powerplay.com
Open in
urlscan Pro
104.18.5.148
Public Scan
Submitted URL: http://wwwmylongjohnsexperience.com/
Effective URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 09 via api from CA — Scanned from CA
Effective URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 09 via api from CA — Scanned from CA
Summary
This website contacted 17 IPs
in 5 countries
across 19 domains to perform 77 HTTP transactions.
The main IP is 104.18.5.148, located in
and
belongs to CLOUDFLARENET, US.
The main domain is powerplay.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2023. Valid for: a year.
This is the only time powerplay.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2023. Valid for: a year.
This is the only time powerplay.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 167.172.228.26 167.172.228.26 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 1 2 | 52.117.247.211 52.117.247.211 | 36351 (SOFTLAYER) (SOFTLAYER) | |
| 2 2 | 34.234.154.208 34.234.154.208 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 2 | 20.93.81.72 20.93.81.72 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 1 | 104.18.28.20 104.18.28.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 9 | 104.18.5.148 104.18.5.148 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 39 | 99.84.108.42 99.84.108.42 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 160.153.235.136 160.153.235.136 | 21501 (GODADDY-AMS) (GODADDY-AMS) | |
| 1 | 104.16.57.101 104.16.57.101 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 4 | 172.217.13.104 172.217.13.104 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 172.217.13.98 172.217.13.98 | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 104.86.233.107 104.86.233.107 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 4 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
| 1 | 142.251.35.164 142.251.35.164 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 172.217.13.195 172.217.13.195 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 104.18.31.104 104.18.31.104 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 172.217.13.206 172.217.13.206 | 15169 (GOOGLE) (GOOGLE) | |
| 1 3 | 68.67.179.164 68.67.179.164 | 29990 (ASN-APPNEX) (ASN-APPNEX) | |
| 1 2 | 52.6.65.1 52.6.65.1 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 2 | 54.157.73.116 54.157.73.116 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 | 104.18.12.29 104.18.12.29 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 77 | 17 |
1
167.172.228.26
(Clifton, United States)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| wwwmylongjohnsexperience.com |
2
52.117.247.211
(United States)
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
| myckdom.com | |
| p374591.myckdom.com |
2
34.234.154.208
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-154-208.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-154-208.compute-1.amazonaws.com
| akutapro.com |
39
99.84.108.42
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-42.iad79.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-42.iad79.r.cloudfront.net
| st.ppsrvs.com |
3
160.153.235.136
(Amsterdam, Netherlands)
ASN21501 (GODADDY-AMS, DE)
PTR: 136.235.153.160.host.secureserver.net
ASN21501 (GODADDY-AMS, DE)
PTR: 136.235.153.160.host.secureserver.net
| powerplay-content.com | |
| wp.powerplay-content.com |
4
172.217.13.104
(United States)
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net
| www.googletagmanager.com |
1
172.217.13.98
(United States)
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
| googleads.g.doubleclick.net |
3
104.86.233.107
(Seattle, United States)
ASN16625 (AKAMAI-AS, US)
PTR: a104-86-233-107.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-86-233-107.deploy.static.akamaitechnologies.com
| zz.connextra.com |
1
142.251.35.164
(Marriottsville, United States)
ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f4.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f4.1e100.net
| www.google.com |
3
172.217.13.206
(United States)
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f14.1e100.net
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f14.1e100.net
| www.google-analytics.com |
3
68.67.179.164
(North Bergen, United States)
ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
| secure.adnxs.com |
2
52.6.65.1
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-65-1.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-65-1.compute-1.amazonaws.com
| segment.prod.bidr.io |
2
54.157.73.116
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-73-116.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-73-116.compute-1.amazonaws.com
| match.prod.bidr.io |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 39 |
ppsrvs.com
st.ppsrvs.com |
641 KB |
| 10 |
powerplay.com
2 redirects
www.powerplay.com powerplay.com |
291 KB |
| 4 |
bidr.io
3 redirects
segment.prod.bidr.io — Cisco Umbrella Rank: 6631 match.prod.bidr.io — Cisco Umbrella Rank: 615 |
2 KB |
| 4 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11124 |
3 KB |
| 4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65 |
281 KB |
| 3 |
adnxs.com
1 redirects
secure.adnxs.com — Cisco Umbrella Rank: 464 |
2 KB |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54 |
21 KB |
| 3 |
connextra.com
zz.connextra.com — Cisco Umbrella Rank: 16616 |
17 KB |
| 3 |
powerplay-content.com
powerplay-content.com wp.powerplay-content.com |
3 KB |
| 2 |
brevo.com
in-automate.brevo.com — Cisco Umbrella Rank: 23097 |
141 B |
| 2 |
sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 22157 |
4 KB |
| 2 |
powerplaybet.com
2 redirects
www.powerplaybet.com |
2 KB |
| 2 |
akutapro.com
2 redirects
akutapro.com — Cisco Umbrella Rank: 186871 |
2 KB |
| 2 |
myckdom.com
1 redirects
myckdom.com — Cisco Umbrella Rank: 114921 p374591.myckdom.com |
1 KB |
| 1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 9674 |
455 B |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
455 B |
| 1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 |
2 KB |
| 1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1175 |
7 KB |
| 1 |
wwwmylongjohnsexperience.com
1 redirects
wwwmylongjohnsexperience.com |
2 KB |
| 77 | 19 |
| Domain | Requested by | |
|---|---|---|
| 39 | st.ppsrvs.com |
powerplay.com
st.ppsrvs.com |
| 9 | powerplay.com |
1 redirects
p374591.myckdom.com
powerplay.com static.cloudflareinsights.com |
| 4 | my.rtmark.net |
powerplay.com
|
| 4 | www.googletagmanager.com |
powerplay.com
www.googletagmanager.com |
| 3 | secure.adnxs.com |
1 redirects
powerplay.com
|
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 3 | zz.connextra.com |
powerplay.com
zz.connextra.com |
| 2 | in-automate.brevo.com |
sibautomation.com
|
| 2 | match.prod.bidr.io | 2 redirects |
| 2 | segment.prod.bidr.io |
1 redirects
powerplay.com
|
| 2 | sibautomation.com |
p374591.myckdom.com
sibautomation.com |
| 2 | powerplay-content.com |
powerplay.com
|
| 2 | www.powerplaybet.com | 2 redirects |
| 2 | akutapro.com | 2 redirects |
| 1 | wp.powerplay-content.com |
st.ppsrvs.com
|
| 1 | www.google.ca |
powerplay.com
|
| 1 | www.google.com |
powerplay.com
|
| 1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | static.cloudflareinsights.com |
powerplay.com
|
| 1 | www.powerplay.com | 1 redirects |
| 1 | p374591.myckdom.com | |
| 1 | myckdom.com | 1 redirects |
| 1 | wwwmylongjohnsexperience.com | 1 redirects |
| 77 | 23 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.powerplay.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.myckdom.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-20 - 2024-03-20 |
a year | crt.sh |
| powerplay.com Cloudflare Inc ECC CA-3 |
2023-08-08 - 2024-08-06 |
a year | crt.sh |
| *.ppsrvs.com Amazon RSA 2048 M01 |
2023-06-23 - 2024-07-21 |
a year | crt.sh |
| powerplay-content.com Go Daddy Secure Certificate Authority - G2 |
2023-06-11 - 2024-07-12 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
| *.connextra.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-28 - 2024-03-28 |
a year | crt.sh |
| rtmark.net R3 |
2023-07-25 - 2023-10-23 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
| *.google.ca GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
| *.adnxs.com GeoTrust ECC CA 2018 |
2023-02-13 - 2024-03-15 |
a year | crt.sh |
| brevo.com GTS CA 1P5 |
2023-07-03 - 2023-10-01 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764
Frame ID: AE380F47B7E6A35BF570E9B010A3997A
Requests: 69 HTTP requests in this frame
Frame:
https://powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Frame ID: D61BAB5223DC03933F28D4EC459742AD
Requests: 2 HTTP requests in this frame
Frame:
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
Frame ID: 1A3315667D1C9286B2064E8703B43AF3
Requests: 1 HTTP requests in this frame
Frame:
https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Frame ID: D085C62499AF4822E10E85B90EF5BC7F
Requests: 1 HTTP requests in this frame
Frame:
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
Frame ID: C97E92C5CDC92AD07095C64F5275488F
Requests: 1 HTTP requests in this frame
Frame:
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAArdk7Jp-YAACWj9jyTuA
Frame ID: B936A702B6AE7424E36D3BB5A4B178C3
Requests: 1 HTTP requests in this frame
Frame:
https://sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
Frame ID: C7D9C70FE830BEAF371E8CA698AC32BA
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Online Betting | Live Casino | Bet with PowerPlay | Free Bet OffersPage URL History Show full URLs
-
http://wwwmylongjohnsexperience.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=hx7PGIw6vFf-TiWPOexKVK3dDnCBF-q5XQaiCg3BLRs6xklmKOXj935XPU-DA... HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFy... Page URL
-
https://akutapro.com/click?trvid=15507&externalid=90594028170&var1=6pcadt_447207301&var2=6p&var3=...
HTTP 302
https://akutapro.com/double?t=1&d=aHR0cHM6Ly93d3cucG93ZXJwbGF5YmV0LmNvbS9DLmFzaHg_YnRhZz1hXzQzNzY... HTTP 302
https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinow... HTTP 302
https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinow... HTTP 302
https://www.powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&... HTTP 302
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&... Page URL
Detected technologies
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Cloudflare Browser Insights
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.powerplay.com/register/?pptag=a_43764b_18876c_casinowb_6pcadt_447207301
Title: CLAIM NOW
Title: CLAIM NOW
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wwwmylongjohnsexperience.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=hx7PGIw6vFf-TiWPOexKVK3dDnCBF-q5XQaiCg3BLRs6xklmKOXj935XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZlpHmqSzyiFtiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJ3ZL4z-puOGeVSLRjlRWCkkIaXD4pzvG4nPvopM6LLaXL6U5aPnQM7lR404_Ngl39pqKLKiVcbHPXfnnGEUigEakuHgdL9NdnQde_yaCGP6CLyqVEoypiiMjFVf7QcAoM5i8_lFO134sqBCIdN5wwttFvD9NS3eSPhjZXKue3QZmD4eHyeNDFPlOk8LKlCKJRoaxtedH9f8MCZ1XK5EKK4JTWQEYrF4FyT1GLpAYT8qf8_NJr8dB2AfjDak-CS-jEsXyA3MbJePwW3mjKruAbTSofjrR4gYJIIG9mi5VFLGgZA5SZSBcls560EX4QEFbVwAjOKJB5zvsaCNAbUu4fKdrJzXrf2yLUn1Wf0YFbwy7C1wN-DHYxuIVrk0-hUQNqDJRgsLq-bz9CMrfWPwmR_FfP0XIBDOig7WFDDSCHyOW8-c0jfjZ5txBpJrHhcwMhbznJBhzVANgdymf-X4SabOGPp_elFc0rE59KT_JXyiM_HtgL6hodGyXiBqp9iBMiFo99F4sgyAnGpHr4qzb23jKgSyd9YnaBMQUkjFCHPlJjJBHnlFqEcOzOAOkHQEXn5rAmj3PmajD54GV4oZCiH4O93M1xwVlFx7jjitzb4-p4V07IiVumKNytfnNWuSjczslzgDSqjJyDaWVs3-4ovCPehLTgop-4TyXzThFBRdnKQWiBQMmuED96HRhY1FPpj4wsS0_63PEegVQTCs-0n8bEYsqF6E9Ap3FMJcMUcKXzLDBn9MwcaTW_izrJ83m9wZ0rSgIFNfcTPkN1ijp5Udl6zmwxYmZRLjddtNgvdsvEXGdFff_ufa0rPcNJJW9c2_Sk0cVIY47cBNUfmEpSA5Zdr6hFuuwgxjJTZWim8GX8Hie34Mf6qkV0nk022mZxR0CabMsVe5uDEV36nPbmS2uH0QRXJFgDopCageVuhQC_dI-DCN7QXmSEshjCans3WOBl6loIpdGuYis_aU2FVdzVMktjmOCxgauK-ugy1wxyqc2-EZ2HDFqFKw-W-fq-5dpQ5HX23ASN6eajaKvBVkiMWrTQykZbhCgaDOIiLeNR2mrokr7bOO1sATOyxe_2_jymT2ysoEFaOu8IQEvkMRo_MvfEYcXKRkZ3eROZR9bZCrHG00QWqiT_tPFbwSgY36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0It2cY6Mye7St8pw-VDmwYuJZc3s0a_giRxCkq4IS-Qg9MMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpCBk-zXXZfyBib44zJJ0kFIHSYifNgIelIgVew_SjNkqNpapZ2nWjuOnq3YN_0ZLzwPstLEJbklh24xwj_vae_UspKqkAUWdrPgFSWQD3UlHdAM6fo_EBoQ HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpxEd5PaIC7wA3cwUL-Crmavq9kZyW26nJclxjU64JpXT0xRsQekXACgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHSFHYdKph-nyB0mInzYCHpSIFXsP0ozZKjaWqWdp1o7j6-J7z7Cr0DTmMMKiT1gys0wwQsdUPaARaOu8IQEvkMRo_MvfEYcXKmHMPq20icC4PAe_L4WAxrauYP_kkJnzBbG8TSouzQp-jZ-QyLtot3NGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiP2KUlfY2PGaU&ui=hx7PGIw6vFf-TiWPOexKVFY37AsT2Aew6S7gT6OG4UNMAlK9DzjzVwt-EeBl8YIL36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0Lw1CW-JqTdSA&si=1&oref=1140f8b2e09da7b946c58eb3a5bec972&optunit=wAL4E_uDHxeqkPEIg6BX5GptB8VU8xVGrSujM-RWlas&rb=ddaJhf53DcI&rr=1&isco=t&abtg=0 Page URL
-
https://akutapro.com/click?trvid=15507&externalid=90594028170&var1=6pcadt_447207301&var2=6p&var3=Desktop_Windows+10_Chrome+115_UNKNOWN_wwwmylongjohnsexperience.com+RO_@@CREATIVE-ID@@
HTTP 302
https://akutapro.com/double?t=1&d=aHR0cHM6Ly93d3cucG93ZXJwbGF5YmV0LmNvbS9DLmFzaHg_YnRhZz1hXzQzNzY0Yl8xODg3NmNfJmFmZmlkPTcwMDM1ODAmc2l0ZWlkPTQzNzY0JmFkaWQ9MTg4NzYmYz1jYXNpbm93Yl82cGNhZHRfNDQ3MjA3MzAx HTTP 302
https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinowb_6pcadt_447207301 HTTP 302
https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinowb_6pcadt_447207301&AutoR=1 HTTP 302
https://www.powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764 HTTP 302
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447207301&siteid=43764 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://wwwmylongjohnsexperience.com/ HTTP 302
- https://myckdom.com/aS/feedclick?s=hx7PGIw6vFf-TiWPOexKVK3dDnCBF-q5XQaiCg3BLRs6xklmKOXj935XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZlpHmqSzyiFtiTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJ3ZL4z-puOGeVSLRjlRWCkkIaXD4pzvG4nPvopM6LLaXL6U5aPnQM7lR404_Ngl39pqKLKiVcbHPXfnnGEUigEakuHgdL9NdnQde_yaCGP6CLyqVEoypiiMjFVf7QcAoM5i8_lFO134sqBCIdN5wwttFvD9NS3eSPhjZXKue3QZmD4eHyeNDFPlOk8LKlCKJRoaxtedH9f8MCZ1XK5EKK4JTWQEYrF4FyT1GLpAYT8qf8_NJr8dB2AfjDak-CS-jEsXyA3MbJePwW3mjKruAbTSofjrR4gYJIIG9mi5VFLGgZA5SZSBcls560EX4QEFbVwAjOKJB5zvsaCNAbUu4fKdrJzXrf2yLUn1Wf0YFbwy7C1wN-DHYxuIVrk0-hUQNqDJRgsLq-bz9CMrfWPwmR_FfP0XIBDOig7WFDDSCHyOW8-c0jfjZ5txBpJrHhcwMhbznJBhzVANgdymf-X4SabOGPp_elFc0rE59KT_JXyiM_HtgL6hodGyXiBqp9iBMiFo99F4sgyAnGpHr4qzb23jKgSyd9YnaBMQUkjFCHPlJjJBHnlFqEcOzOAOkHQEXn5rAmj3PmajD54GV4oZCiH4O93M1xwVlFx7jjitzb4-p4V07IiVumKNytfnNWuSjczslzgDSqjJyDaWVs3-4ovCPehLTgop-4TyXzThFBRdnKQWiBQMmuED96HRhY1FPpj4wsS0_63PEegVQTCs-0n8bEYsqF6E9Ap3FMJcMUcKXzLDBn9MwcaTW_izrJ83m9wZ0rSgIFNfcTPkN1ijp5Udl6zmwxYmZRLjddtNgvdsvEXGdFff_ufa0rPcNJJW9c2_Sk0cVIY47cBNUfmEpSA5Zdr6hFuuwgxjJTZWim8GX8Hie34Mf6qkV0nk022mZxR0CabMsVe5uDEV36nPbmS2uH0QRXJFgDopCageVuhQC_dI-DCN7QXmSEshjCans3WOBl6loIpdGuYis_aU2FVdzVMktjmOCxgauK-ugy1wxyqc2-EZ2HDFqFKw-W-fq-5dpQ5HX23ASN6eajaKvBVkiMWrTQykZbhCgaDOIiLeNR2mrokr7bOO1sATOyxe_2_jymT2ysoEFaOu8IQEvkMRo_MvfEYcXKRkZ3eROZR9bZCrHG00QWqiT_tPFbwSgY36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0It2cY6Mye7St8pw-VDmwYuJZc3s0a_giRxCkq4IS-Qg9MMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpCBk-zXXZfyBib44zJJ0kFIHSYifNgIelIgVew_SjNkqNpapZ2nWjuOnq3YN_0ZLzwPstLEJbklh24xwj_vae_UspKqkAUWdrPgFSWQD3UlHdAM6fo_EBoQ HTTP 302
- https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADNMMELHVD2gEWjrvCEBL5DEaPzL3xGHFytZikVx0iajpxEd5PaIC7wA3cwUL-Crmavq9kZyW26nJclxjU64JpXT0xRsQekXACgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHSFHYdKph-nyB0mInzYCHpSIFXsP0ozZKjaWqWdp1o7j6-J7z7Cr0DTmMMKiT1gys0wwQsdUPaARaOu8IQEvkMRo_MvfEYcXKmHMPq20icC4PAe_L4WAxrauYP_kkJnzBbG8TSouzQp-jZ-QyLtot3NGEQmmEPs44X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiP2KUlfY2PGaU&ui=hx7PGIw6vFf-TiWPOexKVFY37AsT2Aew6S7gT6OG4UNMAlK9DzjzVwt-EeBl8YIL36hgXLpmwH7f7doJReDXpSbnpQeZkMSg7ZfkxGdXG0Lw1CW-JqTdSA&si=1&oref=1140f8b2e09da7b946c58eb3a5bec972&optunit=wAL4E_uDHxeqkPEIg6BX5GptB8VU8xVGrSujM-RWlas&rb=ddaJhf53DcI&rr=1&isco=t&abtg=0
- https://powerplay.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
- https://secure.adnxs.com/seg?add=25129714&t=2 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
- https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value= HTTP 303
- https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
- https://match.prod.bidr.io/cookie-sync/geniussports HTTP 303
- https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1 HTTP 303
- https://zz.connextra.com/sync/data/uid/508a5e2dd5/AAArdk7Jp-YAACWj9jyTuA
77 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
domainClick
p374591.myckdom.com/adServe/ Redirect Chain
|
378 B 678 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
powerplay.com/ontario/lp/CA_1000CB_scroll/ Redirect Chain
|
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rocket-loader.min.js
powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pp-default.min.css
st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pp-main.min.css
st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.svg
st.ppsrvs.com/img/ppdesign/lp-swi/img/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DT_CA-EN_LP_1000CB.jpg
st.ppsrvs.com/img/lp-scr/ |
143 KB 144 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CA-EN_LP-1000-casino-bonus-not-comma.svg
st.ppsrvs.com/img/lp-scr/main/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flag-icon-ca.svg
st.ppsrvs.com/img/lp-scr/main/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main-free-chips-ONT.svg
st.ppsrvs.com/img/lp-scr/main/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer_safe-and-secure.svg
st.ppsrvs.com/img/lp-scr/footer/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer__betting-site.svg
st.ppsrvs.com/img/lp-scr/footer/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer__seen-on-tv.svg
st.ppsrvs.com/img/lp-scr/footer/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer__Igaming.svg
st.ppsrvs.com/img/lp-scr/footer/ |
13 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
timer-icon.svg
st.ppsrvs.com/img/lp-scr/icons/ |
971 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cup-icon.svg
st.ppsrvs.com/img/lp-scr/icons/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
interac.svg
st.ppsrvs.com/img/lp-scr/icons/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
visa.svg
st.ppsrvs.com/img/lp-scr/icons/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mastercard.svg
st.ppsrvs.com/img/lp-scr/icons/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payicon-paysafecard.svg
st.ppsrvs.com/img/lp-scr/icons/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
support-bg.png
st.ppsrvs.com/img/lp-scr/slide/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
avatar.png
st.ppsrvs.com/img/lp-scr/slide/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
game-1.jpg
st.ppsrvs.com/img/lp-scr/games/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
game-2.jpg
st.ppsrvs.com/img/lp-scr/games/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
game-3.jpg
st.ppsrvs.com/img/lp-scr/games/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
game-4.jpg
st.ppsrvs.com/img/lp-scr/games/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flag-icon-ca.svg
powerplay-content.com/ppdesign/lp-swi/img/main/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close.svg
powerplay-content.com/ppdesign/lp-swi/img/icons/ |
396 B 575 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
react-vendors.e229ec7-97e3460-f340cfcb2.js
powerplay.com/ |
663 KB 180 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
csr.e229ec7-97e3460-f340cfcb2.js
powerplay.com/ |
248 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
services.e229ec7-97e3460-f340cfcb2.js
powerplay.com/ |
84 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
223 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checking.svg
st.ppsrvs.com/img/lp-scr/icons/ |
578 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-ExtraBold.woff2
st.ppsrvs.com/fonts/ |
62 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-Black.woff2
st.ppsrvs.com/fonts/ |
58 KB 59 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-Bold.woff2
st.ppsrvs.com/fonts/ |
62 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-Regular.woff2
st.ppsrvs.com/fonts/ |
61 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-Medium.woff2
st.ppsrvs.com/fonts/ |
61 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
b9dd88d4-e7a0-4c5c-9a91-c8c8c5392dad
https://powerplay.com/ |
291 B 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11031019498/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
landingpage
zz.connextra.com/dcs/tagController/tag/770b6a2a5625/ |
45 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.js
my.rtmark.net/ |
697 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.js
my.rtmark.net/ |
697 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-bundle.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
179 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/11031019498/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.ca/pagead/1p-user-list/11031019498/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sa.js
sibautomation.com/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
176 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
210 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
invisible.js
powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/ Frame D61B Redirect Chain
|
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
admin-ajax.php
wp.powerplay-content.com/wp-admin/ |
197 B 426 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
770b6a2a5625
zz.connextra.com/PowerPlay/dcs/tagController/tagData/ |
0 532 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bounce
secure.adnxs.com/ Frame 1A33 Redirect Chain
|
43 B 838 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getuidnb
secure.adnxs.com/ Frame D085 |
43 B 572 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
associate-segment
segment.prod.bidr.io/ Frame C97E Redirect Chain
|
43 B 796 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AAArdk7Jp-YAACWj9jyTuA
zz.connextra.com/sync/data/uid/508a5e2dd5/ Frame B936 Redirect Chain
|
43 B 412 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
rum
powerplay.com/cdn-cgi/ |
0 141 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/g/ |
0 170 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
7f42a6d4089139ff
powerplay.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame D61B |
0 292 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
my.rtmark.net/ |
43 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
my.rtmark.net/ |
43 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cm.html
sibautomation.com/ Frame C7D9 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 91 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-redirects.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
724 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-setLanguage.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
363 B 739 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-detectMouseMove.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
405 B 781 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-setBtag.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
441 B 818 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-dynamicAdapt.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-initPopups.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-slider.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
135 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-counterTimer.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
509 B 869 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cm
in-automate.brevo.com/ Frame C7D9 |
0 108 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-createAffiliateCookie.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
430 B 791 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
in-automate.brevo.com/ |
0 33 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer object| webpackChunk function| react-vendors object| regeneratorRuntime object| csr object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| __cfQR object| __cfBeacon object| sib object| sendinblue boolean| __cfRLUnblockHandlers string| GoogleAnalyticsObject function| ga object| webpackChunkppdesign object| ppScope object| cxt_conf object| cxt_mod_shared_scope function| cxtdcs function| cxtdcs_pt object| gaGlobal object| gaplugins object| gaData34 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .myckdom.com/ | Name: rhid Value: 83525882050 |
|
| .myckdom.com/ | Name: loi Value: ad_1655191_off_1097836_aff_92356_cid_374591-WWWMYLONGJOHNSEXPERIENCE.COM_ts_1691611921 |
|
| akutapro.com/ | Name: ClickDataNG Value: H4sIAAAAAAAA_4xUTW_bOBD9K8KcWkQrk5Yl2SqMxusUu0GapGid5rKAQJNjm2uZJEjKivvx3xeUVNcoetibZuZx-Ibznr7CEa2TWkEJNCEJgRj8ySCUJAbXrFc_vrlWR7QeBZQbVjuMgdeS728FlDAV2ZfdbqtmU9ZADIJ5hJLmM5pTOhvTGDg7GCa3KqBplpEiBumWHxbnXlZ75qXuAFlGpzHYpsYQkRgsCmmR-3v0Oy2gTGNwurG8q9NJGkPNlJBqO-CH6MnWUALEoDcbtB02JTSNYW2Z4rsB3BV76M5748rRqG3bxOgWranZaY0-4fowWibM7V7erj3bzlk1SYt8sq7odFrkvPqnIWScs81GinlBSJpNSZ9y0qMU8w49gIQU8-5YH_M5Z04q3a6r3HAmfDWZFGNSpIRCeHTnhyc4omr6TRh20o3_SX7ZWIuKn6CEp083EENj5cU0bN94Zqzupuh29tbbY2ARFtGzwBePVrFaivmMZLMJGU9pMcxwZJbOf-V2Lo3nuTkH6fwG3d5rUz1LJXTrriipljurD3hFaVY9Pdw9PD4_VG3bHk61Vtt_9U45fDFoJSqOgeLVx8fq-nr58d1idfv53R-3N9fXEIM0CyEsOhdkmqXJbJxMSDKdXpbyftuNQ7vYovJQwr3-IuuajbKERK8GTtHDKqIkIW-iZ6nyyZvoJZ-8jhbG1PiM6zvpR1laJGkevbr7e3X_Po5qucfoL-R7_TrqhxlRmiUkyYoZSWhBok9sw6wczkHY1gYt2p6PwKPkePaRDiMMVII23eef_gvmW1vduu5sf9e5w5-WKXHZ8l4LrC8TD-yAfcz762CprdE22DEYzkAJHxjfo98168glLOkk1ihvg3iWi476tiezXHz79qg8s1IHlPSnIbnSVisfkoZZVH4ZJDUYzcqtVO_NRcpbphzjvbcdlKqp6xh447w-QPkVfiiv-49caA9iOBIo4TemONIuH77GUMIvkovOkov-r-Si30ju-_f_AgAA___TZ69NGgUAAA== |
|
| akutapro.com/ | Name: ClickDataNgFall Value: H4sIAAAAAAAA_4xUTW_bOBD9K8KcWkQrk5Yl2SqMxusUu0GapGid5rKAQJNjm2uZJEjKivvx3xeUVNcoetibZuZx-Ibznr7CEa2TWkEJNCEJgRj8ySCUJAbXrFc_vrlWR7QeBZQbVjuMgdeS728FlDAV2ZfdbqtmU9ZADIJ5hJLmM5pTOhvTGDg7GCa3KqBplpEiBumWHxbnXlZ75qXuAFlGpzHYpsYQkRgsCmmR-3v0Oy2gTGNwurG8q9NJGkPNlJBqO-CH6MnWUALEoDcbtB02JTSNYW2Z4rsB3BV76M5748rRqG3bxOgWranZaY0-4fowWibM7V7erj3bzlk1SYt8sq7odFrkvPqnIWScs81GinlBSJpNSZ9y0qMU8w49gIQU8-5YH_M5Z04q3a6r3HAmfDWZFGNSpIRCeHTnhyc4omr6TRh20o3_SX7ZWIuKn6CEp083EENj5cU0bN94Zqzupuh29tbbY2ARFtGzwBePVrFaivmMZLMJGU9pMcxwZJbOf-V2Lo3nuTkH6fwG3d5rUz1LJXTrriipljurD3hFaVY9Pdw9PD4_VG3bHk61Vtt_9U45fDFoJSqOgeLVx8fq-nr58d1idfv53R-3N9fXEIM0CyEsOhdkmqXJbJxMSDKdXpbyftuNQ7vYovJQwr3-IuuajbKERK8GTtHDKqIkIW-iZ6nyyZvoJZ-8jhbG1PiM6zvpR1laJGkevbr7e3X_Po5qucfoL-R7_TrqhxlRmiUkyYoZSWhBok9sw6wczkHY1gYt2p6PwKPkePaRDiMMVII23eef_gvmW1vduu5sf9e5w5-WKXHZ8l4LrC8TD-yAfcz762CprdE22DEYzkAJHxjfo98168glLOkk1ihvg3iWi476tiezXHz79qg8s1IHlPSnIbnSVisfkoZZVH4ZJDUYzcqtVO_NRcpbphzjvbcdlKqp6xh447w-QPkVfiiv-49caA9iOBIo4TemONIuH77GUMIvkovOkov-r-Si30ju-_f_AgAA___TZ69NGgUAAA== |
|
| www.powerplaybet.com/ | Name: CEK Value: a |
|
| www.powerplaybet.com/ | Name: XYZ Value: 120&1&148&&&&0&1&&be765685-e9ef-48d4-83f5-bab1650e00ff&&a_43764b_18876& |
|
| www.powerplaybet.com/ | Name: A_18876 Value: a=18876&r=0&fv=0&lv=0&vc=0&fc=20230809&lc=20230809081202&cc=1 |
|
| www.powerplaybet.com/ | Name: PM_196 Value: id=8955f7e2-f7e4-4aff-9e65-6a5520f1fcb3&c=casinowb_6pcadt_447207301&s=43764&ad=18876&md=0&pm=196&d=20230809201202&ip=2572953688&r=0&ref=&RedirectParams=btag%3Da_43764b_18876c_casinowb_6pcadt_447207301%26siteid%3D43764&cip=MTUzLjkyLjQwLjg4 |
|
| .www.powerplay.com/ | Name: __cf_bm Value: di3QVm7mC94wEV4pJ52PAV8.PwAg0WogpSAT9PKsErE-1691611922-0-AdmskQOHT8Ur0WB8shEMinNDaj0RVjiqcZnLzZ3Uc9vWZZdh2f9NOS7/dv9PwTT0CsVB3haVtuGBH+5fH3eL++cwgIRdvSl9DUZ2cWs0Y8tW |
|
| powerplay.com/ | Name: JSESSIONID Value: "-_mtU6V0S8qkxQQkByZHYfmPdGU7NW2JUN3IWJXi.ppca-app2.rs.fsbtech.com:ppca-app2.rs.fsbtech.com-wildfly" |
|
| powerplay.com/ | Name: currencyCode Value: CAD |
|
| powerplay.com/ | Name: languageId Value: 1 |
|
| powerplay.com/ | Name: localeKey Value: en |
|
| powerplay.com/ | Name: siteId Value: 5 |
|
| powerplay.com/ | Name: SERVERID Value: ppca-app3|ZNPzF|ZNPzF |
|
| .powerplay.com/ | Name: __cf_bm Value: eiF2u11P_8mdCxcd3XgcLtCcnc3wNIgEZeZ3GUi0f7I-1691611922-0-ASiinR030Oy/kTvVQWSF6XQBoK9iN7BufsjU70dLd4IBuytt3/0Fmhcpg0HEtR/QX875hv9Z9wrVMKixol/1pQUgjJULRUjoaaQ78HppY0VD |
|
| powerplay.com/ | Name: clid Value: 8b287e38-63ec-400b-956f-993a43bba8a5 |
|
| powerplay.com/ | Name: affiliateTrack Value: {%22affiliateName%22:%22?btag%22%2C%22affiliateValue%22:%22a_43764b_18876c_casinowb_6pcadt_447207301&siteid%22} |
|
| .powerplay.com/ | Name: _gcl_au Value: 1.1.2041373173.1691611923 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .powerplay.com/ | Name: _ga_Y3KG8VDTHZ Value: GS1.1.1691611923.1.0.1691611923.0.0.0 |
|
| .connextra.com/ | Name: CxtId Value: fd2bec82-2894-42e8-a01d-cf11b8ccf606 |
|
| .connextra.com/ | Name: PowerPlay Value: P%7Clandingpage%7C1%7C202308092112 |
|
| .adnxs.com/ | Name: uuid2 Value: 7421073909296206250 |
|
| .powerplay.com/ | Name: sib_cuid Value: 64336d13-eeba-468e-b2e8-2895d7bc0b12 |
|
| .powerplay.com/ | Name: _ga Value: GA1.2.1611746934.1691611924 |
|
| .powerplay.com/ | Name: _gid Value: GA1.2.932721268.1691611924 |
|
| .powerplay.com/ | Name: _gat_gtag_UA_119769874_6 Value: 1 |
|
| .bidr.io/ | Name: bitoIsSecure Value: ok |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVIgq#j3!]tbP6j2F-XstGt!@DS3$e(La |
|
| .powerplay.com/ | Name: cf_clearance Value: ceIZlGVyGW.7akO91bOLWQYaOb2o.AQSyvFX_pYHpFg-1691611924-0-1-b2f88981.674db848.e5f9d661-0.2.1691611924 |
|
| sibautomation.com/ | Name: uuid Value: c1cbd129-bc48-43a2-8f3b-0114c32fa55d |
|
| .bidr.io/ | Name: bito Value: AAArdk7Jp-YAACWj9jyTuA |
|
| my.rtmark.net/ | Name: ID Value: d69fffbfda6b417d84433d07a1f14d03 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
akutapro.com
googleads.g.doubleclick.net
in-automate.brevo.com
match.prod.bidr.io
my.rtmark.net
myckdom.com
p374591.myckdom.com
powerplay-content.com
powerplay.com
secure.adnxs.com
segment.prod.bidr.io
sibautomation.com
st.ppsrvs.com
static.cloudflareinsights.com
wp.powerplay-content.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.powerplay.com
www.powerplaybet.com
wwwmylongjohnsexperience.com
zz.connextra.com
104.16.57.101
104.18.12.29
104.18.28.20
104.18.31.104
104.18.5.148
104.86.233.107
139.45.195.8
142.251.35.164
160.153.235.136
167.172.228.26
172.217.13.104
172.217.13.195
172.217.13.206
172.217.13.98
20.93.81.72
34.234.154.208
52.117.247.211
52.6.65.1
54.157.73.116
68.67.179.164
99.84.108.42
0005b256e189bc5729342d8098520273e533023daefd8f15a672ee5aba6e591e
07c9b43d551b0d49dd37ce4138b6a10a892292995955f9091bd962d3d8fcc949
10e8276f1b592bf92c9b41a7c4507d67316ed62e87f6c6b3cb0476d317f68080
126e5a82ae666d429d3ae7e57be6eda6c975ec9fe18d0d21df27aad79fdee1ac
14ecf14f7ee782f8057ef81c23e44a22f64caf10d736f30be2f250e662b1d3ec
15f02c5838c6793f05c8c2f0e917b624f295aa884be53af22d942106c1a5887b
170be8230b71c7276d7f1b8ae46638f893216bb2dc3f9cb4d7320e88fa558dd0
171695fad3293c42592a04c152452710b9fc086508972c682217b7f2c6a1f731
19693a063859fbc73bba7004aa8a0908c526a489d6eb3181fc161f6b21e6a502
1d195b35cd8e579a17d000f888db81b4d814f80c1afb6cf492c685dc87608b66
32ab5f8c0959e3400adae0e888fcc69695c4c6f6f50d9d329b3ecc5689063ab2
3c9d1126e2917a35816f5846f495faa9da19b4ca8b1ddff23981dec67302c6e3
3d5506854228cd2719cf860e3d48f21ffe9ab70512b63b5130f52d8779c1f63c
440e51e97a1f1e0f89fd9e4f5c679588c0f3124005365b71d3e64861a084dce9
484ee616de01e916ba4ce6e8c48fa6551f6ec9c215ced5b31575762b535eba08
48aba20e2721ef10913638f8c60a47bf9a46772817687ae9b33ce8cb7cd3de27
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508b3eba0feab2726c520379d719703d902ee584fd6ada6e5b36b3033b20369d
531afb8d462c60b454489c1041538a5db9767de6a24793df88a509a35a6398b5
56216f99251dd03c55f553b52bb5523f331e79caf984999d2fb19854fb67bb08
57ad6e36430aed8c974637cc02bd2ac0450c9fbdc8651c5757cfbe9bb22b5bcb
58dd618ab54b9d91dee0a2732c6e67c180efb196e1412a556f8cff6b8d277fcc
6154a7590615bf2649898db61cea8056988e4149b4dccdd11039018272ced0e0
652541be9999e94663d364c2de129df810eb4ce6f17134c9b546c42d24e63ea1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74ba75b04f4c6ab366f6ccc158d4267e7c3f1e66fca8c43333f955c6b19f7a6a
76b43d097a4fc009f6d290100529563dfd7e7e91d6a25ae35cb7ded55783f3d3
7867964dbcde854e1d2757239b77a4aec8fef95fb67fdd9a51883131facc2112
7bb97e6c8adbd4626d2fdaceb47c2c5fb50ea51028b8b149f0e35d8a65a7d3f3
87c23a566aecd71a97288bb22d797a277c77a4e139fc5935cc8b910e3a2b21b8
8d405bfaaf9ecbc1ebb18881d2d77026f7e17312b64d3969c64b625c0aa47b42
8e19966797cd0817a0596258e64f132494b3feeec848f33509a99a10160d5f0c
9119462f6350c91b062884b4425f27f48be7063829347ecbfe6afb9af8e0b675
9727700ca4a55d10f4879e109180b3d9b1f42f9d4d474aa2a66117eddc3bb604
9a92326ae6f5aea36d4393910d678a6760ae6eadd0ab9be62c46a03082474ba9
a262a9635bb8f28bd78fd4494f35f495e0343202bf4788e4ec7dbd4be64a660e
a520141c4ce651b279a73fec818c8f5dff495797dc185183db968079ff8846ba
ab3d4ba968ab1b6b8403cf13a2fdddd4cf710f52aea5ee01e06e8e62b13181ea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a8b380044c8914bd056701890c61e05b58a0fc72f516395ff5d010a9a1cab1
b745a8848c639d15139e4017157c7207ac0a9e8d6948fcc2203267897e8c50ce
b7ef3fc2c877c901a53f282ad67b605b5553e0c5df723426dba4b7b78b1aef6a
be191b44f5c7989a743dc8c634df519ec31f416581b65e4377d3d9f3efeb1ff9
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c6dbdb02881aecef8a4408b23b30521eae5a17f8364791b79aacadb9a818c614
c86348593a20522880f1a46a91eacd67e18cc15925bf0e197720344ab63599e8
c88dd4ccfb576adccc328013892e7ef1c86c956c6880972ee49b4895dccd5a66
cb754c69c75f59fb7de047a7dea616be73b6eec74c247dcda3109484073ebd0b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc2b549cfe75973a9fd32a72030d869f64a8055ce7d920b69ecee60b01fd213
d3fcf5d5206ff486e62ef44002086e1e8f33dc6dbaf68bf674db07d55b2ab312
d85caca825700df29d1acabcfda9ff45b1d1efac994f96a8e14b8f9f8906a2c9
d91f70bd85c30767de25f9c149e5ad150ad5d99c0058a191a93464e2dab1211d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd26ed38feabef8914c776ca02fd708233d6778304a377068f391f00a530efee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8a4a1094e339e1339fdc3caee1fabe4a5beb8f97b939825de7bf5917850bb1
e18c2c1b2ca3939bffeb9ac90e47ce207aba9d1c06c4549576bc41f3d12a7bc8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bef68e90b255743b372bdf95b79507c8e37cb4f5fba2c52580973749e4ff1f
eb3230e4dadc08d9e8312c75f5b59c145fce03e630a72f508b64da7cc1386cd5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8167fbc5c1e56c68bea6cb59e801f73724566740ab4f66cbd93b6fa47463acc
fa71a7d7048a9a83d444a3c9d2f7e2b610b129b75306398e7636a48049fd1d3f
ff248eaa2944486c77fe83465ff08e71cb12f1219d0011164e8cac6d3bd73282
ffdd2071b5dce859b43f29e5d0fe90f35ba72684fdbcce012793aea6eeece28b