three-wings-sophia.com
Open in
urlscan Pro
157.112.183.32
Public Scan
Submitted URL: https://www.three-wings-sophia.com/
Effective URL: https://three-wings-sophia.com/
Submission: On June 19 via api from GB
Effective URL: https://three-wings-sophia.com/
Submission: On June 19 via api from GB
Summary
This website contacted 22 IPs
in 5 countries
across 19 domains to perform 89 HTTP transactions.
The main IP is 157.112.183.32, located in
Japan and
belongs to XSERVER Xserver Inc., JP.
The main domain is three-wings-sophia.com.
TLS certificate: Issued by R3 on April 21st 2021. Valid for: 3 months.
This is the only time three-wings-sophia.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on April 21st 2021. Valid for: 3 months.
This is the only time three-wings-sophia.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
21
157.112.183.32
(Japan)
ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv5191.xserver.jp
ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv5191.xserver.jp
| www.three-wings-sophia.com | |
| three-wings-sophia.com |
12
2a00:1450:4001:800::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com | |
| adservice.google.de | |
| adservice.google.com | |
| www.googletagservices.com |
6
2a00:1450:4001:80f::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net | |
| adservice.google.de |
1
142.250.184.226
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
| partner.googleadservices.com |
1
52.194.50.40
(Tokyo, Japan)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-50-40.ap-northeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-50-40.ap-northeast-1.compute.amazonaws.com
| www26.a8.net |
1
159.69.70.9
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de
| ad.ad-srv.net |
4
2a00:1450:4001:800::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
1
76.223.26.175
(United States)
ASN16509 (AMAZON-02, US)
PTR: ad9411418cf2cdacd.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: ad9411418cf2cdacd.awsglobalaccelerator.com
| de1-bid.adsrvr.org |
5
88.99.219.174
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
| ad29.ad-srv.net |
2
104.111.239.217
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
| www.awin1.com |
3
51.178.130.209
(France)
ASN16276 (OVH, FR)
PTR: ns3169999.ip-51-178-130.eu
ASN16276 (OVH, FR)
PTR: ns3169999.ip-51-178-130.eu
| creative.mlsat02.de | |
| tracking.mlsat02.de |
1
2600:9000:2156:ca00:6:de3f:c700:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| tkdynba.millemedia.de |
| Domain | Requested by | |
|---|---|---|
| 20 | three-wings-sophia.com |
three-wings-sophia.com
|
| 11 | s1.adform.net |
tracking.mlsat02.de
s1.adform.net three-wings-sophia.com ad29.ad-srv.net |
| 7 | pagead2.googlesyndication.com |
three-wings-sophia.com
pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com |
| 6 | choices.trustarc.com |
choices.truste.com
choices.trustarc.com |
| 6 | c0.wp.com |
three-wings-sophia.com
|
| 5 | track.adform.net |
ad29.ad-srv.net
s1.adform.net |
| 5 | ad29.ad-srv.net |
1 redirects
googleads.g.doubleclick.net
ad29.ad-srv.net |
| 5 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
three-wings-sophia.com |
| 4 | tpc.googlesyndication.com |
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
| 3 | tkads.millemedia.de |
ad29.ad-srv.net
|
| 2 | tracking.mlsat02.de |
1 redirects
ad29.ad-srv.net
|
| 2 | www.awin1.com |
1 redirects
ad29.ad-srv.net
|
| 2 | www.googletagservices.com |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
| 2 | adservice.google.com |
pagead2.googlesyndication.com
|
| 2 | adservice.google.de |
pagead2.googlesyndication.com
|
| 1 | www.google.com |
tpc.googlesyndication.com
|
| 1 | tkdynba.millemedia.de |
ad29.ad-srv.net
|
| 1 | aaa.artefact.com |
ad29.ad-srv.net
|
| 1 | ebs08.telekom.de | 1 redirects |
| 1 | creative.mlsat02.de | 1 redirects |
| 1 | de1-bid.adsrvr.org |
googleads.g.doubleclick.net
|
| 1 | choices.truste.com |
googleads.g.doubleclick.net
|
| 1 | ad.ad-srv.net |
three-wings-sophia.com
|
| 1 | www26.a8.net |
three-wings-sophia.com
|
| 1 | pixel.wp.com |
three-wings-sophia.com
|
| 1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
| 1 | stats.wp.com |
three-wings-sophia.com
|
| 1 | www.three-wings-sophia.com | 1 redirects |
| 89 | 28 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| feedly.com |
| px.a8.net |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.three-wings-sophia.com R3 |
2021-04-21 - 2021-07-20 |
3 months | crt.sh |
| *.wp.com Sectigo RSA Domain Validation Secure Server CA |
2020-04-02 - 2022-07-05 |
2 years | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
| *.googleadservices.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
| *.google.de GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
| *.a8.net GlobalSign GCC R3 DV TLS CA 2020 |
2021-05-25 - 2022-06-26 |
a year | crt.sh |
| ad-srv.net R3 |
2021-04-21 - 2021-07-20 |
3 months | crt.sh |
| *.truste.com Amazon |
2021-02-16 - 2022-03-17 |
a year | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2021-03-18 - 2022-04-19 |
a year | crt.sh |
| tracking.mlsat02.de Sectigo RSA Organization Validation Secure Server CA |
2019-09-06 - 2021-12-04 |
2 years | crt.sh |
| track.adform.net DigiCert SHA2 Secure Server CA |
2019-09-16 - 2021-09-20 |
2 years | crt.sh |
| www.awin1.com DigiCert SHA2 Secure Server CA |
2021-06-11 - 2022-06-16 |
a year | crt.sh |
| aaa.artefact.com R3 |
2021-05-28 - 2021-08-26 |
3 months | crt.sh |
| *.millemedia.de Thawte TLS RSA CA G1 |
2020-03-16 - 2022-04-15 |
2 years | crt.sh |
| www.google.com GTS CA 1C3 |
2021-05-24 - 2021-08-16 |
3 months | crt.sh |
| *.trustarc.com Go Daddy Secure Certificate Authority - G2 |
2020-05-21 - 2022-07-17 |
2 years | crt.sh |
This page contains 12 frames:
Primary Page:
https://three-wings-sophia.com/
Frame ID: 8B4699CCDAF9C7EDDD36283E8FDAEA03
Requests: 43 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Frame ID: 90CD5DD3D3E40193F7C2758500A843FC
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6014072752272779&output=html&h=280&slotname=9123024435&adk=3085989911&adf=472020864&pi=t.ma~as.9123024435&w=336&fwrn=4&fwrnh=100&lmt=1624141491&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fthree-wings-sophia.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624141491761&bpp=5&bdt=623&idt=48&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5005114879946&frm=20&pv=2&ga_vid=2039547776.1624141492&ga_sid=1624141492&ga_hid=1437293482&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=199&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974&oid=3&pvsid=315731259022241&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yVaz4UL6Tu&p=https%3A//three-wings-sophia.com&dtd=66
Frame ID: 9D1A228C3B9AD56B671703EE0E9A8654
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6014072752272779&output=html&h=280&slotname=3519343962&adk=3631452934&adf=2170650245&pi=t.ma~as.3519343962&w=336&fwrn=4&fwrnh=100&lmt=1624141491&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fthree-wings-sophia.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624141491766&bpp=1&bdt=628&idt=70&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5005114879946&frm=20&pv=1&ga_vid=2039547776.1624141492&ga_sid=1624141492&ga_hid=1437293482&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1017&ady=786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974&oid=3&pvsid=315731259022241&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ugorCBmjKE&p=https%3A//three-wings-sophia.com&dtd=72
Frame ID: 89A6AA9ACB89B37B3441A2C59A75C802
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6014072752272779&output=html&adk=1812271804&adf=3025194257&lmt=1624141491&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fthree-wings-sophia.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624141491935&bpp=1&bdt=797&idt=1&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58b6d7877366f6cb-22fbe4db0dc90000%3AT%3D1624141491%3ART%3D1624141491%3AS%3DALNI_MbhUAfBKaWujLfwdRRO86EcjuVKFg&prev_fmts=336x280%2C336x280&nras=1&correlator=5005114879946&frm=20&pv=1&ga_vid=2039547776.1624141492&ga_sid=1624141492&ga_hid=1437293482&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060974&oid=3&pvsid=315731259022241&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
Frame ID: 64659E3F68CA8A040A63715701A22FB1
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/adview?ai=CcNwIs27OYJGSNNKPrATy9IKICN2V5bdcjpKgjlfAjbcBEAEgAGCViriCyAeCARdjYS1wdWItNjAxNDA3Mjc1MjI3Mjc3OaAB2obz6APIAQmoAwGqBLkBT9Cs4HZf4RLyUEKOtAK2ziemVHi1uLvds7nJKlk6y1QTheuZsqfEdnAD8YjcTLK_LhTI1va3DNxf3nyqb9LuV7UmLLjSxrcnNu3sRrC6qBb3eKmXO2v-0QErluaDheZijOU2uHlIN7SbEHs4-sfLi56vARQU0K84zoM2MK9UyQvqfeb0Bf3i3SpxNPiDPJbYPWbu8GOrJUlKnCk8TXbA0KAs9-QhJntfT7_WKFRj4VRHPlk57GW5BPGABvWk6eKL3qmH0AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi02MDE0MDcyNzUyMjcyNzc5&sigh=JH-vRZA5UI0
Frame ID: 156285D1FB76C14C4EDEDFB3B70C20A7
Requests: 14 HTTP requests in this frame
Frame:
https://tracking.mlsat02.de/onepixel.gif
Frame ID: 40B5315236297CD6A93F1A94C2EC5D86
Requests: 1 HTTP requests in this frame
Frame:
https://ad29.ad-srv.net/request_content.php?s=67369600001882001212097011631029&a=0323d672
Frame ID: 9031487E863809C2B224C780A50FD1D3
Requests: 12 HTTP requests in this frame
Frame:
https://s1.adform.net/Banners/Elements/Files/14736/9775861/9775861.js?ADFassetID=9775861&bv=514
Frame ID: F06B0D1797588EB38EBA3E2AAD3ED4DB
Requests: 13 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: AC8848FF0B4F1C5344A86734E914EEB1
Requests: 2 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: D902023BA522C1B4838BEC77386E6234
Requests: 1 HTTP requests in this frame
Frame:
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 737288D9497147C7720E8D1E5AFB866D
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.three-wings-sophia.com/
HTTP 301
https://three-wings-sophia.com/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googlesyndication\.com\//i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://feedly.com/i/discover/sources/search/feed/https%3A%2F%2Fthree-wings-sophia.com
Search URL Search Domain Scan URL
URL: https://px.a8.net/svt/ejp?a8mat=3BQQ0S+1OQSJM+4LNM+5ZMCH
Title: <img loading="lazy" src="https://www26.a8.net/svt/bgt?aid=201121084102&wid=027&eno=01&mid=s00000021469001006000&mc=1" alt="" width="300" height="250" border="0" />
Title: <img loading="lazy" src="https://www26.a8.net/svt/bgt?aid=201121084102&wid=027&eno=01&mid=s00000021469001006000&mc=1" alt="" width="300" height="250" border="0" />
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.three-wings-sophia.com/
HTTP 301
https://three-wings-sophia.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 50- https://ad29.ad-srv.net/request.php?zone=h4woulkysq24&nw=11&renderingType=javascript&namespace=a7dc25f519&subid=&uid=cc0b07c02c16383b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D3d477d1a-f403-4eb9-b553-f0cd24d523e4%26ag%3Dbyu92zu%26sfe%3D1305eeb3%26sig%3D9SBcGjBIQM3JsckH1zyM6NQhxUgtYD2t7DuxOCcTs6w.%26crid%3D2101hds2%26cf%3D1066315%26fq%3D0%26t%3D1%26td_s%3Dthree-wings-sophia.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D2%26mssi%3DNone%26mfsi%3Djnkf4rw29t%26sv%3Dgoogle%26uhow%3D0%26agsa%3D%26wp%3DYM5uswANCREKiwfSAAC6cmq3KvweKrU_mrC5mg%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-6014072752272779%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOABQAoABAIgBAQ..%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26svscid%3Dpub-6014072752272779%26mdl%3DChrome%2520-%2520Windows%26said%3DYM5uswANnOIKd8kVFg4s9w%253D%253D%26auct%3D2%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCl3Ess27OYJGSNNKPrATy9IKICN2V5bdcjpKgjlfAjbcBEAEgAGCViriCyAeCARdjYS1wdWItNjAxNDA3Mjc1MjI3Mjc3OaAB2obz6APIAQmoAwGqBLwBT9Cs4HZf4RLyUEKOtAK2ziemVHi1uLvds7nJKlk6y1QTheuZsqfEdnAD8YjcTLK_LhTI1va3DNxf3nyqb9LuV7UmLLjSxrcnNu3sRrC6qBb3eKmXO2v-0QErluaDheZijOU2uHlIN7SbEHs4-sfLi56vARQU0K84zoM2MK9UyQvqfeb0Bf3i3SpxNPiDPJbYPWbu8GOrJUlKnCk8TXbA0KAs9-QhJntfDb3aupLVCCXt10-4e3Q8u0qPPU6ABvWk6eKL3qmH0AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0CZQljFAjX8JZMVvdg6jbSZ5Z0rg%2526client%253Dca-pub-6014072752272779%2526adurl%253D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6014072752272779%26output%3Dhtml%26h%3D280%26slotname%3D3519343962%26adk%3D3631452934%26adf%3D2170650245%26pi%3Dt.ma~as.3519343962%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1624141491%26rafmt%3D1%26psa%3D0%26format%3D336x280%26url%3Dhttps%253A%252F%252Fthree-wings-sophia.com%252F%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1624141491766%26bpp%3D1%26bdt%3D628%26idt%3D70%26shv%3Dr20210616%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D5005114879946%26frm%3D20%26pv%3D1%26ga_vid%3D2039547776.1624141492%26ga_sid%3D1624141492%26ga_hid%3D1437293482%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1017%26ady%3D786%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060974%26oid%3D3%26pvsid%3D315731259022241%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DugorCBmjKE%26p%3Dhttps%253A%2F%2Fthree-wings-sophia.com%26dtd%3D72&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fthree-wings-sophia.com&random=787356633065&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
- https://ad29.ad-srv.net/request.php?zone=h4woulkysq24&nw=11&renderingType=javascript&namespace=a7dc25f519&subid=&uid=cc0b07c02c16383b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D3d477d1a-f403-4eb9-b553-f0cd24d523e4%26ag%3Dbyu92zu%26sfe%3D1305eeb3%26sig%3D9SBcGjBIQM3JsckH1zyM6NQhxUgtYD2t7DuxOCcTs6w.%26crid%3D2101hds2%26cf%3D1066315%26fq%3D0%26t%3D1%26td_s%3Dthree-wings-sophia.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D2%26mssi%3DNone%26mfsi%3Djnkf4rw29t%26sv%3Dgoogle%26uhow%3D0%26agsa%3D%26wp%3DYM5uswANCREKiwfSAAC6cmq3KvweKrU_mrC5mg%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-6014072752272779%26rlangs%3Den%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOABQAoABAIgBAQ..%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26svscid%3Dpub-6014072752272779%26mdl%3DChrome%2520-%2520Windows%26said%3DYM5uswANnOIKd8kVFg4s9w%253D%253D%26auct%3D2%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCl3Ess27OYJGSNNKPrATy9IKICN2V5bdcjpKgjlfAjbcBEAEgAGCViriCyAeCARdjYS1wdWItNjAxNDA3Mjc1MjI3Mjc3OaAB2obz6APIAQmoAwGqBLwBT9Cs4HZf4RLyUEKOtAK2ziemVHi1uLvds7nJKlk6y1QTheuZsqfEdnAD8YjcTLK_LhTI1va3DNxf3nyqb9LuV7UmLLjSxrcnNu3sRrC6qBb3eKmXO2v-0QErluaDheZijOU2uHlIN7SbEHs4-sfLi56vARQU0K84zoM2MK9UyQvqfeb0Bf3i3SpxNPiDPJbYPWbu8GOrJUlKnCk8TXbA0KAs9-QhJntfDb3aupLVCCXt10-4e3Q8u0qPPU6ABvWk6eKL3qmH0AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0CZQljFAjX8JZMVvdg6jbSZ5Z0rg%2526client%253Dca-pub-6014072752272779%2526adurl%253D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6014072752272779%26output%3Dhtml%26h%3D280%26slotname%3D3519343962%26adk%3D3631452934%26adf%3D2170650245%26pi%3Dt.ma~as.3519343962%26w%3D336%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1624141491%26rafmt%3D1%26psa%3D0%26format%3D336x280%26url%3Dhttps%253A%252F%252Fthree-wings-sophia.com%252F%26flash%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1624141491766%26bpp%3D1%26bdt%3D628%26idt%3D70%26shv%3Dr20210616%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D5005114879946%26frm%3D20%26pv%3D1%26ga_vid%3D2039547776.1624141492%26ga_sid%3D1624141492%26ga_hid%3D1437293482%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D1017%26ady%3D786%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31060974%26oid%3D3%26pvsid%3D315731259022241%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DugorCBmjKE%26p%3Dhttps%253A%2F%2Fthree-wings-sophia.com%26dtd%3D72&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fthree-wings-sophia.com&random=787356633065&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
- https://www.awin1.com/cshow.php?s=2419054&v=11430&q=366418&r=362943&pref1=67369600001882001212097011631029 HTTP 302
- https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvmf=1&dlid=2055&partnerid=362943&zanpid=11430_362943_1624141492_&cachebuster=1624141492&awv=11430_362943_1624141492_2abf5000-d14d-11eb-9ae5-692d08e93505 HTTP 301
- https://ebs08.telekom.de/affiliates/gotoview.php?vo=B1049&wb=pv-Mzg1MzU4OTI7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfMzYyOTQzXzE2MjQxNDE0OTJfMmFiZjUwMDAtZDE0ZC0xMWViLTlhZTUtNjkyZDA4ZTkzNTA1Ow..&targeturl=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif HTTP 302
- https://tracking.mlsat02.de/onepixel.gif
- https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=30417958&partnerid=362943&page=http://www.awin1.com/awclick.php?mid=11430&id=362943&gid=361943&linkid=2417252&p=https%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1 HTTP 301
- https://track.adform.net/adfscript/?bn=30417958;extVars=468753|1|affiliate%20postview|av;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=362943&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=362943&gid=361943&linkid=2417252&p=https%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
89 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
three-wings-sophia.com/ Redirect Chain
|
20 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
three-wings-sophia.com/wp-content/themes/simplicity2/ |
67 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
responsive-pc.css
three-wings-sophia.com/wp-content/themes/simplicity2/css/ |
2 KB 953 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
three-wings-sophia.com/wp-content/themes/simplicity2/skins/sakura/ |
2 KB 836 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
three-wings-sophia.com/wp-content/themes/simplicity2/webfonts/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
three-wings-sophia.com/wp-content/themes/simplicity2/webfonts/icomoon/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
calendar.css
three-wings-sophia.com/wp-content/themes/simplicity2/css/ |
959 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
extension.css
three-wings-sophia.com/wp-content/themes/simplicity2/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
three-wings-sophia.com/wp-content/themes/simplicity2-child/ |
157 B 289 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
c0.wp.com/c/5.7.2/wp-includes/css/dist/block-library/ |
57 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
three-wings-sophia.com/wp-content/uploads/pz-linkcard/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
screen.min.css
three-wings-sophia.com/wp-content/plugins/table-of-contents-plus/ |
1 KB 620 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jetpack.css
c0.wp.com/p/jetpack/9.7.1/css/ |
76 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
c0.wp.com/c/5.7.2/wp-includes/js/jquery/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
c0.wp.com/c/5.7.2/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
135 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
javascript.js
three-wings-sophia.com/wp-content/themes/simplicity2/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
javascript.js
three-wings-sophia.com/wp-content/themes/simplicity2-child/ |
300 B 443 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.lazyload.min.js
three-wings-sophia.com/wp-content/themes/simplicity2/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
photon.min.js
c0.wp.com/p/jetpack/9.7.1/_inc/build/photon/ |
758 B 402 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
front.min.js
three-wings-sophia.com/wp-content/plugins/table-of-contents-plus/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
intersectionobserver-polyfill.min.js
three-wings-sophia.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lazy-images.min.js
three-wings-sophia.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-embed.min.js
c0.wp.com/c/5.7.2/wp-includes/js/ |
1 KB 719 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e-202124.js
stats.wp.com/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
three-wings-sophia.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
print.css
three-wings-sophia.com/wp-content/themes/simplicity2/css/ |
1 KB 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icomoon.ttf
three-wings-sophia.com/wp-content/themes/simplicity2/webfonts/icomoon/fonts/ |
20 KB 20 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/ |
233 KB 86 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/ Frame 90CD |
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
212 B 269 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 165 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 165 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame 9D1A |
430 B 231 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
73 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame 89A6 |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.gif
pixel.wp.com/ |
50 B 92 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
integrator.js
adservice.google.de/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
integrator.js
adservice.google.com/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
ads
googleads.g.doubleclick.net/pagead/ Frame 6465 |
0 20 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bgt
www26.a8.net/svt/ |
101 KB 101 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
adview
googleads.g.doubleclick.net/pagead/ Frame 1562 |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
h4woulkysq24
ad.ad-srv.net/zone/ Frame 1562 |
11 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ca
choices.truste.com/ Frame 1562 |
27 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 1562 |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1562 |
122 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 1562 |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
google
de1-bid.adsrvr.org/bid/feedback/ Frame 1562 |
807 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
request.php
ad29.ad-srv.net/ Frame 1562 Redirect Chain
|
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
onepixel.gif
tracking.mlsat02.de/ Frame 40B5 Redirect Chain
|
43 B 129 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
request_content.php
ad29.ad-srv.net/ Frame 9031 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 1562 |
216 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
track.adform.net/adfscript/ Frame 9031 Redirect Chain
|
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cshow.php
www.awin1.com/ Frame 9031 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
viewability
ad29.ad-srv.net/ Frame 9031 |
0 150 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 9031 |
33 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
track.adform.net/adfserve/ Frame 9031 |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame 9031 |
0 988 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 9031 |
89 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
track.adform.net/csimpr/ Frame 9031 |
35 B 469 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9775861.js
s1.adform.net/Banners/Elements/Files/14736/9775861/ Frame F06B |
33 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame F06B |
30 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ball.png
s1.adform.net/Banners/Elements/Files/14736/9775861/bvpath_514/ Frame F06B |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
device.png
s1.adform.net/Banners/Elements/Files/14736/9775861/bvpath_514/ Frame F06B |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
buds.png
s1.adform.net/Banners/Elements/Files/14736/9775861/bvpath_514/ Frame F06B |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
device2.png
s1.adform.net/Banners/Elements/Files/14736/9775861/bvpath_514/ Frame F06B |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
device1.png
s1.adform.net/Banners/Elements/Files/14736/9775861/bvpath_514/ Frame F06B |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
buds2.png
s1.adform.net/Banners/Elements/Files/14736/9775861/bvpath_514/ Frame F06B |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
emaktion_ss215g_buds_2105-w05.json
tkdynba.millemedia.de/live/ Frame F06B |
3 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg.jpg
s1.adform.net/Banners/Elements/Files/14736/9775861/bvpath_514/ Frame F06B |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
TeleNeoWeb-ExtraBold.woff2
tkads.millemedia.de/tkfonts/ Frame F06B |
34 KB 35 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
TeleNeoWeb-Regular.woff2
tkads.millemedia.de/tkfonts/ Frame F06B |
34 KB 34 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
TeleNeoWeb-Bold.woff2
tkads.millemedia.de/tkfonts/ Frame F06B |
34 KB 35 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 1562 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
viewability
ad29.ad-srv.net/ Frame 9031 |
0 150 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
sodar
pagead2.googlesyndication.com/getconfig/ |
11 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/223/ Frame AC88 |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame D902 |
783 B 760 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
euAOjApLF9oPg5mAUx-yVGBOesBdufZr5V6HP-AHDS4.js
pagead2.googlesyndication.com/bg/ Frame AC88 |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ca
choices.trustarc.com/ Frame 1562 |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ca
choices.trustarc.com/ Frame 1562 |
38 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cap
choices.trustarc.com/ Frame 1562 |
43 B 382 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get
choices.trustarc.com/ Frame 1562 |
287 B 630 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
track.adform.net/serving/unload/ Frame 9031 |
35 B 469 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get
choices.trustarc.com/ Frame 7372 |
287 B 630 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
get
choices.trustarc.com/ Frame 7372 |
739 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
track.adform.net/serving/unload/ Frame 9031 |
35 B 469 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
81 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| adsbygoogle object| lazyload_config object| tocplus object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| jetpackLazyImagesL10n object| wp object| _stq number| wrapperTop undefined| wrapperHeight number| sidebarHeight function| fetch_twitter_count_from_count_jsoon function| fetch_facebook_count function| fetch_google_plus_count function| fetch_hatebu_count function| fetch_pocket_count function| fetch_feedly_count function| fetch_push7_count function| doMasonry function| st_go function| linktracker_init object| wpcom object| twemoji object| GoogleGcLKhOms3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .ad-srv.net/ | Name: pwzdy6wsn8n7_uid Value: 0230875649009554 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUkWwSN0LNX6ls4JQtTc9DDfoygLcZz_nriv-FgXCVOPNfkLEdDZcnqV_cPnHAM |
|
| .three-wings-sophia.com/ | Name: __gads Value: ID=58b6d7877366f6cb-22fbe4db0dc90000:T=1624141491:RT=1624141491:S=ALNI_MbhUAfBKaWujLfwdRRO86EcjuVKFg |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aaa.artefact.com
ad.ad-srv.net
ad29.ad-srv.net
adservice.google.com
adservice.google.de
c0.wp.com
choices.trustarc.com
choices.truste.com
creative.mlsat02.de
de1-bid.adsrvr.org
ebs08.telekom.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.wp.com
s1.adform.net
stats.wp.com
three-wings-sophia.com
tkads.millemedia.de
tkdynba.millemedia.de
tpc.googlesyndication.com
track.adform.net
tracking.mlsat02.de
www.awin1.com
www.google.com
www.googletagservices.com
www.three-wings-sophia.com
www26.a8.net
104.111.239.217
142.250.184.226
157.112.183.32
159.69.70.9
192.0.76.3
192.0.77.37
2600:9000:2156:ca00:6:de3f:c700:93a1
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2004
37.157.2.247
37.157.6.253
51.178.130.209
51.68.117.182
52.194.50.40
65.9.77.127
65.9.77.13
65.9.77.88
76.223.26.175
80.158.66.20
88.99.219.174
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
07ec6fc68b2fdf62b0208e1603197473320e087eaf0c1a029fafba83f4e341f9
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1641d85306449ce51856aa7f6d51d72db2986be90ac1d527e11cf606e5688d3e
16f0c0b7d0dfdf331a2d2a63e3de90434bc7f2ed5cc44965fde8ae16c3f0c521
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
1841ca7a95065537ebe1d8f952e4f43c2ffe43bb64fc1350f36a76bee49eece8
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
20699d562386ebd9999622a8e7126883420db8d694a83e365e35c020566ab016
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
2739b8522083623b0c49032a99f3543d98fdce4e80800053b140af7d92e986c1
2ba0e0468290efccde7ac41afff618243e60020f5228312ff8d38368f0916d74
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d044c6b40212084326233fb6c805d704a768dc3f1edce4a11794a1250e4dc3a
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
410bbef10cc0a50e426c6cd819887a9b22cb9d412e1c92a40e5324907927c6e2
4a3db0402a97fc98b720d04a2bce839eb05df3b9500d69f817dc3fef92bcf1d6
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
50df0debd8c3ae24391b41bba6d590428d055cddb7a30d6ffa11c7ff5d4ed11e
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
55b3f610affe6694e4efaf40aafab4960f1b46f15bebd9c12b01f3ab1275e2d1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
62610333e85e3cc2ef77b39e9bbb30f73359e265094a6492915a466e734b45b0
65e424db623512e53d630d521185f58895b0c7599a3d17f611f4d38230ff48e2
6c4f88f5d5e9b10b74b50d0afcd95198a4e1ec0ef90582d56aab86a29ea52b51
6f3f509e80dd69dce6a85a0cc854470def3159f854e099733e9a77a549d1c8bb
71bf6d002fe79204c2c6b78337aa19efb0592f2acb1025ce8183096be86b6e41
77dfdc80913c50cb920f3c6b0ac88a4b019fbcb5d29e65d9c7024c3f48049564
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ae00e8c0a4b17da0f839980531fb254604e7ac05db9f66be55e873fe0070d2e
812353c365d082e7967f7cc56b321e5cc62cb5bf41eb1e04cf77654ab8d800e9
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
82c77bc508638abc9bda584c9afb2e3b4e0ab494ffc2acc7cca03adcab297c59
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873dd14975bfad62e03a2ad06a5d4996e44a6acef32f8ea8aff74c0758cb4952
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
8b32984822f65272bdbc2b0f74810c5a1e8fea6022fa5c62535d108e80ab653c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a33844b609e67ce200a14566819ea58202694565777df5966e59664f55fb0e16
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ba1056f4790c0ed06731bfeb1576e02f7036245af3ae4fb38c3de7137381ff3a
be6cac823dc3ff58d3b1b19ffe83df078abc8bccddeaac779982c19e420a0f3f
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf550cf7884ad70fea2ede7a847ae515d260c3e0539ce60953ced133de33790e
c441bbf89d0d9390e8b0148ea04b49e3ceeaee39fe451b6cbef7b3ed39ef25b6
c6e8eccf42d625f5729635c1e05c8de5f3ec30926b616810afe6a808f05ef37d
cb40efcc16aa5dea3e8917507ec26333f070ca70c8ac6b4307f55fed67fbd987
cb825ffb23299de05a9ca6b935472914c7fd08ac30ea9cf7287d7565d29aa342
cd3ee6e21af3d304fae6f52aa26a3a7756c59ab580f57c1054e9af12bdc663c9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d9ee700850cbae2ddcbcbaf2bc5a319154a6ee34d3f1870c5f32afb68a3dd90e
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df283e414ab9e4b1a182621e052a5b7eb3ee75368e416d1e0eea6d8cb6d38ce1
dfc11025a70cc323d32bc77e82422f11c1052e8991e118ca78a6d6421e99cfbd
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e1681941eab74f43cbb5d22ce9763959c4f29550202d276a013d3984ce5c31e2
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e2baedb93a8ec86520bebe0592106e229df7fc6a12799a900b81d969d37a2f7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e4ec2e8c07395bd6309adffcbc26889e88a2e6fd7f2500d2594579c91af29013
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e8c20f0a74650485524f817ab4ae34e20aa3f7d891ef664308b063c9954bb2c4
eaeba83203aa38256bb67406135ad9367da24095f2a459323eb06c49336743dc
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef40390de6eecf1f9aa8cc378562765b778ccaf8465f13eff73f95199ce4f73b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fc2bbd034a486f8fbccdd791fdbd9298ac08ba2cb9e8af05be6976e0d8076576
fdcccdfa5dfa4a6db018f4a5f149311f766a539303b5b89dd3e80cee07ea338a