urlscan.io logo urlscan.io
SecurityTrails logo

www.playonigo.com Open in urlscan Pro
3.248.8.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.playonigo.com/atlantean-chest/start
Effective URL: https://www.playonigo.com/atlantean-chest/start
Submission: On June 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 28 HTTP transactions. The main IP is 3.248.8.137, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.playonigo.com.
TLS certificate: Issued by R3 on June 18th 2022. Valid for: 3 months.
This is the only time www.playonigo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    3.248.8.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-8-137.eu-west-1.compute.amazonaws.com
www.playonigo.com
8    99.86.4.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-104.fra6.r.cloudfront.net
uploads-ssl.webflow.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    2600:9000:2057:2600:14:dc98:7700:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.cdn.privado.ai
cdn.privado.ai
1    99.86.1.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-115.fra6.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
8 webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 14087
689 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 944
45 KB
3 privado.ai
www.cdn.privado.ai — Cisco Umbrella Rank: 498860
cdn.privado.ai — Cisco Umbrella Rank: 447355
49 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
163 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 630
130 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 8
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
84 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 307
fonts.googleapis.com — Cisco Umbrella Rank: 71
7 KB
2 playonigo.com
www.playonigo.com
5 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5448
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
444 B
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
28 13
Domain Requested by
8 uploads-ssl.webflow.com www.playonigo.com
uploads-ssl.webflow.com
4 unpkg.com 2 redirects www.playonigo.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.privado.ai www.playonigo.com
text
2 code.jquery.com www.playonigo.com
2 www.google.com www.playonigo.com
2 www.googletagmanager.com www.playonigo.com
2 www.playonigo.com 1 redirects
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.playonigo.com
1 www.cdn.privado.ai 1 redirects
1 ajax.googleapis.com www.playonigo.com
28 16

This site contains links to these domains. Also see Links.

Domain
privado.ai
Subject Issuer Validity Valid
www.playonigo.com
R3		 2022-06-18 -
2022-09-16		 3 months crt.sh
uploads-ssl.webflow.com
Amazon		 2021-09-27 -
2022-10-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
cdn.privado.ai
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.playonigo.com/atlantean-chest/start
Frame ID: 6399C363A2E1540A3B791CAC763F7CAC
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Atlantean Chest - Start Your Game

Page URL History Show full URLs

  1. http://www.playonigo.com/atlantean-chest/start HTTP 301
    https://www.playonigo.com/atlantean-chest/start Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

28
Requests

89 %
HTTPS

80 %
IPv6

13
Domains

16
Subdomains

16
IPs

5
Countries

1224 kB
Transfer

2617 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.playonigo.com/atlantean-chest/start HTTP 301
    https://www.playonigo.com/atlantean-chest/start Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@8.2.5/swiper-bundle.min.css
Request Chain 6
  • https://www.cdn.privado.ai/e88310899d304617a49b6875751317a4.js HTTP 302
  • https://cdn.privado.ai/geo/e88310899d304617a49b6875751317a4_Global.js
Request Chain 9
  • https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@8.2.5/swiper-bundle.min.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request start
www.playonigo.com/atlantean-chest/
Redirect Chain
  • http://www.playonigo.com/atlantean-chest/start
  • https://www.playonigo.com/atlantean-chest/start
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.248.8.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-8-137.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
13b7ee20a56a55b5398d599c0ff3a05b91779e973cf17ffaeb9930765afb9d8f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47
content-encoding
gzip
content-length
4628
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Mon, 27 Jun 2022 19:10:32 GMT
server
openresty
vary
x-wf-forwarded-proto, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
1, 2
x-cluster-name
eu-west-1-prod-eks-15
x-frame-options
SAMEORIGIN
x-served-by
cache-iad-kiad7000136-IAD, cache-dub4330-DUB
x-timer
S1656357032.038529,VS0,VE0

Redirect headers

Connection
keep-alive
Content-Length
166
Content-Type
text/html
Date
Mon, 27 Jun 2022 19:10:31 GMT
Location
https://www.playonigo.com/atlantean-chest/start
Server
openresty
onigo.webflow.d086f3b0c.min.css
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/ 		238 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a03f977cf3794ca010c3d71916a4ea5c9553526226629f3e1e10b849dd5f53f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 12:41:06 GMT
content-encoding
gzip
age
23367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29720
last-modified
Tue, 24 May 2022 15:20:34 GMT
server
AmazonS3
etag
"04d5c5aeee60d5d718d73db6857f8d06"
x-amz-version-id
ebdJW9SCdPNlIMcayFYWW3qLF.hk0mFU
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
cBnyHYywp_vIvWx_4o-QYv4IEeEs_8pYkAlifh5MB-k2KE9L0J3C9g==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 17:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 17:43:40 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-114116789-1
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7ae5a062645df463b32a6d8b5475a03faf41e0c1f59d6d32147af4b9a0a4328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:10:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39784
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Jun 2022 19:10:32 GMT
api.js
www.google.com/recaptcha/ 		850 B
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:10:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Mon, 27 Jun 2022 19:10:32 GMT
swiper-bundle.min.css
unpkg.com/swiper@8.2.5/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.css
  • https://unpkg.com/swiper@8.2.5/swiper-bundle.min.css
16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.2.5/swiper-bundle.min.css
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a119de38170bb059aec77d5fb6c43db93c7d6c99b5452630c9c741a84a75a49e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:10:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
31362
fly-request-id
01G6JB4AXCW13BB61NMZA3F5XM-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"4052-t14aokqY40qlT9/mm5aWMaYU0cg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
72207bbb0b699101-FRA

Redirect headers

date
Mon, 27 Jun 2022 19:10:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G6K8JAT9J8RS7AVS0HQ0BQBS-fra
server
cloudflare
age
580
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.2.5/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
72207bbacb109101-FRA
access-control-allow-origin
*
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:40 GMT
server
nginx
etag
W/"620cd700-8c85"
vary
Accept-Encoding
x-hw
1656357032.dop159.fr8.t,1656357032.cds146.fr8.hn,1656357032.cds272.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
8323
e88310899d304617a49b6875751317a4_Global.js
cdn.privado.ai/geo/
Redirect Chain
  • https://www.cdn.privado.ai/e88310899d304617a49b6875751317a4.js
  • https://cdn.privado.ai/geo/e88310899d304617a49b6875751317a4_Global.js
46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privado.ai/geo/e88310899d304617a49b6875751317a4_Global.js
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Server
2600:9000:2057:2600:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b3933294fd263b1572540d5a06c988d6178804a57b8cba76225d1cac605b018

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 06 Jun 2022 06:51:20 GMT
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified
Sat, 27 Nov 2021 09:33:02 GMT
server
AmazonS3
age
1858753
etag
"bee9b0de57e513a1ff05550c8dfda210"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
binary/octet-stream
content-length
46791
x-amz-cf-id
O8IFIVwiABjGa72elhJWeJbJ0FGKsisvajrt66g5P24l0aqBMaxzGQ==

Redirect headers

date
Mon, 27 Jun 2022 19:09:45 GMT
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
server
CloudFront
age
47
x-cache
Hit from cloudfront
location
https://cdn.privado.ai/geo/e88310899d304617a49b6875751317a4_Global.js
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
c1FjBaTbRNVM0GdC2E-V-37wrN7Taqkr3FZ3CprJXL3zFWIhU79PDg==
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6060ad3f5fb11974bc7406cb
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.1.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-1-115.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.playonigo.com/
Origin
https://www.playonigo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 09:33:54 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
34598
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
k2oDYmBbd2MqU7FV9HSnPpNhdlTMpaKX99rHT8VtH_S7egeTmYwGXw==
webflow.3a42b50fe.js
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/js/ 		267 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/js/webflow.3a42b50fe.js
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46df10977d02e072fdb0106d1dad637a3c0c86538ac2ee459f30e403e9f17325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:09:46 GMT
content-encoding
gzip
age
47
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
64839
last-modified
Tue, 24 May 2022 15:20:34 GMT
server
AmazonS3
etag
"e8e7e69b9509e8203d0c0010f5fb0546"
x-amz-version-id
76NVPt5rFiQWdzRWMFps64RMQkQKjBfw
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/javascript
x-amz-cf-id
Ucskgn9ufjBDK-31GQjbDS0ukMaTBBjk1afEgaNH8uqCB_oKKo1C_w==
swiper-bundle.min.js
unpkg.com/swiper@8.2.5/
Redirect Chain
  • https://unpkg.com/swiper/swiper-bundle.min.js
  • https://unpkg.com/swiper@8.2.5/swiper-bundle.min.js
139 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@8.2.5/swiper-bundle.min.js
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa504a83a70e4a3894ddf789cf8a4dfec63c3d937edc9932a2029b4765d84aa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:10:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
31336
fly-request-id
01G6JB542AB2JEPPZEGB9Q5WM4-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"22d61-3W+0Qu74t174sXYrZ2DwzaMdoc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
72207bbb0b679101-FRA

Redirect headers

date
Mon, 27 Jun 2022 19:10:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G6K97HQ7METR3FJDS2AG9WQF-fra
server
cloudflare
age
84
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@8.2.5/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
72207bbacb129101-FRA
access-control-allow-origin
*
jquery-ui.js
code.jquery.com/ui/1.12.1/ 		509 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:10:32 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
W/"611feaca-7f20a"
vary
Accept-Encoding
x-hw
1656357032.dop159.fr8.t,1656357032.cds146.fr8.hn,1656357032.cds269.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
124434
css
fonts.googleapis.com/ 		981 B
916 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=VT323:regular
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7942e2e26a4203b6ce47df56d9c220a45eb1836a4721c142b4a0b488998eb0b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:10:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 27 Jun 2022 19:10:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Jun 2022 19:10:32 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.playonigo.com/
Origin
https://www.playonigo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 17:37:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Jun 2023 17:37:22 GMT
gtm.js
www.googletagmanager.com/ 		120 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TNFQLJJ
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f79c6011a2e307d483584737ae17483e8c1c75ef6297ce4df89f905cce1facce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:10:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46103
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 Jun 2022 19:10:32 GMT
index.css
cdn.privado.ai/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.privado.ai/index.css
Requested by
Host: text
URL: data:text/css,@import%20url%28%27https%3A//cdn.privado.ai/index.css%27%29%3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2600:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c0c39b913efd4fe6cadbc34c575160c55c5ea0c77fc6746ccd2327e40b2ed9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 27 Jun 2022 06:35:39 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 09:47:48 GMT
server
AmazonS3
age
45294
etag
W/"b37829b910c734bf3a7f83a5b98e2099"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
text/css
x-amz-cf-id
YBJaAIvtba1rT9I4b8GZAZ808gSWesgrEg5ZjScIJVL3s-GAL84lxg==
truncated
/ 		48 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfe0f324e5847753b4dbc0b8c7a883a46fd37f982504c1a2e5a6c86281394d0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
text/css
60622ffdd2174b57ff63e365_dayso-ql-l2lVoxKI-unsplash%20(1)%201.jpg
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/60622ffdd2174b57ff63e365_dayso-ql-l2lVoxKI-unsplash%20(1)%201.jpg
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abe615b1cb6022c3c153172e64fb39e956601ecf47dee36ebcfee1e6ad2bd1c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 22 Jun 2022 17:01:45 GMT
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified
Mon, 29 Mar 2021 19:52:36 GMT
server
AmazonS3
age
439728
etag
"ae349acbf209ca235eaa0cb2a3c79bdb"
x-cache
Hit from cloudfront
x-amz-version-id
fCsYY45c_3LXa1s4nCbmIyCGPnRLA7nU
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
54604
x-amz-cf-id
fMHmbD9mXpEuSOthDMh4yEHsbd1Oaeqz_unDJpqsmkswyFMEsd0bmA==
6074aefbecafbc094d54e6e6_suhash-villuri-DYWHwLZyJ64-unsplash%20(1).jpeg
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 		355 KB
355 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/6074aefbecafbc094d54e6e6_suhash-villuri-DYWHwLZyJ64-unsplash%20(1).jpeg
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
547e0054f7adc46531a2b92e4d86e5f09cdf6049e74b2aa9cb2764ae5994f540

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 26 Jun 2022 04:46:26 GMT
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 20:35:08 GMT
server
AmazonS3
age
138247
etag
"8bcb7ccdf9a6f3c505a27f67a2043043"
x-cache
Hit from cloudfront
x-amz-version-id
9wXxzeTSr_FEwWapUQv6URMjH2ysAMME
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
363103
x-amz-cf-id
284GZxbmC1KDTOG_-dE0kWg0liWz5Ff0hnVwMLGD-gT9RG3v7c_lEg==
60637ecefe6203e28a4d2c80_Gilroy-Medium.otf
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 		134 KB
134 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/60637ecefe6203e28a4d2c80_Gilroy-Medium.otf
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ebe1219a8cbb054a23bea0d9b2e3bbc9f0dc1454643506df0f6c52eb9e94641

Request headers

Referer
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
Origin
https://www.playonigo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 09:50:43 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
2279990
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
136912
last-modified
Tue, 30 Mar 2021 19:41:04 GMT
server
AmazonS3
etag
"5c1e574883aeccf0f98afb84482f3839"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
EL9XPDAGsW0bmFUMx_yhhNBlP0xefIdx
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/x-font-otf
x-amz-cf-id
0P62By_kfEScWZeDi6Q1Ni4uBISBQWbGfKFoot5ZY4JTZ7uP7PYtAw==
6060addb5c469646b7797317_Gilroy-Regular.woff2
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/6060addb5c469646b7797317_Gilroy-Regular.woff2
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bb576ebfaacf418331a906da2aadc9dc8047f10a68ab81754856aacff91bc4d

Request headers

Referer
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
Origin
https://www.playonigo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:09:46 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
46
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24820
last-modified
Sun, 28 Mar 2021 16:55:27 GMT
server
AmazonS3
etag
"003c969cc824b37657e356519cc085ac"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
rBiEWCORB7slf50wfmdobf4yk5IJ.037
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
RA0x0db4PVDQCRVA4Ecm2a0oTar4MI-M1F7seli9YMiHVyV5KxA6Rw==
6060ae1a23692b0ba07b9d35_Gilroy-SemiBold.woff2
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/6060ae1a23692b0ba07b9d35_Gilroy-SemiBold.woff2
Requested by
Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43806e67ec1242859d5779da20ad79339410917188fd2926c293f9c556f0d2be

Request headers

Referer
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.d086f3b0c.min.css
Origin
https://www.playonigo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 16:04:06 GMT
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
1047987
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25820
last-modified
Sun, 28 Mar 2021 16:26:04 GMT
server
AmazonS3
etag
"334d60181a177b9e399106103f353d1d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
1Dxs7_1SrM_ondDiZfRAcvWitgazg3FY
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
bOZcveqaFiGnrYCbc3UPSL5XsM01I8Iauyat4lgOcYL4pYlVl0hvnw==
6060b12707f5361365cd6719_Logo.svg
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/6060b12707f5361365cd6719_Logo.svg
Requested by
Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32164f449bfc5c44ba943d78680d9d2a145be4b93302487dafa58671baa0b9f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 15 Jun 2022 02:27:48 GMT
content-encoding
gzip
last-modified
Sun, 28 Mar 2021 16:39:04 GMT
server
AmazonS3
age
1096965
etag
W/"1979dd4d7e0840e50adac8a9555451e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
9Z7JFkZtHYGAHnH8RHU6V4muXyh0vmGW
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA6-C1
content-type
image/svg+xml
x-amz-cf-id
x0y4F59z7YNRv5aGttujeFUL2sXs31qovPpg4TnZcONRcFGifMKX4w==
pxiKyp0ihIEF2isfFJU.woff2
fonts.gstatic.com/s/vt323/v17/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vt323/v17/pxiKyp0ihIEF2isfFJU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=VT323:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.playonigo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 23:37:34 GMT
x-content-type-options
nosniff
age
415978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17668
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:50:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 23:37:34 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-114116789-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
899
date
Mon, 27 Jun 2022 18:55:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 27 Jun 2022 20:55:33 GMT
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1584076439&t=pageview&_s=1&dl=https%3A%2F%2Fwww.playonigo.com%2Fatlantean-chest%2Fstart&ul=en-us&de=UTF-8&dt=Atlantean%20Chest%20-%20Start%20Your%20Game&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=72367784&gjid=345202845&cid=384233462.1656357032&tid=UA-114116789-1&_gid=55204626.1656357032&_r=1&gtm=2ou6m0&z=1166145396
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.playonigo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Jun 2022 19:10:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.playonigo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-114116789-1&cid=384233462.1656357032&jid=72367784&gjid=345202845&_gid=55204626.1656357032&_u=YEBAAUAAAAAAAC~&z=1467206031
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.playonigo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 27 Jun 2022 19:10:32 GMT
content-type
text/plain
access-control-allow-origin
https://www.playonigo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114116789-1&cid=384233462.1656357032&jid=72367784&_u=YEBAAUAAAAAAAC~&z=1704334924
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jun 2022 19:10:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114116789-1&cid=384233462.1656357032&jid=72367784&_u=YEBAAUAAAAAAAC~&z=1704334924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.playonigo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jun 2022 19:10:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| WebFont function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| injectedOptions object| COOKIES_ALLOWED undefined| preferenceSet function| $ function| jQuery function| tram object| Webflow function| Swiper string| swiperNodes string| pagination string| next_prev_buttons object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.playonigo.com/ Name: _gcl_au
Value: 1.1.269421686.1656357032
.playonigo.com/ Name: _ga
Value: GA1.2.384233462.1656357032
.playonigo.com/ Name: _gid
Value: GA1.2.55204626.1656357032
.playonigo.com/ Name: _gat_gtag_UA_114116789_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.privado.ai
code.jquery.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
unpkg.com
uploads-ssl.webflow.com
www.cdn.privado.ai
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.playonigo.com
2001:4de0:ac18::1:a:3b
2600:9000:2057:2600:14:dc98:7700:93a1
2606:4700::6810:7caf
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c07::9c
2a00:1450:400e:800::200a
3.248.8.137
99.86.1.115
99.86.4.104
0a03f977cf3794ca010c3d71916a4ea5c9553526226629f3e1e10b849dd5f53f
0ebe1219a8cbb054a23bea0d9b2e3bbc9f0dc1454643506df0f6c52eb9e94641
13b7ee20a56a55b5398d599c0ff3a05b91779e973cf17ffaeb9930765afb9d8f
32164f449bfc5c44ba943d78680d9d2a145be4b93302487dafa58671baa0b9f4
3c0c39b913efd4fe6cadbc34c575160c55c5ea0c77fc6746ccd2327e40b2ed9b
43806e67ec1242859d5779da20ad79339410917188fd2926c293f9c556f0d2be
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
46df10977d02e072fdb0106d1dad637a3c0c86538ac2ee459f30e403e9f17325
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
547e0054f7adc46531a2b92e4d86e5f09cdf6049e74b2aa9cb2764ae5994f540
5b3933294fd263b1572540d5a06c988d6178804a57b8cba76225d1cac605b018
7942e2e26a4203b6ce47df56d9c220a45eb1836a4721c142b4a0b488998eb0b1
7bb576ebfaacf418331a906da2aadc9dc8047f10a68ab81754856aacff91bc4d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a119de38170bb059aec77d5fb6c43db93c7d6c99b5452630c9c741a84a75a49e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
abe615b1cb6022c3c153172e64fb39e956601ecf47dee36ebcfee1e6ad2bd1c6
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
cfe0f324e5847753b4dbc0b8c7a883a46fd37f982504c1a2e5a6c86281394d0c
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79c6011a2e307d483584737ae17483e8c1c75ef6297ce4df89f905cce1facce
f7ae5a062645df463b32a6d8b5475a03faf41e0c1f59d6d32147af4b9a0a4328
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa504a83a70e4a3894ddf789cf8a4dfec63c3d937edc9932a2029b4765d84aa1