powerplay.com
Open in
urlscan Pro
104.18.5.148
Public Scan
Submitted URL: http://websassessor.com/
Effective URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447233650&siteid=43764
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 11 via api from CA — Scanned from CA
Effective URL: https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447233650&siteid=43764
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 11 via api from CA — Scanned from CA
Summary
This website contacted 17 IPs
in 5 countries
across 19 domains to perform 77 HTTP transactions.
The main IP is 104.18.5.148, located in
and
belongs to CLOUDFLARENET, US.
The main domain is powerplay.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2023. Valid for: a year.
This is the only time powerplay.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2023. Valid for: a year.
This is the only time powerplay.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 167.172.228.26 167.172.228.26 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 1 2 | 52.117.247.211 52.117.247.211 | 36351 (SOFTLAYER) (SOFTLAYER) | |
| 2 2 | 34.234.154.208 34.234.154.208 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 2 | 20.93.81.72 20.93.81.72 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 1 | 104.18.28.20 104.18.28.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 9 | 104.18.5.148 104.18.5.148 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 39 | 99.84.160.87 99.84.160.87 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 160.153.235.136 160.153.235.136 | 20773 (GODADDY) (GODADDY) | |
| 1 | 104.16.57.101 104.16.57.101 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 4 | 172.217.13.104 172.217.13.104 | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 72.247.68.185 72.247.68.185 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 4 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
| 1 | 172.217.13.98 172.217.13.98 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 172.217.13.132 172.217.13.132 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 172.217.13.195 172.217.13.195 | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 104.18.31.104 104.18.31.104 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 172.217.13.206 172.217.13.206 | 15169 (GOOGLE) (GOOGLE) | |
| 1 3 | 68.67.179.166 68.67.179.166 | 29990 (ASN-APPNEX) (ASN-APPNEX) | |
| 1 2 | 52.45.229.60 52.45.229.60 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 2 | 52.204.75.117 52.204.75.117 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 2 | 104.18.13.29 104.18.13.29 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 77 | 17 |
2
52.117.247.211
(United States)
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
| myckdom.com | |
| p374591.myckdom.com |
2
34.234.154.208
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-154-208.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-154-208.compute-1.amazonaws.com
| akutapro.com |
39
99.84.160.87
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-87.ord52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-160-87.ord52.r.cloudfront.net
| st.ppsrvs.com |
3
160.153.235.136
(Amsterdam, Netherlands)
ASN20773 (GODADDY, DE)
PTR: 136.235.153.160.host.secureserver.net
ASN20773 (GODADDY, DE)
PTR: 136.235.153.160.host.secureserver.net
| powerplay-content.com | |
| wp.powerplay-content.com |
4
172.217.13.104
(United States)
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net
| www.googletagmanager.com |
3
72.247.68.185
(New York, United States)
ASN16625 (AKAMAI-AS, US)
PTR: a72-247-68-185.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a72-247-68-185.deploy.static.akamaitechnologies.com
| zz.connextra.com |
1
172.217.13.98
(United States)
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
| googleads.g.doubleclick.net |
3
172.217.13.206
(United States)
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f14.1e100.net
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f14.1e100.net
| www.google-analytics.com |
3
68.67.179.166
(North Bergen, United States)
ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
| secure.adnxs.com |
2
52.45.229.60
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-229-60.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-229-60.compute-1.amazonaws.com
| segment.prod.bidr.io |
2
52.204.75.117
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-75-117.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-75-117.compute-1.amazonaws.com
| match.prod.bidr.io |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 39 |
ppsrvs.com
st.ppsrvs.com |
641 KB |
| 10 |
powerplay.com
2 redirects
www.powerplay.com powerplay.com |
291 KB |
| 4 |
bidr.io
3 redirects
segment.prod.bidr.io — Cisco Umbrella Rank: 6631 match.prod.bidr.io — Cisco Umbrella Rank: 615 |
2 KB |
| 4 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11124 |
3 KB |
| 4 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65 |
282 KB |
| 3 |
adnxs.com
1 redirects
secure.adnxs.com — Cisco Umbrella Rank: 464 |
2 KB |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 54 |
21 KB |
| 3 |
connextra.com
zz.connextra.com — Cisco Umbrella Rank: 16616 |
17 KB |
| 3 |
powerplay-content.com
powerplay-content.com wp.powerplay-content.com |
3 KB |
| 2 |
brevo.com
in-automate.brevo.com — Cisco Umbrella Rank: 23097 |
141 B |
| 2 |
sibautomation.com
sibautomation.com — Cisco Umbrella Rank: 22157 |
4 KB |
| 2 |
powerplaybet.com
2 redirects
www.powerplaybet.com |
2 KB |
| 2 |
akutapro.com
2 redirects
akutapro.com — Cisco Umbrella Rank: 186871 |
2 KB |
| 2 |
myckdom.com
1 redirects
myckdom.com — Cisco Umbrella Rank: 114921 p374591.myckdom.com |
1 KB |
| 1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 9674 |
455 B |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
455 B |
| 1 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 |
2 KB |
| 1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1175 |
7 KB |
| 1 |
websassessor.com
1 redirects
websassessor.com |
2 KB |
| 77 | 19 |
| Domain | Requested by | |
|---|---|---|
| 39 | st.ppsrvs.com |
powerplay.com
st.ppsrvs.com |
| 9 | powerplay.com |
1 redirects
p374591.myckdom.com
powerplay.com static.cloudflareinsights.com |
| 4 | my.rtmark.net |
powerplay.com
|
| 4 | www.googletagmanager.com |
powerplay.com
www.googletagmanager.com |
| 3 | secure.adnxs.com |
1 redirects
powerplay.com
|
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 3 | zz.connextra.com |
powerplay.com
zz.connextra.com |
| 2 | in-automate.brevo.com |
sibautomation.com
|
| 2 | match.prod.bidr.io | 2 redirects |
| 2 | segment.prod.bidr.io |
1 redirects
powerplay.com
|
| 2 | sibautomation.com |
p374591.myckdom.com
sibautomation.com |
| 2 | powerplay-content.com |
powerplay.com
|
| 2 | www.powerplaybet.com | 2 redirects |
| 2 | akutapro.com | 2 redirects |
| 1 | wp.powerplay-content.com |
st.ppsrvs.com
|
| 1 | www.google.ca |
powerplay.com
|
| 1 | www.google.com |
powerplay.com
|
| 1 | googleads.g.doubleclick.net |
www.googletagmanager.com
|
| 1 | static.cloudflareinsights.com |
powerplay.com
|
| 1 | www.powerplay.com | 1 redirects |
| 1 | p374591.myckdom.com | |
| 1 | myckdom.com | 1 redirects |
| 1 | websassessor.com | 1 redirects |
| 77 | 23 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.powerplay.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.myckdom.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-20 - 2024-03-20 |
a year | crt.sh |
| powerplay.com Cloudflare Inc ECC CA-3 |
2023-08-08 - 2024-08-06 |
a year | crt.sh |
| *.ppsrvs.com Amazon RSA 2048 M01 |
2023-06-23 - 2024-07-21 |
a year | crt.sh |
| powerplay-content.com Go Daddy Secure Certificate Authority - G2 |
2023-06-11 - 2024-07-12 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
| *.connextra.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-28 - 2024-03-28 |
a year | crt.sh |
| rtmark.net R3 |
2023-07-25 - 2023-10-23 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
| *.google.ca GTS CA 1C3 |
2023-07-17 - 2023-10-09 |
3 months | crt.sh |
| *.adnxs.com GeoTrust ECC CA 2018 |
2023-02-13 - 2024-03-15 |
a year | crt.sh |
| brevo.com GTS CA 1P5 |
2023-07-03 - 2023-10-01 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447233650&siteid=43764
Frame ID: 79EC23A0B05410CF3C1DF63D3E0538C4
Requests: 69 HTTP requests in this frame
Frame:
https://powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Frame ID: 85E6DD6F39BCD7B26DDA3FCBCF5D2815
Requests: 2 HTTP requests in this frame
Frame:
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
Frame ID: 25AD6ACDF6F80C079B316975EBF52A35
Requests: 1 HTTP requests in this frame
Frame:
https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Frame ID: D408AB385ACB71AAB8A7F0181E7296F8
Requests: 1 HTTP requests in this frame
Frame:
https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
Frame ID: 01E0AE1D769406409387175646D6BBBF
Requests: 1 HTTP requests in this frame
Frame:
https://zz.connextra.com/sync/data/uid/508a5e2dd5/AADdGk7JrBcAACTwLXwokw
Frame ID: 73C267F090A992AB12E77C051177D0E5
Requests: 1 HTTP requests in this frame
Frame:
https://sibautomation.com/cm.html?key=gm86guigrko4zzgucol1x
Frame ID: BF680FC5E0B5B9C4106029C4DF39720F
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Online Betting | Live Casino | Bet with PowerPlay | Free Bet OffersPage URL History Show full URLs
-
http://websassessor.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=Un8YNmzNixpBeyQY0ySqLY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hq... HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADGlsdU_Ap5xuwgzojbhfQDEIlx-DD295T... Page URL
-
https://akutapro.com/click?trvid=15507&externalid=90598403042&var1=6pcadt_447233650&var2=6p&var3=...
HTTP 302
https://akutapro.com/double?t=1&d=aHR0cHM6Ly93d3cucG93ZXJwbGF5YmV0LmNvbS9DLmFzaHg_YnRhZz1hXzQzNzY... HTTP 302
https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinow... HTTP 302
https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinow... HTTP 302
https://www.powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447233650&... HTTP 302
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447233650&... Page URL
Detected technologies
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Cloudflare Browser Insights
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.powerplay.com/register/?pptag=a_43764b_18876c_casinowb_6pcadt_447233650
Title: CLAIM NOW
Title: CLAIM NOW
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://websassessor.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=Un8YNmzNixpBeyQY0ySqLY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwzRPs96e1GFXtbRuG0gRx5fWSmXEdAbNfSJMFFRt4LETxMmauedZJJdGccdLmh1mIPpXnbtDA37_EQtOzSmkRPfxZgn8Xtoh0uKAPGqqCr8Ui9g71TKZ3J78EyaNywTu2A_vMfJV532MP2LuD2jnUGLVJrpBjIcJMZ4uwXhBA2lC6Yx2AgX1Y3lBdmDDTgofr55n-Avv65mwIqzXQV3tqGLT3e9alO6su0McFSq0pHcEVEdKUq-5SGyNQFmkOBlYt-NghghXV7K8IkMyzBF3qqtXXzmkiVqMakZ_dhEWVGbc2xJjEO-SHNQ2gYRz99tIM4T4p7jHNkNWPo0uP5o2FMo2UznG8kViqF1dtcFW9FHDmM3oIeCACRayCcTOJIgv0M5OzD5n8OmxdEhB2vKDUar3py_jHveTqzazu6fqZU6YQW-JvKnqUg-B3mWqTC9Eyssiqm2DtURvNUULoMNrqTjJ2rvHwsq3SEexEpl5bYu8oD_9-W2KMRcl2lUVVxNwpHjh15Pwdom61EYyjXoVRmKvoJLfLECpIBS5qhMchHTleosUPheeFzPAReLku5TFMopmo4UyBe48S7kow7RcudzdB-N9BaZTPAnHd35F6NCYW0oDhRAFag5nmuWPBgSQumt4qcz1dWn4MwvYl80N4HsEIVocpwYL2OsuALz-aQBGpv4hP_6BDH4MCiotyIYrh1s_6SN_9Bt4mSe6FKMq5XzVZaHvkqmM7j9CaMeMgQ1PrcsalzmHKrAO8AThKeEbqhrDDt9KCDVBFq6NVxAYl9cUDqwUCB-5aufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu9DEHhty8LsHlhdxKlAzKkEJ7eff9drxrSGFGCXXWTRhBR5kHBtJAU65DlHMofgLN8lgO41Nz2FGXE2nlWriQ3WpDOKZT2GwvbcYyrD-IpuSSJe4mZBaQnJn8w0D5C0cK7JV-C50-uNE6Dt_MS-nUQBXH8dLYd0OJH1P25KgR6d7NU4dQs-kOW3bYJR9CE-zaBqkvuIXV74rC_ya3cwEcQHoyEOp_uQSuZ5e9L-vz5CNx9wfH_dcBQ6bU1gmGsb8DZg3ay4qS4f6dJXkhrr7q_G7-udUO0MaxMmDW_olsHQNA HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADGlsdU_Ap5xuwgzojbhfQDEIlx-DD295T_zrtSGNAreXYefpTnChea9zDrZSkZ_jfgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHF01jUtv7hJjSV5Ia6-6vxkv7EJ8xQviaeyZeB4t_supWqKJJaubNWhgRzhG995qA6ky_wuOTllwPAe_L4WAxrb0j8VI4HwzgjfUyJD3c4bEijLAL7a-coi7PCf8K6nKpAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn6LRFKy_60DM&ui=Un8YNmzNixpBeyQY0ySqLfbWwvziNp_1xLgNeF8Zj-jpnkUjb-yTfUhYhw4LeCkPkcRS6qpSOCCGSH8xsJFeAvix96OmEq-FHsK64pa0O1YTACA9xMJ-0Q&si=1&oref=43d7c9d6507360fc6d98b5cf737f21e0&optunit=Iik56Kr20sOWXaBRRgIPq2WSQsQHXjql&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0 Page URL
-
https://akutapro.com/click?trvid=15507&externalid=90598403042&var1=6pcadt_447233650&var2=6p&var3=Desktop_Windows+10_Chrome+115_UNKNOWN_websassessor.com+RO_@@CREATIVE-ID@@
HTTP 302
https://akutapro.com/double?t=1&d=aHR0cHM6Ly93d3cucG93ZXJwbGF5YmV0LmNvbS9DLmFzaHg_YnRhZz1hXzQzNzY0Yl8xODg3NmNfJmFmZmlkPTcwMDM1ODAmc2l0ZWlkPTQzNzY0JmFkaWQ9MTg4NzYmYz1jYXNpbm93Yl82cGNhZHRfNDQ3MjMzNjUw HTTP 302
https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinowb_6pcadt_447233650 HTTP 302
https://www.powerplaybet.com/C.ashx?btag=a_43764b_18876c_&affid=7003580&siteid=43764&adid=18876&c=casinowb_6pcadt_447233650&AutoR=1 HTTP 302
https://www.powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447233650&siteid=43764 HTTP 302
https://powerplay.com/ontario/lp/CA_1000CB_scroll/?btag=a_43764b_18876c_casinowb_6pcadt_447233650&siteid=43764 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://websassessor.com/ HTTP 302
- https://myckdom.com/aS/feedclick?s=Un8YNmzNixpBeyQY0ySqLY8uDhK_8R6j6jUvurVsDL7J9-5EtRimpRG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlEFmHqGJpUI3NDajatOk7jXw4cmSiDMaysLI_RalizEQmcVjFyxSKD9mNp-ZNGHhwzRPs96e1GFXtbRuG0gRx5fWSmXEdAbNfSJMFFRt4LETxMmauedZJJdGccdLmh1mIPpXnbtDA37_EQtOzSmkRPfxZgn8Xtoh0uKAPGqqCr8Ui9g71TKZ3J78EyaNywTu2A_vMfJV532MP2LuD2jnUGLVJrpBjIcJMZ4uwXhBA2lC6Yx2AgX1Y3lBdmDDTgofr55n-Avv65mwIqzXQV3tqGLT3e9alO6su0McFSq0pHcEVEdKUq-5SGyNQFmkOBlYt-NghghXV7K8IkMyzBF3qqtXXzmkiVqMakZ_dhEWVGbc2xJjEO-SHNQ2gYRz99tIM4T4p7jHNkNWPo0uP5o2FMo2UznG8kViqF1dtcFW9FHDmM3oIeCACRayCcTOJIgv0M5OzD5n8OmxdEhB2vKDUar3py_jHveTqzazu6fqZU6YQW-JvKnqUg-B3mWqTC9Eyssiqm2DtURvNUULoMNrqTjJ2rvHwsq3SEexEpl5bYu8oD_9-W2KMRcl2lUVVxNwpHjh15Pwdom61EYyjXoVRmKvoJLfLECpIBS5qhMchHTleosUPheeFzPAReLku5TFMopmo4UyBe48S7kow7RcudzdB-N9BaZTPAnHd35F6NCYW0oDhRAFag5nmuWPBgSQumt4qcz1dWn4MwvYl80N4HsEIVocpwYL2OsuALz-aQBGpv4hP_6BDH4MCiotyIYrh1s_6SN_9Bt4mSe6FKMq5XzVZaHvkqmM7j9CaMeMgQ1PrcsalzmHKrAO8AThKeEbqhrDDt9KCDVBFq6NVxAYl9cUDqwUCB-5aufsZRntBDqVPNC_OJaKrruNNVC9UvhJwljCoRyouWo1FrxW_XL0h9YLdDyfApm4RAVBoHw3O1Gpopyec5UJrWC1Wh3KHXo275meCTasL7X8TY03EDqJv4hUwjJBAo8FARU_6cwqzIu9DEHhty8LsHlhdxKlAzKkEJ7eff9drxrSGFGCXXWTRhBR5kHBtJAU65DlHMofgLN8lgO41Nz2FGXE2nlWriQ3WpDOKZT2GwvbcYyrD-IpuSSJe4mZBaQnJn8w0D5C0cK7JV-C50-uNE6Dt_MS-nUQBXH8dLYd0OJH1P25KgR6d7NU4dQs-kOW3bYJR9CE-zaBqkvuIXV74rC_ya3cwEcQHoyEOp_uQSuZ5e9L-vz5CNx9wfH_dcBQ6bU1gmGsb8DZg3ay4qS4f6dJXkhrr7q_G7-udUO0MaxMmDW_olsHQNA HTTP 302
- https://p374591.myckdom.com/adServe/domainClick?ai=sMncISYRYLd8nnN699HADGlsdU_Ap5xuwgzojbhfQDEIlx-DD295T_zrtSGNAreXYefpTnChea9zDrZSkZ_jfgafDdQqpNxpaoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHF01jUtv7hJjSV5Ia6-6vxkv7EJ8xQviaeyZeB4t_supWqKJJaubNWhgRzhG995qA6ky_wuOTllwPAe_L4WAxrb0j8VI4HwzgjfUyJD3c4bEijLAL7a-coi7PCf8K6nKpAOiOAfLKc3X6tVUHBRtKv-3MVfKXZeqnjZ1KsGQdcLbXy9rWOEYUYjyN2o-3EfhQIlDjxDeukss2V8Z1_cNyh9cIHqGMuP9gcBeRmJ93EJu5kygdpabC421p2h3hBQbn6LRFKy_60DM&ui=Un8YNmzNixpBeyQY0ySqLfbWwvziNp_1xLgNeF8Zj-jpnkUjb-yTfUhYhw4LeCkPkcRS6qpSOCCGSH8xsJFeAvix96OmEq-FHsK64pa0O1YTACA9xMJ-0Q&si=1&oref=43d7c9d6507360fc6d98b5cf737f21e0&optunit=Iik56Kr20sOWXaBRRgIPq2WSQsQHXjql&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
- https://powerplay.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
- https://secure.adnxs.com/seg?add=25129714&t=2 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D25129714%26t%3D2
- https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value= HTTP 303
- https://segment.prod.bidr.io/associate-segment?buzz_key=geniussportsmedia&segment_key=geniussportsmedia-1509&value=&_bee_ppp=1
- https://match.prod.bidr.io/cookie-sync/geniussports HTTP 303
- https://match.prod.bidr.io/cookie-sync/geniussports?_bee_ppp=1 HTTP 303
- https://zz.connextra.com/sync/data/uid/508a5e2dd5/AADdGk7JrBcAACTwLXwokw
77 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
domainClick
p374591.myckdom.com/adServe/ Redirect Chain
|
366 B 660 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
powerplay.com/ontario/lp/CA_1000CB_scroll/ Redirect Chain
|
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rocket-loader.min.js
powerplay.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pp-default.min.css
st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pp-main.min.css
st.ppsrvs.com/assets/lps/scr/4f1ffd48/css/ |
28 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.svg
st.ppsrvs.com/img/ppdesign/lp-swi/img/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
DT_CA-EN_LP_1000CB.jpg
st.ppsrvs.com/img/lp-scr/ |
143 KB 144 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CA-EN_LP-1000-casino-bonus-not-comma.svg
st.ppsrvs.com/img/lp-scr/main/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flag-icon-ca.svg
st.ppsrvs.com/img/lp-scr/main/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main-free-chips-ONT.svg
st.ppsrvs.com/img/lp-scr/main/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer_safe-and-secure.svg
st.ppsrvs.com/img/lp-scr/footer/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer__betting-site.svg
st.ppsrvs.com/img/lp-scr/footer/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer__seen-on-tv.svg
st.ppsrvs.com/img/lp-scr/footer/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer__Igaming.svg
st.ppsrvs.com/img/lp-scr/footer/ |
13 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
timer-icon.svg
st.ppsrvs.com/img/lp-scr/icons/ |
971 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cup-icon.svg
st.ppsrvs.com/img/lp-scr/icons/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
interac.svg
st.ppsrvs.com/img/lp-scr/icons/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
visa.svg
st.ppsrvs.com/img/lp-scr/icons/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mastercard.svg
st.ppsrvs.com/img/lp-scr/icons/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payicon-paysafecard.svg
st.ppsrvs.com/img/lp-scr/icons/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
support-bg.png
st.ppsrvs.com/img/lp-scr/slide/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
avatar.png
st.ppsrvs.com/img/lp-scr/slide/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
game-1.jpg
st.ppsrvs.com/img/lp-scr/games/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
game-2.jpg
st.ppsrvs.com/img/lp-scr/games/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
game-3.jpg
st.ppsrvs.com/img/lp-scr/games/ |
21 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
game-4.jpg
st.ppsrvs.com/img/lp-scr/games/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flag-icon-ca.svg
powerplay-content.com/ppdesign/lp-swi/img/main/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close.svg
powerplay-content.com/ppdesign/lp-swi/img/icons/ |
396 B 575 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
react-vendors.e229ec7-97e3460-f340cfcb2.js
powerplay.com/ |
663 KB 180 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
csr.e229ec7-97e3460-f340cfcb2.js
powerplay.com/ |
248 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
services.e229ec7-97e3460-f340cfcb2.js
powerplay.com/ |
84 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
224 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checking.svg
st.ppsrvs.com/img/lp-scr/icons/ |
578 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-ExtraBold.woff2
st.ppsrvs.com/fonts/ |
62 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-Black.woff2
st.ppsrvs.com/fonts/ |
58 KB 59 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-Bold.woff2
st.ppsrvs.com/fonts/ |
62 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-Regular.woff2
st.ppsrvs.com/fonts/ |
61 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Montserrat-Medium.woff2
st.ppsrvs.com/fonts/ |
61 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
34800f16-0596-4ad1-a11b-25a854390ab7
https://powerplay.com/ |
291 B 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
landingpage
zz.connextra.com/dcs/tagController/tag/770b6a2a5625/ |
45 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.js
my.rtmark.net/ |
697 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p.js
my.rtmark.net/ |
697 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-bundle.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
180 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11031019498/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/11031019498/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.ca/pagead/1p-user-list/11031019498/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sa.js
sibautomation.com/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
177 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
js
www.googletagmanager.com/gtag/ |
211 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
invisible.js
powerplay.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/ Frame 85E6 Redirect Chain
|
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
admin-ajax.php
wp.powerplay-content.com/wp-admin/ |
199 B 427 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
770b6a2a5625
zz.connextra.com/PowerPlay/dcs/tagController/tagData/ |
0 533 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bounce
secure.adnxs.com/ Frame 25AD Redirect Chain
|
43 B 837 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getuidnb
secure.adnxs.com/ Frame D408 |
43 B 574 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
associate-segment
segment.prod.bidr.io/ Frame 01E0 Redirect Chain
|
43 B 796 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AADdGk7JrBcAACTwLXwokw
zz.connextra.com/sync/data/uid/508a5e2dd5/ Frame 73C2 Redirect Chain
|
43 B 413 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
rum
powerplay.com/cdn-cgi/ |
0 141 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cm.html
sibautomation.com/ Frame BF68 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
7f4fc1009b0ca21d
powerplay.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 85E6 |
0 268 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/g/ |
0 170 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cm
in-automate.brevo.com/ Frame BF68 |
0 108 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 91 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
in-automate.brevo.com/ |
0 33 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-redirects.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
724 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-setLanguage.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
363 B 725 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-detectMouseMove.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
405 B 766 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-setBtag.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
441 B 818 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-dynamicAdapt.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-initPopups.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-slider.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
135 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-counterTimer.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
509 B 869 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
my.rtmark.net/ |
43 B 490 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
my.rtmark.net/ |
43 B 490 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pp-createAffiliateCookie.js
st.ppsrvs.com/assets/lps/scr/4f1ffd48/js/ |
430 B 806 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer object| webpackChunk function| react-vendors object| regeneratorRuntime object| csr object| google_tag_manager object| google_tag_data object| __cfQR object| __cfBeacon object| GooglebQhCsO object| sib object| sendinblue boolean| __cfRLUnblockHandlers string| GoogleAnalyticsObject function| ga object| webpackChunkppdesign object| ppScope object| cxt_conf object| cxt_mod_shared_scope function| cxtdcs function| cxtdcs_pt object| gaGlobal object| gaplugins object| gaData34 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .myckdom.com/ | Name: rhid Value: 83530880387 |
|
| .myckdom.com/ | Name: loi Value: ad_1655191_off_1097836_aff_92356_cid_374591-WEBSASSESSOR.COM_ts_1691749308 |
|
| akutapro.com/ | Name: ClickDataNG Value: H4sIAAAAAAAA_3xUXW_bOBD8K8I-tYhOJq0P2yqMxqcUd0GapGid5uUAgSLXNmGZ1JGUFV_b_36gpLpGUfRNuzskZz0z_gJHNFZqBTnQiEQEQnCnBiEnIdi2Wn__5lod0TgUkG9YbTEEXku-vxWQw5z92xm62LSiiyEEwRxCTrMFnSWLmMxD4OzQMLlVHk3TlMxCkLb4sDrfZbRjTuoekKZ0HoJpa_QVCcGgkAa5u0e30wLyOASrW8P7OU3iEGqmhFTbET9WT6aGHCAEvdmg6bExoXEIlWGK70ZwPxygO-cam08mXddFje7QNDU7Vegirg-TImJ29_K2cmy7ZGUSz7KkKul8Pst4-U9LyDRjm40UyxkhcTonQ8tKh1Ise_QIElIs-2NDzZecWal0V5VZw5lwZZLMpnGcpV4Jrq0bf4IjqnZQomEn3bof5IvWGFT8BDk8fbqBEFojL7Zh-9axxuh-i16zt84cPQsvxMACXxwaxWoplguSLuYJiUkyHWZHZujyZ27n0XSZNeciXt6g3TvdlM9SCd3ZK0rKYmf0Aa8oTcunh7uHx-eHssPKMmvRWm08rauPj-X1dfHx3Wp9-_ndH7c319cQgmxWQhi01ltznkZTOo0onUfJ5SwbJG4tmtUWlYMc7vV_sq7ZJI1I8GokEjysA0oi8iZ4lipL3gQvWfI6WDVNjc9Y3Uk3SeNZFGfBq7u_1_fvw6CWewz-Qr7Xr4NhgwmlaUSidLYgEZ2R4BPbMCPHc-Al2qBBM_AReJQcz-HRfoeRijek_fwjdF7nyujO9meHt843_GmYEpdX3muB9WXjgR1wqPnwHBTaNNr4DPqUNZDDB8b36HZtFdiIRb2vWuWMd0yx6qlvBzLF6uvXR-WYkdqjpDuNzbU2WjnfbJhB5QrvozFdRm6let9ctJxhyjI-BNpCrtq6DoG31ukD5F_gu936P48Lw0EIRwI5_CIJR9r3_dcUcvjJZ8HZZ8HvfBb8wmffvv0fAAD___mn39EDBQAA |
|
| akutapro.com/ | Name: ClickDataNgFall Value: H4sIAAAAAAAA_3xUXW_bOBD8K8I-tYhOJq0P2yqMxqcUd0GapGid5uUAgSLXNmGZ1JGUFV_b_36gpLpGUfRNuzskZz0z_gJHNFZqBTnQiEQEQnCnBiEnIdi2Wn__5lod0TgUkG9YbTEEXku-vxWQw5z92xm62LSiiyEEwRxCTrMFnSWLmMxD4OzQMLlVHk3TlMxCkLb4sDrfZbRjTuoekKZ0HoJpa_QVCcGgkAa5u0e30wLyOASrW8P7OU3iEGqmhFTbET9WT6aGHCAEvdmg6bExoXEIlWGK70ZwPxygO-cam08mXddFje7QNDU7Vegirg-TImJ29_K2cmy7ZGUSz7KkKul8Pst4-U9LyDRjm40UyxkhcTonQ8tKh1Ise_QIElIs-2NDzZecWal0V5VZw5lwZZLMpnGcpV4Jrq0bf4IjqnZQomEn3bof5IvWGFT8BDk8fbqBEFojL7Zh-9axxuh-i16zt84cPQsvxMACXxwaxWoplguSLuYJiUkyHWZHZujyZ27n0XSZNeciXt6g3TvdlM9SCd3ZK0rKYmf0Aa8oTcunh7uHx-eHssPKMmvRWm08rauPj-X1dfHx3Wp9-_ndH7c319cQgmxWQhi01ltznkZTOo0onUfJ5SwbJG4tmtUWlYMc7vV_sq7ZJI1I8GokEjysA0oi8iZ4lipL3gQvWfI6WDVNjc9Y3Uk3SeNZFGfBq7u_1_fvw6CWewz-Qr7Xr4NhgwmlaUSidLYgEZ2R4BPbMCPHc-Al2qBBM_AReJQcz-HRfoeRijek_fwjdF7nyujO9meHt843_GmYEpdX3muB9WXjgR1wqPnwHBTaNNr4DPqUNZDDB8b36HZtFdiIRb2vWuWMd0yx6qlvBzLF6uvXR-WYkdqjpDuNzbU2WjnfbJhB5QrvozFdRm6let9ctJxhyjI-BNpCrtq6DoG31ukD5F_gu936P48Lw0EIRwI5_CIJR9r3_dcUcvjJZ8HZZ8HvfBb8wmffvv0fAAD___mn39EDBQAA |
|
| www.powerplaybet.com/ | Name: CEK Value: a |
|
| www.powerplaybet.com/ | Name: XYZ Value: 120&1&148&&&&0&1&&660d0c1b-8930-44b1-b685-688d071fcc89&&a_43764b_18876& |
|
| www.powerplaybet.com/ | Name: A_18876 Value: a=18876&r=0&fv=0&lv=0&vc=0&fc=20230811&lc=20230811102149&cc=1 |
|
| www.powerplaybet.com/ | Name: PM_196 Value: id=de320b45-db82-4131-b1e1-db595a26241e&c=casinowb_6pcadt_447233650&s=43764&ad=18876&md=0&pm=196&d=20230811102149&ip=3117708804&r=0&ref=&RedirectParams=btag%3Da_43764b_18876c_casinowb_6pcadt_447233650%26siteid%3D43764&cip=MTg1LjIxMi4xMTguNA== |
|
| .www.powerplay.com/ | Name: __cf_bm Value: Fs3WHC7jVnB3C.5kGAjiiStqbcgpUn.alGYm1Vm2QvY-1691749309-0-AQnA5c1XjjH0g9QsrcUVv1pH5PkZOR/K25ABMP6wGc6WueqKJINQEkQh6CRx0QVI1YTIVh4pt45J491JVVBW5K9xXSEwG+xu3YjWfvJ0eWUg |
|
| powerplay.com/ | Name: JSESSIONID Value: "WR8Dwu1LiKeGKyct3DoElhzYNoVCfYYz9pDAkPVT.ppca-app1.rs.fsbtech.com:ppca-app1.rs.fsbtech.com-wildfly" |
|
| powerplay.com/ | Name: currencyCode Value: CAD |
|
| powerplay.com/ | Name: languageId Value: 1 |
|
| powerplay.com/ | Name: localeKey Value: en |
|
| powerplay.com/ | Name: siteId Value: 5 |
|
| powerplay.com/ | Name: SERVERID Value: ppca-app2|ZNYLw|ZNYLw |
|
| .powerplay.com/ | Name: __cf_bm Value: dnmhWtRCAd3Gaxtat3W596VcP6x90N3TqOMomqziWsA-1691749309-0-AecaX7lUv9GyI6fy9gkHEK101SuzfsNp95ozYESS1h61sMRPVC5OdwpLkwZx0+/mpaxZyoejdDvMWwMkOpVNrL+BXGF9h3X2NerQdmPzK2rh |
|
| powerplay.com/ | Name: clid Value: 30943ef6-7948-44f7-fa21-623a27b6a5a1 |
|
| powerplay.com/ | Name: affiliateTrack Value: {%22affiliateName%22:%22?btag%22%2C%22affiliateValue%22:%22a_43764b_18876c_casinowb_6pcadt_447233650&siteid%22} |
|
| .powerplay.com/ | Name: _gcl_au Value: 1.1.2124292559.1691749310 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .powerplay.com/ | Name: sib_cuid Value: 8b6d31af-a3b0-4b9e-b7ef-134ec19a5435 |
|
| .connextra.com/ | Name: CxtId Value: 636af6c9-b7f0-4ad4-babd-8159ff389cfb |
|
| .connextra.com/ | Name: PowerPlay Value: P%7Clandingpage%7C1%7C202308111121 |
|
| .adnxs.com/ | Name: uuid2 Value: 894605101040946465 |
|
| .powerplay.com/ | Name: _ga_Y3KG8VDTHZ Value: GS1.1.1691749310.1.0.1691749310.0.0.0 |
|
| sibautomation.com/ | Name: uuid Value: 09873631-2ad1-4547-90e1-e92acafe0ffd |
|
| .powerplay.com/ | Name: cf_clearance Value: G.j5bX1cbhnKmBSGD_ZsoiSRMiD5KilqIjBMYGvMj74-1691749310-0-1-9826a988.2da50190.cf27f668-0.2.1691749310 |
|
| .powerplay.com/ | Name: _ga Value: GA1.2.322100894.1691749311 |
|
| .powerplay.com/ | Name: _gid Value: GA1.2.1331586088.1691749311 |
|
| .powerplay.com/ | Name: _gat_gtag_UA_119769874_6 Value: 1 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Ildm4n9z!]tbP6j2F-XstGt!@DpN$t6PD |
|
| .bidr.io/ | Name: bitoIsSecure Value: ok |
|
| .bidr.io/ | Name: bito Value: AAFkLU7JrBcAACBFhr1tmg |
|
| my.rtmark.net/ | Name: ID Value: 8f155fdaffb14e1da26db20bf496c1a9 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
akutapro.com
googleads.g.doubleclick.net
in-automate.brevo.com
match.prod.bidr.io
my.rtmark.net
myckdom.com
p374591.myckdom.com
powerplay-content.com
powerplay.com
secure.adnxs.com
segment.prod.bidr.io
sibautomation.com
st.ppsrvs.com
static.cloudflareinsights.com
websassessor.com
wp.powerplay-content.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.powerplay.com
www.powerplaybet.com
zz.connextra.com
104.16.57.101
104.18.13.29
104.18.28.20
104.18.31.104
104.18.5.148
139.45.195.8
160.153.235.136
167.172.228.26
172.217.13.104
172.217.13.132
172.217.13.195
172.217.13.206
172.217.13.98
20.93.81.72
34.234.154.208
52.117.247.211
52.204.75.117
52.45.229.60
68.67.179.166
72.247.68.185
99.84.160.87
07c9b43d551b0d49dd37ce4138b6a10a892292995955f9091bd962d3d8fcc949
0cb9692a8a85234e44d494a961a417cd01316caaa4d38b668be9892a9571d335
10e8276f1b592bf92c9b41a7c4507d67316ed62e87f6c6b3cb0476d317f68080
111a74931f4c9dbea25230524a64f76bdb8064b6cbc476b1aa571ca6aaa6ed6e
126e5a82ae666d429d3ae7e57be6eda6c975ec9fe18d0d21df27aad79fdee1ac
14ecf14f7ee782f8057ef81c23e44a22f64caf10d736f30be2f250e662b1d3ec
15f02c5838c6793f05c8c2f0e917b624f295aa884be53af22d942106c1a5887b
170be8230b71c7276d7f1b8ae46638f893216bb2dc3f9cb4d7320e88fa558dd0
171695fad3293c42592a04c152452710b9fc086508972c682217b7f2c6a1f731
19693a063859fbc73bba7004aa8a0908c526a489d6eb3181fc161f6b21e6a502
32ab5f8c0959e3400adae0e888fcc69695c4c6f6f50d9d329b3ecc5689063ab2
3c27d9b3aee0ee9e3e7e6231b246f25542f4139c01140d20f812eec27834cb6f
3c9d1126e2917a35816f5846f495faa9da19b4ca8b1ddff23981dec67302c6e3
3d5506854228cd2719cf860e3d48f21ffe9ab70512b63b5130f52d8779c1f63c
3f4c9fc91b975aaaeb07c88766cbf604f7bd7e62c0e317f114074ae26b1e165f
440e51e97a1f1e0f89fd9e4f5c679588c0f3124005365b71d3e64861a084dce9
484ee616de01e916ba4ce6e8c48fa6551f6ec9c215ced5b31575762b535eba08
48aba20e2721ef10913638f8c60a47bf9a46772817687ae9b33ce8cb7cd3de27
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508b3eba0feab2726c520379d719703d902ee584fd6ada6e5b36b3033b20369d
531afb8d462c60b454489c1041538a5db9767de6a24793df88a509a35a6398b5
56216f99251dd03c55f553b52bb5523f331e79caf984999d2fb19854fb67bb08
57ad6e36430aed8c974637cc02bd2ac0450c9fbdc8651c5757cfbe9bb22b5bcb
58dd618ab54b9d91dee0a2732c6e67c180efb196e1412a556f8cff6b8d277fcc
6154a7590615bf2649898db61cea8056988e4149b4dccdd11039018272ced0e0
652541be9999e94663d364c2de129df810eb4ce6f17134c9b546c42d24e63ea1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74ba75b04f4c6ab366f6ccc158d4267e7c3f1e66fca8c43333f955c6b19f7a6a
87c23a566aecd71a97288bb22d797a277c77a4e139fc5935cc8b910e3a2b21b8
8d405bfaaf9ecbc1ebb18881d2d77026f7e17312b64d3969c64b625c0aa47b42
8e19966797cd0817a0596258e64f132494b3feeec848f33509a99a10160d5f0c
9119462f6350c91b062884b4425f27f48be7063829347ecbfe6afb9af8e0b675
9727700ca4a55d10f4879e109180b3d9b1f42f9d4d474aa2a66117eddc3bb604
9a92326ae6f5aea36d4393910d678a6760ae6eadd0ab9be62c46a03082474ba9
a520141c4ce651b279a73fec818c8f5dff495797dc185183db968079ff8846ba
a7e85e99584cc92aa8f6115532092198b6f1117c4f46626f15a8e02639e42128
ab3d4ba968ab1b6b8403cf13a2fdddd4cf710f52aea5ee01e06e8e62b13181ea
adf6f196f7d5b42627608b531a6ee5f9af1e4b6a064680d6f8855925829b914b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a8b380044c8914bd056701890c61e05b58a0fc72f516395ff5d010a9a1cab1
b745a8848c639d15139e4017157c7207ac0a9e8d6948fcc2203267897e8c50ce
b7ef3fc2c877c901a53f282ad67b605b5553e0c5df723426dba4b7b78b1aef6a
be191b44f5c7989a743dc8c634df519ec31f416581b65e4377d3d9f3efeb1ff9
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c6dbdb02881aecef8a4408b23b30521eae5a17f8364791b79aacadb9a818c614
c6f4dbc1b2ff101fcd5db2559e16bdaa4f44c195bb42b7e5f1a1cd184ff74a27
c86348593a20522880f1a46a91eacd67e18cc15925bf0e197720344ab63599e8
cb754c69c75f59fb7de047a7dea616be73b6eec74c247dcda3109484073ebd0b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc2b549cfe75973a9fd32a72030d869f64a8055ce7d920b69ecee60b01fd213
d85caca825700df29d1acabcfda9ff45b1d1efac994f96a8e14b8f9f8906a2c9
d91f70bd85c30767de25f9c149e5ad150ad5d99c0058a191a93464e2dab1211d
dcbc05dab534985d9c5ef602ccc41663547f51187a246d0cfb3532b365889802
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd26ed38feabef8914c776ca02fd708233d6778304a377068f391f00a530efee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df8a4a1094e339e1339fdc3caee1fabe4a5beb8f97b939825de7bf5917850bb1
e18c2c1b2ca3939bffeb9ac90e47ce207aba9d1c06c4549576bc41f3d12a7bc8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bef68e90b255743b372bdf95b79507c8e37cb4f5fba2c52580973749e4ff1f
eb3230e4dadc08d9e8312c75f5b59c145fce03e630a72f508b64da7cc1386cd5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8167fbc5c1e56c68bea6cb59e801f73724566740ab4f66cbd93b6fa47463acc
fa71a7d7048a9a83d444a3c9d2f7e2b610b129b75306398e7636a48049fd1d3f
ff248eaa2944486c77fe83465ff08e71cb12f1219d0011164e8cac6d3bd73282
ffdd2071b5dce859b43f29e5d0fe90f35ba72684fdbcce012793aea6eeece28b