www.legacy.com
Open in
urlscan Pro
104.17.185.220
Public Scan
Effective URL: https://www.legacy.com/obituaries/name/steven-marsh-obituary?pid=196829336
Submission: On September 30 via api from US
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on May 20th 2020. Valid for: 6 months.
This is the only time www.legacy.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN22606 (EXACT-7, US)
PTR: click.alerts.legacy.com
click.alerts.legacy.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
js-sec.indexww.com | |
as-sec.casalemedia.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com | |
adservice.google.de | |
adservice.google.com | |
cm.g.doubleclick.net | |
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-180.vie50.r.cloudfront.net
c.amazon-adsystem.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net
securepubads.g.doubleclick.net | |
www.googleadservices.com | |
cm.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com
api.rlcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-147.eu-west-1.compute.amazonaws.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
secure.quantserve.com | |
pixel.quantserve.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15
static.hotjar.com | |
script.hotjar.com | |
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com
htlb.casalemedia.com |
ASN15133 (EDGECAST, US)
adserver-us.adtech.advertising.com |
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
legacycst-d.openx.net | |
eu-u.openx.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-195-54.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com |
ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-48-82.eu-central-1.compute.amazonaws.com
tlx.3lift.com |
ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com |
ASN15169 (GOOGLE, US)
3306a73a9a0e5a9f940dc80ab3be5acb.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-239-183.eu-central-1.compute.amazonaws.com
x.bidswitch.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-15-60.eu-central-1.compute.amazonaws.com
a.sportradarserving.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com |
ASN26120 (RHYTHMONE, US)
sync.1rx.io | |
sync.targeting.unrulymedia.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-83.fra53.r.cloudfront.net
d31y97ze264gaa.cloudfront.net |
ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9
vc.hotjar.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-192-181.compute-1.amazonaws.com
gw.geoedge.be |
Domain | Requested by | |
---|---|---|
11 | www.legacy.com |
1 redirects
www.legacy.com
|
7 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net www.legacy.com rumcdn.geoedge.be |
7 | fonts.gstatic.com |
fonts.googleapis.com
|
6 | sync.go.sonobi.com |
www.legacy.com
|
6 | adserver-us.adtech.advertising.com | 4 redirects |
5 | x.bidswitch.net | 5 redirects |
4 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
3 | cm.g.doubleclick.net | 3 redirects |
3 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
rumcdn.geoedge.be |
3 | rumcdn.geoedge.be |
www.googletagmanager.com
rumcdn.geoedge.be www.legacy.com |
3 | www.google-analytics.com |
www.legacy.com
www.google-analytics.com |
3 | c.amazon-adsystem.com |
www.legacy.com
c.amazon-adsystem.com |
3 | www.googletagservices.com |
www.legacy.com
securepubads.g.doubleclick.net rumcdn.geoedge.be |
3 | cache.legacy.net |
www.legacy.com
|
3 | cdn.cookielaw.org |
www.legacy.com
cdn.cookielaw.org |
3 | fonts.googleapis.com |
www.legacy.com
|
2 | csi.gstatic.com |
securepubads.g.doubleclick.net
|
2 | st1.dialogtech.com |
d31y97ze264gaa.cloudfront.net
|
2 | www.facebook.com | 1 redirects |
2 | connect.facebook.net |
www.legacy.com
connect.facebook.net |
2 | sync.1rx.io | 2 redirects |
2 | bh.contextweb.com | 1 redirects |
2 | a.sportradarserving.com | 2 redirects |
2 | www.google.de |
www.legacy.com
|
2 | www.google.com |
www.legacy.com
|
2 | bidder.criteo.com |
static.criteo.net
|
2 | legacycst-d.openx.net |
1 redirects
www.legacy.com
|
2 | match.adsrvr.org |
1 redirects
js-sec.indexww.com
|
1 | gw.geoedge.be |
rumcdn.geoedge.be
|
1 | as-sec.casalemedia.com |
js-sec.indexww.com
|
1 | eu-u.openx.net |
rumcdn.geoedge.be
|
1 | vc.hotjar.io |
script.hotjar.com
|
1 | d31y97ze264gaa.cloudfront.net |
www.legacy.com
|
1 | gum.criteo.com |
rumcdn.geoedge.be
|
1 | sync.targeting.unrulymedia.com | 1 redirects |
1 | p.rfihub.com | 1 redirects |
1 | sync.mathtag.com | 1 redirects |
1 | vars.hotjar.com |
rumcdn.geoedge.be
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | pixel.quantserve.com |
www.legacy.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | ampcid.google.de |
www.google-analytics.com
|
1 | 3306a73a9a0e5a9f940dc80ab3be5acb.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | secure.adnxs.com |
js-sec.indexww.com
|
1 | tlx.3lift.com |
js-sec.indexww.com
|
1 | apex.go.sonobi.com |
js-sec.indexww.com
|
1 | ap.lijit.com |
js-sec.indexww.com
|
1 | fastlane.rubiconproject.com |
js-sec.indexww.com
|
1 | btlr.sharethrough.com |
js-sec.indexww.com
|
1 | htlb.casalemedia.com |
js-sec.indexww.com
|
1 | adservice.google.com |
securepubads.g.doubleclick.net
|
1 | adservice.google.de |
securepubads.g.doubleclick.net
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | static.hotjar.com |
www.legacy.com
|
1 | secure.quantserve.com |
www.legacy.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | api.rlcdn.com |
js-sec.indexww.com
|
1 | static.criteo.net |
js-sec.indexww.com
|
1 | www.googletagmanager.com |
www.legacy.com
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | static.cdn-ec.viddler.com |
www.legacy.com
|
1 | js-sec.indexww.com |
www.legacy.com
|
1 | ajax.googleapis.com |
www.legacy.com
|
1 | click.alerts.legacy.com | 1 redirects |
110 | 66 |
This site contains links to these domains. Also see Links.
Domain |
---|
sympathy.legacy.com |
www.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ssl860932.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-05-20 - 2020-11-26 |
6 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2020-07-01 - 2021-07-01 |
a year | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2020-03-02 - 2021-04-01 |
a year | crt.sh |
ssl866907.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-05-20 - 2020-11-26 |
6 months | crt.sh |
*.cdn-ec.viddler.com DigiCert SHA2 Secure Server CA |
2020-04-16 - 2022-06-08 |
2 years | crt.sh |
*.onetrust.com DigiCert SHA2 Secure Server CA |
2020-05-21 - 2022-07-27 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
c.amazon-adsystem.com Amazon |
2020-08-04 - 2021-08-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.criteo.net DigiCert ECC Secure Server CA |
2020-09-04 - 2020-12-03 |
3 months | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-14 - 2021-04-23 |
a year | crt.sh |
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2019-03-07 - 2021-04-19 |
2 years | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2019-10-04 - 2020-10-07 |
a year | crt.sh |
static.hotjar.com Let's Encrypt Authority X3 |
2020-08-16 - 2020-11-14 |
3 months | crt.sh |
rumcdn.geoedge.be Amazon |
2019-10-30 - 2020-11-30 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.google.de GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.adtech.advertising.com DigiCert SHA2 Secure Server CA |
2020-04-16 - 2022-04-21 |
2 years | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2020-06-18 - 2021-08-17 |
a year | crt.sh |
*.sharethrough.com Amazon |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
*.criteo.com DigiCert ECC Secure Server CA |
2020-09-04 - 2020-12-03 |
3 months | crt.sh |
*.rubiconproject.com DigiCert SHA2 Secure Server CA |
2020-06-24 - 2021-02-17 |
8 months | crt.sh |
*.lijit.com Go Daddy Secure Certificate Authority - G2 |
2020-03-11 - 2021-05-10 |
a year | crt.sh |
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2 |
2019-02-01 - 2021-02-04 |
2 years | crt.sh |
*.3lift.com Amazon |
2020-07-04 - 2021-08-05 |
a year | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
script.hotjar.com Let's Encrypt Authority X3 |
2020-08-17 - 2020-11-15 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
vars.hotjar.com Let's Encrypt Authority X3 |
2020-08-15 - 2020-11-13 |
3 months | crt.sh |
*.contextweb.com DigiCert SHA2 Secure Server CA |
2020-05-07 - 2022-05-12 |
2 years | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-09-11 - 2020-12-10 |
3 months | crt.sh |
vc.hotjar.io Let's Encrypt Authority X3 |
2020-09-12 - 2020-12-11 |
3 months | crt.sh |
*.dialogtech.com DigiCert SHA2 Secure Server CA |
2020-02-06 - 2022-05-11 |
2 years | crt.sh |
protect.geoedge.be Sectigo ECC Domain Validation Secure Server CA |
2020-01-29 - 2022-01-28 |
2 years | crt.sh |
This page contains 7 frames:
Primary Page:
https://www.legacy.com/obituaries/name/steven-marsh-obituary?pid=196829336
Frame ID: 05B2D007E1BC8FADAFDF928BD642E3E8
Requests: 90 HTTP requests in this frame
Frame:
https://apex.go.sonobi.com/trinity.js?key_maker=%7B%22d-03-300x250%7C300x600-display-right-1-2%22%3A%22e98ccba6ec754f298ee2%22%7D&cv=sbi&lib_v=2.1.1&lib_name=ix&vp=desktop&ref=https%3A%2F%2Fwww.legacy.com%2Fobituaries%2Fname%2Fsteven-marsh-obituary%3Fpid%3D196829336&gdpr=false
Frame ID: 39777125AB84AE068A8D21D1E0F7CC8B
Requests: 8 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: B775C2E57FF82D9306D161162886A418
Requests: 1 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=www.legacy.com
Frame ID: 6082BC9B82B3C8132414377DAB3AC3C3
Requests: 1 HTTP requests in this frame
Frame:
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=331f8708-4f60-496d-8636-26f15eeec4cd&gdpr=0&us_privacy=1---&gdpr_consent=&gdpr=0
Frame ID: 95C044B3C4D45F0051EEC66376C722D8
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 5ADA7081E6D1D6C434B9F9B633BAC120
Requests: 1 HTTP requests in this frame
Frame:
https://rumcdn.geoedge.be/92646007-69b5-4849-8cc8-a9e25fb6a48c/grumi.js
Frame ID: 59FDD323D1ADCC8168B590C86458B147
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://click.alerts.legacy.com/?qs=4e654431cc29c67dcd8a64c866be985129c9910295585121a298d62ba73e63f02e599772...
HTTP 302
https://www.legacy.com/obituaries/name/--obituary?pid=196829336&utm_source=MarketingCloud&utm_mediu... HTTP 301
https://www.legacy.com/obituaries/name/steven-marsh-obituary?pid=196829336 Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
DoubleClick for Publishers (DFP) (Advertising Networks) Expand
Detected patterns
- script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Quantcast (Analytics) Expand
Detected patterns
- script /\.quantserve\.com\/quant\.js/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: SEND FLOWERS
Search URL Search Domain Scan URL
Title: Send Flowers
Search URL Search Domain Scan URL
Title: 9714 Fm 2920 , Tomball
Search URL Search Domain Scan URL
Title: Send Flowers ›
Search URL Search Domain Scan URL
Title: SEND FLOWERS
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.alerts.legacy.com/?qs=4e654431cc29c67dcd8a64c866be985129c9910295585121a298d62ba73e63f02e599772468f21d1bdd5d33b5a6d6c72b46bc4e88e8b7eaae3f1239bf0648c31
HTTP 302
https://www.legacy.com/obituaries/name/--obituary?pid=196829336&utm_source=MarketingCloud&utm_medium=email&utm_campaign=legacy-welcome-journey-email-1-letter%20-%20neustar&utm_term=obit-text&utm_content=83119&utm_id=941d49f7-934d-404d-8543-270a7b99c7e6&sfmc_id=138180018&sfmc_activityid=c3486d05-6463-4309-99d1-3f57e236cf4c&utm_source=MarketingCloud&utm_medium=email&utm_campaign=legacy-welcome-journey-email-1-letter+-+neustar&utm_content=obit-text&sfmc_id=138180018 HTTP 301
https://www.legacy.com/obituaries/name/steven-marsh-obituary?pid=196829336 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 49- https://adserver-us.adtech.advertising.com/pubapi/3.0/9475.1/4428523/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1601494368396;callback=window.headertag.AolHtb.adResponseCallbacks._c9TnlQ1V; HTTP 302
- https://adserver-us.adtech.advertising.com/pubapi/3.0/9475.1/4428523/0/-1/ADTECH;cfp=1;rndc=1601494367;cmd=bid;cors=yes;v=2;misc=1601494368396;callback=window.headertag.AolHtb.adResponseCallbacks._c9TnlQ1V HTTP 302
- https://adserver-us.adtech.advertising.com/pubapi/3.0/9475.1/4428523/0/-1/ADTECH;apid=1Ab8fb07c4-0353-11eb-ab7b-123ff9725662;cfp=1;rndc=1601494368;cmd=bid;cors=yes;v=2;misc=1601494368396;callback=window.headertag.AolHtb.adResponseCallbacks._c9TnlQ1V
- https://adserver-us.adtech.advertising.com/pubapi/3.0/9475.1/4427889/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1601494368397;callback=window.headertag.AolHtb.adResponseCallbacks._pawA9fGj; HTTP 302
- https://adserver-us.adtech.advertising.com/pubapi/3.0/9475.1/4427889/0/-1/ADTECH;cfp=1;rndc=1601494368;cmd=bid;cors=yes;v=2;misc=1601494368397;callback=window.headertag.AolHtb.adResponseCallbacks._pawA9fGj HTTP 302
- https://adserver-us.adtech.advertising.com/pubapi/3.0/9475.1/4427889/0/-1/ADTECH;apid=1Ab8fd87e2-0353-11eb-81dd-121b89dbed5a;cfp=1;rndc=1601494367;cmd=bid;cors=yes;v=2;misc=1601494368397;callback=window.headertag.AolHtb.adResponseCallbacks._pawA9fGj
- https://legacycst-d.openx.net/w/1.0/arj?auid=538806330&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.legacy.com%2Fobituaries%2Fname%2Fsteven-marsh-obituary%3Fpid%3D196829336&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Y4f45kD6&cache=1601494368397&gdpr_consent=&gdpr=0&us_privacy=1--- HTTP 302
- https://legacycst-d.openx.net/w/1.0/arj?cc=1&auid=538806330&aus=300x250%2C300x600&ju=https%3A%2F%2Fwww.legacy.com%2Fobituaries%2Fname%2Fsteven-marsh-obituary%3Fpid%3D196829336&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._Y4f45kD6&cache=1601494368397&gdpr_consent=&gdpr=0&us_privacy=1---
- https://x.bidswitch.net/sync?ssp=sonobi HTTP 302
- https://x.bidswitch.net/ul_cb/sync?ssp=sonobi HTTP 302
- https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi HTTP 302
- https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sonobi HTTP 302
- https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4e929e44-6120-4509-bc73-509aa40f99a8&ssp=sonobi HTTP 302
- https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=694935f3-e84e-442b-8011-eb5db497eeac
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=44aed58e55&gdpr=0&gdpr_consent= HTTP 302
- https://sync.go.sonobi.com/us.gif?nw=td&nuid=edf56388-c978-46f6-91d6-dc8245c2bd80&pubid=44aed58e55
- https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
- https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=85005f74-dd60-4a00-9a4d-e9abe360024b
- https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
- https://sync.go.sonobi.com/us.gif?nw=zt&nuid=2159827872290396697
- https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=182f9799-0d61-47fb-b83d-32710e9db9f9&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=cnc3WDF6bVF6MnJBTUJMZ2MyMEdSUQ&gdpr=&gdpr_consent= HTTP 302
- https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESED-lxTAxM_UnymsR37Op0cI&google_cver=1
- https://sync.1rx.io/usersync2/sonobi&gdpr=0&gdpr_consent= HTTP 302
- https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-203ea873-b8d9-41be-abf0-98799e720b80-003&rndcb=8383536299 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=694935f3-e84e-442b-8011-eb5db497eeac&google_hm=Njk0OTM1ZjMtZTg0ZS00NDJiLTgwMTEtZWI1ZGI0OTdlZWFj HTTP 302
- https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDbC9L7CRXsM4a23hVYhqFk&google_cver=1&ssp=adconductor&bsw_param=694935f3-e84e-442b-8011-eb5db497eeac HTTP 302
- https://sync.1rx.io/usersync/bidswitch/694935f3-e84e-442b-8011-eb5db497eeac?gdpr=&gdpr_consent= HTTP 302
- https://sync.targeting.unrulymedia.com/csync/RX-203ea873-b8d9-41be-abf0-98799e720b80-003?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Drhythmxchange%26nuid%3DRX-203ea873-b8d9-41be-abf0-98799e720b80-003 HTTP 302
- https://sync.go.sonobi.com/us.gif?nw=rhythmxchange&nuid=RX-203ea873-b8d9-41be-abf0-98799e720b80-003
- https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MTgyZjk3OTktMGQ2MS00N2ZiLWI4M2QtMzI3MTBlOWRiOWY5 HTTP 302
- https://sync.go.sonobi.com/usg.gif?google_gid=CAESECjFE7W5m_fTjcUpfcK5OIY&google_cver=1
- https://www.facebook.com/tr/?id=170463649631558&ev=fb_page_view&dl=https%3A%2F%2Fwww.legacy.com%2Fobituaries%2Fname%2Fsteven-marsh-obituary%3Fpid%3D196829336&rl=&if=false&ts=1601494368632&sw=1600&sh=1200&at= HTTP 302
- https://www.facebook.com/tr/?at=&dl=https%3A%2F%2Fwww.legacy.com%2Fobituaries%2Fname%2Fsteven-marsh-obituary%3Fpid%3D196829336&ev=fb_page_view&id=170463649631558&if=false&redirect=0&rl=&sh=1200&sw=1600&ts=1601494368632
110 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
steven-marsh-obituary
www.legacy.com/obituaries/name/ Redirect Chain
|
161 KB 41 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 1018 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.4b7a6885.css
www.legacy.com/obituaries/name/assets/css/ |
171 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCCPAiab.js
cdn.cookielaw.org/opt-out/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ls-legacy.js
js-sec.indexww.com/ht/ |
181 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hero_2880.a10e7cb0.jpg
www.legacy.com/obituaries/name/assets/images/ |
109 KB 110 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eb86d5ae-b247-401d-a204-cc01ef88b52e.jpg
cache.legacy.net/legacy/images/cobrands/Batesville/photos/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
candle.jpg
cache.legacy.net/globalcontent/gbmementos/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eb86d5ae-b247-401d-a204-cc01ef88b52e.jpgx
cache.legacy.net/legacy/images/cobrands/Batesville/photos/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
planning.6228f181.png
www.legacy.com/obituaries/name/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
etiquette.e2a9f1c4.png
www.legacy.com/obituaries/name/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grief.98e34f51.png
www.legacy.com/obituaries/name/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obitwriter.dc7e1a83.png
www.legacy.com/obituaries/name/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.8f241c0414ef12c62bed.js
www.legacy.com/obituaries/name/assets/js/ |
497 KB 154 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.d2f102130f482b1b8b2a.js
www.legacy.com/obituaries/name/assets/js/ |
1 MB 372 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-built.js
static.cdn-ec.viddler.com/js/arpeggio/v3/build/ |
1 MB 311 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
20 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
3 KB 925 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9b83ccca-692f-4fe4-aad7-485756c63854.json
cdn.cookielaw.org/consent/9b83ccca-692f-4fe4-aad7-485756c63854/ |
215 B 769 B |
XHR
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ |
197 B 549 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
51 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
109 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
186 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_tile.44668331.gif
www.legacy.com/obituaries/name/assets/images/ |
12 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
wlp2gwHKFkZgtmSR3NB0oRJfbwhTIfFd3A.woff2
fonts.gstatic.com/s/crimsontext/v11/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
wlppgwHKFkZgtmSR3NB0oRJXsCxGDNNQ9rJPfw.woff2
fonts.gstatic.com/s/crimsontext/v11/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
wlpogwHKFkZgtmSR3NB0oRJfajhRK_Z_3rhH.woff2
fonts.gstatic.com/s/crimsontext/v11/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020092401.js
securepubads.g.doubleclick.net/gpt/ |
270 KB 95 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bid
c.amazon-adsystem.com/e/dtb/ |
37 B 386 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.js
static.criteo.net/js/ld/ |
107 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity
api.rlcdn.com/api/ |
44 B 328 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rid
match.adsrvr.org/track/ |
109 B 544 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-765631.js
static.hotjar.com/c/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grumi-ip.js
rumcdn.geoedge.be/92646007-69b5-4849-8cc8-a9e25fb6a48c/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-57OGVHgSOoedo.js
rules.quantcount.com/ |
130 B 485 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 564 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cygnus
htlb.casalemedia.com/ |
66 B 300 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ADTECH;apid=1Ab8fb07c4-0353-11eb-ab7b-123ff9725662;cfp=1;rndc=1601494368;cmd=bid;cors=yes;v=2;misc=1601494368396;callback=window.headertag.AolHtb.adResponseCallbacks._c9TnlQ1V
adserver-us.adtech.advertising.com/pubapi/3.0/9475.1/4428523/0/-1/ Redirect Chain
|
1 KB 2 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ADTECH;apid=1Ab8fd87e2-0353-11eb-81dd-121b89dbed5a;cfp=1;rndc=1601494367;cmd=bid;cors=yes;v=2;misc=1601494368397;callback=window.headertag.AolHtb.adResponseCallbacks._pawA9fGj
adserver-us.adtech.advertising.com/pubapi/3.0/9475.1/4427889/0/-1/ Redirect Chain
|
1 KB 2 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arj
legacycst-d.openx.net/w/1.0/ Redirect Chain
|
247 B 517 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
btlr.sharethrough.com/t6oivhQt/ |
0 114 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cdb
bidder.criteo.com/ |
0 144 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fastlane.json
fastlane.rubiconproject.com/a/api/ |
259 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bid
ap.lijit.com/rtb/ |
64 B 750 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trinity.js
apex.go.sonobi.com/ Frame 3977 |
920 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auction
tlx.3lift.com/header/ |
19 B 280 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jpt
secure.adnxs.com/ |
0 685 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
rum.js
securepubads.g.doubleclick.net/pagead/js/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
439 B 580 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
3306a73a9a0e5a9f940dc80ab3be5acb.safeframe.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 493 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/837287159/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.0d7a047cb613393385fe.js
script.hotjar.com/ |
356 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=77672099;rf=0;a=p-57OGVHgSOoedo;url=https%3A%2F%2Fwww.legacy.com%2Fobituaries%2Fname%2Fsteven-marsh-obituary%3Fpid%3D196829336;fpan=1;fpa=P0-960796214-1601494368454;ns=0;ce=1;qjs=1;qv=7298e...
pixel.quantserve.com/ |
35 B 372 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grumi.js
rumcdn.geoedge.be/92646007-69b5-4849-8cc8-a9e25fb6a48c/ |
183 KB 65 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csm
bidder.criteo.com/ |
0 144 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/837287159/ |
42 B 137 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/837287159/ |
42 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 87 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 120 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame B775 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ga-audiences
www.google.com/ads/ |
42 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ga-audiences
www.google.de/ads/ |
42 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us.gif
sync.go.sonobi.com/ Frame 3977 Redirect Chain
|
49 B 509 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us.gif
sync.go.sonobi.com/ Frame 3977 Redirect Chain
|
49 B 509 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us.gif
sync.go.sonobi.com/ Frame 3977 Redirect Chain
|
49 B 513 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us.gif
sync.go.sonobi.com/ Frame 3977 Redirect Chain
|
49 B 509 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtset
bh.contextweb.com/bh/ Frame 3977 Redirect Chain
|
49 B 333 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us.gif
sync.go.sonobi.com/ Frame 3977 Redirect Chain
|
49 B 513 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usg.gif
sync.go.sonobi.com/ Frame 3977 Redirect Chain
|
49 B 509 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame 6082 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
8 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
st.js
d31y97ze264gaa.cloudfront.net/assets/st/js/ |
64 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
765631
vc.hotjar.io/sessions/ |
0 116 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 216 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
201 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pd
eu-u.openx.net/w/1.0/ Frame 95C0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ Redirect Chain
|
44 B 123 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
st1.dialogtech.com/st/ |
258 B 838 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 5ADA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 142 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ads
securepubads.g.doubleclick.net/gampad/ |
7 KB 3 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
headerstats
as-sec.casalemedia.com/ |
0 338 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grumi.js
rumcdn.geoedge.be/92646007-69b5-4849-8cc8-a9e25fb6a48c/ Frame 59FD |
183 KB 65 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
osd.js
www.googletagservices.com/activeview/js/current/ |
72 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
init
gw.geoedge.be/api/ Frame 59FD |
15 B 195 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
view
securepubads.g.doubleclick.net/pcs/ Frame 59FD |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 59FD |
74 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 59FD |
210 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
view
securepubads.g.doubleclick.net/pcs/ Frame 59FD |
0 21 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 59FD |
52 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csi
csi.gstatic.com/ Frame 59FD |
0 339 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
locations
st1.dialogtech.com/st/ |
27 B 450 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csi
csi.gstatic.com/ |
0 53 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 59FD |
42 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
130 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| dataLayer string| viewport undefined| cookieValue string| cobrand string| country string| corp string| affstate string| gbentries string| FHCo string| pid string| fhid string| fn string| ln string| days function| $ function| jQuery function| AddDoNotSell object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| googletag object| lago object| apstag undefined| p function| readyFunct function| ready object| webpackManifest function| webpackJsonp function| _ object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| gajus object| filestackInternals function| debounce object| lookup function| appendStyle function| createLinks function| kickoff function| debouncedKickoff object| __INITIAL_STATE__ undefined| Backbone object| dashjs object| JSV function| initializer object| JSONFormValidator object| pusher function| viddlerjQuery boolean| viddlerAutoEmbedsRun function| ViddlerEmbed boolean| onorientationchangeend object| __otccpaooLocation object| ggeac object| google_js_reporting_queue object| google_tag_manager boolean| apstagLOADED object| headertag object| Criteo function| headertag_render object| pbjs function| sovrn_render object| rubicontag function| mobilecheck object| google_tag_data object| _qevents function| _customTask string| GoogleAnalyticsObject function| ga object| optimizely function| hj object| _hjSettings object| grumi function| onYouTubeIframeAPIReady object| criteo_pubtag function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaplugins function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_rum_config number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| gaData number| google_srt object| _google_rum_ns_ undefined| google_timing_params string| _stk function| fbAsyncInit undefined| google_rum_values object| google_image_requests object| FB object| GoogleGcLKhOms object| _st undefined| JSON3 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.legacy.com/ | Name: _gat Value: 1 |
|
.legacy.com/ | Name: __gads Value: ID=e91f2b7319a47586-22110c83eab800bc:T=1601494368:S=ALNI_MbrcUH4VaRIaJU309EyQ_L4yDgx_g |
|
.legacy.com/ | Name: _hjid Value: a92f345c-d279-46bb-b317-f410a55e9c0c |
|
.legacy.com/ | Name: __qca Value: P0-960796214-1601494368454 |
|
.legacy.com/ | Name: _ga Value: GA1.2.896867552.1601494368 |
|
.legacy.com/ | Name: _hjTLDTest Value: 1 |
|
.legacy.com/ | Name: _hjAbsoluteSessionInProgress Value: 1 |
|
.legacy.com/ | Name: _gid Value: GA1.2.328136769.1601494368 |
|
.legacy.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
.legacy.com/ | Name: __cfduid Value: d1a3d2eb0b470b14d2bb3549d264781e21601494366 |
|
www.legacy.com/ | Name: usprivacy Value: 1--- |
|
www.legacy.com/ | Name: _hjIncludedInSessionSample Value: 0 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
3306a73a9a0e5a9f940dc80ab3be5acb.safeframe.googlesyndication.com
a.sportradarserving.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
as-sec.casalemedia.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
cache.legacy.net
cdn.cookielaw.org
click.alerts.legacy.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d31y97ze264gaa.cloudfront.net
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
htlb.casalemedia.com
js-sec.indexww.com
legacycst-d.openx.net
match.adsrvr.org
p.rfihub.com
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
rumcdn.geoedge.be
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
st1.dialogtech.com
static.cdn-ec.viddler.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.legacy.com
x.bidswitch.net
104.111.215.135
104.17.185.220
104.17.197.247
107.162.156.70
13.111.100.40
143.204.208.83
147.75.102.203
147.75.33.131
172.217.23.162
178.162.133.149
178.162.133.150
178.250.2.131
18.158.15.60
185.29.132.21
185.33.221.13
193.0.160.129
198.148.27.140
213.19.147.150
213.19.162.31
216.52.2.30
23.210.249.164
2600:9000:206e:6c00:6:44e3:f8c0:93a1
2600:9000:206e:d000:4:b37b:9440:93a1
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:10::6814:b944
2606:4700::6810:9540
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2800:3f0:4001:812::2003
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2002
2a00:1450:4001:817::2001
2a00:1450:4001:817::200a
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2003
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.120.207.148
34.201.192.181
34.98.64.218
35.157.239.183
35.159.48.82
52.18.161.147
52.58.195.54
93.184.221.142
99.86.240.180
03bb0d5670ea8bd492ada8b94c3a71830993a299d3c90d4edb769aa1e3071dbc
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058b2c4157df3e09d6ea53026ee855d79bb2d7c2e5bd843aac583cdfefe839a0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0d734ad999b489db591994c8d3962a694d949748dea9b34439c3d4232bb730f1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119bcb3b75ca57110cab7bee4475cd577297979d07a5cffa152524616436664b
1d02c7cad15769fc41657297a09231056381e4c649d5b40674d9e54baca17623
1e81e566211b2f84855b0d31aca160f03d9ae873713e7754b8923f9caee83e79
212224a405d31578e5b91a92fa705152b0e8fe017b403cd95a479aa097205b7e
23542be5762aa06b21b834ce9ac3c2723f7ac680bedb08e8efd2bab6b130d119
2846ae78c57a950d993e33a0ef8f117b72ba00ea3e46d1a8bb8014a631bc0529
396197a350c5f917f454cb764fa31f624d64f8fbac73445c4d2862bad7ca22bf
3edefaa76df5db9537e355ed87a450f910154f9c76ee2a0b9462b8a7a31d95b1
449a906d6b2ab46252e1ae6a93424fe8ac608ae9dbc2c10428d797520fc704f0
4b243883a76fb55f5feb79f302fdc43557225fa4a3e500a66d893a3ddb8d028c
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5767396bbb04648db6621737bc1a716f278eb664761baf7816203e6eec70e3de
58482c4ef148f665c66493ddfb7a93008bed593a22222c1d79e5af9e13c8a23a
5876f68bf30a82eb99d9ec29e561f5c925ea347243c3e022021dd87823c65813
5d3cc20f0c91d329307d730688fde28d2f759ecd8d2c7e24f1be0217bc1fc0af
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60c353990189736d317a3f96f3b34f5e48406f02b101c7ad9638078cff06f10a
64389de10f52a042d23c4a6a1e4d707cdacc0d96cc1ed5449b9435c018cdbb7b
6618b7d6f786ad6bb734188b5cd505854da4942c1742c25a86f6c7557163291d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6a19bdd9041e389e9741ea3f540dfea1add43c0a3637a70c9dc40d8bbee631e1
6b3050e78bfd622a14c548d617307e3f28bacf91785e7916710787f48630f628
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6f1d7d418d1f561064b1d14af8a2aac97ab2d43471b04a54aebecbd22774cdde
6f25e54ff758a69c92c7260b3647788acb86b4fc6266141893e1a4316b5a0862
799f3e9d99e9ef8c644d8581a1f2411da725b0758c72e1babe9ec77bce1e9a42
7a75ff2d700a989e025fed92729ca91b8c3e021dfef7fe1a981dac4ed370bdae
7ebd967e848f21cb4e2f161fa3efb148c637e94bf891b34592bbf919369b0fde
80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301
82af5de53d901432ca9f9cfa632a4660aa79bee953dd1944f8644422a6e11f61
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87374681f0173b41bf0fe9eb39d448b49d02a5a78692b0e9ae1689d68811c0b7
88187fc7bfb40693d22635ec675a56b5b37318d74fea56d845413b78f1ec0e34
8ee0871459a3907760c86d0958dc415359cd9a23dca62dd61b8979916de97e71
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
929d890af6b3416d815dcf6756aa583f08cb83909d7c11be4faf5ee51b29ba8d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94286e787084bb8ee909c56c92acb57c3ffc4cbd0259182c50a94e6f9c2aa133
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a89e0a991dd8ae11e71cae2f0ccfe1c7cb03c001b328150a7d2344a99e73773
9c9d02d98a7f37ff1c3bf11237099d9bbc154e667c59fec4d62641068550e230
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a661f16460ee8c51a999822df17990f06a28ad7373bc97219e983c61ff10fbf9
ac0cae09aadb09455ccc20866a1c6e7cc153eaace5b273fdc0bb9b040242154a
adcfc4ec4f58bff82fa5bf1c737ab314ea24609636d883cae1a3d34bf3dfc655
b0e621a1376ab6b1172ab9bd2f7897dfc60a2a70aa31c1fa5bc58c9490feed6a
b2543801002296540464018c5835674bb57b7f432195eeecad2d283736321891
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c86225e30cdabcc6440e423fc8281a7341ef7fc28bee4b64d643ab585931ef73
c9feadbbda0b6ae0111167806a4540a44d694803f9e516c3592ad71fbe82b285
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb01aa1de1a9adf65d6435b65c760f496bda6636d6e1511838585eb47ab9f938
cbaecaca9c310bbc205c762a273972f7d34b4250232304b62ca0890b75171416
ccf25c7db0b5d0a1ec9a56231fedeb390f8109ec0313d49a9f721914e4969cf0
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d04b7ff09a253a585d90fd0a0b84a9f01deebb77fb0d932e2702bde689fdefbe
d10d9044c744a42069224a34df3917323e6e8dd836c175a59c24278f5095ca14
d9885d66df9fc56fe078c2e99d090f8e6e8989dd4a38ddc6ab2b07c506efab13
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444f40174d09d3b5bd77ebdfa4b41dbe4405d1d6021a1ab1fbd232228cdb088
e4781c8a52c01da3c48f47f593bfdf858c6563ef8912ff5671878a01bbb008ce
e9f3bcd70fb47542a887748d1a30755eca5257fbf417a92b1fdd04d1152843c3
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ee078bf7a3ec3d994c013e620d5afa215efa2d62f3a8d3ff1a0791c9ddb706c0
ee54b89ae25407aa488a94b4b921338926f2d0e52f647f84faac2ab818cf6c59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7d635ac87359f1aafe2092a7d6318d8adbbb78bcf00a5f0676c2fd033d3f1df
f826a0c73ef3d1c29c3fb390f839874cd4f5b7914f448dbc9e05bccee1ae6980
fabf9cf808bf1fa32ca4daec3122436ad1a587d0bb4c3a7c670f4cfb78b5721b
fff7333520baa4e50f514396f5ef014e913f19c292989f8fd3748575aa85128a