www.playship.com
Open in
urlscan Pro
2600:9000:20eb:1200:9:9944:5140:93a1
Public Scan
Submitted URL: http://rummycorner.com/
Effective URL: https://www.playship.com/
Submission: On March 06 via api from US — Scanned from DE
Effective URL: https://www.playship.com/
Submission: On March 06 via api from US — Scanned from DE
Summary
This website contacted 40 IPs
in 11 countries
across 36 domains to perform 85 HTTP transactions.
The main IP is 2600:9000:20eb:1200:9:9944:5140:93a1, located in
United States and
belongs to AMAZON-02, US.
The main domain is www.playship.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 28th 2023. Valid for: 5 months.
This is the only time www.playship.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon RSA 2048 M01 on February 28th 2023. Valid for: 5 months.
This is the only time www.playship.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
65.2.173.185
(Mumbai, India)
ASN16509 (AMAZON-02, US)
PTR: ec2-65-2-173-185.ap-south-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-65-2-173-185.ap-south-1.compute.amazonaws.com
| rummycorner.com |
1
3.7.103.75
(Mumbai, India)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-103-75.ap-south-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-103-75.ap-south-1.compute.amazonaws.com
| rummycorner.com |
2
65.1.33.206
(Mumbai, India)
ASN16509 (AMAZON-02, US)
PTR: ec2-65-1-33-206.ap-south-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-65-1-33-206.ap-south-1.compute.amazonaws.com
| playship.com |
3
2a00:1450:4001:811::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
13.234.128.110
(Mumbai, India)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-234-128-110.ap-south-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-234-128-110.ap-south-1.compute.amazonaws.com
| v9cjaad2mf.execute-api.ap-south-1.amazonaws.com |
2
2a03:2880:f084:d:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
2
2a03:2880:f11c:8183:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
2
35.212.133.238
(The Dalles, United States)
ASN15169 (GOOGLE, US)
PTR: 238.133.212.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 238.133.212.35.bc.googleusercontent.com
| x.bidswitch.net |
2
142.250.186.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
| cm.g.doubleclick.net |
2
37.252.173.215
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| ib.adnxs.com |
2
37.252.171.84
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
| secure.adnxs.com |
1
23.35.228.23
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
| contextual.media.net |
1
69.173.144.165
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
1
3.67.240.173
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-240-173.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-240-173.eu-central-1.compute.amazonaws.com
| match.sharethrough.com |
1
23.203.125.36
(Vienna, Austria)
ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com
| criteo-sync.teads.tv |
1
76.223.111.18
(United States)
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
| eb2.3lift.com |
2
18.144.106.164
(San Jose, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-106-164.us-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-106-164.us-west-1.compute.amazonaws.com
| ups.analytics.yahoo.com |
2
34.240.171.169
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-171-169.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-171-169.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
34.194.169.138
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-169-138.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-169-138.compute-1.amazonaws.com
| ad.360yield.com |
1
34.117.157.22
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
| matching.ivitrack.com |
1
35.158.48.183
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-48-183.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-48-183.eu-central-1.compute.amazonaws.com
| exchange.mediavine.com |
1
2600:1f18:612b:4280:b70f:b9c8:4de5:6bbf
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| criteo-partners.tremorhub.com |
1
184.24.4.64
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-4-64.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-24-4-64.deploy.static.akamaitechnologies.com
| ad.yieldlab.net |
1
54.188.190.65
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-190-65.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-190-65.us-west-2.compute.amazonaws.com
| sync-criteo.ads.yieldmo.com |
1
35.166.151.43
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-151-43.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-151-43.us-west-2.compute.amazonaws.com
| beacon.krxd.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 39 |
playship.com
2 redirects
www.playship.com playship.com |
443 KB |
| 11 |
criteo.com
5 redirects
dynamic.criteo.com — Cisco Umbrella Rank: 3762 gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719 sslwidget.criteo.com — Cisco Umbrella Rank: 1776 widget.as.criteo.com — Cisco Umbrella Rank: 35582 dis.criteo.com — Cisco Umbrella Rank: 686 |
28 KB |
| 4 |
adnxs.com
3 redirects
ib.adnxs.com — Cisco Umbrella Rank: 203 secure.adnxs.com — Cisco Umbrella Rank: 377 |
4 KB |
| 4 |
doubleclick.net
2 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 |
1 KB |
| 4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425 |
20 KB |
| 2 |
360yield.com
1 redirects
ad.360yield.com — Cisco Umbrella Rank: 663 |
854 B |
| 2 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 198 |
2 KB |
| 2 |
casalemedia.com
1 redirects
r.casalemedia.com — Cisco Umbrella Rank: 1347 |
2 KB |
| 2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265 |
508 B |
| 2 |
bidswitch.net
1 redirects
x.bidswitch.net — Cisco Umbrella Rank: 277 |
1 KB |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 105 |
235 B |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151 |
136 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44 |
138 KB |
| 2 |
sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4041 |
24 KB |
| 2 |
rummycorner.com
2 redirects
rummycorner.com |
287 B |
| 1 |
thebrighttag.com
s.thebrighttag.com |
268 B |
| 1 |
krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 585 |
338 B |
| 1 |
yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2212 |
38 B |
| 1 |
yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4455 |
525 B |
| 1 |
twiago.com
a.twiago.com — Cisco Umbrella Rank: 28098 |
153 B |
| 1 |
tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2372 |
183 B |
| 1 |
pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 668 |
579 B |
| 1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 733 |
145 B |
| 1 |
mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1370 |
883 B |
| 1 |
ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2540 |
274 B |
| 1 |
omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 745 |
236 B |
| 1 |
adform.net
cm.adform.net — Cisco Umbrella Rank: 1244 |
163 B |
| 1 |
3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 338 |
140 B |
| 1 |
teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1888 |
172 B |
| 1 |
taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1236 |
100 B |
| 1 |
smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 571 |
114 B |
| 1 |
sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518 |
35 B |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 313 |
239 B |
| 1 |
media.net
contextual.media.net — Cisco Umbrella Rank: 563 |
978 B |
| 1 |
amazonaws.com
v9cjaad2mf.execute-api.ap-south-1.amazonaws.com ayct4gm8tk.execute-api.ap-south-1.amazonaws.com Failed |
147 B |
| 0 |
emxdgt.com
Failed
e1.emxdgt.com Failed |
|
| 85 | 36 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| apps.apple.com |
| www.facebook.com |
| www.instagram.com |
| www.youtube.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.playship.com Amazon RSA 2048 M01 |
2023-02-28 - 2023-07-26 |
5 months | crt.sh |
| *.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3 |
2022-09-28 - 2023-10-30 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| *.execute-api.ap-south-1.amazonaws.com Amazon RSA 2048 M02 |
2023-02-07 - 2023-11-28 |
10 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-01-10 - 2023-03-15 |
2 months | crt.sh |
| *.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-04 - 2023-03-31 |
3 months | crt.sh |
| *.media.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-10 - 2024-02-18 |
a year | crt.sh |
| *.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-04-04 |
a year | crt.sh |
| *.sharethrough.com Amazon RSA 2048 M02 |
2023-02-10 - 2023-08-12 |
6 months | crt.sh |
| *.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-21 - 2024-01-23 |
a year | crt.sh |
| *.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-12-08 - 2023-12-31 |
a year | crt.sh |
| teads.tv R3 |
2023-02-21 - 2023-05-22 |
3 months | crt.sh |
| *.3lift.com Amazon RSA 2048 M01 |
2023-02-10 - 2023-06-11 |
4 months | crt.sh |
| *.adform.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-18 - 2023-06-16 |
a year | crt.sh |
| omnitagjs.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-21 - 2023-07-21 |
a year | crt.sh |
| itm.ivitrack.com R3 |
2023-02-03 - 2023-05-04 |
3 months | crt.sh |
| exchange.mediavine.com Amazon RSA 2048 M01 |
2023-02-11 - 2023-08-04 |
6 months | crt.sh |
| *.outbrain.com Thawte RSA CA 2018 |
2022-11-06 - 2023-11-28 |
a year | crt.sh |
| *.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2022-06-13 - 2023-07-14 |
a year | crt.sh |
| *.tremorhub.com Amazon RSA 2048 M01 |
2023-02-22 - 2024-03-23 |
a year | crt.sh |
| *.twiago.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-28 - 2023-12-29 |
a year | crt.sh |
| *.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-16 - 2023-11-15 |
a year | crt.sh |
| *.ads.yieldmo.com Amazon RSA 2048 M02 |
2023-02-07 - 2023-05-24 |
4 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.playship.com/
Frame ID: 3190511C051E3A14B7B83E74B6A0EF76
Requests: 54 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=www.playship.com&origin=onetag
Frame ID: 94528A4BEC8883CFA53ADD48A750FB37
Requests: 2 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: F9B848A6FCBBACB0DDCA8C93F2754593
Requests: 1 HTTP requests in this frame
Frame:
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-oMsIXEJWPqdERuxT8c0T-kIic_HOdQdEPZjt3Q&expires=30
Frame ID: 0F939427C5B75B55DFA0640C431F563B
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Rummy - Play Indian Rummy Online at PlayshipPage URL History Show full URLs
-
http://rummycorner.com/
HTTP 301
https://rummycorner.com/ HTTP 301
https://www.playship.com/ Page URL
Detected technologies
Sentry
(Issue Trackers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
- browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Nuxt.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <div [^>]*id="__nuxt"
- /_nuxt/
Vue.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
PubMatic
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://apps.apple.com/in/app/playship-rummy-cash-games/id1598953834
Title: Download App
Title: Download App
Search URL Search Domain Scan URL
URL: https://www.facebook.com/GamesPlayship/
Search URL Search Domain Scan URL
URL: https://www.instagram.com/playshipgames/
Search URL Search Domain Scan URL
URL: https://www.youtube.com/channel/UChBIILoLaM82hETszdr1mRQ
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://rummycorner.com/
HTTP 301
https://rummycorner.com/ HTTP 301
https://www.playship.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://playship.com/static/img/landing-usp/super-30-new-banner.png?mode=cover&origin=playship.com HTTP 301
- https://www.playship.com/static/img/landing-usp/super-30-new-banner.png?mode=cover&origin=playship.com
- https://playship.com/static/img/landing-usp/super-30-new-banner-mobile.png?mode=cover&origin=playship.com HTTP 301
- https://www.playship.com/static/img/landing-usp/super-30-new-banner-mobile.png?mode=cover&origin=playship.com
- https://gum.criteo.com/sid/json?origin=onetag&domain=playship.com&sn=ChromeSyncframe&so=0&topUrl=www.playship.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=4OIwPXxtcEtlSVJFVDFzM05hR1NkYlBGdjMvV3J5REVOSncxejlSZW9TTEt2d0hGNERabzJTdTAwRGZxWUg0M0FDYnlCNGRQUC9Dem5ZMjl2UG9ycW5FT1YvUUNoUDdxUnhFWXUza3lzWXloT3FTakcwaHNaL09sRkUrQkltREJybEMwamt1bXJ1WXVwRlBWSk1UcEhYa3lKQWdxem5TMTEweTZVQzBvdnQvdjV4bDZ0SS8vVWpza0ZxSzg5Mmo3WHFSb05FRE8zdE1pUXBLVkFlWVhDU0JCQktkZnFGOTN3d0NVZ3JGR0RCYmNIUXdyUWxjSkk3eGlLdHh5aFlLRGtNSTJKU0JxS2xRVmtkeU9PUGdUcFkrSVR4QT09fA&cppv=2
- https://sslwidget.criteo.com/event?a=93063&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=nBXmOV9hczJRcUhhZ09Ob0ZkbU9sQjAxSmN0bHRxSDUyNG1YaVQ0UlUzSTIxSDkzTEt5S25tdjFYaE5UJTJCRG52dyUyRnNsd0R2JTJCTW5NMXppYXZJb1RiUTJBZTJCdGd6NVFaWTBZSXJoWXJ1SHNSQXFHY1dJYnhTRHAyQXIyNmN6TjV0M2p2cDJNWkFmSnZnVDRMd1hPaExBaUdSVHclM0QlM0Q&tld=playship.com&dy=1&fu=https%253A%252F%252Fwww.playship.com%252F&dtycbr=59808 HTTP 302
- https://widget.as.criteo.com/event?a=93063&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=nBXmOV9hczJRcUhhZ09Ob0ZkbU9sQjAxSmN0bHRxSDUyNG1YaVQ0UlUzSTIxSDkzTEt5S25tdjFYaE5UJTJCRG52dyUyRnNsd0R2JTJCTW5NMXppYXZJb1RiUTJBZTJCdGd6NVFaWTBZSXJoWXJ1SHNSQXFHY1dJYnhTRHAyQXIyNmN6TjV0M2p2cDJNWkFmSnZnVDRMd1hPaExBaUdSVHclM0QlM0Q&tld=playship.com&dy=1&fu=https%253A%252F%252Fwww.playship.com%252F&dtycbr=59808
- https://x.bidswitch.net/sync?dsp_id=46&user_id=k-oMsIXEJWPqdERuxT8c0T-kIic_HOdQdEPZjt3Q&expires=30 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-oMsIXEJWPqdERuxT8c0T-kIic_HOdQdEPZjt3Q&expires=30
- https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-6Afxz0JWPqdERuxT8c0T-kIic_HQj9m_Yi-wzQ&google_cm&google_hm=ay02QWZ4ejBKV1BxZEVSdXhUOGMwVC1rSWljX0hRajltX1lpLXd6UQ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-6Afxz0JWPqdERuxT8c0T-kIic_HQj9m_Yi-wzQ&google_cm=&google_hm=ay02QWZ4ejBKV1BxZEVSdXhUOGMwVC1rSWljX0hRajltX1lpLXd6UQ&google_tc= HTTP 302
- https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-6Afxz0JWPqdERuxT8c0T-kIic_HQj9m_Yi-wzQ&google_gid=CAESEOcQoA90em6clUpvHKrnBQ0&google_cver=1&google_ula=913071,0
- https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
- https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4642186045547174364
- https://secure.adnxs.com/setuid?entity=52&code=k-rhoz20JWPqdERuxT8c0T-kIic_HfreyciqT1hA HTTP 307
- https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-rhoz20JWPqdERuxT8c0T-kIic_HfreyciqT1hA
- https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-B79TXEJWPqdERuxT8c0T-kIic_GD7EKKLaAN_w HTTP 302
- https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-B79TXEJWPqdERuxT8c0T-kIic_GD7EKKLaAN_w&verify=true
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-aJsyt0JWPqdERuxT8c0T-kIic_GJvJOz_6OUdA HTTP 302
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-aJsyt0JWPqdERuxT8c0T-kIic_GJvJOz_6OUdA&C=1
- https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
- https://dpm.demdex.net/ibs:dpid=28645&dpuuid=KIqOKfIpPzXlIrlfHMQlVpeE9SI6yu2c HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=KIqOKfIpPzXlIrlfHMQlVpeE9SI6yu2c
- https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-DHy2eEJWPqdERuxT8c0T-kIic_GboxTUzQL9Ow HTTP 302
- https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-DHy2eEJWPqdERuxT8c0T-kIic_GboxTUzQL9Ow
- https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0G8gbjUdXWUVJLmlOqs7Zcqg88T6GJvz
- https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
- https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=oMXk7Go_p3UPDzQFRR3l8U8upUu6vzf9
85 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.playship.com/ Redirect Chain
|
50 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
header-logo.png
www.playship.com/static/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
meet-usp.webp
www.playship.com/static/img/landing-usp/ |
25 KB 26 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
points.webp
www.playship.com/static/img/landing-usp/ |
8 KB 8 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
101-pool.webp
www.playship.com/static/img/landing-usp/ |
8 KB 8 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0380038.js
www.playship.com/_nuxt/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
57e5e31.js
www.playship.com/_nuxt/ |
216 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f78b833.css
www.playship.com/_nuxt/css/ |
254 B 676 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
67ff55c.js
www.playship.com/_nuxt/ |
151 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1823154.css
www.playship.com/_nuxt/css/ |
71 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2c19085.js
www.playship.com/_nuxt/ |
99 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dde9330.js
www.playship.com/_nuxt/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e280809.js
www.playship.com/_nuxt/ |
73 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7522d6b.js
www.playship.com/_nuxt/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8348cc9.css
www.playship.com/_nuxt/css/ |
44 B 467 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1713583.js
www.playship.com/_nuxt/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
12ceed4.css
www.playship.com/_nuxt/css/ |
9 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d7d09e1.js
www.playship.com/_nuxt/ |
59 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
state.js
www.playship.com/_nuxt/static/1678098583/ |
357 B 788 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
payload.js
www.playship.com/_nuxt/static/1678098583/ |
59 B 491 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
manifest.js
www.playship.com/_nuxt/static/1678098583/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
android.svg
www.playship.com/static/img/svg/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
super-30-new-banner.png
www.playship.com/static/img/landing-usp/ Redirect Chain
|
83 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
super-30-new-banner-mobile.png
www.playship.com/static/img/landing-usp/ Redirect Chain
|
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dots.svg
www.playship.com/static/img/ |
160 B 587 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
star-pattern-long.png
www.playship.com/img/landing-usp/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
add.svg
www.playship.com/static/img/svg/icons/ |
568 B 994 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flower-icon.svg
www.playship.com/static/img/landing-usp/ |
1 KB 952 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
game-icon.svg
www.playship.com/static/img/landing-usp/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
018e0e1.css
www.playship.com/_nuxt/css/ |
42 B 463 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
summary
www.playship.com/papi/home/ |
19 KB 20 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
summary
www.playship.com/papi/home/ |
19 KB 20 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vue.min.js
browser.sentry-cdn.com/6.1.0/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
166 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle.min.js
browser.sentry-cdn.com/6.1.0/ |
65 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pageView
v9cjaad2mf.execute-api.ap-south-1.amazonaws.com/default/ |
20 B 147 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dots-design.svg
www.playship.com/static/img/svg/ |
20 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
imps_withdraw.png
www.playship.com/static/img/landing/ |
907 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
free-cash-games.png
www.playship.com/static/img/landing-usp/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
industry-best.png
www.playship.com/static/img/landing-usp/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
referral-rewards.png
www.playship.com/static/img/landing-usp/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 347 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
107 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ld.js
dynamic.criteo.com/js/ld/ |
43 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
217 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 67 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 255 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
505874947105831
connect.facebook.net/signals/config/ |
378 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
syncframe
gum.criteo.com/ Frame 9452 |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sid
mug.criteo.com/ Frame 9452 Redirect Chain
|
425 B 660 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
www.facebook.com/tr/ Frame F9B8 |
0 50 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
event
widget.as.criteo.com/ Redirect Chain
|
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Frame 0F93 Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0F93 Redirect Chain
|
43 B 369 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 0F93 Redirect Chain
|
43 B 370 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
secure.adnxs.com/ Frame 0F93 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cksync.php
contextual.media.net/ Frame 0F93 |
237 B 978 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 0F93 |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v1
match.sharethrough.com/sync/ Frame 0F93 |
0 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
rtb-csync.smartadserver.com/redir/ Frame 0F93 |
43 B 114 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0F93 |
0 100 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
um
criteo-sync.teads.tv/ Frame 0F93 |
23 B 172 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xuid
eb2.3lift.com/ Frame 0F93 |
37 B 140 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
ups.analytics.yahoo.com/ups/58301/ Frame 0F93 Redirect Chain
|
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel
cm.adform.net/ Frame 0F93 |
43 B 163 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Frame 0F93 |
49 B 236 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
r.casalemedia.com/ Frame 0F93 Redirect Chain
|
43 B 766 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Frame 0F93 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
match
ad.360yield.com/ul_cb/ Frame 0F93 Redirect Chain
|
43 B 447 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
matching.ivitrack.com/ Frame 0F93 |
42 B 274 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
push
exchange.mediavine.com/usersync/ Frame 0F93 |
0 883 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Frame 0F93 |
0 145 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pug
simage2.pubmatic.com/AdServer/ Frame 0F93 |
42 B 579 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
criteo-partners.tremorhub.com/ Frame 0F93 |
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getusermatch.php
a.twiago.com/rtb/ Frame 0F93 |
43 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
m
ad.yieldlab.net/ Frame 0F93 |
0 525 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
sync-criteo.ads.yieldmo.com/ Frame 0F93 |
0 38 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
put
e1.emxdgt.com/ Frame 0F93 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 0F93 Redirect Chain
|
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cs
s.thebrighttag.com/ Frame 0F93 Redirect Chain
|
35 B 268 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
coreVitalMetrics
ayct4gm8tk.execute-api.ap-south-1.amazonaws.com/default/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- e1.emxdgt.com
- URL
- https://e1.emxdgt.com/put?d=d53&uid=k-tIr1c0JWPqdERuxT8c0T-kIic_Ft9NmdIb8H9w
- Domain
- ayct4gm8tk.execute-api.ap-south-1.amazonaws.com
- URL
- https://ayct4gm8tk.execute-api.ap-south-1.amazonaws.com/default/coreVitalMetrics
Verdicts & Comments Add Verdict or Comment
31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| __NUXT_JSONP__ object| __NUXT_JSONP_CACHE__ function| __NUXT_IMPORT__ object| $nuxt object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Sentry object| __SENTRY__ object| google_tag_manager function| fbq function| _fbq function| onYouTubeIframeAPIReady object| Criteo object| criteo_q string| deviceType37 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .playship.com/ | Name: _gid Value: GA1.2.653663442.1678134456 |
|
| .playship.com/ | Name: _gat Value: 1 |
|
| .playship.com/ | Name: _gcl_au Value: 1.1.1704955466.1678134456 |
|
| .playship.com/ | Name: _gat_UA-206403198-1 Value: 1 |
|
| .playship.com/ | Name: _ga_6L49MLPG3J Value: GS1.1.1678134456.1.0.1678134456.0.0.0 |
|
| .playship.com/ | Name: _ga Value: GA1.1.371252137.1678134456 |
|
| .criteo.com/ | Name: uid Value: a11155e4-f528-44a3-942d-901e0f147737 |
|
| .playship.com/ | Name: _fbp Value: fb.1.1678134456871.1428501053 |
|
| .playship.com/ | Name: cto_bundle Value: nBXmOV9hczJRcUhhZ09Ob0ZkbU9sQjAxSmN0bHRxSDUyNG1YaVQ0UlUzSTIxSDkzTEt5S25tdjFYaE5UJTJCRG52dyUyRnNsd0R2JTJCTW5NMXppYXZJb1RiUTJBZTJCdGd6NVFaWTBZSXJoWXJ1SHNSQXFHY1dJYnhTRHAyQXIyNmN6TjV0M2p2cDJNWkFmSnZnVDRMd1hPaExBaUdSVHclM0QlM0Q |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnfc8HkkmC79otOHgLqbo7psKuYxsPXgIp_DqDaf-j1-NbrbdXSRID-IhpQPQg |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Ilbj$!73!]tbPl@/D!9hy6]/Cv[-/NZGFcfmSC3_BtN_r-J7kh[`ElK>[KmFX0R`8)gO3_8_d?12$#V4']r*bpRz*qF1`*bcRB+eMex |
|
| .media.net/ | Name: visitor-id Value: 3211360589086017000V10 |
|
| .media.net/ | Name: data-c-ts Value: 1678134458 |
|
| .media.net/ | Name: data-c Value: k-BE8tlUJWPqdERuxT8c0T-kIic_HGnlgv3A_0Mw~~3 |
|
| .adnxs.com/ | Name: uuid2 Value: 4642186045547174364 |
|
| .demdex.net/ | Name: demdex Value: 42097565444087683041045036058774566227 |
|
| .dpm.demdex.net/ | Name: dpm Value: 42097565444087683041045036058774566227 |
|
| exchange.mediavine.com/ | Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2256aafbe0-bc5d-11ed-9fcb-0dfddea72846%22%2C%22version%22%3A%22eu-v1%22%7D |
|
| exchange.mediavine.com/ | Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2256aafbe0-bc5d-11ed-9fcb-0dfddea72846%22%2C%22version%22%3A%22eu-v1%22%7D |
|
| exchange.mediavine.com/ | Name: am_tokens Value: %7B%22mv_uuid%22%3A%2256aafbe0-bc5d-11ed-9fcb-0dfddea72846%22%2C%22version%22%3A%22eu-v1%22%7D |
|
| exchange.mediavine.com/ | Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2256aafbe0-bc5d-11ed-9fcb-0dfddea72846%22%2C%22version%22%3A%22eu-v1%22%7D |
|
| exchange.mediavine.com/ | Name: criteo Value: %7B%22id%22%3A%22k-HjWZVUJWPqdERuxT8c0T-kIic_FX2Xo5FI3TTg%22%2C%22version%22%3A%22criteo%22%7D |
|
| .casalemedia.com/ | Name: CMID Value: ZAZMu2FU22-Q379ysKIzjAAA |
|
| .casalemedia.com/ | Name: CMPS Value: 3274 |
|
| .casalemedia.com/ | Name: CMPRO Value: 3274 |
|
| .pubmatic.com/ | Name: KRTBCOOKIE_97 Value: 3385-uid:k-LJlUI0JWPqdERuxT8c0T-kIic_H8f5pH5iAJVA&KRTB&23144-uid:k-LJlUI0JWPqdERuxT8c0T-kIic_H8f5pH5iAJVA&KRTB&23286-uid:k-LJlUI0JWPqdERuxT8c0T-kIic_H8f5pH5iAJVA&KRTB&23287-uid:k-LJlUI0JWPqdERuxT8c0T-kIic_H8f5pH5iAJVA |
|
| .pubmatic.com/ | Name: PugT Value: 1678134458 |
|
| .bidswitch.net/ | Name: tuuid Value: 586c86ea-20dc-4bf4-a6ce-408581eaefbc |
|
| .bidswitch.net/ | Name: c Value: 1678134459 |
|
| .bidswitch.net/ | Name: tuuid_lu Value: 1678134459 |
|
| .360yield.com/ | Name: tuuid Value: c88fe3c9-9227-4353-945f-9a66a7d4a6c8 |
|
| .360yield.com/ | Name: tuuid_lu Value: 1678134459 |
|
| .360yield.com/ | Name: um Value: !38,p4hyxRIIibt2rGU9P4CIhkCV.UGi1W5ktUBuo2r4c.VHk9pcpx0H3yavL9P04eQU1UwnECeO,1685910459 |
|
| .360yield.com/ | Name: umeh Value: !38,0,1740342459,-1 |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBLtMBmQCEIcDNnrP94s1cMTAy2EEqAQFEgEBAQGeB2QQZAAAAAAA_eMAAA&S=AQAAAoP5WdwWyt5BCCNQc-8dv5U |
|
| .krxd.net/ | Name: _kuid_ Value: Pa0MW6AK |
|
| .analytics.yahoo.com/ | Name: IDSYNC Value: 18zh~2ad8 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.twiago.com
ad.360yield.com
ad.yieldlab.net
ayct4gm8tk.execute-api.ap-south-1.amazonaws.com
beacon.krxd.net
browser.sentry-cdn.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
playship.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rummycorner.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
v9cjaad2mf.execute-api.ap-south-1.amazonaws.com
visitor.omnitagjs.com
widget.as.criteo.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.playship.com
x.bidswitch.net
ayct4gm8tk.execute-api.ap-south-1.amazonaws.com
e1.emxdgt.com
13.234.128.110
141.226.230.48
142.250.186.130
178.250.1.9
18.144.106.164
182.161.74.16
184.24.4.64
185.255.84.153
185.64.189.110
185.80.39.216
185.86.139.93
2001:4860:4802:32::36
23.203.125.36
23.35.228.23
2600:1f18:612b:4280:b70f:b9c8:4de5:6bbf
2600:9000:20eb:1200:9:9944:5140:93a1
2620:100:a005::1b
2a00:1450:4001:811::200e
2a00:1450:400c:c0b::9a
2a00:1450:400d:806::2008
2a02:2638::1c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::729
3.18.193.91
3.67.240.173
3.7.103.75
34.117.157.22
34.194.169.138
34.240.171.169
35.158.48.183
35.166.151.43
35.212.133.238
37.157.6.233
37.252.171.84
37.252.173.215
38.133.127.127
54.188.190.65
65.1.33.206
65.2.173.185
69.173.144.165
74.119.118.149
76.223.111.18
85.215.5.31
00de40ba0c819c541e06b60e7aaa774c5da974c10d67b340ee1dcaf0b9ff1a06
0e6d2e92476bf14f4e4b52e6a3687f93f4ac26c1ed5a4c51515bd2e57fad1c78
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
116adf582d3a52f2d719d1fd748eafa025ab4cb0c7123681e62b8b91cb57f3fd
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
177db9c4d55f0185e00746b8d21e06464f1242092237c58a2f64d329d1d2d3b1
1cd4b826318048423b8e2efdefbc0ebe6ec9d5355d46711515d5c03c030c3296
1dde6c000aefb57246519e2be75f451ac8a2c2c3582381b0958a82b26369f511
2001163c2be35a8abf98212584d16df067bb82be89a70095d28522cab9599aba
2fbd68de3f1b2ac35b93b8e63ba5ffd9c874299a9e711e569dd06e555755553d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c068e4de381f927c8d315af3e0da1be42d4dac1b543c37f4605ff8891fef13
3364816baf64057a26b4e61b4c3e9f2a03acf5c3941f9cce48396b11bd85c1e1
3eb79ec68510403a9a41888d08afb985d0e34c9dfa6a9d59a782c69ffdb8c086
44ef2bd9627306ca1456a4b3d3c2aaab33751dd06368bec2346f49d529322862
4889cb9778f9a73ca5bb89e8b83cd482946a54206a72a7ff401491c332931e83
49561f427bb26d872fc80db7b9419360d0a177c1b6cdfc318543a3daefe42484
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5128c3781d3a3f2da61dd0aa55153be95b453449ff2882ad1830c7a1100977ee
5471f34a18d6982392ca5d79f9cce81e3b5a10b226988e5ce6dfc07598aec636
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
583f563ec0f32e04e1d2548f79ca3399ad4824b24629d12137c369684d5829b4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
65a658141bfc815ac482f47fabddf7bca49429baf6cf004d24a26ba3e3717033
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dd321252db745f65b311e4c8421d447397eb3870c7f7667e0affd6d4890ecc3
710dec33cb71edc47a7a1d453bf5a82d1bfef55cbb20b7679b8ed53c33ebc01d
793cdd51db1b66e411a240030b230d8120a99f42a33f75d4cd83b62389204460
7ef5594c246938e533e4940744bd07160a25737148250c75fb910ce29c4f3d71
80bfd8b98dcf2e6acc025714a9eb176be67fcb44855b1cad409b47d298a9336e
82db5fbd5a7a7dd1e2d2ce53aa198fc4d2c0344867b72d15449819067f54723b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839adb9860402124a1716a85f5a291f84ef1c8c66b84ff7f2b46c8476f3b4c04
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e9bb20276e35ecafd67fe08e5a67733fb3e4e5554c6ca262122b4160359cd7c
8ff8ebdc70354d16d75721c163a9bb486eb54ee7068abc12240385242e3f750b
94b0c7c57f2a68e11f5681a1081645b9d440534a384477dcdd3e31009655ee53
9f6abd412c6c6d667ea0b53f5fc4067b8dbca6726f365c5beae17899200d1f39
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a57d76ca6282903c24042f368667b79a74574c61e95cf12ae9fd8bd0f3fc2afc
a75134b9fc36e578798cf7ed427ebc700868ce6812f425a040f8f2ecc8cad203
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b671df2c2b5225df200dd57556dc6a1b56f910860b7c65590d80fb110f7f81dc
b7fd3920773319d92ef175b3008c24a2f428a3c1a0f0ae20fed01d75c3db5128
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd7d7b5f2c9560dcc29d643ea8def927bc4195fc615f57f91728f37354c6774b
c24578b0c8d6b385b3da70d94cc7e655b254b4e56da2587e63b071b62dfbd1d2
c8b1f71f6b04af448fbad99d4f3303e430fefc09856f36cfed4a199113496e6a
cc56a2a55311aa2a02f27fb301d2024db2f151d0324101ab881e9c358a7515b9
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2965eaf33f9b1109b4b9199e851da42cfc6bc3b09d923030934900b41c90f69
d866e8a39f4a8a94cc7982dcbfdf8aadda75fc303723c46e166804073bde187b
dcc8e31f732b08cb13e9536fe37432923716c168aa8d3de6c638e354f709fd4a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c0bd99e8764a105ce1ff40f044719e5aa46f4979dbaeaf5d90c5be6b559089
e7f85ff11a94347c89de154dcba587c9b556dcaf4a00c18dd498042ab36271f0
edd176dca9ebafa3f5ed529e64e30725a56d3859e80defd0153a73805ae58be3
ee1562be8fce9859c0b055667b119c5b9588673f443a1b0f7af66ad6e006e50f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b7622ede0cb10c9f716a5eb4e52c3488c0394c54b59e984c02538db0f6ee94
fd8a87be4cb823de85457489c67f06a1c7f04422b8e489539c779ee7be48f0e2