www.nwitimes.com
Open in
urlscan Pro
192.104.182.209
Public Scan
Effective URL: https://www.nwitimes.com/privacy/
Submission: On August 15 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on July 19th 2023. Valid for: 3 months.
This is the only time www.nwitimes.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
email.mail.nwitimes.com |
ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
nwitimes.com | |
www.nwitimes.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-30-130.cdg3.r.cloudfront.net
c.amazon-adsystem.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-98.cdg50.r.cloudfront.net
tagan.adlightning.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org |
ASN- ()
PTR: server-13-224-89-202.zrh50.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-174.muc50.r.cloudfront.net
cdn.segment.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-35-184.us-west-2.compute.amazonaws.com
api.segment.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 19525 |
317 KB |
9 |
nwitimes.com
2 redirects
email.mail.nwitimes.com nwitimes.com — Cisco Umbrella Rank: 225600 www.nwitimes.com — Cisco Umbrella Rank: 256959 |
79 KB |
7 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65 |
586 KB |
5 |
osano.com
cmp.osano.com — Cisco Umbrella Rank: 5562 |
108 KB |
4 |
segment.com
cdn.segment.com — Cisco Umbrella Rank: 1579 |
34 KB |
3 |
adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2462 |
83 KB |
3 |
amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 357 |
64 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54 |
22 KB |
2 |
adsrvr.org
1 redirects
insight.adsrvr.org — Cisco Umbrella Rank: 581 |
408 B |
2 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 |
155 KB |
2 |
gstatic.com
www.gstatic.com |
13 KB |
1 |
segment.io
api.segment.io — Cisco Umbrella Rank: 1174 |
175 B |
1 |
google.de
ampcid.google.de — Cisco Umbrella Rank: 67796 |
369 B |
1 |
google.com
ampcid.google.com — Cisco Umbrella Rank: 2411 |
440 B |
1 |
cloudfront.net
d1eoo1tco6rr5e.cloudfront.net |
668 B |
76 | 15 |
Domain | Requested by | |
---|---|---|
22 | bloximages.chicago2.vip.townnews.com |
www.nwitimes.com
|
7 | www.googletagmanager.com |
www.nwitimes.com
cmp.osano.com |
7 | www.nwitimes.com |
www.nwitimes.com
|
5 | cmp.osano.com |
www.nwitimes.com
cmp.osano.com |
4 | cdn.segment.com |
cmp.osano.com
cdn.segment.com |
3 | tagan.adlightning.com |
www.nwitimes.com
cmp.osano.com |
3 | c.amazon-adsystem.com |
www.nwitimes.com
c.amazon-adsystem.com |
2 | www.google-analytics.com |
cmp.osano.com
|
2 | insight.adsrvr.org |
1 redirects
d1eoo1tco6rr5e.cloudfront.net
|
2 | securepubads.g.doubleclick.net |
cmp.osano.com
|
2 | www.gstatic.com |
www.nwitimes.com
|
1 | api.segment.io |
cdn.segment.com
|
1 | ampcid.google.de |
www.google-analytics.com
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | d1eoo1tco6rr5e.cloudfront.net |
cmp.osano.com
|
1 | nwitimes.com | 1 redirects |
1 | email.mail.nwitimes.com | 1 redirects |
76 | 17 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nwitimes.com GTS CA 1P5 |
2023-07-19 - 2023-10-17 |
3 months | crt.sh |
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1 |
2023-03-13 - 2024-04-12 |
a year | crt.sh |
cmp.osano.com Amazon RSA 2048 M02 |
2023-02-21 - 2023-09-30 |
7 months | crt.sh |
c.amazon-adsystem.com Amazon RSA 2048 M01 |
2023-02-28 - 2024-02-17 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
*.adlightning.com Amazon RSA 2048 M01 |
2023-07-08 - 2024-08-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
*.segment.com Amazon RSA 2048 M01 |
2023-02-24 - 2024-01-12 |
a year | crt.sh |
*.google.de GTS CA 1C3 |
2023-07-31 - 2023-10-23 |
3 months | crt.sh |
*.segment.io Amazon RSA 2048 M01 |
2023-02-10 - 2024-02-10 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.nwitimes.com/privacy/
Frame ID: 325E7FEB68FF9152A705EBB8B15CCFCB
Requests: 72 HTTP requests in this frame
Frame:
https://cmp.osano.com/
Frame ID: 406122DA047F6EEDB54D54F213C1ACDC
Requests: 1 HTTP requests in this frame
Frame:
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: E21F2BBB226F19D364CB99A5423619B4
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Privacy | nwitimes.comPage URL History Show full URLs
-
https://email.mail.nwitimes.com/e/c/eyJlbWFpbF9pZCI6ImRnVHM4d2NBQUt2MUM2cjFDd0dKNEM0ZWZ2N3VvWi1NQW5oM3VFbz0i...
HTTP 302
https://nwitimes.com/privacy/ HTTP 301
https://www.nwitimes.com/privacy/ Page URL
Detected technologies
Firebase (Databases) ExpandDetected patterns
- /firebasejs/([\d.]+)/firebase
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Segment (Analytics) Expand
Detected patterns
- cdn\.segment\.com/analytics\.js
TrackJs (Analytics) Expand
Detected patterns
- tracker\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: Subscribe $1 for 6 months
Search URL Search Domain Scan URL
Title: Share a story
Search URL Search Domain Scan URL
Title: Share video
Search URL Search Domain Scan URL
Title: The Times Media Company
Search URL Search Domain Scan URL
Title: Cars
Search URL Search Domain Scan URL
Title: Public Notices
Search URL Search Domain Scan URL
Title: My Subscription
Search URL Search Domain Scan URL
Title: Obituaries
Search URL Search Domain Scan URL
Title: Network Advertising Initiative's
Search URL Search Domain Scan URL
Title: Click here
Search URL Search Domain Scan URL
Title: http://www.networkadvertising.org/choices/
Search URL Search Domain Scan URL
Title: Legal Notices
Search URL Search Domain Scan URL
Title: Work here
Search URL Search Domain Scan URL
Title: BLOX Content Management System
Search URL Search Domain Scan URL
Title: bloxdigital.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://email.mail.nwitimes.com/e/c/eyJlbWFpbF9pZCI6ImRnVHM4d2NBQUt2MUM2cjFDd0dKNEM0ZWZ2N3VvWi1NQW5oM3VFbz0iLCJocmVmIjoiaHR0cHM6Ly9ud2l0aW1lcy5jb20vcHJpdmFjeS8iLCJpbnRlcm5hbCI6ImVjZjMwNzA2OGE3N2FiZjUwYiIsImxpbmtfaWQiOjd9/4358643627b05949da3ad9f806e3f8ce1c86527966910bf86d3a51c9d13d8099
HTTP 302
https://nwitimes.com/privacy/ HTTP 301
https://www.nwitimes.com/privacy/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 51- https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
- https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
76 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.nwitimes.com/privacy/ Redirect Chain
|
137 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ |
98 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.js
www.nwitimes.com/shared-content/art/tncms/user/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
32 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.b36ccd6c63f37a5c53e27315d402bd25.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
2 KB 969 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ |
107 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.c16df073a4f45c16eb2b8a91ceb7b785.css
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ |
154 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lee.ds.css
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ |
96 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
access.js
www.nwitimes.com/shared-content/art/tncms/api/ |
87 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osano.js
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ |
337 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
246 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nwitimes.com.js
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ |
9 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ |
31 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messaging.js
www.nwitimes.com/shared-content/art/tncms/api/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ |
200 B 270 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.js
www.nwitimes.com/shared-content/art/tncms/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid7.9.0.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ |
197 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lee.common.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.b2419fcc3201a1f4e3293248c643da08.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
268 KB 97 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker.js
www.nwitimes.com/shared-content/art/stats/common/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
295e891a-7a4e-11ec-896b-afd10bcf2b4e.png
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/custom/image/ |
7 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/nwitimes.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ |
978 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-tagline.png
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
op.js
tagan.adlightning.com/leeenterprises/ |
48 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nwitimes.com.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ |
2 KB 457 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dfp.lazy.pbjs.js
bloximages.chicago2.vip.townnews.com/nwitimes.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ |
17 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
222 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f96f5ded-0fe0-439f-916d-691c943d3356
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
c.amazon-adsystem.com/cdn/prod/ |
621 B 970 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
84 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker.gif
www.nwitimes.com/shared-content/art/stats/common/ |
0 145 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
544 KB 131 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b-e09f10f-fd9abb4c.js
tagan.adlightning.com/leeenterprises/ |
84 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bl-0211e21-94d83d8f.js
tagan.adlightning.com/leeenterprises/ |
77 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cmp.osano.com/ Frame 4061 |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osano-ui.js
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ |
97 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ |
21 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
aae392e5-b550-4690-8070-81d49b4e95c5
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
7ba293cf-c301-4289-b918-ec97d9ffe021
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ |
400 KB 126 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9352128d-d5a2-4d93-adcc-bed35e4c5f8a
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
344e1023-5c5d-4cdf-a569-9a7cb64cce8b
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
20d6f345-8c28-4d4e-9eb8-c4335b3d3363
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame E21F Redirect Chain
|
138 B 668 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
4ff8ed26-28ae-4701-9cd0-9444ca4f0ba3
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
84f9b80a-58a4-4879-a720-7063f6d1c13e
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
b7157c69-36aa-4657-addc-5d97cf6ad304
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9e8e009a-c41e-47f0-a2dc-72e33c13f803
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
170 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
189 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
996b51ea-acaa-44d3-ab0e-1d0825f0a004
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
254 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
250 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
56b59aac-6e1a-4f1a-b46c-f599b68a0be3
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
60d2d233-ede7-4251-af4e-f493bf8f86b8
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 440 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
insight.adsrvr.org/track/pxl/ Frame E21F |
70 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
248 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
b0276911-3ca3-44e7-88f4-72d10fd02108
https://www.nwitimes.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ |
105 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 369 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajs-destination.bundle.0f003b5e4b03680982b4.js
cdn.segment.com/analytics-next/bundles/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 175 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
99 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| dataLayer boolean| tncms_access_control_sync boolean| LEE_DS_V3 object| TNCMS object| webpackChunk_osano_cmp_consent_manager function| Osano function| __gpp function| __tcfapi function| __uspapi function| $ function| jQuery function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset object| googletag object| PBJS_dfp_ads object| _aps boolean| apstagLOADED object| apstag undefined| amzHash undefined| amzToken object| APS_dfp_ads object| apscustom object| leeMembershipPackages object| pbjsChunk object| pbjs object| _pbjsGlobals function| throttleFunction function| lee_trkLinkSrc function| resizeIframe function| randomizeChildren function| getUserToken boolean| sUserUUID function| TNStats_Tracker object| TNTracker object| sUserPPID undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli undefined| lee_ulld_iso8601 object| lee_glus undefined| lee_glusIE object| sub_last_login_iso8601 object| X1Y16Z2 function| X1Y16Z3 object| xop object| 64gb28inif4 object| -emi0ne0xerk boolean| creativeVendorLibraryLoaded function| messagingCallback object| PBJS_config string| PBJS_site object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| oFeaturedPackage object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| nYR72i function| nYR72v object| xblacklist object| u9vdhL2 function| u9vdhL3 function| xblocker object| ggeac object| google_js_reporting_queue function| __LEE object| d object| pl function| fbq function| _fbq object| litHtmlVersions undefined| google_measure_js_timing object| analytics object| gaGlobal object| gaplugins object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| gaData string| sUserId3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.nwitimes.com/ | Name: _pbjs_userid_consent_data Value: 3524755945110770 |
|
.nwitimes.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
www.nwitimes.com/ | Name: ajs_anonymous_id Value: 4b95a570-aed2-4110-8486-ad40ce89c94a |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ampcid.google.com
ampcid.google.de
api.segment.io
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
cdn.segment.com
cmp.osano.com
d1eoo1tco6rr5e.cloudfront.net
email.mail.nwitimes.com
insight.adsrvr.org
nwitimes.com
securepubads.g.doubleclick.net
tagan.adlightning.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.nwitimes.com
104.16.133.24
108.138.32.174
13.224.89.202
13.225.30.130
192.104.182.209
2001:4860:4802:32::178
2600:9000:2450:8c00:3:b7e:8940:93a1
2600:9000:26db:5800:1e:44af:df00:93a1
2a00:1450:4001:81c::200e
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2002
3.33.220.150
35.160.35.184
99.86.91.98
04da122e70371bba47c7c58135bfed4f21d1545c72ba51d8cbc0d43276f834f9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
1e9c3fe0bb7e27e1fef2af1cae6a8924b40d3240418da5d484c65c00dae8f10a
21000648c3bc37564987c6aace750f0236ece40f63f831eee83ddaba5921bd4b
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
3278dd5328ee5b87157934a4523397d9f2005c2d08c55dd4c7ab903de5bbb22c
375de2c6c1fc22a6d09ed7a01c6377d08ce773110b843085d225406f0d150bee
389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad
38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
539c14722b0c89ad19a605baf2f2f2a7bb8746d906338ea6864f51a0d70abc5b
58f33d0e6f2d22cf8715ec2f0fa674388b31ea83f5221aa42114bbd4e787fa4c
5a472f004ee51f3021b4265ca69a6a3e468f6280f2ec7ab59261debc0f516b96
5db5a6d1d232be59bc1e73238657a91954c6b1f46820b4d70b9ed21b5c74310f
5eaf85ce233b2f87a6160b25ff92edde1ae4e1891930ea28f9420bce5679c6b2
624c19a4056c556176807b24f2d940561c57ea14b4a98f2bbdc11ea990eb0386
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
77b109dd53ec2921d47af5eedcf39cbea8bc92bf8b59a970aa104c5ed2d5b3c0
791ff6b6d64d42de091e23fd6d0f164b01ddd05e139ae487fa30ee1c02be6163
7ba0e03fc02c15c4910af1d379b27c467d42ca396b62e17801ebc53fb8a661da
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
889f22c89985d5d524e22a4a3ba00effd6d587d1598c027e2c942f29df388a34
8d68c0cea06fd0e5dfde065e1cf87fd54dc11fd19d1fd3594294f3c5ed2b886f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
906cf7cfa93b1ab7d9c6f1775e47b97d2c6e0b223a8c7409d7884eb8700d90eb
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
96bed4c8966020005f3394a56c5c3640550a16fb324eb04c328f1b9ee8a8bc48
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aa59d2979c85d4fec938c960a0c4e7138cd122db113331b2974113869007dc46
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
c2008966819bb51e24bb6cbf82ef28efeb4d678e20c3b61fc02bb5d45b45e74e
c4799762f5f2e601d09470464fa011472c0b780025eeac55c905bc9ea27832f8
c6e6da77dacb153a6384cca89b97bef3a39bd73cb3f3b997d0002ff0c1c4dc86
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
dc78c1bfcf2c4c93ac4d58ed11fb6372e69971690bf5941873cf3a864d652e6e
dd58fc2698d4ca323ea61e00334781bb4e6cbdbc161b5698d91a5fb2372935f5
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e084ba930940a0805b9cd0aac40687910486fe575c3ef308e1cfd0a857bb3679
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e864753e4b2ed60803044c4266f04eeaaca8118244aec4827bda2c78800d31ab
edf18455b5516a3cbe8afa97be3a1d32567a07d7f11939123a8a6ed7f7b22da1
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c