ |
172 KB 172 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
378 B 513 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
e.dtscout.com/e/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
t.dtscout.com/idg/ Frame D7CF |
1 KB 761 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ |
33 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dtscout
pd.sharethis.com/pd/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
afwu.js
cdn.tynt.com/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
t.dtscout.com/pv/ |
51 B 345 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
t.dtscdn.com/widget/ |
0 599 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tpid=6D0017050286575EB42A2FAF9B98540B
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/ Redirect Chain
|
49 B 544 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mw
mwzeom.zeotap.com/ Redirect Chain
|
95 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p
ic.tynt.com/b/ |
35 B 648 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.dhj
t.sharethis.com/1/d/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dtscout
pd.sharethis.com/pd/ |
42 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
onetag-geo.s-onetag.com/ |
50 B 456 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v2
de.tynt.com/deb/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lotame-sync.html
cdn-tc.33across.com/ Frame 3544 |
343 B 459 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
lex.33across.com/ps/v1/pubtoken/ Redirect Chain
|
0 68 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpx
i.simpli.fi/ |
95 B 552 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpx
i.simpli.fi/ |
95 B 554 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t_.htm
t.sharethis.com/a/ Frame F01F |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t_.js
t.sharethis.com/1.1268.23380/a/US/ Frame 9ABF |
19 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
test_oracle
pd.sharethis.com/pd/ Frame 3931 |
438 B 675 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ttd
sync.sharethis.com/ Frame 9ABF Redirect Chain
|
42 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
db_sync
px.ads.linkedin.com/ Frame 9ABF Redirect Chain
|
0 142 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eyeota
sync.sharethis.com/ Frame 9ABF Redirect Chain
|
42 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
csync.ashx
ml314.com/ Frame 9ABF Redirect Chain
|
43 B 124 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oracle
sync.sharethis.com/ Frame 9ABF Redirect Chain
|
42 B 297 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 3544 |
39 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bk-coretag.js
tags.bkrtx.com/js/ Frame 3931 |
51 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dataBeacons.min.js
data-beacons.s-onetag.com/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
map
bcp.crwdcntrl.net/6/ Frame 3544 |
235 B 613 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2981
tags.bluekai.com/site/ Frame 3E5A Redirect Chain
|
62 B 306 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v2
ap.lijit.com/readerinfo/ Redirect Chain
|
41 B 465 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1540_03681
track2.securedvisit.com/sync/ |
43 B 178 B |
Script
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 9E93 |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
pippio.com/api/ Redirect Chain
|
42 B 193 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.gif
t.sharethis.com/d/ Frame 9ABF |
0 289 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
db_sync
px.ads.linkedin.com/ |
0 142 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
merge
ce.lijit.com/ Redirect Chain
|
43 B 679 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image.sbmx
global.ib-ibi.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 2ADC |
85 B 466 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 2ADC |
766 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- global.ib-ibi.com
- URL
- https://global.ib-ibi.com/image.sbmx?go=298769&pid=541&xid=10595069976883270443&ssp=liveintent&gdpr=&gdpr_consent=
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| _Hasync object| OG_JSObject function| chfh function| chfh2 string| _HST_cntval object| Histats object| twemoji object| wp object| _HistatsCounterGraphics_0_setValues object| a object| cv object| Tynt object| _dtspv number| char object| _33Across function| __uspapi object| __connect object| __underground object| s48 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
i.liadm.com/s | Name: _li_ss Value: CggKBgiiARD6Fg |
|
weidennews.biz.id/ | Name: HstCfa4618594 Value: 1705028656739 |
|
weidennews.biz.id/ | Name: HstCla4618594 Value: 1705028656739 |
|
weidennews.biz.id/ | Name: HstCmu4618594 Value: 1705028656739 |
|
weidennews.biz.id/ | Name: HstPn4618594 Value: 1 |
|
weidennews.biz.id/ | Name: HstPt4618594 Value: 1 |
|
weidennews.biz.id/ | Name: HstCnv4618594 Value: 1 |
|
weidennews.biz.id/ | Name: HstCns4618594 Value: 1 |
|
.dtscout.com/ | Name: m Value: 1 |
|
.dtscout.com/ | Name: st Value: 1 |
|
.dtscout.com/ | Name: oa Value: 1 |
|
.dtscout.com/ | Name: df Value: 1705028657 |
|
.dtscout.com/ | Name: l Value: 6D0017050286575EB42A2FAF9B98540B |
|
.weidennews.biz.id/ | Name: __dtsu Value: 6D0017050286575EB42A2FAF9B98540B |
|
.sharethis.com/ | Name: __stid Value: ZHOACGWgrDIAAAAJDCiwAw== |
|
.sharethis.com/ | Name: __stidv Value: 2 |
|
.dtscdn.com/ | Name: uid Value: 6D0017050286575EB42A2FAF9B98540B |
|
.crwdcntrl.net/ | Name: _cc_dc Value: 0 |
|
.crwdcntrl.net/ | Name: _cc_id Value: 5b3d24f1eb72879590e918d01756c29b |
|
.onaudience.com/ | Name: cookie Value: ceb459fdb3c250d1 |
|
.onaudience.com/ | Name: done_redirects219 Value: 1 |
|
.tynt.com/ | Name: uid Value: rcJ4gGWgrDIal6Z1DBS/Zw== |
|
.tynt.com/ | Name: pids Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1705028658704%7D%2C%7B%22p%22%3A%22b1b5df9b98%22%2C%22f%22%3A1%2C%22ts%22%3A1705028658704%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1705028658704%7D%5D |
|
.zeotap.com/ | Name: zc Value: f2efd8b4-358a-4885-55df-0e8603d0763d |
|
.zeotap.com/ | Name: zsc Value: 1%F1E%1A%F1%ECQ%7C%27%97%D2%06%82%04%F8%CB%1C%84%85%8Dq%2CRz%C8%17%C7%CF%B8%0D%8F%9E1r%98%F1P%96O%2A%C2%E7%04%29%89%3By0%B0%95%DE%26%FEz%A5%95%B8%28%DF%3A%F6%89%2F%3A%7F%06Bxe%A8%D8%C5%86oE%F1y%D2%C1n%04%BE8 |
|
.t.sharethis.com/ | Name: pxcelPage_default_c010_C Value: 1_0_1705028658998 |
|
.simpli.fi/ | Name: suid Value: 31DD810F6339484FA586F7C8BBCB6B76 |
|
.33across.com/ | Name: 33x_b Value: 1 |
|
.rlcdn.com/ | Name: rlas3 Value: wb1Etro6jDmBdcNp9lnmkeJoqASw/vcS13XBee4ztkg= |
|
.adsrvr.org/ | Name: TDID Value: b5bf6f73-b9a4-403f-b4c0-cc41e62af86e |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUke079gPwk-KY-dx2oR3q4zgQfOu2mAjlGiBj5NOJuWdA-h2FPoKFBSp0FWR_Y |
|
.ml314.com/ | Name: pi Value: 3641289986299396120 |
|
.adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwjs5N_nvMnJPBAFOAE. |
|
.eyeota.net/ | Name: mako_uid Value: 18cfba0a89d-718b0000010a4e4d |
|
.eyeota.net/ | Name: SERVERID Value: 20045~DM |
|
.rlcdn.com/ | Name: pxrc Value: CLPYgq0GEgUI204QAA== |
|
.bluekai.com/ | Name: bku Value: +rQ99emLGsUXOvza |
|
.pippio.com/ | Name: did Value: 9v86a4_QB7e2Rd2A |
|
.pippio.com/ | Name: didts Value: 1705028659 |
|
.pippio.com/ | Name: nnls Value: |
|
.pippio.com/ | Name: pxrc Value: CLPYgq0GEgYIgr0rEAA= |
|
.linkedin.com/ | Name: li_sugr Value: b01426e4-7979-4ce9-8cd2-c4ff28335c48 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&e7e9d796-8598-4c09-8946-f646557063f5" |
|
.linkedin.com/ | Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2738:u=1:x=1:i=1705028659:t=1705115059:v=2:sig=AQHXJiGVUuZu5K2pmvje0vGUFUhvEI7n" |
|
.lijit.com/ | Name: ljt_reader Value: H-g4jSZHbJitN_MlR-ezo-VY |
|
.intentiq.com/ | Name: IQver Value: 1.9 |
|
.t.sharethis.com/ | Name: pxcelBcnLcy Value: 122 |
|
.liadm.com/ | Name: lidid Value: d484750f-4dcb-4b2f-86a8-0141f3f403e7 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ap.lijit.com
api.intentiq.com
bcp.crwdcntrl.net
bloximages.newyork1.vip.townnews.com
cdn-tc.33across.com
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
data-beacons.s-onetag.com
de.tynt.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
global.ib-ibi.com
i.liadm.com
i.simpli.fi
ic.tynt.com
idsync.rlcdn.com
lex.33across.com
live.rezync.com
match.adsrvr.org
ml314.com
mwzeom.zeotap.com
ogden_images.s3.amazonaws.com
onetag-geo.s-onetag.com
p.rfihub.com
pd.sharethis.com
pippio.com
pixel.onaudience.com
ps.eyeota.net
px.ads.linkedin.com
s10.histats.com
s4.histats.com
spl.zeotap.com
stags.bluekai.com
static1.thetravelimages.com
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
townsquare.media
track2.securedvisit.com
um.simpli.fi
weidennews.biz.id
www.capitalgazette.com
www.gannett-cdn.com
www.kxnet.com
global.ib-ibi.com
104.16.133.24
104.18.35.167
107.178.254.65
141.94.170.77
142.251.40.194
142.4.219.198
151.101.129.91
151.101.130.62
172.64.153.173
18.155.129.56
18.164.52.120
18.191.83.3
18.214.54.215
192.0.66.165
192.229.163.86
199.38.167.130
23.33.238.66
23.52.165.115
23.7.64.229
2606:4700:10::6814:4f63
2606:4700:10::ac43:28ad
2606:4700:20::681a:d3c
2606:4700:21::8d65:780b
2606:4700:3035::6815:56eb
2607:f8b0:4006:81d::2003
2607:f8b0:4006:822::200a
2620:1ec:21::14
2a02:6ea0:c454::1
3.129.242.3
3.33.220.150
34.117.77.79
34.86.70.109
35.194.66.159
35.244.154.8
44.212.116.142
52.1.112.24
52.217.171.185
52.222.169.69
52.72.21.140
52.84.174.78
63.251.86.50
63.251.86.51
67.202.105.23
67.202.105.33
99.86.91.126
99.86.91.79
0202eadb2fa15175d50c29ad3abd758d60aa3401f1274bd5a592a0c4c1dbed30
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e0e53f1af40a96a19fc3993545ce9a347473ddb4c90daa35af51b541f360378
1141dd3c68e7693671ef7e61e0b195d2f9617848d920fc72cd3023490f5288dd
1350e97ca41678c3d2c26069f15636735a9a5f313de50e1b5922e7b71e31f8fe
1526cc8789f4c86d5d74577bb5fdd0598a9f9d2e3131aafb3bc17738ff28ce88
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
25028fb7ee704b0b4dc19bbec05c2dafdfb38cf6c166a44ab2c4fcd7cf98c23f
29e2bbc67e3fca03de4dbfc5458d6e30090b70d58b3e33c0e5815b8bd6282558
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
35cc578e05748e9ffdc4224517775cf739f90f99d43426db0da38a7d93e9613f
397b87eaeb85cd0690cfff43a4f51fa6dc17e31df5a9e4a3c32c20fb65d91474
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3df85d41a6dd7ef20d4e091279b5514da5e2bfff45671c57ecbc6c4629f02149
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fe0747b6a489a7bbc177d02349cdffceac69d2cbb45daeaaad4cc7152473152
42bc7c07855d9240a1b1f87c290d4d8bb3863e69327cceb898737d38c0d4a13a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b87cbc74f3ffaf08314a5d81b501be6fc36f553dbe446ef5a4b29f0138ba0b0
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5112dc6a35c654d7639b431b41c06e866d325ed9cd291bbbde0ad47752a583f3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943
5f2ed326a2b8b5658bd301efdbbecd33cd43e08209c0e957d571f2ce8405b382
60d2a29737ef288d74c79254f44f0f5153ffaf0ce1c74c2aed2abaacba5854f7
620eea24b0cee1d8cc8395c80f295cf2e7b6fab962493c26b49a8d42b63a4dc9
65d15720353909952abc39ea147f61df7ba4d245e2564be45b8b3430ebd09452
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69bda113ed41af2ff153829bc191361bf535369f00142d38fe3721b6c5ba3b7f
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
6bdfe20c6e89cfb9852ff671df13c6b6dc6e58957f1367774704b109b275ed14
6d13eca428815a78b87912f12bdea9dfcf78b13f15442e0dadb343884612b7ba
6eefcd3667469bdd586192f4c0b92d0c7fa39cee6fbd3d9d91e529eb48351d25
6f96b947f279e072b5589eae72e35965a96c458b1b17f9d7bee2ae57fe17e77f
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
7f785ade8fa43f2b4fc60374ddd5a073b13efd3c1eacbed4e6ca1f5b214dcee5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8c2f495c7823d6ae6bb19c3df05488343e055ec6232d6dbe09309b12e8d1e88f
96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada
9ac1ba0fd033fdc1ac6df78af8d9e9fff9430881024ca2d53430467d1c256a01
9b32c7b97b65493767581b8f8b89af64bd396a2dcb30869aa3e2e70b13c52159
a7006c93bef110beaf820d6f58a54a4f85653b326fe44df025e042c530ea83c9
aca862ca823018b8af0aab9ef7648766570685b1e92697f891cabbef880eecfa
afc60b9f271dd7854746915d598af11a82c74c62c8084fee7861df9d37899b19
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1940d2fd0a9b2c2e33284937f3dd5d2157528fa509e9b9d17fd7ca362a5c0ac
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d45dea360a157a051dc7dfa12ed39b0077eda43e45e8bca2430ae43a6978d032
d6a85610fce169edf38abd4c2eb5dffdb1842d116b9bb8426b337c88ee77bce7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615