wallstreetkahuna.com
Open in
urlscan Pro
209.59.180.11
Public Scan
Effective URL: https://wallstreetkahuna.com/apples-next-device/?utm_source=GoogleAds&t202pubid=ded860facf
Submission: On June 09 via api from US — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 9th 2023. Valid for: 3 months.
This is the only time wallstreetkahuna.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-18.cdg50.r.cloudfront.net
main.d2ep2n36rh5ifz.amplifyapp.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.216.95.55.162.clients.your-server.de
www.woopra.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-94.fra60.r.cloudfront.net
mamzhsoh7a.execute-api.us-east-1.amazonaws.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-253-166.compute-1.amazonaws.com
idxch.rtactivate.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-6.ams50.r.cloudfront.net
js.alocdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-13.ams1.r.cloudfront.net
c78fg1prn0.execute-api.us-east-1.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-180-109.us-west-2.compute.amazonaws.com
p.alocdn.com |
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net |
ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com |
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-28.eu-central-1.compute.amazonaws.com
match.sharethrough.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv |
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-203-230.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-117-60.eu-west-1.compute.amazonaws.com
ad.360yield.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-7-245.eu-central-1.compute.amazonaws.com
exchange.mediavine.com |
ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com
ad.yieldlab.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-200-24.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-120-206.eu-west-1.compute.amazonaws.com
beacon.krxd.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-98-6.us-east-2.compute.amazonaws.com
s.thebrighttag.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
wallstreetkahuna.com
1 redirects
wallstreetkahuna.com |
2 MB |
11 |
criteo.com
5 redirects
dynamic.criteo.com — Cisco Umbrella Rank: 3402 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2161 sslwidget.criteo.com — Cisco Umbrella Rank: 1727 widget.us.criteo.com — Cisco Umbrella Rank: 16732 dis.criteo.com — Cisco Umbrella Rank: 602 |
29 KB |
6 |
amazonaws.com
mamzhsoh7a.execute-api.us-east-1.amazonaws.com c78fg1prn0.execute-api.us-east-1.amazonaws.com |
1 KB |
4 |
adnxs.com
3 redirects
ib.adnxs.com — Cisco Umbrella Rank: 244 secure.adnxs.com — Cisco Umbrella Rank: 472 |
4 KB |
4 |
onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3521 onesignal.com — Cisco Umbrella Rank: 1247 |
82 KB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57 region1.google-analytics.com — Cisco Umbrella Rank: 1892 |
82 KB |
3 |
alocdn.com
1 redirects
js.alocdn.com — Cisco Umbrella Rank: 96251 p.alocdn.com — Cisco Umbrella Rank: 6512 |
3 KB |
3 |
woopra.com
static.woopra.com — Cisco Umbrella Rank: 43027 www.woopra.com — Cisco Umbrella Rank: 34595 |
13 KB |
2 |
360yield.com
1 redirects
ad.360yield.com — Cisco Umbrella Rank: 670 |
877 B |
2 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 219 |
2 KB |
2 |
casalemedia.com
1 redirects
r.casalemedia.com — Cisco Umbrella Rank: 1498 |
2 KB |
2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 334 |
508 B |
2 |
bidswitch.net
1 redirects
x.bidswitch.net — Cisco Umbrella Rank: 356 |
1 KB |
2 |
app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8405 prism.app-us1.com — Cisco Umbrella Rank: 8489 |
8 KB |
2 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 248 |
3 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75 |
147 KB |
1 |
thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2052 |
268 B |
1 |
krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 649 |
338 B |
1 |
yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2197 |
38 B |
1 |
yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4106 |
485 B |
1 |
twiago.com
a.twiago.com — Cisco Umbrella Rank: 29101 |
153 B |
1 |
tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2426 |
400 B |
1 |
pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 730 |
580 B |
1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 734 |
145 B |
1 |
mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1151 |
885 B |
1 |
ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2791 |
274 B |
1 |
id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 427 |
1 KB |
1 |
omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 963 |
236 B |
1 |
adform.net
cm.adform.net — Cisco Umbrella Rank: 1230 |
162 B |
1 |
3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 406 |
140 B |
1 |
teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2034 |
228 B |
1 |
taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1310 |
99 B |
1 |
smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 614 |
114 B |
1 |
sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 566 |
361 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 375 |
239 B |
1 |
media.net
contextual.media.net — Cisco Umbrella Rank: 654 |
792 B |
1 |
rtactivate.com
idxch.rtactivate.com — Cisco Umbrella Rank: 78011 |
109 B |
1 |
trackcmp.net
trackcmp.net — Cisco Umbrella Rank: 8799 |
315 B |
1 |
amplifyapp.com
main.d2ep2n36rh5ifz.amplifyapp.com |
3 KB |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 5056 |
455 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
455 B |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67 |
2 KB |
81 | 43 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wallstreetkahuna.com cPanel, Inc. Certification Authority |
2023-04-09 - 2023-07-08 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
static.woopra.com R3 |
2023-04-25 - 2023-07-24 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-03 - 2024-05-02 |
a year | crt.sh |
diffuser-cdn.app-us1.com E1 |
2023-06-09 - 2023-09-07 |
3 months | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-12 - 2023-08-10 |
3 months | crt.sh |
*.d2ep2n36rh5ifz.amplifyapp.com Amazon RSA 2048 M01 |
2022-12-12 - 2024-01-10 |
a year | crt.sh |
woopra.com R3 |
2023-05-26 - 2023-08-24 |
3 months | crt.sh |
prism.app-us1.com E1 |
2023-05-29 - 2023-08-27 |
3 months | crt.sh |
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M01 |
2023-02-08 - 2024-03-08 |
a year | crt.sh |
rtactivate.com Amazon RSA 2048 M01 |
2023-03-14 - 2024-04-11 |
a year | crt.sh |
*.alocdn.com Go Daddy Secure Certificate Authority - G2 |
2023-02-02 - 2024-03-05 |
a year | crt.sh |
*.media.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-10 - 2024-02-18 |
a year | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-05 - 2024-04-03 |
a year | crt.sh |
*.sharethrough.com Amazon RSA 2048 M02 |
2023-02-10 - 2023-08-12 |
6 months | crt.sh |
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-01-21 - 2024-01-23 |
a year | crt.sh |
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-12-08 - 2023-12-31 |
a year | crt.sh |
teads.tv R3 |
2023-05-11 - 2023-08-09 |
3 months | crt.sh |
*.3lift.com Amazon RSA 2048 M02 |
2023-04-13 - 2024-05-11 |
a year | crt.sh |
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-25 - 2024-06-18 |
a year | crt.sh |
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-21 - 2023-07-21 |
a year | crt.sh |
*.id5-sync.com R3 |
2023-04-18 - 2023-07-17 |
3 months | crt.sh |
itm.ivitrack.com R3 |
2023-06-03 - 2023-09-01 |
3 months | crt.sh |
exchange.mediavine.com Amazon RSA 2048 M02 |
2023-06-06 - 2024-07-04 |
a year | crt.sh |
*.outbrain.com Thawte RSA CA 2018 |
2022-11-06 - 2023-11-28 |
a year | crt.sh |
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2023-04-20 - 2024-05-20 |
a year | crt.sh |
*.tremorhub.com Amazon RSA 2048 M01 |
2023-02-22 - 2024-03-23 |
a year | crt.sh |
*.twiago.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-28 - 2023-12-29 |
a year | crt.sh |
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-16 - 2023-11-15 |
a year | crt.sh |
*.ads.yieldmo.com Amazon RSA 2048 M01 |
2023-04-04 - 2024-05-02 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://wallstreetkahuna.com/apples-next-device/?utm_source=GoogleAds&t202pubid=ded860facf
Frame ID: 8C9B64854586E2EBB03B2FFC29919A2B
Requests: 48 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=wallstreetkahuna.com&origin=onetag
Frame ID: 346E8D7412E9A2B856B4DC6111FA45F5
Requests: 2 HTTP requests in this frame
Frame:
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ERa3xoJMsHyanKAptRLOPgUT-QC5UWhZY4vpMA&expires=30
Frame ID: B43046E382366AA3BB2DF28EE1F9DE2D
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Grab These 3 Stocks Before They Explode | Wall Street KahunaPage URL History Show full URLs
-
https://wallstreetkahuna.com/apples-next-device/?utm_source=GoogleAds
HTTP 302
https://wallstreetkahuna.com/apples-next-device/?utm_source=GoogleAds&t202pubid=ded860facf Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
OneSignal (Marketing automation) Expand
Detected patterns
- cdn\.onesignal\.com
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Woopra (Analytics) Expand
Detected patterns
- static\.woopra\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wallstreetkahuna.com/apples-next-device/?utm_source=GoogleAds
HTTP 302
https://wallstreetkahuna.com/apples-next-device/?utm_source=GoogleAds&t202pubid=ded860facf Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 42- https://gum.criteo.com/sid/json?origin=onetag&domain=wallstreetkahuna.com&sn=ChromeSyncframe&so=0&topUrl=wallstreetkahuna.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=fQ2QGHxLbWUyakdFdlVySTI0WW5RcWZSTGJuWmY3MC9HMmFUYmlKYWtnVVd0bnRNM28yN3dxT2M4SER5L2o0QWovSE9YbEZqRGFlSGI1djh4TDlKYlRuNFM4Mmg3dWFORi9KN3VzbzQ1RGNsb3diZzNsTFVqZFNWYUxqN3ZVa3pWbGdFUGZvd2M1eWkwWG85VjZDMFd2UVBtRy9zUFdqWTFoUmRSaCtjMHRidUZ0d3N0eUI4YmZmWUYzbmVNMnpXZFZvVnpWVHVWM0tzV3hqdmZHNkNrVHNhV20yT0Iva1JTbEluSnZ6djJNT1k3dTlhOGhvRllja2dTMHk3R2xhMmxEL1VXL2FVUGxJbUhyNjhmWDFWTVE5ZllBeGJTd1UrOENOZmx1L0laWlFzbEYxVT18&cppv=2
- https://sslwidget.criteo.com/event?a=89396&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=oZqJUV9hT3lTU1ZzZjJpM1djcWdwV2slMkIlMkY4b05HZ1g5cEptMVdtMWNnR08lMkZLdkVYaTRxY0pEczBjVlM5UXEyeFlTbjRhWmRXa2kxRktKN0xuR3dFUW4ydE9LdjhOclFwY0JDQ1FwOVVYMFhPJTJCYndDRGk2MnVraXMlMkZ0ZDM3TzVZT2RiJTJCdks3ZGp6YnZmYVo4TUNoN0h5Y3p5JTJCY1JKam5KZzY4SHphJTJGT3Fnelc5NnF3JTNE&tld=wallstreetkahuna.com&dy=1&fu=https%253A%252F%252Fwallstreetkahuna.com%252Fapples-next-device%252F%253Futm_source%253DGoogleAds%2526t202pubid%253Dded860facf&ceid=fc54dadd-8659-4e1a-aac6-8ef7931b932c&dtycbr=21103 HTTP 302
- https://widget.us.criteo.com/event?a=89396&v=5.16.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=oZqJUV9hT3lTU1ZzZjJpM1djcWdwV2slMkIlMkY4b05HZ1g5cEptMVdtMWNnR08lMkZLdkVYaTRxY0pEczBjVlM5UXEyeFlTbjRhWmRXa2kxRktKN0xuR3dFUW4ydE9LdjhOclFwY0JDQ1FwOVVYMFhPJTJCYndDRGk2MnVraXMlMkZ0ZDM3TzVZT2RiJTJCdks3ZGp6YnZmYVo4TUNoN0h5Y3p5JTJCY1JKam5KZzY4SHphJTJGT3Fnelc5NnF3JTNE&tld=wallstreetkahuna.com&dy=1&fu=https%253A%252F%252Fwallstreetkahuna.com%252Fapples-next-device%252F%253Futm_source%253DGoogleAds%2526t202pubid%253Dded860facf&ceid=fc54dadd-8659-4e1a-aac6-8ef7931b932c&dtycbr=21103
- https://p.alocdn.com/c/ifs9t5nq/a/etarget/p.gif?label=SCR&title=Grab%20These%203%20Stocks%20Before%20They%20Explode%20%7C%20Wall%20Street%20Kahuna&url=https%3A%2F%2Fwallstreetkahuna.com%2Fapples-next-device%2F%3Futm_source%3DGoogleAds%26t202pubid%3Dded860facf&auid=d661d35b-e8bc-4842-89ce-1f6bf33d0fe5 HTTP 302
- https://p.alocdn.com/c/ifs9t5nq/a/etarget/p.gif?label=SCR&title=Grab%20These%203%20Stocks%20Before%20They%20Explode%20%7C%20Wall%20Street%20Kahuna&url=https%3A%2F%2Fwallstreetkahuna.com%2Fapples-next-device%2F%3Futm_source%3DGoogleAds%26t202pubid%3Dded860facf&auid=d661d35b-e8bc-4842-89ce-1f6bf33d0fe5&tdc=1
- https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ERa3xoJMsHyanKAptRLOPgUT-QC5UWhZY4vpMA&expires=30 HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-ERa3xoJMsHyanKAptRLOPgUT-QC5UWhZY4vpMA&expires=30
- https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-lGkSnYJMsHyanKAptRLOPgUT-QAZlte9-Z39GQ&google_cm&google_hm=ay1sR2tTbllKTXNIeWFuS0FwdFJMT1BnVVQtUUFabHRlOS1aMzlHUQ HTTP 302
- https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-lGkSnYJMsHyanKAptRLOPgUT-QAZlte9-Z39GQ&google_gid=CAESEBTTXUyYSomDStNcOIM9DIg&google_cver=1&google_ula=913071,0
- https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
- https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1126562819057557945
- https://secure.adnxs.com/setuid?entity=52&code=k-QYpcTIJMsHyanKAptRLOPgUT-QAc3z9c09Uz0Q HTTP 307
- https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QYpcTIJMsHyanKAptRLOPgUT-QAc3z9c09Uz0Q
- https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-a6LvHYJMsHyanKAptRLOPgUT-QDoNRW3gEKr8g HTTP 302
- https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-a6LvHYJMsHyanKAptRLOPgUT-QDoNRW3gEKr8g&verify=true
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-u2cdwIJMsHyanKAptRLOPgUT-QBjC2iP11ChVw HTTP 302
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-u2cdwIJMsHyanKAptRLOPgUT-QBjC2iP11ChVw&C=1
- https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
- https://dpm.demdex.net/ibs:dpid=28645&dpuuid=oZ2NibZSP0PWSdGwA2Q_BNHZlOThzUay HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=oZ2NibZSP0PWSdGwA2Q_BNHZlOThzUay
- https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-YRCg-YJMsHyanKAptRLOPgUT-QAYtPM40PE0Gg HTTP 302
- https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-YRCg-YJMsHyanKAptRLOPgUT-QAYtPM40PE0Gg
- https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aKbQv3DoK5dpvRnsxaSAYntznr7XD3_A
- https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
- https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=6rmTcVqbvNjfrqfkoFov9r6AKfRal2lg
81 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
wallstreetkahuna.com/apples-next-device/ Redirect Chain
|
73 KB 73 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
wallstreetkahuna.com/wp-includes/css/dist/block-library/ |
95 KB 96 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
classic-themes.min.css
wallstreetkahuna.com/wp-includes/css/ |
291 B 605 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
32 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
wallstreetkahuna.com/wp-content/themes/Newsmag/ |
767 KB 767 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demo_style.css
wallstreetkahuna.com/wp-content/themes/Newsmag/includes/demos/voice/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
wallstreetkahuna.com/wp-includes/js/jquery/ |
88 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
wallstreetkahuna.com/wp-includes/js/jquery/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
wallstreetkahuna.com/wp-includes/js/ |
18 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wsk-sq1.png
wallstreetkahuna.com/wp-content/uploads/2021/08/ |
41 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wsk-long1-300x50.png
wallstreetkahuna.com/wp-content/uploads/2021/08/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wsk-sq1-150x150.png
wallstreetkahuna.com/wp-content/uploads/2021/08/ |
20 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tagdiv_theme.min.js
wallstreetkahuna.com/wp-content/themes/Newsmag/js/ |
209 KB 209 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comment-reply.min.js
wallstreetkahuna.com/wp-includes/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
199 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
newsmag.woff
wallstreetkahuna.com/wp-content/themes/Newsmag/images/icons/ |
18 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5g-blue-map-300x200.jpg
wallstreetkahuna.com/wp-content/uploads/2023/05/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Screen-Shot-2021-11-12-at-5.41.41-PM-300x167.png
wallstreetkahuna.com/wp-content/uploads/2021/11/ |
83 KB 84 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Screen-Shot-2022-01-14-at-6.24.07-AM-300x194.png
wallstreetkahuna.com/wp-content/uploads/2022/01/ |
111 KB 112 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Screen-Shot-2023-02-05-at-8.26.11-AM-300x198.png
wallstreetkahuna.com/wp-content/uploads/2010/03/ |
51 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optimize.js
www.google-analytics.com/gtm/ |
165 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/311444767/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/311444767/ |
42 B 455 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 197 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
206 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 257 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w.js
static.woopra.com/js/ |
37 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ |
31 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ld.js
dynamic.criteo.com/js/ld/ |
45 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recog.min.js
main.d2ep2n36rh5ifz.amplifyapp.com/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.woopra.com/track/ce/ |
112 B 157 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.woopra.com/track/identify/ |
112 B 156 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ |
284 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
prism.app-us1.com/ |
248 B 491 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web
onesignal.com/api/v1/sync/50884d00-12fe-4618-9811-cf7dc128ed07/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syncframe
gum.criteo.com/ Frame 346E |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OneSignalSDKStyles.css
onesignal.com/sdks/ |
82 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
scriptFire
mamzhsoh7a.execute-api.us-east-1.amazonaws.com/prod/recognition/ |
39 B 451 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
scriptFire
mamzhsoh7a.execute-api.us-east-1.amazonaws.com/prod/recognition/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sid
mug.criteo.com/ Frame 346E Redirect Chain
|
467 B 677 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t_prism_sitemessages.php
trackcmp.net/ |
0 315 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
widget.us.criteo.com/ Redirect Chain
|
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
idxch.rtactivate.com/tagid/50058/ |
43 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ifs9t5nq.js
js.alocdn.com/c/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
getFingerprint
c78fg1prn0.execute-api.us-east-1.amazonaws.com/prod/fingerprints/ |
55 B 466 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
getFingerprint
c78fg1prn0.execute-api.us-east-1.amazonaws.com/prod/fingerprints/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.alocdn.com/c/ifs9t5nq/a/etarget/ Redirect Chain
|
42 B 352 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Frame B430 Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B430 Redirect Chain
|
43 B 370 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B430 Redirect Chain
|
43 B 370 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Frame B430 Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cksync.php
contextual.media.net/ Frame B430 |
61 B 792 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame B430 |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
match.sharethrough.com/sync/ Frame B430 |
0 361 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
rtb-csync.smartadserver.com/redir/ Frame B430 |
43 B 114 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B430 |
0 99 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
um
criteo-sync.teads.tv/ Frame B430 |
23 B 228 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Frame B430 |
37 B 140 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/58301/ Frame B430 Redirect Chain
|
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.adform.net/ Frame B430 |
43 B 162 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Frame B430 |
49 B 236 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
r.casalemedia.com/ Frame B430 Redirect Chain
|
43 B 766 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Frame B430 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9.gif
id5-sync.com/s/966/ Frame B430 |
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
match
ad.360yield.com/ul_cb/ Frame B430 Redirect Chain
|
43 B 447 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
matching.ivitrack.com/ Frame B430 |
42 B 274 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
push
exchange.mediavine.com/usersync/ Frame B430 |
0 885 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Frame B430 |
0 145 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
simage2.pubmatic.com/AdServer/ Frame B430 |
42 B 580 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
criteo-partners.tremorhub.com/ Frame B430 |
43 B 400 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getusermatch.php
a.twiago.com/rtb/ Frame B430 |
43 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m
ad.yieldlab.net/ Frame B430 |
0 485 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
sync-criteo.ads.yieldmo.com/ Frame B430 |
0 38 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame B430 Redirect Chain
|
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cs
s.thebrighttag.com/ Frame B430 Redirect Chain
|
35 B 268 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
addRecognition
c78fg1prn0.execute-api.us-east-1.amazonaws.com/prod/fingerprints/ |
10 B 420 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
addRecognition
c78fg1prn0.execute-api.us-east-1.amazonaws.com/prod/fingerprints/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
134 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| _wpemojiSettings undefined| $ function| jQuery object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| gaplugins object| twemoji object| wp object| google_optimize object| gaGlobal object| gaData object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| $f object| addComment object| url_params object| links object| _w object| woopra function| WoopraTracker function| WoopraLoadScript object| woopraTracker string| visitorGlobalObjectAlias function| vgo function| OneSignal function| randomChoice function| isMobile number| timeOnNotice number| secondWait function| promptAndSubscribeUser string| prismGlobalObjectAlias object| visitorGlobalObject number| __oneSignalSdkLoadCount function| __jp0 object| Criteo object| criteo_q string| deviceType50 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wallstreetkahuna.com/ | Name: _gcl_au Value: 1.1.610610787.1686323831 |
|
.wallstreetkahuna.com/ | Name: _gid Value: GA1.2.1560743014.1686323831 |
|
.wallstreetkahuna.com/ | Name: _gat_UA-205414382-1 Value: 1 |
|
.wallstreetkahuna.com/ | Name: _ga_FYMZC7R7Y5 Value: GS1.1.1686323831.1.0.1686323831.0.0.0 |
|
.wallstreetkahuna.com/ | Name: _ga Value: GA1.1.680389553.1686323831 |
|
.wallstreetkahuna.com/ | Name: wooTracker Value: vVluVO8XFuYA |
|
.onesignal.com/ | Name: __cf_bm Value: vSKv80le3pZiA.q3N_f59uee051JlBA5uPk3EgLQ6oQ-1686323832-0-ARLw+0va1vFvQfN0WCQ7OQsiv4szsjuJtJvsfoL3UBMv8vlaN4m73Y+DcXw91iZjlSJebdSwZEOpDJBuitWw7ek= |
|
prism.app-us1.com/ | Name: prism_252523679 Value: c6f483cd-c022-48d6-9502-032545b8a186 |
|
.criteo.com/ | Name: uid Value: a19172ca-045c-476c-8d0f-d9fbff731c53 |
|
.wallstreetkahuna.com/ | Name: prism_252523679 Value: c6f483cd-c022-48d6-9502-032545b8a186 |
|
.wallstreetkahuna.com/ | Name: cto_bundle Value: oZqJUV9hT3lTU1ZzZjJpM1djcWdwV2slMkIlMkY4b05HZ1g5cEptMVdtMWNnR08lMkZLdkVYaTRxY0pEczBjVlM5UXEyeFlTbjRhWmRXa2kxRktKN0xuR3dFUW4ydE9LdjhOclFwY0JDQ1FwOVVYMFhPJTJCYndDRGk2MnVraXMlMkZ0ZDM3TzVZT2RiJTJCdks3ZGp6YnZmYVo4TUNoN0h5Y3p5JTJCY1JKam5KZzY4SHphJTJGT3Fnelc5NnF3JTNE |
|
.wallstreetkahuna.com/ | Name: alo_uid Value: d661d35b-e8bc-4842-89ce-1f6bf33d0fe5 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUl9gVx8s4FywNds6v9umuBh8Dp5Ok9UfY-RU3JqYXrI34TI0gedOtu2UNks77g |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/rCxrEQF']wIg2ImPJ7P]A!@wnfH1YdP.dEXlSkbUBAhf[dq2h1=?76l:r=!3yoTvBH-_Gfqpf93pE]VDF+0YWd11JVBK9xeE9RFMZ9T5_m!x!WJ+Fk*a |
|
.adnxs.com/ | Name: uuid2 Value: 1126562819057557945 |
|
.media.net/ | Name: visitor-id Value: 3293254338281024000V10 |
|
.media.net/ | Name: data-c-ts Value: 1686323833 |
|
.media.net/ | Name: data-c Value: k-_ew2aoJMsHyanKAptRLOPgUT-QB6Vtf9G-S0Sw~~3 |
|
match.sharethrough.com/ | Name: AWSALBCORS Value: 0Kxu1K56OCdrbZf140MnQY8SvRbg4sBt2fsv7DUZ5lxCdzjt8FUtAKZdpOrXfCnvnTM56YdP2jydNNTHZnvuknYi7dBDMWiHgyiUmklU5rK7ZpLOKzpOm1fDwNYO |
|
.demdex.net/ | Name: demdex Value: 37478388417535197601050617545140860060 |
|
.dpm.demdex.net/ | Name: dpm Value: 37478388417535197601050617545140860060 |
|
.casalemedia.com/ | Name: CMID Value: ZINCeVuMuTZAjzA9wJlhkgAA |
|
.casalemedia.com/ | Name: CMPS Value: 2121 |
|
.casalemedia.com/ | Name: CMPRO Value: 2121 |
|
.id5-sync.com/ | Name: cf Value: |
|
.id5-sync.com/ | Name: cip Value: |
|
.id5-sync.com/ | Name: cnac Value: |
|
.id5-sync.com/ | Name: car Value: |
|
.id5-sync.com/ | Name: gdpr Value: |
|
.id5-sync.com/ | Name: callback Value: |
|
.bidswitch.net/ | Name: tuuid Value: ceedd9ad-77a3-4214-83f0-c67df27c0494 |
|
.bidswitch.net/ | Name: c Value: 1686323833 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1686323833 |
|
.krxd.net/ | Name: _kuid_ Value: Pmu41MhH |
|
exchange.mediavine.com/ | Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22b66307b0-06d8-11ee-86b6-1fe3e2e9ebe9%22%2C%22version%22%3A%22eu-v1%22%7D |
|
exchange.mediavine.com/ | Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22b66307b0-06d8-11ee-86b6-1fe3e2e9ebe9%22%2C%22version%22%3A%22eu-v1%22%7D |
|
exchange.mediavine.com/ | Name: am_tokens Value: %7B%22mv_uuid%22%3A%22b66307b0-06d8-11ee-86b6-1fe3e2e9ebe9%22%2C%22version%22%3A%22eu-v1%22%7D |
|
exchange.mediavine.com/ | Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22b66307b0-06d8-11ee-86b6-1fe3e2e9ebe9%22%2C%22version%22%3A%22eu-v1%22%7D |
|
exchange.mediavine.com/ | Name: criteo Value: %7B%22id%22%3A%22k-PDZ6z4JMsHyanKAptRLOPgUT-QD3zn3OXCggjw%22%2C%22version%22%3A%22criteo%22%7D |
|
.360yield.com/ | Name: tuuid Value: ed1ad649-98a0-4920-8d64-2d6192b89b05 |
|
.360yield.com/ | Name: tuuid_lu Value: 1686323833 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBHlCg2QCEK0QSIPFH043fvfaJc6wphgFEgEBAQGThGSNZOAXyiMA_eMAAA&S=AQAAAnVXVpBb7_YuaadXOcvsfU4 |
|
.alocdn.com/ | Name: uuid Value: e58da1bf-7193-4822-95cf-7f947628193a |
|
.pubmatic.com/ | Name: KRTBCOOKIE_97 Value: 3385-uid:k-sBIuU4JMsHyanKAptRLOPgUT-QAUHQahifDJ6w&KRTB&23144-uid:k-sBIuU4JMsHyanKAptRLOPgUT-QAUHQahifDJ6w&KRTB&23286-uid:k-sBIuU4JMsHyanKAptRLOPgUT-QAUHQahifDJ6w&KRTB&23287-uid:k-sBIuU4JMsHyanKAptRLOPgUT-QAUHQahifDJ6w |
|
.pubmatic.com/ | Name: PugT Value: 1686323832 |
|
.analytics.yahoo.com/ | Name: IDSYNC Value: 18zh~2c4f |
|
.360yield.com/ | Name: um Value: !38,kvoDUGo75Rdg7PuY5XacmW1.Lw9gfidxrcKx71xrzsuv5q.KJZ9hLw7YfSC5oUdcUBO1u5z4,1694099833 |
|
.360yield.com/ | Name: umeh Value: !38,0,1748531833,-1 |
|
.tremorhub.com/ | Name: tvid Value: bcaf46efe3c2495692f0440479dac629 |
|
.tremorhub.com/ | Name: tv_UICR Value: k-OKcvQYJMsHyanKAptRLOPgUT-QAJ4u6Fs8TxdQ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.twiago.com
ad.360yield.com
ad.yieldlab.net
beacon.krxd.net
c78fg1prn0.execute-api.us-east-1.amazonaws.com
cdn.onesignal.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
diffuser-cdn.app-us1.com
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
idxch.rtactivate.com
js.alocdn.com
main.d2ep2n36rh5ifz.amplifyapp.com
mamzhsoh7a.execute-api.us-east-1.amazonaws.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
onesignal.com
p.alocdn.com
pixel.rubiconproject.com
prism.app-us1.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
simage2.pubmatic.com
sslwidget.criteo.com
static.woopra.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
trackcmp.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
wallstreetkahuna.com
widget.us.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.woopra.com
x.bidswitch.net
104.102.35.84
13.248.245.213
13.32.145.18
13.32.99.94
141.226.228.48
141.95.98.64
151.101.129.91
162.55.95.216
172.217.18.2
178.250.1.9
178.250.7.11
178.250.7.13
18.197.47.28
18.202.200.24
184.30.20.22
185.255.84.152
185.64.191.210
185.80.39.216
185.86.139.103
2001:4860:4802:34::178
2001:4860:4802:34::36
209.59.180.11
23.215.16.120
2600:1f18:612b:4232:c1c9:4705:78de:99a3
2606:4700:4400::ac40:9197
2606:4700::6811:915b
2606:4700::6811:925b
2606:4700::6812:d73b
2a00:1450:4001:806::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a00:1450:4001:830::2003
2a02:2638:3::c
2a02:2638:3::e
3.12.98.6
3.75.62.37
34.117.157.22
34.214.180.109
35.211.178.172
37.157.5.132
37.252.172.123
37.252.173.215
52.18.203.230
52.22.253.166
52.222.139.6
52.49.117.60
52.59.7.245
54.73.120.206
65.9.86.13
69.173.144.139
70.42.32.31
74.119.119.150
85.215.5.31
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
19d48fdc6808e685995d17859d1de10e17baf05d34c7af5252a0725c45e84af6
1ba6a4747a79e93bba4b3d7b96c863f9a7574766df411453aff8b21cd0598c68
254480157773530fcaf693d9e568781e0eaaf25e91a8e3626af713950754ec97
311b8316163e5ad0a40cb1758018d5a478315919f5862bbe5342b3b41f435e50
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33094a7a8a14dded83be8401babfbc099daa435e8bb46ce2af3518ca165b841e
37123c3c8e286b32d620017d0ed878f9d80771e669ccca6e3bd495c6d7471814
3d28959f2ef6c60cb272e0070bf259ee80038d183f3fb1eb63f2555feba2e8b3
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
449c3e21276e9c5a36a35048040545562d2901c843faf8a1b36ea945e8ba9ec1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4d6acdbaee7e1cdfba505e2b45b3b651abc47890f317f16891617dd85511e6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
543b45ae17039ff7655383d37117f89ab82f5bf0697b544e642f7974f3a3132f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57eb989c2cfc700b2f7801d87b0e487838101861551092ac2370eb54761a5a33
589899455208588376bfaf719e2829f2198445574f2a3844a233868670ff3b1f
61685e0d46c73477a8c6605045163680b781b79e1050847397fcc684f7c351a6
6aafb52d7eac8133c3d08531b69c07257f587e8c15d54e3018df5ba69a4cc32c
78ebc3988aca19f58606a056cddd54a16db80d44402ae0d1de3f69783bc742d0
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a7c5d38828dbe26ec7e4daa28ad0b336014703b8aece32f498bfa70586e2d3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
92338b437928ddd6bb8c92d0e520a3bf45271eefe58812865158aba09416274b
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9820319f7c9996685f67a16e9b24f56e305d99171337df0b7007dbe356fec7b1
989dc09aa5145e9c4c5b1be5dcad56181c9c086dbd997e0590d972486ac8016a
9db5f9cae80767f93a4090c48cca08507545bac8a97c79740343744247ef8d67
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1892cc92f36f93d02f1f8fe25b9c6f9fe025ad7c6f596189bc0f00ad7ffa575
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6193714f26d0151aba02d310cd70e91059988161bcbb53bd78c4a9489006bf1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c490020e5d42efd4627422fd1ac193dec6cd67393735aaac5c6ca51bb29beb41
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c86a9ff9675183d36f664b6adefba7c72e7e15170e0f40eed96324f552c3ac82
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cca2ffa11f98d77c13a12f968cca4af331ea364db0422e434b2d1d597a2eddad
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1bf7d4f73f6f92c7dada7d29ae29ac81ef999ff1d3d4e3d5f5c7f929a16f667
d1d881133353f95a5bff520b06803b46e5da4864baf6cc4c27c3faec553f356d
d8c4b844b80fbe4a7e7afbd1512e9190d318fa0a0db1144d957944f1bf44fd9e
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e85711071bccbbd499f439fef56adf51587873acd96f1e35e6e800b22c4cec93
ec08b6d2dc269b41a3963ee71acb6d5ce9a706cf7ac99c4f4ac3664a7e2912db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fea8f27cdfda420d287e7a300a6744c0111dbae5b2e634ab3f070f5b67a816e6