journalstar.com
Open in
urlscan Pro
192.104.182.109
Public Scan
Submitted URL: http://click1.email.journalstar.com/fyjtqhnngncwydjqwbshhwygfywlftygyqrzdrnsngshdbq_jqjvjjtbsswbmbsvqjtsn.html
Effective URL: https://journalstar.com/apps/
Submission: On January 14 via api from SG
Effective URL: https://journalstar.com/apps/
Submission: On January 14 via api from SG
Summary
This website contacted 29 IPs
in 5 countries
across 18 domains to perform 106 HTTP transactions.
The main IP is 192.104.182.109, located in
United States and
belongs to LEE-ASN, US.
The main domain is journalstar.com.
TLS certificate: Issued by R3 on January 9th 2021. Valid for: 3 months.
This is the only time journalstar.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on January 9th 2021. Valid for: 3 months.
This is the only time journalstar.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
7
192.104.182.109
(United States)
ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
| journalstar.com |
1
99.86.7.49
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-49.fra6.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-49.fra6.r.cloudfront.net
| tags.crwdcntrl.net |
3
143.204.215.99
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-99.fra53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-99.fra53.r.cloudfront.net
| tagan.adlightning.com |
5
2a00:1450:4001:816::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
14
2a00:1450:4001:821::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| contributor.google.com | |
| fundingchoicesmessages.google.com | |
| analytics.google.com |
3
2a00:1450:4001:818::2011
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| survey.g.doubleclick.net |
8
2a00:1450:4001:808::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
3
2.19.34.195
(Ascension Island)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com
| sb.scorecardresearch.com |
1
2600:9000:206f:c400:2:36a1:2f40:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d81mfvml8p5ml.cloudfront.net |
1
2600:9000:214f:ea00:7:5031:dc0:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| dn1i8v75r669j.cloudfront.net |
2
52.30.234.204
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-234-204.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-234-204.eu-west-1.compute.amazonaws.com
| bcp.crwdcntrl.net |
1
2600:9000:2057:3600:e:98bf:5f00:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| dkpklk99llpj0.cloudfront.net |
1
2600:1f18:730:b150:e012:d004:2b3d:e4f0
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| rp.liadm.com |
1
34.199.213.67
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-213-67.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-213-67.compute-1.amazonaws.com
| rp4.liadm.com |
1
52.205.241.172
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-241-172.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-241-172.compute-1.amazonaws.com
| i.liadm.com |
1
2a00:1450:4001:825::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
| Domain | Requested by | |
|---|---|---|
| 29 | bloximages.chicago2.vip.townnews.com |
journalstar.com
bloximages.chicago2.vip.townnews.com |
| 11 | fundingchoicesmessages.google.com |
journalstar.com
tagan.adlightning.com |
| 8 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com journalstar.com |
| 7 | cdn.cookielaw.org |
journalstar.com
cdn.cookielaw.org |
| 7 | journalstar.com |
1 redirects
journalstar.com
|
| 5 | www.googletagmanager.com |
journalstar.com
www.googletagmanager.com |
| 4 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
| 3 | www.facebook.com |
connect.facebook.net
journalstar.com |
| 3 | sb.scorecardresearch.com |
1 redirects
journalstar.com
|
| 3 | survey.g.doubleclick.net |
journalstar.com
survey.g.doubleclick.net |
| 3 | tagan.adlightning.com |
journalstar.com
tagan.adlightning.com |
| 2 | bcp.crwdcntrl.net |
1 redirects
tagan.adlightning.com
|
| 2 | www.google.de |
journalstar.com
|
| 2 | b-code.liadm.com |
www.googletagmanager.com
tagan.adlightning.com |
| 2 | connect.facebook.net |
journalstar.com
connect.facebook.net |
| 2 | geolocation.onetrust.com |
cdn.cookielaw.org
|
| 2 | contributor.google.com |
journalstar.com
|
| 2 | www.gstatic.com |
journalstar.com
|
| 1 | pagead2.googlesyndication.com |
tagan.adlightning.com
|
| 1 | i.liadm.com |
tagan.adlightning.com
|
| 1 | rp4.liadm.com | |
| 1 | rp.liadm.com | 1 redirects |
| 1 | dkpklk99llpj0.cloudfront.net |
d81mfvml8p5ml.cloudfront.net
|
| 1 | dn1i8v75r669j.cloudfront.net |
d81mfvml8p5ml.cloudfront.net
|
| 1 | www.google.com |
journalstar.com
|
| 1 | analytics.google.com |
www.googletagmanager.com
|
| 1 | d81mfvml8p5ml.cloudfront.net |
www.googletagmanager.com
|
| 1 | ampcid.google.de |
www.google-analytics.com
|
| 1 | ampcid.google.com |
www.google-analytics.com
|
| 1 | adservice.google.de |
survey.g.doubleclick.net
|
| 1 | tags.crwdcntrl.net |
journalstar.com
|
| 1 | click1.email.journalstar.com | 1 redirects |
| 106 | 32 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| journalstar.com R3 |
2021-01-09 - 2021-04-09 |
3 months | crt.sh |
| bloximages.chicago2.vip.townnews.com GeoTrust RSA CA 2018 |
2020-02-25 - 2021-04-25 |
a year | crt.sh |
| cookielaw.org Cloudflare Inc ECC CA-3 |
2020-07-01 - 2021-07-01 |
a year | crt.sh |
| *.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2019-06-13 - 2021-06-28 |
2 years | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.adlightning.com Amazon |
2020-07-22 - 2021-08-22 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.onetrust.com DigiCert SHA2 Secure Server CA |
2020-05-21 - 2022-07-27 |
2 years | crt.sh |
| *.google.de GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
| sb.scorecardresearch.com DigiCert Secure Site ECC CA-1 |
2020-07-17 - 2021-06-02 |
a year | crt.sh |
| *.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
| b-code.liadm.com DigiCert Secure Site ECC CA-1 |
2020-06-23 - 2021-09-22 |
a year | crt.sh |
| www.google.de GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| www.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
| *.liadm.com Amazon |
2020-01-17 - 2021-02-17 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://journalstar.com/apps/
Frame ID: 5D015F7C35861FE6B1C57D824886B1A6
Requests: 106 HTTP requests in this frame
Frame:
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=481780398/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20journalstar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20apps/med=%23OpR%2372333%23Keyword%20%3A%20apps%2C%20phones%2C%20smartphones%2C%20breaking%20news%2C%20lincoln%2C%20nebraska%2C%20huskers%2C%20football%2C%20recruiting%2C%20recruits%2C%20sports%2C%20high%20school%20sports%2C%20university%20of%20nebraska/rb=%7B%22meta_tag%22%3A%22apps%2C%20phones%2C%20smartphones%2C%20breaking%20news%2C%20lincoln%2C%20nebraska%2C%20huskers%2C%20football%2C%20recruiting%2C%20recruits%2C%20sports%2C%20high%20school%20sports%2C%20university%20of%20nebraska%22%7D/rt=ifr
Frame ID: A45AAE808EB74BBAD6BE4D952A55705A
Requests: 1 HTTP requests in this frame
Frame:
https://i.liadm.com/s/c/a-012j?s=MgUIBhC_DjIFCAoQvw4yBQh6EL4OMgYIiwEQvw4yBQgLEL8OMgUICxC_DjIFCHkQvg4yBgiBARC-DjIFCAkQvw4yBQh7EL4OMgYIiAEQvw4yBgiGARC-DjIFCA0QsQ4&cim=&ps=true&ls=true&duid=e898947109f0--01evz7r448tjkvw1ptqmt3rcyc&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YNN&
Frame ID: DD1B225C49FFC05653F79970412ABC82
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://click1.email.journalstar.com/fyjtqhnngncwydjqwbshhwygfywlftygyqrzdrnsngshdbq_jqjvjjtbsswbmbsvqjtsn.html
HTTP 302
https://journalstar.com/apps HTTP 301
https://journalstar.com/apps/ Page URL
Detected technologies
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
comScore
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
- script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
URL: https://autos.journalstar.com/
Title: Cars
Title: Cars
Search URL Search Domain Scan URL
URL: https://www.instagram.com/journalstarnews/
Title: Instagram
Title: Instagram
Search URL Search Domain Scan URL
URL: https://leenewspapers.secondstreetapp.com/Share-a-Smile-Sweepstakes/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/us/app/journal-star/id372575588
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.journalstar.news
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/us/app/husker-extra/id899751872?mt=8
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.huskerextra.SportsStatsMobile.College&hl=en
Search URL Search Domain Scan URL
URL: https://columbustelegram.com/
Title: The Columbus Telegram
Title: The Columbus Telegram
Search URL Search Domain Scan URL
URL: https://fremonttribune.com/
Title: The Fremont Tribune
Title: The Fremont Tribune
Search URL Search Domain Scan URL
URL: https://beatricedailysun.com/
Title: The Beatrice Daily Sun
Title: The Beatrice Daily Sun
Search URL Search Domain Scan URL
URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere
Title: Work here
Title: Work here
Search URL Search Domain Scan URL
URL: https://bloxcms.com/
Title: BLOX Content Management System
Title: BLOX Content Management System
Search URL Search Domain Scan URL
URL: https://townnews.com/
Title: TownNews.com
Title: TownNews.com
Search URL Search Domain Scan URL
URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information
Title: More information
Search URL Search Domain Scan URL
URL: https://onetrust.com/poweredbyonetrust
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://click1.email.journalstar.com/fyjtqhnngncwydjqwbshhwygfywlftygyqrzdrnsngshdbq_jqjvjjtbsswbmbsvqjtsn.html
HTTP 302
https://journalstar.com/apps HTTP 301
https://journalstar.com/apps/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 86- https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1610587396077&ns_c=UTF-8&cv=3.5&c8=Get%20the%20latest%20apps%20from%20the%20Journal%20Star%20and%20Husker%20Extra%20%7C%20journalstar.com&c7=https%3A%2F%2Fjournalstar.com%2Fapps%2F&c9= HTTP 302
- https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1610587396077&ns_c=UTF-8&cv=3.5&c8=Get%20the%20latest%20apps%20from%20the%20Journal%20Star%20and%20Husker%20Extra%20%7C%20journalstar.com&c7=https%3A%2F%2Fjournalstar.com%2Fapps%2F&c9=&cs_ak_ss=1
- https://bcp.crwdcntrl.net/5/c=6894/rand=481780398/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20journalstar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20apps/med=%23OpR%2372333%23Keyword%20%3A%20apps%2C%20phones%2C%20smartphones%2C%20breaking%20news%2C%20lincoln%2C%20nebraska%2C%20huskers%2C%20football%2C%20recruiting%2C%20recruits%2C%20sports%2C%20high%20school%20sports%2C%20university%20of%20nebraska/rb=%7B%22meta_tag%22%3A%22apps%2C%20phones%2C%20smartphones%2C%20breaking%20news%2C%20lincoln%2C%20nebraska%2C%20huskers%2C%20football%2C%20recruiting%2C%20recruits%2C%20sports%2C%20high%20school%20sports%2C%20university%20of%20nebraska%22%7D/rt=ifr HTTP 302
- https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=481780398/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20journalstar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20apps/med=%23OpR%2372333%23Keyword%20%3A%20apps%2C%20phones%2C%20smartphones%2C%20breaking%20news%2C%20lincoln%2C%20nebraska%2C%20huskers%2C%20football%2C%20recruiting%2C%20recruits%2C%20sports%2C%20high%20school%20sports%2C%20university%20of%20nebraska/rb=%7B%22meta_tag%22%3A%22apps%2C%20phones%2C%20smartphones%2C%20breaking%20news%2C%20lincoln%2C%20nebraska%2C%20huskers%2C%20football%2C%20recruiting%2C%20recruits%2C%20sports%2C%20high%20school%20sports%2C%20university%20of%20nebraska%22%7D/rt=ifr
- https://rp.liadm.com/j?tna=v2.0.0&aid=a-012j&wpn=lc-bundle&us_privacy=1YNN&pu=https%3A%2F%2Fjournalstar.com%2Fapps%2F&duid=e898947109f0--01evz7tnzsg7cxk6q87brr8hhc&se=e30&dtstmp=1610587396204 HTTP 302
- https://rp4.liadm.com/j?tna=v2.0.0&aid=a-012j&wpn=lc-bundle&us_privacy=1YNN&pu=https%3A%2F%2Fjournalstar.com%2Fapps%2F&duid=e898947109f0--01evz7tnzsg7cxk6q87brr8hhc&se=e30&dtstmp=1610587396204&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
106 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
journalstar.com/apps/ Redirect Chain
|
133 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ |
98 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
user.js
journalstar.com/shared-content/art/tncms/user/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ |
39 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.5ee3960b4d37bc106988fa535b393865.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
35 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tnt.1477faac295a3745e4796d2263e75f11.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
application.93d1db0a57d520951552a1dcd8fd9aeb.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ |
107 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layout.2a76ea6b1da821b015c6c6168e530f02.css
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ |
129 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lee.ds.css
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/ |
63 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cc.js
tags.crwdcntrl.net/c/6894/ |
38 KB 12 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
user-controls.578df3df79d812af55ab13bae47f9857.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ |
517 B 438 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ |
31 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
messaging.js
journalstar.com/shared-content/art/tncms/api/ |
4 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ |
198 B 445 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracking.js
journalstar.com/shared-content/art/tncms/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otCCPAiab.js
cdn.cookielaw.org/opt-out/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome.edd147e4c2830f416874012247117438.js
bloximages.chicago2.vip.townnews.com/journalstar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
252 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracker.js
journalstar.com/shared-content/art/stats/common/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
journalstar.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
01279c34-0a61-11ea-b3fc-134ca9d3ef7a.png
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/custom/image/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a637a5f8-0a60-11ea-b3fc-4389896ed3d0.png
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/custom/image/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
journalstar-dot-com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/apps-showcase/ |
153 KB 153 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
badge-apple.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/apps-showcase/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
badge-google.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/apps-showcase/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7cbbc478-de08-11e8-b000-83bfa959e33b.png
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/custom/image/ |
252 KB 253 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f77d2960-0a60-11ea-b3fc-f7a60843531e.png
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/custom/image/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
op.js
tagan.adlightning.com/leeenterprises/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
148 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.js
contributor.google.com/scripts/b765fd5c002b8ec/ |
106 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AGSKWxWx7yQUhe008vdbx7qOwWhCKmR-osSuFC3DDyvCm_K_nNMTjE2EGmV28JFHdjHcINdbHwRu0oRU4n5mb0jEyQ==
fundingchoicesmessages.google.com/f/ |
83 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a015a7aa-45bb-4d3c-984f-06bec6a04dd1.json
cdn.cookielaw.org/consent/a015a7aa-45bb-4d3c-984f-06bec6a04dd1/ |
2 KB 1 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tracker.gif
journalstar.com/shared-content/art/stats/common/ |
0 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
survey
survey.g.doubleclick.net/ |
8 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
164 B 356 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ |
162 B 219 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
prompt_embed_static.js
survey.g.doubleclick.net/insights/consumersurveys/static/432332060295402069/ |
388 KB 388 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.sync.js
adservice.google.de/adsid/ |
113 B 173 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
gtm.js
www.googletagmanager.com/ |
83 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
prompt
survey.g.doubleclick.net/gk/ |
0 66 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.2.0/ |
325 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
AGSKWxXQFjaDD2p5yJiMx2fQFOJV1y-i8JvpUMEIFtn6aHj5aaTtdhrwpk8EKyDlxksyrpwwaBKKfVI7qjofX3udvA==
fundingchoicesmessages.google.com/l/ |
0 370 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
AGSKWxUpmx--0p5ikp8HV4NOnHBEn5sSAAs0hORb0GPniwjmFIE-r52BJFe6lSKpT86oYS7rCPPBD_pN308yRsafow==
fundingchoicesmessages.google.com/f/ |
81 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
133 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
gtm.js
www.googletagmanager.com/ |
308 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 162 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.json
cdn.cookielaw.org/consent/a015a7aa-45bb-4d3c-984f-06bec6a04dd1/75787057-4552-493b-aa72-b303111d8f91/ |
14 KB 5 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 91 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
73 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
75 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serif-ds.woff2
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5ffe912157b9c.preview-620.jpg
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/assets/v3/eedition/3/87/38756417-f2ef-539d-ba2a-62cd43eb3bad/ |
168 KB 169 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5ffc64afd3ca1.preview.jpg
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/assets/v3/editorial/8/c8/8c877102-9f11-58dd-9a7b-689fa79ccce6/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5fdc458e098c1.image.png
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/assets/v3/editorial/5/04/5043c313-d498-50e3-8b55-f8caf7335d7c/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5ff5d8ad554ad.preview.png
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/assets/v3/editorial/9/1a/91a08b80-8559-5cd3-adbe-9a9acf3f1163/ |
45 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5fee4d6cdf93a.image.jpg
bloximages.chicago2.vip.townnews.com/journalstar.com/content/tncms/assets/v3/editorial/4/fc/4fced28b-a589-5678-aac2-056c317e0f84/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
journalstar-dot-com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/apps-showcase/ |
153 KB 153 KB |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/6.2.0/assets/ |
18 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.2.0/assets/ |
100 KB 21 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
www.google-analytics.com/g/ |
0 44 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 67 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
checksub
contributor.google.com/scripts/b765fd5c002b8ec:D:3274c66209939aa2/ |
392 B 695 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b-9a4f7ce-9c3d90b4.js
tagan.adlightning.com/leeenterprises/ |
61 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bl-c29bca2-43d1d0e2.js
tagan.adlightning.com/leeenterprises/ |
95 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
133 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 888 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
90 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
beacon.js
sb.scorecardresearch.com/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
i99g3gee.js
d81mfvml8p5ml.cloudfront.net/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a-012j.min.js
b-code.liadm.com/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 54 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
stats.g.doubleclick.net/g/ |
0 44 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
stats.g.doubleclick.net/j/ |
4 B 28 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
collect
stats.g.doubleclick.net/j/ |
1 B 25 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
js
www.google-analytics.com/gtm/ |
88 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 58 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
961211893969940
connect.facebook.net/signals/config/ |
244 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
0 528 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync-container.js
b-code.liadm.com/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
ga-audiences
www.google.de/ads/ |
42 B 88 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
dn1i8v75r669j.cloudfront.net/v/ |
47 B 314 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
www.facebook.com/tr/ |
0 54 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 237 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=481780398/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20journalstar%20%3A%20Total%20... Frame A45A Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
i99g3gee_1606137453919.js
dkpklk99llpj0.cloudfront.net/ |
48 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
j
rp4.liadm.com/ Redirect Chain
|
13 B 567 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
a-012j
i.liadm.com/s/c/ Frame DD1B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
related-ads.
fundingchoicesmessages.google.com/f/AGSKWxVcfda64CEfuem8_9jEkrN4lcAsoiwrVwe-YJNCylyYcGV3OOOG9E51bDVcHGScxA5AahESy1zHCZKkLB2pWWXaPql3UtMpUKyJgsI2fMyPg-NYkVQrvSRpm_2XtMPi4j1-g0dzyl-zQCtmVlT9IXbpmynQB... |
54 B 781 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
133 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
AGSKWxVHtP5Jl6Qi89cyqNhrBD9lLhEEjVpHE0oCKoJ2qYhrPIz18zwj8H7-GIOqmTe0pDB6mmMkPhsdsq6nHvdn3Mkx14JnRQOvUJWpBdIgDWXDHWBJQvg9e6OzjShOF-KU9nL0P5w1htUrp2M5Oc6_nJgJj87Y1tmjkzWUsp7cO80GeY95nIevpRw7izM=
fundingchoicesmessages.google.com/l/ |
0 369 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
AGSKWxVHtP5Jl6Qi89cyqNhrBD9lLhEEjVpHE0oCKoJ2qYhrPIz18zwj8H7-GIOqmTe0pDB6mmMkPhsdsq6nHvdn3Mkx14JnRQOvUJWpBdIgDWXDHWBJQvg9e6OzjShOF-KU9nL0P5w1htUrp2M5Oc6_nJgJj87Y1tmjkzWUsp7cO80GeY95nIevpRw7izM=
fundingchoicesmessages.google.com/l/ |
0 348 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
AGSKWxVHtP5Jl6Qi89cyqNhrBD9lLhEEjVpHE0oCKoJ2qYhrPIz18zwj8H7-GIOqmTe0pDB6mmMkPhsdsq6nHvdn3Mkx14JnRQOvUJWpBdIgDWXDHWBJQvg9e6OzjShOF-KU9nL0P5w1htUrp2M5Oc6_nJgJj87Y1tmjkzWUsp7cO80GeY95nIevpRw7izM=
fundingchoicesmessages.google.com/l/ |
0 348 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
AGSKWxVhgaBe3eVcdlrCgk1UPStfohAWprgNebiZnnD2YFA4Qx5_mX5bNZN1OjDfii4p5aCOO3iEXIPEpD0K0CT33T3_VNVgSOxN5FkYWt4adSkdiYhtR4Y_ef87SLQjI-gpspMQqXr9bAAyil9rsnkmi8uvRDNuH4R1_4c2SPEFCBoC0Fx_nYv5dfG8aaA=
fundingchoicesmessages.google.com/f/ |
63 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
AGSKWxVHtP5Jl6Qi89cyqNhrBD9lLhEEjVpHE0oCKoJ2qYhrPIz18zwj8H7-GIOqmTe0pDB6mmMkPhsdsq6nHvdn3Mkx14JnRQOvUJWpBdIgDWXDHWBJQvg9e6OzjShOF-KU9nL0P5w1htUrp2M5Oc6_nJgJj87Y1tmjkzWUsp7cO80GeY95nIevpRw7izM=
fundingchoicesmessages.google.com/l/ |
0 347 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
www.facebook.com/tr/ |
0 31 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
AGSKWxUJzOhBsccQy6_15oO1XZdnWR7MJrFlfHCE37x-9vuCGQFxZUv2tfJTwqIerbuAYdIqbutHUyEvZekBvzMhlNY4V8aJqFqrE3Z7u5RnKTa2s6B9EIj2wlshs4YnlW2O8IyiRw04PJYAPnnbjsjIZMXJpgXvzT1oJuC226BbooggXd0qiuQJ90xLM4I=
fundingchoicesmessages.google.com/l/ |
0 777 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3-Q050 |
AGSKWxUJzOhBsccQy6_15oO1XZdnWR7MJrFlfHCE37x-9vuCGQFxZUv2tfJTwqIerbuAYdIqbutHUyEvZekBvzMhlNY4V8aJqFqrE3Z7u5RnKTa2s6B9EIj2wlshs4YnlW2O8IyiRw04PJYAPnnbjsjIZMXJpgXvzT1oJuC226BbooggXd0qiuQJ90xLM4I=
fundingchoicesmessages.google.com/l/ |
0 347 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
130 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| _cc6894 object| LOTCC boolean| LEE_DS function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| SelectorQueries object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| __d3lUW8vwsKlB__ object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| TNStats_Tracker object| TNTracker function| jsonFeed function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| _402 function| _402_Show object| googleToken object| googleIMState function| processGoogleTokenSync object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| webmonitoring object| paidtasksshim object| otStubData object| default_ContributorServingLoaderClientJs object| googlefc function| __Y9uNstf385Zx__ object| __fcInternalApiManager object| Yjc2NWZkNWMwMDJiOGVjbG9hZGVyX2pz string| Yjc2NWZkNWMwMDJiOGVjY2FjaGVkX2pz string| __fcInvoked boolean| __fcInternalApiPostMessageReady object| googletag undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli object| lee_glus undefined| lee_glusIE object| gaplugins object| __otccpaooLocation object| $heroImg object| Optanon object| OneTrust object| gaGlobal object| gaData object| default_ContributorTargetingClientJs function| __906a641ff040__ object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| R6of4a function| R6of4b object| xop function| messagingCallback object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| fbq function| _fbq object| _comscore boolean| $sNavScroll object| W0Grta function| W0Grtb function| xblacklist object| IQtO6a function| IQtO6b function| xblocker function| udm_ object| ns_p object| COMSCORE object| $FR_LAB object| LI object| __li__evt_bus object| liQ function| _typeof2 function| __liSync object| google_optimize function| $TM_VR object| $TB function| nrlskOnEvent boolean| aee5591a-471e-476c-a870-ea45ccf764ef object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .journalstar.com/ | Name: _lc2_fpi Value: e898947109f0--01evz7tnzsg7cxk6q87brr8hhc |
|
| .journalstar.com/ | Name: _fbp Value: fb.1.1610587396124.1510929544 |
|
| .journalstar.com/ | Name: _li_dcdm_c Value: .journalstar.com |
|
| .journalstar.com/ | Name: _dc_gtm_UA-6839786-1 Value: 1 |
|
| .journalstar.com/ | Name: _ga Value: GA1.2.1882214566.1610587396 |
|
| .journalstar.com/ | Name: _dc_gtm_UA-54716522-2 Value: 1 |
|
| .journalstar.com/ | Name: _ga_G2BL49024K Value: GS1.1.1610587395.1.0.1610587395.60 |
|
| .journalstar.com/ | Name: CUID Value: N,1610587395842:ALHGLuQAAAAPTiwxNjEwNTg3Mzk1ODQytZZ72zUzWRDXLxgtCXxsfkEsaRoHaHXZ3qnuZWHbAjQ0bZwOdmc+2uLz4n3w3+4aBKbfOXN9g/NEFZ1dQBDZAUrS80yIczFhumlmqtybscDBTVkCyDmaI3q6Q8mcFQ/F9zrnHkymN8dDyooW6ii6YIqvJBQIbQhhRYeKmDHThlPyvG5MCrv7DJ9TgHJWz4n7OMnmOnBb9/sd7aNkxn5mNu4msKqOjYJElSHC42CDifp/7Rtsl/FgnEvA8Fw4FaAUq8/7rqqX3ejHgjKGVjwNstucpHco26KL2CfuSu9ez2NtIwbTfg6c9WXY0ubMeTFe35UpCn8/lZxsq82T457W5Q== |
|
| .journalstar.com/ | Name: _dc_gtm_UA-54716522-7 Value: 1 |
|
| .journalstar.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
| journalstar.com/ | Name: usprivacy Value: 1YNN |
|
| .journalstar.com/ | Name: _gid Value: GA1.2.977809222.1610587396 |
|
| .journalstar.com/ | Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Jan+14+2021+02%3A23%3A15+GMT%2B0100+(Central+European+Standard+Time)&version=6.2.0&landingPath=https%3A%2F%2Fjournalstar.com%2Fapps%2F&groups=C0002%3A1%2CC0001%3A1&hosts=&legInt= |
|
| .journalstar.com/ | Name: _ga_NFTGWT90ER Value: GS1.1.1610587395.1.0.1610587395.0 |
|
| .journalstar.com/ | Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1610587395398]] |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.de
ampcid.google.com
ampcid.google.de
analytics.google.com
b-code.liadm.com
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
cdn.cookielaw.org
click1.email.journalstar.com
connect.facebook.net
contributor.google.com
d81mfvml8p5ml.cloudfront.net
dkpklk99llpj0.cloudfront.net
dn1i8v75r669j.cloudfront.net
fundingchoicesmessages.google.com
geolocation.onetrust.com
i.liadm.com
journalstar.com
pagead2.googlesyndication.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
stats.g.doubleclick.net
survey.g.doubleclick.net
tagan.adlightning.com
tags.crwdcntrl.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.18.130.43
143.204.215.99
192.104.182.109
2.19.34.195
2600:1f18:730:b150:e012:d004:2b3d:e4f0
2600:9000:2057:3600:e:98bf:5f00:21
2600:9000:206f:c400:2:36a1:2f40:21
2600:9000:214f:ea00:7:5031:dc0:21
2606:4700:10::6814:b844
2606:4700::6810:9540
2a00:1450:4001:800::2003
2a00:1450:4001:800::2004
2a00:1450:4001:806::200e
2a00:1450:4001:808::200e
2a00:1450:4001:816::2008
2a00:1450:4001:818::2003
2a00:1450:4001:818::2011
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:821::200e
2a00:1450:4001:825::2002
2a00:1450:400c:c0c::9d
2a02:26f0:6c00::210:baf1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.199.213.67
52.205.241.172
52.30.234.204
74.214.203.11
99.86.7.49
0230e8c67f568c29bfa2d9756f6e9f79ca6a375d99cbeb54bf09c35fb9e525c4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
0d54c4f943569beeb80e1fe05e5957e89973051c4506e3ec4c355f9326519fc2
10ab566c9fb0560fc9b7690af2b2a06cb4ce5af583a6e9796d1ece57c702c5e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085
3ac4bbdd527f588d3af5e3accd4a0e57c58ac5e2a3ed7943b014c4c935f718d2
3ecc167df6bb96bef3b6c9161c6504e6c4220b40c87d59351b332927f737e1f2
43aa159820dff5d98e823f21fa49df2fb4976ac97398d56d05a8393c9c90a41a
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
5061687072466268612b907fe4386e659886c8be0b79e117755e78312e8cb42e
53622901b1ab1f0fb89cebbaccc1d2153bb0554dddc2fbdae8311c76607b034c
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59f402de9f1e432c10350864d4d9a3f348bea192abfd0785e40f7ab1c49006ed
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5c844391859be030b8cd4c8b279324c07ed6d91c5b51f4370bf8b0f344716215
5ee82bb96be591e9b53340f17031f92692408e1cd26df408c6bfcc3953f872f6
668b856f85f21dce2ae3dd6e91911b49aafc8bfd062fa386bdf3af8f866fbd66
669de46aee3dfd3966a9e3a2602531a4c4f670b91b1b6d0f47d115eea70a47fc
67d3fbbfeed41e1c4ffb28f749c8444a7b4db6722bd8ab9a73157b947e65f118
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a
6ce91e6dcd61adb212be00bd2c9f8de5243b2741c6d7cf83ba907e581a0272e2
6d8b76cb673b3af30f99448de96d4bfa03546c4e7808ce9c6ccaa9777efc90ac
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862
6f390c3880c0140822b3a900ede995fe319ec37958c1f901230da5004a1ef2e1
74183272095b267165a7fe1f47ba788abcd23030c0b7b94aad087d071609c9b8
791575e6e184341623dfce68dfe256b3a0704b47b22ee9e82500b2c8e659bc30
7c80dc3532cd1e5c570740c5cb70d218ebea263f3cdb9872ba6350ddf9a7db9f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bd856be00c26ae450bc42f2abdbccd2e9ec1e6a5bc70016d2cb500b3192897e
8f687e83b16e0b9e4b7142618711f3f53178225497648dd954ed2fb3003fc172
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
931d60592e3d2155217214ed83d95e0b55be8ca917e245888306349a2527c2b3
939be6a646cc4953b93d285d453f0213bfa21e121e7bfe245d9adb6cff8d83ff
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f
96bda7b1cc76aea9bbc92ca3d92cc2a75c398f09864a5765f3f191d8f65026fc
9869df38dc362ed69596718737d272a0730d17127af8f4c483cab217ef032c2a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a04c143a3ab5f9a712abee6ca8e1e65672af5a5aeea852a2d211d235abc15b3c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a419cf615019de31d313580581c074aaa631c0077401943ae09e9418a54228a2
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
a9fab16d26fcd7fe22ce52628916f739d4aa3ca3715de7132324c9ac9c1edcac
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b26ba6878ca7429d5fc284f9a15753c98dddda891406044ecd58847f0664e518
b4028cb89266471ac7ecd369144eaac66b1ea431f094517c8bab266833c2fe56
b42d79ee92c47b57a10c9b5b591eef7fd68da8ff411e368f55ca41b95d0c7805
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bf974cc5c50469c87597416baa849ff148b053aaab6f577e19217ab454d0d279
c059565ed071744337265bf8f0804bca2120f9e584816ac21e39fce2572f37a4
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd9ca848b5938621d81059027891334046bbbd592754c5f49cebd433cbbcc8f9
cdf63ebdfc88e2ed3df0eb9ddbbc74fed46201d919f2e5c0cf3f4a972fdcd2fa
cfb9f03257d4f79e158116a6aef9e8bccce6f4d713e572854086449ab4fa95bc
d5c57b57c75e78aaa6e480d0366fad4760ed3c5d7f2df42a2f816afc75c1cd46
d72b7e584b04459ac3d6cb6046eb8e9af8855cc47a51cfc87f3f2f1a8e757ca8
d851d84e101ca32d51ff937ef2bcafd53e9f83b53694c73c7d3eb3031357b27d
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eead1d78293e213d62751e226fb046203f3c5ddd77ef9d5a96cae1699f367527
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f38785556b08ac18c4bdc84c91a8012c1d34017f19a14adcbb5fb0d4c4af1492
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f8f1bd532c1d5cff07a7b36b61d42fbda9b0c114f615dbe9a91edf7b1244586b
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fe319932218fcf7477aa0c79a0cf66cd9d066203037ffbc2470c4ee6d4ad7c98
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f
fe83bf4d90f17ac9ecb4808ffe059d64d79d5cf6752859c37a8113584e959c2a
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da