www.wfmz.com
Open in
urlscan Pro
192.104.183.109
Public Scan
Effective URL: https://www.wfmz.com/news/area/lehighvalley/ross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-ord...
Submission: On May 29 via manual from IN
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 2nd 2020. Valid for: 3 months.
This is the only time www.wfmz.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com
www.wfmz.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-44.zrh50.r.cloudfront.net
tags.crwdcntrl.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-99-140.compute-1.amazonaws.com
get.civicscience.com | |
www.civicscience.com |
ASN16509 (AMAZON-02, US)
d2zqfs55y95cft.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress10
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-202.zrh50.r.cloudfront.net
js.adsrvr.org |
ASN16625 (AKAMAI-AS, US)
PTR: a23-5-97-37.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress11
script.hotjar.com | |
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-174-18.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-0-132.compute-1.amazonaws.com
www.civicscience.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-128-92.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-96-142.eu-west-1.compute.amazonaws.com
insight.adsrvr.org |
Domain | Requested by | |
---|---|---|
19 | bloximages.newyork1.vip.townnews.com |
www.wfmz.com
bloximages.newyork1.vip.townnews.com |
7 | www.wfmz.com |
1 redirects
www.wfmz.com
|
5 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
www.google-analytics.com www.wfmz.com |
3 | sb.scorecardresearch.com |
1 redirects
www.wfmz.com
|
3 | fonts.gstatic.com |
bloximages.newyork1.vip.townnews.com
www.wfmz.com |
2 | bcp.crwdcntrl.net |
1 redirects
tags.crwdcntrl.net
|
2 | www.civicscience.com |
d2zqfs55y95cft.cloudfront.net
|
2 | www.facebook.com |
www.wfmz.com
connect.facebook.net |
2 | stats.g.doubleclick.net |
www.wfmz.com
|
2 | connect.facebook.net |
www.wfmz.com
connect.facebook.net |
2 | www.googletagmanager.com |
www.wfmz.com
|
2 | www.gstatic.com |
www.wfmz.com
|
1 | insight.adsrvr.org |
js.adsrvr.org
|
1 | in.hotjar.com |
script.hotjar.com
|
1 | pixel.quantserve.com |
www.wfmz.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | ampcid.google.de |
www.google-analytics.com
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | js.adsrvr.org |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | secure.quantserve.com |
www.googletagmanager.com
|
1 | d2zqfs55y95cft.cloudfront.net |
www.wfmz.com
|
1 | get.civicscience.com | 1 redirects |
1 | tags.crwdcntrl.net |
www.wfmz.com
|
1 | fonts.googleapis.com |
www.wfmz.com
|
61 | 27 |
This site contains links to these domains. Also see Links.
Domain |
---|
metv2.com |
publicfiles.fcc.gov |
wfmzonline.tributes.com |
wfmz.com |
www.facebook.com |
twitter.com |
www.youtube.com |
www.instagram.com |
my.textcaster.com |
bloxcms.com |
townnews.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
wfmz.com Let's Encrypt Authority X3 |
2020-04-02 - 2020-07-01 |
3 months | crt.sh |
bloximages.chicago2.vip.townnews.com GeoTrust RSA CA 2018 |
2020-02-25 - 2021-04-25 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2019-06-13 - 2021-06-28 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2019-10-04 - 2020-10-07 |
a year | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2019-03-07 - 2021-04-19 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA |
2019-12-16 - 2020-12-25 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-04-04 - 2020-07-03 |
3 months | crt.sh |
*.hotjar.com Amazon |
2019-09-27 - 2020-10-27 |
a year | crt.sh |
*.civicscience.com Sectigo RSA Domain Validation Secure Server CA |
2020-05-06 - 2021-05-10 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.wfmz.com/news/area/lehighvalley/ross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-order/article_7e3e629c-a076-11ea-8771-83fb4a9cc200.html__;!!cgllcyu3qjx4ga!oxqptjyp7qvi2onco6f7gmp470grhyjhpvcjj7zq7cvx8qwaod0tn6gon4pklb8$
Frame ID: 947B8EF0EE734A789DB62B8B20E27DA9
Requests: 60 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 0E95C9436F47AB8BD5802085C37DC029
Requests: 1 HTTP requests in this frame
Frame:
https://bcp.crwdcntrl.net/5/ct=y/c=14454/rand=259417204/pv=y/int=%23OpR%2364068%23Townnews%20%3A%20Site%20Section%20%3A%20news/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20wfmz.com/rb=%7B%22meta_tag%22%3A%22wfmz.com%22%7D/rt=ifr
Frame ID: 13E4F3B0B83075233EA0350DFAB60C15
Requests: 1 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=rzhun45&ref=https%3A%2F%2Fwww.wfmz.com%2Fnews%2Farea%2Flehighvalley%2Fross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-order%2Farticle_7e3e629c-a076-11ea-8771-83fb4a9cc200.html__%3B!!cgllcyu3qjx4ga!oxqptjyp7qvi2onco6f7gmp470grhyjhpvcjj7zq7cvx8qwaod0tn6gon4pklb8%24&upid=aqbm23f&upv=1.1.0
Frame ID: B35EC4045DB45CC1992132CD0D68E5FB
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.wfmz.com/news/area/lehighvalley/ross-in-whitehall-opens-its-doors-despite-governors-b...
HTTP 301
https://www.wfmz.com/news/area/lehighvalley/ross-in-whitehall-opens-its-doors-despite-governors-b... Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: WDPN-TV 2.4 - H&I Schedule
Search URL Search Domain Scan URL
Title: FCC Public Inspection File
Search URL Search Domain Scan URL
Title: Obits
Search URL Search Domain Scan URL
Title: âš CORONAVIRUS Info Center - the latest news, information, and resources âš
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Text Alerts
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: BLOX Content Management System
Search URL Search Domain Scan URL
Title: TownNews.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.wfmz.com/news/area/lehighvalley/ross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-order/article_7e3e629c-a076-11ea-8771-83fb4a9cc200.html__;!!CgLlcYu3QJx4GA!oXqptJyP7QvI2oNcO6f7Gmp470GRhyJHpVcJJ7Zq7cvX8QwAOD0tn6GON4Pklb8$
HTTP 301
https://www.wfmz.com/news/area/lehighvalley/ross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-order/article_7e3e629c-a076-11ea-8771-83fb4a9cc200.html__;!!cgllcyu3qjx4ga!oxqptjyp7qvi2onco6f7gmp470grhyjhpvcjj7zq7cvx8qwaod0tn6gon4pklb8$ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://get.civicscience.com/jspoll/5/csw-polyfills.js HTTP 302
- https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
- https://sb.scorecardresearch.com/b?c1=2&c2=9953676&ns__t=1590756674190&ns_c=UTF-8&cv=3.5&c8=Lehigh%20Valley%20Regional%20News%20-%20WFMZ-TV%2069News%20%7C%20wfmz.com&c7=https%3A%2F%2Fwww.wfmz.com%2Fnews%2Farea%2Flehighvalley%2Fross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-order%2Farticle_7e3e629c-a076-11ea-8771-83fb4a9cc200.html__%3B!!cgllcyu3qjx4ga!oxqptjyp7qvi2onco6f7gmp470grhyjhpvcjj7zq7cvx8qwaod0tn6gon4pklb8%24&c9= HTTP 302
- https://sb.scorecardresearch.com/b2?c1=2&c2=9953676&ns__t=1590756674190&ns_c=UTF-8&cv=3.5&c8=Lehigh%20Valley%20Regional%20News%20-%20WFMZ-TV%2069News%20%7C%20wfmz.com&c7=https%3A%2F%2Fwww.wfmz.com%2Fnews%2Farea%2Flehighvalley%2Fross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-order%2Farticle_7e3e629c-a076-11ea-8771-83fb4a9cc200.html__%3B!!cgllcyu3qjx4ga!oxqptjyp7qvi2onco6f7gmp470grhyjhpvcjj7zq7cvx8qwaod0tn6gon4pklb8%24&c9=&cs_ak_ss=1
- https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=247748585&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wfmz.com%2Fnews%2Farea%2Flehighvalley%2Fross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-order%2Farticle_7e3e629c-a076-11ea-8771-83fb4a9cc200.html__%3B!!cgllcyu3qjx4ga!oxqptjyp7qvi2onco6f7gmp470grhyjhpvcjj7zq7cvx8qwaod0tn6gon4pklb8%24&ul=en-us&de=UTF-8&dt=Lehigh%20Valley%20Regional%20News%20-%20WFMZ-TV%2069News%20%7C%20wfmz.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUALAAQC~&jid=562377130&gjid=1901351298&cid=1897458083.1590756674&tid=UA-356047-8&_gid=191431755.1590756674&_r=1>m=2wg5k1WT37P3Z&z=2132864844 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-356047-8&cid=1897458083.1590756674&jid=562377130&_gid=191431755.1590756674&gjid=1901351298&_v=j82&z=2132864844
- https://bcp.crwdcntrl.net/5/c=14454/rand=259417204/pv=y/int=%23OpR%2364068%23Townnews%20%3A%20Site%20Section%20%3A%20news/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20wfmz.com/rb=%7B%22meta_tag%22%3A%22wfmz.com%22%7D/rt=ifr HTTP 302
- https://bcp.crwdcntrl.net/5/ct=y/c=14454/rand=259417204/pv=y/int=%23OpR%2364068%23Townnews%20%3A%20Site%20Section%20%3A%20news/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20wfmz.com/rb=%7B%22meta_tag%22%3A%22wfmz.com%22%7D/rt=ifr
61 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
article_7e3e629c-a076-11ea-8771-83fb4a9cc200.html__;!!cgllcyu3qjx4ga!oxqptjyp7qvi2onco6f7gmp470grhyjhpvcjj7zq7cvx8qwaod0tn6gon4pklb8$
www.wfmz.com/news/area/lehighvalley/ross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-order/ Redirect Chain
|
194 KB 41 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.c34c594a0128ca26764dd8ecad278707.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ |
95 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.js
www.wfmz.com/shared-content/art/tncms/user/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ |
39 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.5ee3960b4d37bc106988fa535b393865.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
35 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.ac87000c8e1356e20584473075fd0f2e.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.caf244e2614d000b4f73058e1c610d12.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ |
107 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.242df435c56456bcb15dfd4bd0d04199.css
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ |
128 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme-basic.f5e0209e8fa74e9037c8703df61fdb9c.css
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ |
41 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc.js
tags.crwdcntrl.net/c/14454/ |
38 KB 11 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user-controls.578df3df79d812af55ab13bae47f9857.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ |
517 B 439 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ |
31 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messaging.js
www.wfmz.com/shared-content/art/tncms/api/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.ads.advertisements.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ |
205 B 295 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.js
www.wfmz.com/shared-content/art/tncms/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.a8c7e0dc594b3a0b53141cdea833eee5.js
bloximages.newyork1.vip.townnews.com/wfmz.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
252 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0096c8d4-a8b0-11e9-bf1f-bb93c2e9a485.png
bloximages.newyork1.vip.townnews.com/wfmz.com/content/tncms/custom/image/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
114cbb62-a8d7-11e9-a5e5-3f6df651cb87.png
bloximages.newyork1.vip.townnews.com/wfmz.com/content/tncms/custom/image/ |
170 KB 170 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schools-alert.js
www.wfmz.com/app/ns/closings/ |
224 B 398 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5e1710e1d4bf9.image.jpg
bloximages.newyork1.vip.townnews.com/wfmz.com/content/tncms/assets/v3/media/a/90/a90a6774-32d4-11ea-85e6-5b4c9121dd4b/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
csw-polyfills.js
d2zqfs55y95cft.cloudfront.net/jspoll/5/ Redirect Chain
|
190 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c4996b1e-a8b6-11e9-9cc4-e7b1bccbf299.png
bloximages.newyork1.vip.townnews.com/wfmz.com/content/tncms/custom/image/ |
58 KB 59 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
127 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
131 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29330d6a-a8b6-11e9-9897-a3e44556ce9c.jpg
bloximages.newyork1.vip.townnews.com/wfmz.com/content/tncms/custom/image/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v11/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v14/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
73 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quant.js
secure.quantserve.com/ |
21 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-819115.js
static.hotjar.com/c/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
131 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_header_20194635.jpg
www.wfmz.com/content/tncms/live/global/resources/images/ |
228 KB 228 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beacon.js
sb.scorecardresearch.com/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 585 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
185656319413717
connect.facebook.net/signals/config/ |
517 KB 130 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.aacb7ef51999cabcc7d1.js
script.hotjar.com/ |
369 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-64MikLMpt_OjY.js
rules.quantcount.com/ |
3 B 357 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 514 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
0 528 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 98 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 95 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ |
35 B 99 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 0E95 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel;r=1580271457;source=gtm;rf=0;a=p-64MikLMpt_OjY;url=https%3A%2F%2Fwww.wfmz.com%2Fnews%2Farea%2Flehighvalley%2Fross-in-whitehall-opens-its-doors-despite-governors-business-shutdown-order%2Farti...
pixel.quantserve.com/ |
35 B 544 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/819115/ |
178 B 321 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jot
www.civicscience.com/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
target
www.civicscience.com/widget/api/2/ |
0 103 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=14454/rand=259417204/pv=y/int=%23OpR%2364068%23Townnews%20%3A%20Site%20Section%20%3A%20news/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%... Frame 13E4 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
up
insight.adsrvr.org/track/ Frame B35E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
www.facebook.com/tr/ |
0 55 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| _cc14454 object| LOTCC function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| SelectorQueries object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| postscribe object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents function| hj object| _hjSettings function| fbq function| _fbq function| messagingCallback object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| _comscore object| gaplugins object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| quantserve function| __qc object| ezt object| _qoptions function| udm_ object| ns_p object| COMSCORE object| gaGlobal object| gaData function| ttd_dom_ready function| TTDUniversalPixelApi function| setImmediate function| clearImmediate object| civicscience function| jsonp_1590756674339_7612310 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.wfmz.com/ | Name: _hjIncludedInSample Value: 1 |
|
.wfmz.com/ | Name: _dc_gtm_UA-54716522-7 Value: 1 |
|
.wfmz.com/ | Name: _gat_%3CUI-XXXXXXXX%3E Value: 1 |
|
.wfmz.com/ | Name: __qca Value: P0-375977890-1590756674253 |
|
.wfmz.com/ | Name: _gid Value: GA1.2.191431755.1590756674 |
|
.wfmz.com/ | Name: _fbp Value: fb.1.1590756674288.608423578 |
|
.wfmz.com/ | Name: _gat_UA-356047-8 Value: 1 |
|
.wfmz.com/ | Name: _ga Value: GA1.2.1897458083.1590756674 |
|
.wfmz.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
.wfmz.com/ | Name: _hjid Value: 05c9acea-55d4-4e84-83ff-99227377191d |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ampcid.google.com
ampcid.google.de
bcp.crwdcntrl.net
bloximages.newyork1.vip.townnews.com
connect.facebook.net
d2zqfs55y95cft.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
get.civicscience.com
in.hotjar.com
insight.adsrvr.org
js.adsrvr.org
pixel.quantserve.com
rules.quantcount.com
sb.scorecardresearch.com
script.hotjar.com
secure.quantserve.com
static.hotjar.com
stats.g.doubleclick.net
tags.crwdcntrl.net
vars.hotjar.com
www.civicscience.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.wfmz.com
104.18.130.43
13.224.103.202
13.224.95.44
147.75.102.197
147.75.102.199
192.104.183.109
23.5.97.37
2600:9000:2190:8200:6:44e3:f8c0:93a1
2600:9000:2190:f600:f:c7b3:ce40:21
2a00:1450:4001:800::2008
2a00:1450:4001:801::200e
2a00:1450:4001:814::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:820::2003
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.17.96.142
52.45.0.132
54.84.99.140
91.228.74.136
91.228.74.152
99.80.128.92
99.80.174.18
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0615974c40d602afdbf9759533e352bc17b0458c85aad6694b1a1ad20659625b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e09fcba8b00753c33b6211996bf7927f135f6a4e7d1de4f8a6dad6bbb99a4c
125d46686c153a543d0336becdc095cb3f902211c406e51b72270d2165e22545
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
1ef65a8b0945be297b4de2890c3150d92cb59132d70b03746b25507da58e54ce
26ce09ee584cc63c71fcaa77be3b1272e094016cc53fb9167b867d8a57dd5284
2a0711df68416223c783f37c58c605a482c3ae99109b6fb34f666bdf0e67ed89
2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3843f1e3e4ca24f6cf311ffd0df794114c4dc580a514d0595687bfc22468aeb2
3dabffc9a4b7fa2d551f26f24742da5ec32f03c84ffcb4f5400eb8ee4e1b498a
408d6787cf15e83dcdd967a6f71434d21b241afa598c58c514d2ff826ac7cf5e
451fc1c91b2a145027d60464af798e1917fe6003f3228e968bf66b982273a235
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
557b367f8d993ee52a4125b5846b6245579b3fc0e5034b584b3198d8492e4fe1
5db20ceb7e70bb24537df623e99a9b22ad9a65a1c238772b1b2bfd5ec1b0e494
6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a
6bbf8cce391f4f68a058b5527021a5aa03e4760309b331ccd60ebd5066f2ad5d
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
74683c562415e40a36e759a8478016e1fbfc4a45c67fc99c4bfe5be79da9778b
78aeb854553a78a3556d7c15fee85d1d4232d6c2ec90d35d59dc2a9da49660ca
810be1dd18d86970f462e922b79789e08c7fd4e0ae40e3f26a14b71e7af50263
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e155cc354f7fba2b7851623a24bf1b95c5dd7be8af3880aac6a9570dc47d4fa
8f6e45b026d22227500bfb134ae3b7f5c47643950864a1b3951f60e800ca8ff2
90a697f151ddfaf8d79e0718338c7e54dc257fcfbeb8073101360eed8d50baee
93a386fdea3b733231ed733d68beda9e84eaa22710f6402b874075673d7f376d
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bf7f431b80c397bfb4a4121105bce00b946bc30eb677eb257d01ce34a99dafa5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d1c28f1c132f69d4fe1d29ab9baafedd2307df8fa4497f25fd385bce2454082c
d2ff186a19eba2abf38dc22f85932014fc5b51adf44458ff335d3d3eae0aa9fb
d950fadd334395acf450891c40a7538a2c0543b308f56ddcfd7a3bfe4a5f8143
dbe1042b7290f4f6d73d1e0ebe0b7f8dd9e9d3f8bdde4e749c151f36ac7c42c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e721a857616e84f98bd743e56dd8e1fb44104f621bab75b6502cf3ea78afa307
f2b60f99dd21bc5e22e53420b60f92785f5f2c9ceb46e98b156c244f5f2edb89
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f6c12a3dc63216e1bf2ceb88e3af9f5d85f21c0be6b6ab0acf9fd12673872720
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f