www.wick.www.us-corp-qa-3.tnqa.net
Open in
urlscan Pro
50.114.109.209
Public Scan
Submitted URL: https://wick.www.us-corp-qa-3.tnqa.net/
Effective URL: https://www.wick.www.us-corp-qa-3.tnqa.net/
Submission Tags: phishingrod
Submission: On October 27 via api from DE — Scanned from US
Effective URL: https://www.wick.www.us-corp-qa-3.tnqa.net/
Submission Tags: phishingrod
Submission: On October 27 via api from DE — Scanned from US
Summary
This website contacted 15 IPs
in 2 countries
across 9 domains to perform 58 HTTP transactions.
The main IP is 50.114.109.209, located in
United States and
belongs to AS62943-BLUEBIRD-NETWORK, US.
The main domain is www.wick.www.us-corp-qa-3.tnqa.net.
TLS certificate: Issued by WR1 on October 26th 2024. Valid for: 3 months.
This is the only time www.wick.www.us-corp-qa-3.tnqa.net was scanned on urlscan.io!
TLS certificate: Issued by WR1 on October 26th 2024. Valid for: 3 months.
This is the only time www.wick.www.us-corp-qa-3.tnqa.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 10 | 50.114.109.209 50.114.109.209 | 62943 (AS62943-B...) (AS62943-BLUEBIRD-NETWORK) | |
| 25 | 50.114.109.102 50.114.109.102 | 62943 (AS62943-B...) (AS62943-BLUEBIRD-NETWORK) | |
| 5 | 173.194.204.156 173.194.204.156 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 2607:f8b0:400... 2607:f8b0:400d:c02::61 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 1 | 173.194.204.155 173.194.204.155 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2607:f8b0:400... 2607:f8b0:400d:c0b::84 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 173.194.205.97 173.194.205.97 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 99.86.191.237 99.86.191.237 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2001:4860:480... 2001:4860:4802:36::181 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2607:f8b0:400... 2607:f8b0:400d:c01::9c | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2607:f8b0:400... 2607:f8b0:400d:c0e::9b | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 209.85.232.157 209.85.232.157 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 52.12.47.65 52.12.47.65 | 16509 (AMAZON-02) (AMAZON-02) | |
| 58 | 15 |
10
50.114.109.209
(United States)
ASN62943 (AS62943-BLUEBIRD-NETWORK, US)
PTR: cms.us-corp-qa-3.vip.tnqa.net
ASN62943 (AS62943-BLUEBIRD-NETWORK, US)
PTR: cms.us-corp-qa-3.vip.tnqa.net
| wick.www.us-corp-qa-3.tnqa.net | |
| www.wick.www.us-corp-qa-3.tnqa.net |
25
50.114.109.102
(United States)
ASN62943 (AS62943-BLUEBIRD-NETWORK, US)
PTR: cdn-origin.us-corp-qa-3.vip.tnqa.net
ASN62943 (AS62943-BLUEBIRD-NETWORK, US)
PTR: cdn-origin.us-corp-qa-3.vip.tnqa.net
| cdn.us-corp-qa-3.vip.tnqa.net |
5
173.194.204.156
(United States)
ASN15169 (GOOGLE, US)
PTR: qb-in-f156.1e100.net
ASN15169 (GOOGLE, US)
PTR: qb-in-f156.1e100.net
| securepubads.g.doubleclick.net |
1
173.194.204.155
(United States)
ASN15169 (GOOGLE, US)
PTR: qb-in-f155.1e100.net
ASN15169 (GOOGLE, US)
PTR: qb-in-f155.1e100.net
| securepubads.g.doubleclick.net |
1
2607:f8b0:400d:c0b::84
(Morganton, United States)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| 72b3eb4ca9881abfe466bd0edd639789.safeframe.googlesyndication.com |
1
173.194.205.97
(United States)
ASN15169 (GOOGLE, US)
PTR: qm-in-f97.1e100.net
ASN15169 (GOOGLE, US)
PTR: qm-in-f97.1e100.net
| www.googletagmanager.com |
4
99.86.191.237
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-86-191-237.iad79.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-86-191-237.iad79.r.cloudfront.net
| cdn.segment.com |
1
209.85.232.157
(United States)
ASN15169 (GOOGLE, US)
PTR: qt-in-f157.1e100.net
ASN15169 (GOOGLE, US)
PTR: qt-in-f157.1e100.net
| pagead2.googlesyndication.com |
1
52.12.47.65
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-47-65.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-47-65.us-west-2.compute.amazonaws.com
| api.segment.io |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 35 |
tnqa.net
1 redirects
wick.www.us-corp-qa-3.tnqa.net www.wick.www.us-corp-qa-3.tnqa.net cdn.us-corp-qa-3.vip.tnqa.net |
708 KB |
| 8 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192 |
184 KB |
| 5 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
427 KB |
| 4 |
segment.com
cdn.segment.com — Cisco Umbrella Rank: 1794 |
35 KB |
| 2 |
googlesyndication.com
72b3eb4ca9881abfe466bd0edd639789.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 |
|
| 1 |
segment.io
api.segment.io — Cisco Umbrella Rank: 1324 |
189 B |
| 1 |
google.com
analytics.google.com — Cisco Umbrella Rank: 147 |
|
| 1 |
gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2302 |
19 KB |
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 58 | 9 |
| Domain | Requested by | |
|---|---|---|
| 25 | cdn.us-corp-qa-3.vip.tnqa.net |
www.wick.www.us-corp-qa-3.tnqa.net
|
| 9 | www.wick.www.us-corp-qa-3.tnqa.net |
www.wick.www.us-corp-qa-3.tnqa.net
|
| 6 | securepubads.g.doubleclick.net |
www.wick.www.us-corp-qa-3.tnqa.net
securepubads.g.doubleclick.net |
| 5 | www.googletagmanager.com |
www.wick.www.us-corp-qa-3.tnqa.net
www.googletagmanager.com |
| 4 | cdn.segment.com |
www.wick.www.us-corp-qa-3.tnqa.net
cdn.segment.com |
| 1 | api.segment.io |
cdn.segment.com
|
| 1 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
| 1 | td.doubleclick.net |
www.googletagmanager.com
|
| 1 | stats.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | analytics.google.com |
www.googletagmanager.com
|
| 1 | 72b3eb4ca9881abfe466bd0edd639789.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
| 1 | secure.gravatar.com |
www.wick.www.us-corp-qa-3.tnqa.net
|
| 1 | wick.www.us-corp-qa-3.tnqa.net | 1 redirects |
| 0 | 127.0.0.1 Failed |
www.wick.www.us-corp-qa-3.tnqa.net
|
| 58 | 14 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.willistonherald.com |
| wickcommunications.knack.com |
| classadz.vdata.com |
| local.willistonherald.com |
| www.capjournal.com |
| www.microsoft.com |
| www.google.com |
| www.mozilla.org |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| wick.www.us-corp-qa-3.tnqa.net WR1 |
2024-10-26 - 2025-01-24 |
3 months | crt.sh |
| *.us-corp-qa-3.vip.tnqa.net RapidSSL TLS RSA CA G1 |
2024-04-23 - 2025-05-23 |
a year | crt.sh |
| *.g.doubleclick.net WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
| *.google-analytics.com WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
| *.gravatar.com Sectigo ECC Domain Validation Secure Server CA |
2023-12-05 - 2025-01-04 |
a year | crt.sh |
| *.segment.com Amazon RSA 2048 M02 |
2024-10-15 - 2025-11-14 |
a year | crt.sh |
| *.google.com WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
| *.doubleclick.net WR2 |
2024-10-07 - 2024-12-30 |
3 months | crt.sh |
| *.segment.io Amazon RSA 2048 M03 |
2023-12-13 - 2025-01-11 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://www.wick.www.us-corp-qa-3.tnqa.net/
Frame ID: A1CF899C019A813555C680E6A4BC765A
Requests: 55 HTTP requests in this frame
Frame:
http://127.0.0.1:5001/perimeter?UniqueFireIdentifier=2023-AZCNF-000554
Frame ID: 59D8018A9B7580D35E72B81DBCE1E631
Requests: 1 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 980846D450B36A4886D79E86C7BC4A77
Requests: 1 HTTP requests in this frame
Frame:
https://72b3eb4ca9881abfe466bd0edd639789.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 23FDBF20941F8819FC564AC31B2DF8C8
Requests: 1 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=283560191.1729992858>m=45je4ao0v887101457z8861227858za200zb861227858&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848&z=1273383510
Frame ID: 156E25E9C95A56FD276B7B8548EF80FC
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
wick.www.us-corp-qa-3.tnqa.net | Engage. Inform. Entertain. Because Community Matters.Page URL History Show full URLs
-
https://wick.www.us-corp-qa-3.tnqa.net/
HTTP 301
https://www.wick.www.us-corp-qa-3.tnqa.net/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Segment
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.segment\.com/analytics\.js
TrackJs
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- tracker\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
33 Outgoing links
These are links going to different origins than the main page.
URL: https://www.willistonherald.com/news/
Title: Local news
Title: Local news
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/eedition
Title: E-edition
Title: E-edition
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/obituaries
Title: Obituaries
Title: Obituaries
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/news/oil_and_energy/energy_chaser/
Title: Energy Chaser
Title: Energy Chaser
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/sports/
Title: Sports
Title: Sports
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/opinion/
Title: Opinion
Title: Opinion
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/site/signup/
Title: Email newsletters
Title: Email newsletters
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/news/public_safety/
Title: Public safety
Title: Public safety
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/news/dakota_access/
Title: Dakota Access
Title: Dakota Access
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/business/
Title: Business
Title: Business
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/news/farm_and_ranch/
Title: Farm and Ranch
Title: Farm and Ranch
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/gallery/
Title: Photo galleries
Title: Photo galleries
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/special_sections/
Title: Special publications
Title: Special publications
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/events/
Title: Events calendar
Title: Events calendar
Search URL Search Domain Scan URL
URL: https://wickcommunications.knack.com/pierrebusiness-directory#home/
Title: Local business directory
Title: Local business directory
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/classifieds/
Title: Classifieds
Title: Classifieds
Search URL Search Domain Scan URL
URL: https://classadz.vdata.com/WillistonHerald/Advertising/Advertiser/
Title: Place a classified ad
Title: Place a classified ad
Search URL Search Domain Scan URL
URL: https://local.willistonherald.com/
Title: Explore recent print ads
Title: Explore recent print ads
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/advertise/
Title: Advertise with us
Title: Advertise with us
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/site/about/staff_directory/
Title: Contact and meet the staff
Title: Contact and meet the staff
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/site/forms/online_services/submit_news/
Title: Send us a news tip
Title: Send us a news tip
Search URL Search Domain Scan URL
URL: https://www.capjournal.com/site/forms/online_services/letter/
Title: Submit a letter to the editor
Title: Submit a letter to the editor
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/site/careers/
Title: Career opportunities
Title: Career opportunities
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/site/forms/subscription_services/
Title: Subscribe
Title: Subscribe
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/cleanslate/
Title: Request content removal
Title: Request content removal
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/newsapp
Title: Download our mobile app
Title: Download our mobile app
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/site/forms/subscription_services/change_address/
Title: Change of address
Title: Change of address
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/site/forms/subscription_services/delivery_issue/
Title: Delivery issue
Title: Delivery issue
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/site/forms/subscription_services/paybill
Title: Pay bill
Title: Pay bill
Search URL Search Domain Scan URL
URL: https://www.willistonherald.com/site/forms/subscription_services/vacation/
Title: Request vacation stop
Title: Request vacation stop
Search URL Search Domain Scan URL
URL: https://www.microsoft.com/en-us/edge
Title: Microsoft Edge
Title: Microsoft Edge
Search URL Search Domain Scan URL
URL: https://www.google.com/chrome/
Title: Google Chrome
Title: Google Chrome
Search URL Search Domain Scan URL
URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox
Title: Firefox
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wick.www.us-corp-qa-3.tnqa.net/
HTTP 301
https://www.wick.www.us-corp-qa-3.tnqa.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
58 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.wick.www.us-corp-qa-3.tnqa.net/ Redirect Chain
|
194 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ |
98 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
user.js
www.wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/user/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ |
39 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.08a61544f369cc43bf02e71b2d10d49f.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
33 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application.0758030105fdd3a70dff03f4da4530e2.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ |
107 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layout.4f2008879f13ddd758050a76c1e8672c.css
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ |
155 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ |
41 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
csrf.js
www.wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/api/ |
940 B 762 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
access.3e0b8030b6000aa9a609.js
www.wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/api/ |
71 KB 29 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
user-controls.578df3df79d812af55ab13bae47f9857.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ |
533 B 678 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
104 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ |
207 B 498 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracking.js
www.wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome.48f6e778a25162f5c4a6977fb556155b.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
277 KB 115 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracker.js
www.wick.www.us-corp-qa-3.tnqa.net/shared-content/art/stats/common/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b5b159a8-2386-11eb-a334-000c299ccbc9.png
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/custom/image/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b50ee8bc-2386-11eb-a324-000c299ccbc9.png
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/custom/image/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b50d769e-2386-11eb-a323-000c299ccbc9.png
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/custom/image/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a8ad6940-a643-11ec-918b-000c299ccbc9.png
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/custom/image/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tnt.regions.e7df22f20c42105cce5864da9e346f48.js
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
224 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
247 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracker.gif
www.wick.www.us-corp-qa-3.tnqa.net/shared-content/art/stats/common/ |
0 48 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
perimeter
127.0.0.1/ Frame 59D8 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
73 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f73bdfcf4bd42350668b33ae82a7c89d
secure.gravatar.com/avatar/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.wick.www.us-corp-qa-3.tnqa.net/tncms/csrf/token/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b50ee8bc-2386-11eb-a324-000c299ccbc9.png
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/custom/image/ |
27 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5faf0b09ce47f.preview.jpg
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/assets/v3/editorial/d/3d/d3da4f33-712e-5db1-b9c7-42c246d70c11/ |
92 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5faf0ae1a1f9e.preview.jpg
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/assets/v3/editorial/7/32/732b0afa-4bd3-554e-a19c-50498a29ea58/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dcc09f2e-a646-11ec-b8d6-000c299ccbc9.png
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/custom/image/ |
83 KB 83 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/ |
481 KB 149 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
218 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
297 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 9808 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
868 B 459 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
763 B 368 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
763 B 373 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
container.html
72b3eb4ca9881abfe466bd0edd639789.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 23FD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6ee3cd28-a641-11ec-b655-000c299ccbc9.png
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/custom/image/ |
86 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
306 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/AAYDml6nBUBcBNCcffQm7mKBQtvKFQOI/ |
103 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 560 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rul
td.doubleclick.net/td/ga/ Frame 156E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
settings
cdn.segment.com/v1/projects/AAYDml6nBUBcBNCcffQm7mKBQtvKFQOI/ |
789 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
ping
pagead2.googlesyndication.com/pagead/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
p
api.segment.io/v1/ |
21 B 189 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sodar
pagead2.googlesyndication.com/getconfig/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon.ico
www.wick.www.us-corp-qa-3.tnqa.net/content/tncms/site/ |
1 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5faf0a746c7ad.preview.jpg
cdn.us-corp-qa-3.vip.tnqa.net/wick.www.us-corp-qa-3.tnqa.net/content/tncms/assets/v3/editorial/4/f8/4f8bd979-0a1a-5c62-9a9f-d39acec624f5/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 127.0.0.1
- URL
- http://127.0.0.1:5001/perimeter?UniqueFireIdentifier=2023-AZCNF-000554
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410210101&st=env
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| dataLayer function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset object| googletag object| gptAdSlots function| TNStats_Tracker object| TNTracker function| stick_in_parent object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue object| google_tag_manager object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| analytics object| gaGlobal object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext string| sUserId8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .wick.www.us-corp-qa-3.tnqa.net/ | Name: tncms_csrf_token Value: 61c63690a388e26d99548cb24ae163dc81de4eab2c432860a567c427472a9297.4799533309ffa035ebe2 |
|
| .tnqa.net/ | Name: _ga_4T2EB147B8 Value: GS1.1.1729992857.1.0.1729992857.60.0.0 |
|
| .tnqa.net/ | Name: _ga Value: GA1.1.283560191.1729992858 |
|
| .tnqa.net/ | Name: __gads Value: ID=22d30327f0fd8fdb:T=1729992857:RT=1729992857:S=ALNI_MYbBdyRP_91TkkQcBotuNILWNBbYw |
|
| .tnqa.net/ | Name: __gpi Value: UID=00000f38f89a7512:T=1729992857:RT=1729992857:S=ALNI_MbZiM7EEA-ffIYRXfvBlfyY3iL53w |
|
| .tnqa.net/ | Name: __eoi Value: ID=3e3932ccdccec36e:T=1729992857:RT=1729992857:S=AA-AfjYpF18IlWjTDBG3cpgaUQrX |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUkvEFkdv6uQsRy90i2TnrU4y3GoUHzB8SUGtIfOyHNGdHP6-Ipip_mlne2B |
|
| .tnqa.net/ | Name: ajs_anonymous_id Value: 30796ef4-88db-4a58-9e8c-cda4d7fc944d |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | upgrade-insecure-requests |
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
127.0.0.1
72b3eb4ca9881abfe466bd0edd639789.safeframe.googlesyndication.com
analytics.google.com
api.segment.io
cdn.segment.com
cdn.us-corp-qa-3.vip.tnqa.net
pagead2.googlesyndication.com
secure.gravatar.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
td.doubleclick.net
wick.www.us-corp-qa-3.tnqa.net
www.googletagmanager.com
www.wick.www.us-corp-qa-3.tnqa.net
127.0.0.1
pagead2.googlesyndication.com
173.194.204.155
173.194.204.156
173.194.205.97
2001:4860:4802:36::181
209.85.232.157
2607:f8b0:400d:c01::9c
2607:f8b0:400d:c02::61
2607:f8b0:400d:c0b::84
2607:f8b0:400d:c0e::9b
2a04:fa87:fffe::c000:4902
50.114.109.102
50.114.109.209
52.12.47.65
99.86.191.237
04347c64103478a2e8808490d3f5b7e56daa23c9aac37d650163e02f4ed30a42
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12e0735eeb221f4cf1be5634ea4a9064270dbb902a043ab97e9740d847e85fc5
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1aebc9909504db11b3f6beffe8f9feed040788bcf912aa1324e5867f42ced550
1b210664a72c4ad69dc0d6b4dee0c20f59d73f7d14b025148a0fc665d1ecfeae
230589773fdcdc726ecd0ecb5e8f15f5e5d71851ccbac26341b0e2ec19201482
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
275a91b155e38985d9c2964093851603d2b182406538921654b998702da49715
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3d3fe8b3c7bada6b6bc1b8c1f3085fe4d41b5a8b9d55d4d9e70b6f06a7f84dfe
3ed548e9536cbebf3683aad03346b9e4045979cec4607c706cec87535146ec75
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4e7d056c1c5113bc49dbe6756ea17964463da54c5a6a25ef16e0f059ccfcdd1c
506aacdf1e28cae9cc34d36106e993966bf7e39e3dd5ec755617f8f5e14ccf86
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
59d9731ad49509da3a1bf567d68778e56252d640df2ade193bdd7fce51bafb56
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
7e16a1b49159601c5760aac05a02721f1f86de3929fae51e6a5d8820dd26fad5
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
874783e049cba11cc26044da360b3f38ef5a5ba3f28db3af7eac0457195ba897
8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9bc0679c09ef9919e65712b947c231441940356529517387570a5dbe1aa39080
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b360ddd955d69c655bbab2170b2aafccfb234fd943b13e0aba8d269419de905f
b6c82732fd597943f98655bd76df57d84e1924231dbfe89a203135026d3a4a6d
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
cbf36dec9c75f626975b28ff559e5d1ed5856dcf682ed087a034ec3788c0f812
cdb29d2f7a1ea496e12fe2cda7f1c7171da31c25641cfb2577db04faad3c52ba
ce817e3ff52c035c77d83c311a6a875ab2cbfdf938afd06e96855001ea1faf30
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
e3125d299c18471131dd8c3f213c827c79447fc7dbeafee8a9b61158f4c8cd79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9182ca83a582b3ee9b44a7ee3e72cc426ba67f679c0b6e80519a06098a59741
f2d748b1b5e838022aac9bc2d3ed2ba16495ac3563bc99fe232666602a2d69ca