www.thenewsherald.com
Open in
urlscan Pro
192.0.66.168
Public Scan
Effective URL: https://www.thenewsherald.com/
Submission: On December 16 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 31st 2022. Valid for: 3 months.
This is the only time www.thenewsherald.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16552 (TIGGEE, US)
PTR: redirection.dnsmadeeasy.com
ypsilanticourier.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-43.vie50.r.cloudfront.net
mng-thenewsherald.zeustechnology.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-108-49.fra56.r.cloudfront.net
c.amazon-adsystem.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-105-49.fra60.r.cloudfront.net
cdn.auth0.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-124.vie50.r.cloudfront.net
cdn.p-n.io |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-41.fra56.r.cloudfront.net
z618.thenewsherald.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prodmg2.blob.core.windows.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-61.vie50.r.cloudfront.net
cdn.parsely.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-101-105.us-west-2.compute.amazonaws.com
session.denverpost.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-174-180.compute-1.amazonaws.com
medianewsgroup.blueconic.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-169-33.eu-central-1.compute.amazonaws.com
k.p-n.io |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 228.25.239.35.bc.googleusercontent.com
marketplace.digitalfirstmedia.com | |
marketplace.medianewsgroup.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-41.fra2.r.cloudfront.net
ats.rlcdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-84.vie50.r.cloudfront.net
geo.privacymanager.io |
ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net | |
fp-cdn.azureedge.net | |
g2insights-cdn.azureedge.net | |
cdn.czx5eyk0exbhwp43ya.biz |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-dfm-proxy-connext.azurewebsites.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
32 |
thenewsherald.com
1 redirects
www.thenewsherald.com — Cisco Umbrella Rank: 403704 z618.thenewsherald.com — Cisco Umbrella Rank: 807362 |
543 KB |
12 |
czx5eyk0exbhwp43ya.biz
cdn.czx5eyk0exbhwp43ya.biz — Cisco Umbrella Rank: 31380 |
210 KB |
9 |
medianewsgroup.com
marketplace.medianewsgroup.com — Cisco Umbrella Rank: 239426 |
42 KB |
4 |
azurewebsites.net
prod-dfm-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 59257 |
89 KB |
4 |
p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4825 k.p-n.io — Cisco Umbrella Rank: 3041 |
52 KB |
3 |
azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 26446 fp-cdn.azureedge.net — Cisco Umbrella Rank: 42543 g2insights-cdn.azureedge.net — Cisco Umbrella Rank: 41955 |
238 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29 |
40 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51 |
240 KB |
3 |
denverpost.com
session.denverpost.com — Cisco Umbrella Rank: 201437 |
769 B |
3 |
amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296 |
92 KB |
2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 803 |
408 B |
2 |
amazonaws.com
paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 36728 |
2 KB |
2 |
confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383 |
125 KB |
2 |
blueconic.net
medianewsgroup.blueconic.net — Cisco Umbrella Rank: 82139 |
2 KB |
2 |
wp.com
stats.wp.com — Cisco Umbrella Rank: 2897 pixel.wp.com — Cisco Umbrella Rank: 2717 |
3 KB |
2 |
osano.com
cmp.osano.com — Cisco Umbrella Rank: 6416 |
77 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37 ajax.googleapis.com — Cisco Umbrella Rank: 304 |
32 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381 |
98 KB |
2 |
zeustechnology.com
mng-thenewsherald.zeustechnology.com — Cisco Umbrella Rank: 969769 |
115 KB |
1 |
db-ip.com
api-mg2.db-ip.com — Cisco Umbrella Rank: 24219 |
814 B |
1 |
privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1638 |
605 B |
1 |
scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154 |
191 B |
1 |
rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1641 |
37 KB |
1 |
digitalfirstmedia.com
1 redirects
marketplace.digitalfirstmedia.com — Cisco Umbrella Rank: 322467 |
129 B |
1 |
polyfill.io
polyfill.io — Cisco Umbrella Rank: 1392 |
574 B |
1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2191 |
22 KB |
1 |
ntv.io
s.ntv.io — Cisco Umbrella Rank: 3120 |
149 KB |
1 |
parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2773 |
21 KB |
1 |
windows.net
prodmg2.blob.core.windows.net — Cisco Umbrella Rank: 55340 |
144 KB |
1 |
auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 8405 |
38 KB |
1 |
ypsilanticourier.com
1 redirects
ypsilanticourier.com |
169 B |
116 | 31 |
Domain | Requested by | |
---|---|---|
25 | www.thenewsherald.com |
1 redirects
www.thenewsherald.com
cmp.osano.com |
12 | cdn.czx5eyk0exbhwp43ya.biz |
cmp.osano.com
|
9 | marketplace.medianewsgroup.com |
www.thenewsherald.com
marketplace.medianewsgroup.com |
7 | z618.thenewsherald.com |
www.thenewsherald.com
z618.thenewsherald.com cmp.osano.com az416426.vo.msecnd.net |
4 | prod-dfm-proxy-connext.azurewebsites.net |
cdn.czx5eyk0exbhwp43ya.biz
|
3 | www.google-analytics.com |
cmp.osano.com
|
3 | www.googletagmanager.com |
cmp.osano.com
|
3 | session.denverpost.com |
www.thenewsherald.com
|
3 | c.amazon-adsystem.com |
www.thenewsherald.com
c.amazon-adsystem.com |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
2 | paywall-ad-bucket.s3.amazonaws.com |
www.thenewsherald.com
cdn.czx5eyk0exbhwp43ya.biz |
2 | cdn.confiant-integrations.net |
cmp.osano.com
|
2 | k.p-n.io |
cdn.p-n.io
|
2 | medianewsgroup.blueconic.net |
z618.thenewsherald.com
cmp.osano.com |
2 | cmp.osano.com |
www.thenewsherald.com
cmp.osano.com |
2 | cdn.p-n.io |
www.thenewsherald.com
cmp.osano.com |
2 | cdn.jsdelivr.net |
www.thenewsherald.com
cdn.jsdelivr.net |
2 | mng-thenewsherald.zeustechnology.com |
www.thenewsherald.com
|
1 | api-mg2.db-ip.com |
cdn.czx5eyk0exbhwp43ya.biz
|
1 | g2insights-cdn.azureedge.net |
cmp.osano.com
|
1 | fp-cdn.azureedge.net |
cmp.osano.com
|
1 | loader-cdn.azureedge.net |
ajax.googleapis.com
|
1 | geo.privacymanager.io |
ats.rlcdn.com
|
1 | sb.scorecardresearch.com |
www.thenewsherald.com
|
1 | ats.rlcdn.com |
cmp.osano.com
|
1 | pixel.wp.com |
www.thenewsherald.com
|
1 | marketplace.digitalfirstmedia.com | 1 redirects |
1 | polyfill.io |
ajax.googleapis.com
|
1 | az416426.vo.msecnd.net |
www.thenewsherald.com
|
1 | stats.wp.com |
www.thenewsherald.com
|
1 | s.ntv.io |
www.thenewsherald.com
|
1 | cdn.parsely.com |
www.thenewsherald.com
|
1 | prodmg2.blob.core.windows.net |
www.thenewsherald.com
|
1 | cdn.auth0.com |
www.thenewsherald.com
|
1 | ajax.googleapis.com |
www.thenewsherald.com
|
1 | fonts.googleapis.com |
www.thenewsherald.com
|
1 | ypsilanticourier.com | 1 redirects |
116 | 37 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
thenewsherald.com R3 |
2022-10-31 - 2023-01-29 |
3 months | crt.sh |
*.zeustechnology.com Amazon |
2022-04-15 - 2023-05-14 |
a year | crt.sh |
c.amazon-adsystem.com Amazon |
2022-05-09 - 2023-04-18 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1 |
2022-03-21 - 2023-04-22 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.auth0.com Amazon |
2022-03-26 - 2023-04-24 |
a year | crt.sh |
pushlycdn.com Amazon |
2022-02-14 - 2023-03-15 |
a year | crt.sh |
m349.eptrail.com Amazon |
2022-06-16 - 2023-07-15 |
a year | crt.sh |
cmp.osano.com Amazon |
2022-09-02 - 2023-09-30 |
a year | crt.sh |
*.blob.core.windows.net Microsoft RSA TLS CA 02 |
2022-09-18 - 2023-09-18 |
a year | crt.sh |
*.parsely.com Amazon |
2022-06-05 - 2023-07-04 |
a year | crt.sh |
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1 |
2022-10-24 - 2023-10-26 |
a year | crt.sh |
*.wp.com Sectigo ECC Domain Validation Secure Server CA |
2022-11-14 - 2023-12-15 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-10 - 2024-01-11 |
a year | crt.sh |
*.denverpost.com Amazon |
2022-04-29 - 2023-05-28 |
a year | crt.sh |
*.blueconic.net Amazon |
2022-07-08 - 2023-08-06 |
a year | crt.sh |
*.p-n.io Amazon |
2022-01-10 - 2023-02-06 |
a year | crt.sh |
*.medianewsgroup.com Go Daddy Secure Certificate Authority - G2 |
2021-12-23 - 2023-01-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.confiant-integrations.net E1 |
2022-11-24 - 2023-02-22 |
3 months | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-02-03 - 2023-02-25 |
a year | crt.sh |
*.scorecardresearch.com Amazon |
2022-01-29 - 2023-02-27 |
a year | crt.sh |
*.privacymanager.io Amazon |
2022-08-26 - 2023-09-24 |
a year | crt.sh |
snibe7egl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-31 - 2023-03-03 |
a year | crt.sh |
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01 |
2022-03-14 - 2023-03-09 |
a year | crt.sh |
*.s3.amazonaws.com Amazon |
2022-09-21 - 2023-08-26 |
a year | crt.sh |
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 01 |
2022-11-21 - 2023-11-16 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-17 - 2023-05-17 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.thenewsherald.com/
Frame ID: 572C1E59D93672612669D1B1E4839102
Requests: 104 HTTP requests in this frame
Frame:
https://marketplace.medianewsgroup.com/promos/wordpress.asp?nid=20
Frame ID: 1450F6A4CC72746CE6277DA33DBF7AF9
Requests: 1 HTTP requests in this frame
Frame:
https://cmp.osano.com/
Frame ID: E2D7B5B39E47803DDA11773379AF2859
Requests: 1 HTTP requests in this frame
Frame:
https://marketplace.medianewsgroup.com/promos/daily.asp?nid=20
Frame ID: FD016D7A1335E5605D0B8D19114A20C7
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
The News Herald – Southgate, MI News, Sports, Weather & Things to DoPage URL History Show full URLs
-
http://ypsilanticourier.com/
HTTP 302
http://www.thenewsherald.com/ HTTP 301
https://www.thenewsherald.com/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Polyfill (JavaScript Libraries) Expand
Detected patterns
- /polyfill\.min\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
34 Outgoing links
These are links going to different origins than the main page.
Title: Subscribe Now
Search URL Search Domain Scan URL
Title: 39°F
Search URL Search Domain Scan URL
Title: e-Edition
Search URL Search Domain Scan URL
Title: Obituaries
Search URL Search Domain Scan URL
Title: Lottery
Search URL Search Domain Scan URL
Title: Marketplace
Search URL Search Domain Scan URL
Title: Business Directory
Search URL Search Domain Scan URL
Title: Today’s Ads
Search URL Search Domain Scan URL
Title: Shopping Guide
Search URL Search Domain Scan URL
Title: Place a Classified Ad
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Best of the Best 2021
Search URL Search Domain Scan URL
Title: Subscribe
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Title: Obituaries
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: ‘Die-95′: How to survive the stress and dangers of Florida’s Interstate 95
Search URL Search Domain Scan URL
Title: Southern California’s drought has hit emergency level, agency declares
Search URL Search Domain Scan URL
Title: Prisoner’s hurricane-tossed yacht is demolished off Pompano Beach
Search URL Search Domain Scan URL
Title: Sam Bankman-Fried’s esteemed Stanford parents face their own reckoning
Search URL Search Domain Scan URL
Title: Stephen ‘tWitch’ Boss’ suicide part of alarming trend in the United States
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: MediaNews Group
Search URL Search Domain Scan URL
Title: Work With Us
Search URL Search Domain Scan URL
Title: Press & Guide
Search URL Search Domain Scan URL
Title: The Voice
Search URL Search Domain Scan URL
Title: Network Advertising
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Arbitration
Search URL Search Domain Scan URL
Title: Powered by WordPress.com VIP
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ypsilanticourier.com/
HTTP 302
http://www.thenewsherald.com/ HTTP 301
https://www.thenewsherald.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 43- https://marketplace.digitalfirstmedia.com/promos/wordpress.asp?nid=20 HTTP 301
- https://marketplace.medianewsgroup.com/promos/wordpress.asp?nid=20
116 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.thenewsherald.com/ Redirect Chain
|
215 KB 43 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernearthy.css
www.thenewsherald.com/wp-content/themes/assets/static/css/ |
376 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
mng-thenewsherald.zeustechnology.com/ |
0 57 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
0 45 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
www.thenewsherald.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.thenewsherald.com/wp-content/client-mu-plugins/src/Sitemap/includes/ |
880 B 404 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.thenewsherald.com/_static/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ |
56 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.thenewsherald.com/_static/ |
86 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
178 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zeus-adapter.js
www.thenewsherald.com/wp-content/plugins/dfm_zeus/assets/dist/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
mng-thenewsherald.zeustechnology.com/ |
332 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.thenewsherald.com/_static/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.min.js
www.thenewsherald.com/wp-content/plugins/loader-wp/static/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth0-spa-js.production.js
cdn.auth0.com/js/auth0-spa-js/1.13/ |
105 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.thenewsherald.com/_static/ |
206 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pushly-sdk.min.js
cdn.p-n.io/ |
220 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dfm-pushly.min.js
www.thenewsherald.com/wp-content/plugins/dfm-pushly/static/js/ |
160 B 206 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
z618.thenewsherald.com/ |
154 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osano.js
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ |
342 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mg2nw.min.js
prodmg2.blob.core.windows.net/newsletterwidget/mngcep/ |
143 KB 144 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
News-HeraldMI-logo.png
www.thenewsherald.com/wp-content/uploads/2021/06/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.thenewsherald.com/_static/ |
49 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.js
cdn.parsely.com/keys/thenewsherald.com/ |
56 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads.js
www.thenewsherald.com/wp-content/themes/wp-mason/static/js/ |
87 B 139 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.thenewsherald.com/_static/ |
107 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load.js
s.ntv.io/serve/ |
537 KB 149 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.thenewsherald.com/_static/ |
3 KB 857 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e-202250.js
stats.wp.com/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
polyfill.io/v3/ |
101 B 574 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session
session.denverpost.com/api/ |
93 B 257 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs
medianewsgroup.blueconic.net/DG/DEFAULT/ |
16 B 699 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
98c63151-0d4c-49bf-bb7a-6bd69f10c72e
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pushly-sdk.min.css
cdn.p-n.io/ |
27 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event-stream
k.p-n.io/ |
0 126 B |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event-stream
k.p-n.io/ |
0 125 B |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session
session.denverpost.com/api/ |
93 B 256 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 9 KB |
Font
font/truetype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9fee0c16-28e7-40d4-aac2-ce7544034cbb
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ |
88 KB 89 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wordpress.asp
marketplace.medianewsgroup.com/promos/ Frame 1450 Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.chunk.min.js
www.thenewsherald.com/wp-content/themes/assets/static/js/ |
42 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-async.chunk.min.js
www.thenewsherald.com/wp-content/themes/assets/static/js/ |
64 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernearthy-async.chunk.min.js
www.thenewsherald.com/wp-content/themes/assets/static/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session
session.denverpost.com/api/ |
93 B 256 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cmp.osano.com/ Frame E2D7 |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g.gif
pixel.wp.com/ |
50 B 116 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
405 KB 98 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
548feb93-746c-4fbd-b2b5-bd9e1a0f3a58
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3e8c2039-0b68-4b17-bb47-dd26f907b750
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
0fcf5bca-5088-424b-ac85-c7e7c983e5f6
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec4fe4412f3aa3ad89a3158b76e20de5.jpg
www.thenewsherald.com/wp-content/uploads/2017/01/ |
14 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Marijuana-rolling-joint.jpg
www.thenewsherald.com/wp-content/uploads/2022/12/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Michel-Steven-Johnston.jpg
www.thenewsherald.com/wp-content/uploads/2022/12/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Southgate-police-patch.jpg
www.thenewsherald.com/wp-content/uploads/2022/02/ |
16 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Southgate-PD-badge.jpg
www.thenewsherald.com/wp-content/uploads/2021/12/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/ |
288 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ats.js
ats.rlcdn.com/ |
109 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b
sb.scorecardresearch.com/ |
0 191 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
056a4909-d5b0-4d10-94c6-8b8433ebc0d5
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f98e4358-6aa7-451d-a428-9bf7ac4dfb56
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
7cd32b6a-81c4-4368-8493-6b30fe99dd28
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
571
z618.thenewsherald.com/DG/DEFAULT/rest/rpc/ |
81 KB 13 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
216 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
geo.privacymanager.io/ |
30 B 605 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
ec41ae94-2125-419d-9e21-c5e77c0b22ed
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 884 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9b82f438-b16c-4ad5-b84f-d5c4dbb3a6f0
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212121148/ |
210 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader-config.json
loader-cdn.azureedge.net/prod/dfm/ |
974 B 824 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fp.min.js
fp-cdn.azureedge.net/prod/dfm/ |
59 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
g2i.min.js
g2insights-cdn.azureedge.net/prod/dfm/ |
1 MB 217 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t8y9347t.min.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
559 KB 118 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t8y9347t.min.css
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
295 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
775c740f5d4e1b0cb33889dfcd568bc2
z618.thenewsherald.com/plugin/plugin/ |
219 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
PMPMIWEEKLIES
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
cdn.czx5eyk0exbhwp43ya.biz/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PMPMIWEEKLIES
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ |
329 KB 88 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ |
631 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
daily.asp
marketplace.medianewsgroup.com/promos/ Frame FD01 |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
36881e04-1419-4258-be5c-b5bfadec6b27
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3481c93c3e240ef26896065569dec34a
z618.thenewsherald.com/plugin/library/ |
321 KB 99 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
LB-Zone-1
z618.thenewsherald.com/DG/DEFAULT/rest/rpc/571/ |
3 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm.js
www.googletagmanager.com/ |
211 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BlackFriday120x90.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01 |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Goodfellows120x90-22-LP.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01 |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Subscription120x90.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01 |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ShoppingGuide120x90.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01 |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Goodfellows120x90-22-Taylor.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01 |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Goodfellows120x90-22.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01 |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prepzone_nh290x40.jpg
marketplace.medianewsgroup.com/promos/library/ Frame FD01 |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
5a7318c0-d147-4a10-ae3b-b3621c61f595
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
571
z618.thenewsherald.com/DG/DEFAULT/rest/rpc/ |
571 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
571
z618.thenewsherald.com/DG/DEFAULT/rest/rpc/ |
191 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs
medianewsgroup.blueconic.net/DG/DEFAULT/ |
66 B 855 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
223 B 408 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ |
583 B 814 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~Auth0UniversalLoginAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
143 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Auth0UniversalLoginAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Auth0AuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CustomAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JanrainAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MG2AuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NewzwareAuthSystem.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LikeButtons4.js
cdn.czx5eyk0exbhwp43ya.biz/prod/dfm/ |
114 B 241 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
views
prod-dfm-proxy-connext.azurewebsites.net/api/ |
65 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
bee96e65-591f-4ec1-aa4c-edb3a088e873
https://www.thenewsherald.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ |
631 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
cdn.czx5eyk0exbhwp43ya.biz/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
122 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange object| scriptHelpers function| loadCSS object| _wpemojiSettings boolean| apstagLOADED object| apstag object| regeneratorRuntime object| ZeusAdapter string| zeusAdUnitPath object| zeusKeyvalues number| MNG_SSO_TOOLS_GLOBAL_START_TIME function| $ function| jQuery object| MG2 function| PluginInitOverride object| MG2Loader string| loaderVersion string| loaderBuild object| appInsights object| deferredResources function| createAuth0Client function| Auth0Client object| authentication_config object| entitlements_config object| MNGAuthentication boolean| disableAuth0AuthFlow object| PushlySDK object| dfm_pushly_options object| blueConicPreListeners function| BCClass object| blueConicClient function| Osano function| __uspapi function| __tcfapi object| twemoji object| wp function| mg2WidgetAPI function| analyticsEvent function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| dataLayer function| closeMobileAdhesionAd function| keyboardHandler object| runtime object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| setImmediate function| clearImmediate object| wpParselyHooks object| PARSELY boolean| dfmCanRunAds object| webpackChunkknowlton function| Headroom function| Hammer object| siteName object| _stq object| litHtmlVersions function| st_go function| linktracker_init object| wpcom object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| comscoreID object| _qevents function| fbq function| _fbq object| atsScript object| bc_json572 object| ats object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| confiant object| googletag object| pbjs object| LoaderConfig string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| nxtBundle object| webpackJsonpnxtBundle object| NxtInner object| Connext object| CnnXt object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| MG2DL function| InteractionTypeImpl function| _____WB$wombat$assign$function_____ function| __WB_pmw object| gPartners object| _bcp object| Mustache function| BlueConicMetaDataService function| RuleService object| justDetectAdblock function| jwt_decode function| BlueConicEngagement object| bc object| bcConnectionUtil function| BlueConicDataLayerUtil object| JSONPath function| md5 object| bc_json57319 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
z618.thenewsherald.com/DG/DEFAULT | Name: BCSessionID Value: d5c13101-d90f-4d6c-a16d-9906abb1d29d |
|
medianewsgroup.blueconic.net/DG/DEFAULT | Name: BCSessionID Value: d5c13101-d90f-4d6c-a16d-9906abb1d29d |
|
.thenewsherald.com/ | Name: bc_tstgrp Value: 1 |
|
.thenewsherald.com/ | Name: _pnvl Value: false |
|
.thenewsherald.com/ | Name: pushly.user_puuid Value: FxskkRiuL4H7BxCj3UFJV9QVUKi7qoiE |
|
.thenewsherald.com/ | Name: _pndnt Value: |
|
.thenewsherald.com/ | Name: _dor Value: www.thenewsherald.com |
|
.thenewsherald.com/ | Name: _pnlspid Value: 13343 |
|
.thenewsherald.com/ | Name: _pnss Value: dismissed |
|
.thenewsherald.com/ | Name: _pnpdm Value: true |
|
.thenewsherald.com/ | Name: _ga_JNP6TRHKRV Value: GS1.1.1671164136.1.0.1671164136.0.0.0 |
|
www.thenewsherald.com/ | Name: _lr_geo_location Value: DE |
|
.thenewsherald.com/ | Name: anonDeviceId Value: d14aec5525cc27964fc482462f0a9b14 |
|
medianewsgroup.blueconic.net/ | Name: AWSALBCORS Value: WY9jblc4btwQ6cGta9wnnVaMTWEAmIbpoFTFxvrcXGpt05HNJX6u6nfuHjC820ebBfMrDpD6afRpuJdlnljYrtpdRMEfX72diasjd9YgR7pGUTwO9HkSQHny2xu+ |
|
z618.thenewsherald.com/ | Name: AWSALB Value: M4wNyWtyhGQS0yBvKrE2UeYwG1VQ7lLVrCzcuXzAuiRIuguj+idmxg53ySF4k7AXeNpQcMcdKOhHj0KhN2qEw50BfklMJqBa05sIuQvTOZiK5LebXKygnENKy7R7 |
|
z618.thenewsherald.com/ | Name: AWSALBCORS Value: M4wNyWtyhGQS0yBvKrE2UeYwG1VQ7lLVrCzcuXzAuiRIuguj+idmxg53ySF4k7AXeNpQcMcdKOhHj0KhN2qEw50BfklMJqBa05sIuQvTOZiK5LebXKygnENKy7R7 |
|
www.thenewsherald.com/ | Name: ABTestCookie Value: B |
|
.www.thenewsherald.com/ | Name: sub_nxt_upd_ac_DFM_PMPMIWEEKLIES_PROD Value: 1 |
|
.www.thenewsherald.com/ | Name: sub_nxt_DFM_PMPMIWEEKLIES_PROD Value: {%221%22:{%22104081%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:%222022-12-16T04:15:38.340Z%22}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:104081}} |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api-mg2.db-ip.com
ats.rlcdn.com
az416426.vo.msecnd.net
c.amazon-adsystem.com
cdn.auth0.com
cdn.confiant-integrations.net
cdn.czx5eyk0exbhwp43ya.biz
cdn.jsdelivr.net
cdn.p-n.io
cdn.parsely.com
cmp.osano.com
dc.services.visualstudio.com
fonts.googleapis.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
geo.privacymanager.io
k.p-n.io
loader-cdn.azureedge.net
marketplace.digitalfirstmedia.com
marketplace.medianewsgroup.com
medianewsgroup.blueconic.net
mng-thenewsherald.zeustechnology.com
paywall-ad-bucket.s3.amazonaws.com
pixel.wp.com
polyfill.io
prod-dfm-proxy-connext.azurewebsites.net
prodmg2.blob.core.windows.net
s.ntv.io
sb.scorecardresearch.com
session.denverpost.com
stats.wp.com
www.google-analytics.com
www.googletagmanager.com
www.thenewsherald.com
ypsilanticourier.com
z618.thenewsherald.com
104.26.5.15
108.138.17.41
13.224.189.41
13.32.105.49
13.32.121.37
13.32.2.61
13.69.106.208
13.85.16.224
18.66.108.49
18.66.15.43
192.0.66.168
192.0.76.3
2.18.234.163
20.60.62.4
2600:9000:223c:a800:3:b7e:8940:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6812:106b
2a00:1450:4001:801::200e
2a00:1450:4001:830::2008
2a00:1450:400d:807::200a
2a00:1450:400d:80e::200a
2a04:4e42:200::485
2a04:4e42:e00::282
3.229.174.180
34.209.101.105
35.239.25.228
52.217.77.132
52.28.169.33
96.45.82.64
99.86.240.124
99.86.240.84
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1
0609d127885700576d3e495193f8be3c7ec31a98fa1bc5d6f65a2134e5ea4313
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
08760798aa15696fc2fc24e3854e8e274b1eaf1f8a694f3b96b6cbc870eba065
08dd3641390cdd9ca6d312a534a6eea7011134516cb58741c08d4e10abee2eeb
099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62
0b1c3e96a2c3257b9a6926221b2104bbb40393742c76ab7704201a035933d4fa
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
128041511b92b8a734cab92b44b41d32c293e29111b65d4a3885951f062bdae4
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
1a530a45de7cff1208cd59b6074773035f9ebfec4e03e7501f12dcf0b7357af9
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
23bc05e5003e6a633d4d79ed20821daaae6c06ceabd6ec63c44235a1a258dc15
2495332eea9cbc5525f49204dcdc08c8e089169908861cd0edef778e6c822022
2ecd220f85bd6f9e412a22cb9a8c315dc1e502de4914571245773def0fad1a2f
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
34144fd1687c7cdce3d24386d5a71d93a0fd036f65264729cb36135613190162
34945e9fe22c02e9b1ba570f2d0bfd0ae2bbaf2a3bedb7a1bfbc2e4574ba7636
36210e1eb11abe17ed5860e914bf799ba0a1b5817695168e426aaa34a2ba089c
37e442de5e0689eb9c27a65a12c3a79295852f8dd9896aabca8f8f6c0708dd39
3d3cc925c3849b437f0e6f56de2828827793f511b73f71df8acba11e13b7292d
4255e4ace6e08b544432f062fee688b53ab38b9f13a3808acafbf78076c68895
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
488781e479ac0f453f3393ab549befd06f15055fe25b91488e2cc7444ab82884
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b268b65809532b090676106ebea9089bbdf3d7395f952cdd53b98505f34baac
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5a36cfb2ac68d3fe9f0c85e63ac833ff97220f3ce561afa3fbcba3e7aac3502c
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b9465be2c23d220675688b5221020b76bd90832a90b2b52e102538bd319c84d
5c3e70806ebe1b75d28f62caa8fbd4ee93141ac9447780965ec8487ce2c11c6a
5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10
5fa290ebcf3d666df28a8703d3c7a32edd36cc9fd333f243992a70e78f41abb8
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
65e8f8eda5862aa99f8118206aaec31225558fbfbfe0f0f817d3b71335c25095
670ec56bdc4422a5d5af9bffc71aa280bc914fad787abba3f30f2e193ca230ed
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6c1ff552cb56a441d7c77c6a8fe5b5af11e5974d1096dcf597e0668734963818
6d87bc76e474049a82395b73cd40d3eac8d3ebc79ce757c2691756b249d77de3
6eadcc67d37b2ff780352cc10e7a9626fb5c8525bdccbb89474d30a8b7f9714b
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
75e81442032a73e79568a557c0e4a538d383c31e0b9623ab6cfc3fc681759487
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7874dfff4d554bccd31d1ea3b60d323b9f0357da32403a98f10545c23c417e10
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8c6068881ef4ac0f7c15faea225d3c16ff1d1deca7419ec248f6d572be95b070
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9314bdf069833133cb5e8b7b704636871b73ce0b6a81173b01d48b65c83135f1
94635ae394fd2490d60bac4c00393de203fa5786155e0b055ec26db8e8b89a23
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
9a35a756a21d6678eb904be1c167a88c6bc2b2011a2824c6ed0a89e19ac7a379
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a5e157ad4cf5fee02152660a367a5fdfcbcee5162c75d9493f9f1958d3489dea
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a832c721859e66024092445300431d52b19ce96eb53588ad13954e78be2a8580
ae7d9a08088bc8432ed583f61cfcb44fffb79f1d0264d6b2301f1aa1d674fb10
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b52844983950dd1d1e44dedf001371ebb7c9eaf597fc78f97f5d5130d0f32a37
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
bb268e75d6e38043ca66b3a88032b14b793529b473a4cf66934e4f63c049f673
bb50e8ce8a0d31568a455ef2e6bebbaeca592773f7b09f77db54a677c36d903e
bdacbc505cd02e06417333b1b17615745e69af6656c65ddd91b105a1b38641f3
c10e758f98444663560db89f53cd5d43478341c276c5c04d553557c71554ae3e
c3d38da8d4ed9f190fd614659d3286311908402049ac179d00f39985023c3fec
c540cdeba4eb897beea1c93c6452269a4de7b86a2e670b5b0ad37f9bbfc78c53
cbccc935557398179deeef044a5ab2353e97ca4961f313793c8ba03964c43e93
d5160a5031b52a3a7bc884baef7e68015f3ed254ab5df11e55278a2ee4ab4ce0
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8d07e67dafce9ce1ae6cb877286ab88be47bf2385bd91518c0f449093aced9e
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7b9f316cf3335e3266a5524dbbae7b02a5eb93763f3a05b48745e585db830
e41cf7b86544c2d38c9d36b699a7daabc04f35f161ab81b7164c421855aa5510
e6656cc2857f2f0040dbab0813520e2df404524aae7aac3bde96941da0af909f
eabc0f4a5b76ceb76d11713e56e77dc230f3672c9df4c43a79089fa69b056033
ec238b506e5e6491a0015153e52ed5e71b67d94d5696b1d2c8888e5cb583d6a6
ecadb8880761df101d0b5f5d780e2bd78ec55c175b264d20ada6b1e4f8c892b4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9a4fd6af3eba732125dddff863c391ef066074b4f9f567dfd42368eafc14991
ff0b3b0d7adc47e7b9bafbf0dd71f8b0029511df30b9f797b9866a5545db5828