urlscan.io logo urlscan.io
SecurityTrails logo

dev.watch.mta-live.com Open in urlscan Pro
52.200.76.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dev.watch.mta-live.com/
Effective URL: https://dev.watch.mta-live.com/
Submission: On April 04 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 29 HTTP transactions. The main IP is 52.200.76.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is dev.watch.mta-live.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 4th 2024. Valid for: a year.
This is the only time dev.watch.mta-live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 52.200.76.27 14618 (AMAZON-AES)
1 3.5.3.140 14618 (AMAZON-AES)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.224.189.35 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.173.205.106 16509 (AMAZON-02)
1 54.231.137.225 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 18.245.60.50 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 44.235.18.110 16509 (AMAZON-02)
29 13
5    52.200.76.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-76-27.compute-1.amazonaws.com
dev.watch.mta-live.com
dev.api.mta-live.com
1    3.5.3.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
portrait-tracker.s3.amazonaws.com
7    2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)
c.lytics.io
1    13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net
cdn.getblueshift.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    18.173.205.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-106.fra56.r.cloudfront.net
i.moal.tech
1    54.231.137.225 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
portrait-tracker.s3.amazonaws.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    18.245.60.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-50.fra60.r.cloudfront.net
dnzkifeab6.execute-api.us-east-1.amazonaws.com
1    2a00:1450:4001:80e::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    44.235.18.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-18-110.us-west-2.compute.amazonaws.com
api.getblueshift.com
Apex Domain
Subdomains		 Transfer
7 lytics.io
c.lytics.io — Cisco Umbrella Rank: 12219
88 KB
5 mta-live.com
dev.watch.mta-live.com
dev.api.mta-live.com
988 KB
4 moal.tech
i.moal.tech
28 KB
4 amazonaws.com
portrait-tracker.s3.amazonaws.com — Cisco Umbrella Rank: 572498
s3.amazonaws.com Failed
dnzkifeab6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 495516
39 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 329
14 KB
2 getblueshift.com
cdn.getblueshift.com — Cisco Umbrella Rank: 15268
api.getblueshift.com — Cisco Umbrella Rank: 13921
4 KB
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 347
1 KB
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 686
417 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
102 KB
29 9
Domain Requested by
7 c.lytics.io portrait-tracker.s3.amazonaws.com
c.lytics.io
4 i.moal.tech
3 bat.bing.com dev.watch.mta-live.com
bat.bing.com
3 dev.watch.mta-live.com dev.watch.mta-live.com
2 dnzkifeab6.execute-api.us-east-1.amazonaws.com portrait-tracker.s3.amazonaws.com
2 portrait-tracker.s3.amazonaws.com dev.watch.mta-live.com
portrait-tracker.s3.amazonaws.com
2 dev.api.mta-live.com dev.watch.mta-live.com
1 api.getblueshift.com cdn.getblueshift.com
1 storage.googleapis.com c.lytics.io
1 trc.taboola.com
1 www.googletagmanager.com portrait-tracker.s3.amazonaws.com
1 cdn.getblueshift.com portrait-tracker.s3.amazonaws.com
0 s3.amazonaws.com Failed
29 13

This site contains links to these domains. Also see Links.

Domain
dev.mtacommandcenter.com
monumenttradersalliance.com
privacyportal-cdn.onetrust.com
Subject Issuer Validity Valid
mta-live.com
Amazon RSA 2048 M03		 2024-04-04 -
2025-05-03		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
lytics.io
E1		 2024-03-16 -
2024-06-14		 3 months crt.sh
*.getblueshift.com
Amazon RSA 2048 M02		 2023-07-10 -
2024-08-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
i.moal.tech
Amazon RSA 2048 M01		 2023-07-18 -
2024-08-15		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2024-04-04 -
2024-06-27		 3 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon RSA 2048 M03		 2024-01-08 -
2025-02-04		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://dev.watch.mta-live.com/
Frame ID: 2651428E39D874380B09BD2644200B60
Requests: 27 HTTP requests in this frame

Frame: https://portrait-tracker.s3.amazonaws.com/index.html
Frame ID: 800C102563031680E2E6596997D635E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MTA Live

Page URL History Show full URLs

  1. http://dev.watch.mta-live.com/ HTTP 307
    https://dev.watch.mta-live.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

29
Requests

97 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

13
IPs

2
Countries

1263 kB
Transfer

6941 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dev.watch.mta-live.com/ HTTP 307
    https://dev.watch.mta-live.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dev.watch.mta-live.com/
Redirect Chain
  • http://dev.watch.mta-live.com/
  • https://dev.watch.mta-live.com/
923 B
499 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dev.watch.mta-live.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.76.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-76-27.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3624a67e6cce33f8efae6d74ecc036df7828f79ead5c8848c8adc86dc8b12d78

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Thu, 04 Apr 2024 21:34:57 GMT
etag
W/"660ef6a4-39b"
last-modified
Thu, 04 Apr 2024 18:51:16 GMT
server
nginx

Redirect headers

Location
https://dev.watch.mta-live.com/
Non-Authoritative-Reason
HttpsUpgrades
main.1119358f.js
dev.watch.mta-live.com/static/js/ 		6 MB
933 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.watch.mta-live.com/static/js/main.1119358f.js
Requested by
Host: dev.watch.mta-live.com
URL: https://dev.watch.mta-live.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.76.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-76-27.compute-1.amazonaws.com
Software
nginx /
Resource Hash
40b4e520baea8dc8450fd3e0ca52ed343b0cf0d1e7347145090cf007e46a695c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:57 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 18:51:16 GMT
server
nginx
etag
W/"660ef6a4-598875"
content-type
application/javascript
main.be6fb78d.css
dev.watch.mta-live.com/static/css/ 		209 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dev.watch.mta-live.com/static/css/main.be6fb78d.css
Requested by
Host: dev.watch.mta-live.com
URL: https://dev.watch.mta-live.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.76.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-76-27.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dac8959f454c5b1f4dcd23a1195e5d5a2058e25a3dca59181e75a605339de9fa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:57 GMT
content-encoding
br
last-modified
Thu, 04 Apr 2024 18:51:16 GMT
server
nginx
etag
W/"660ef6a4-3426c"
content-type
text/css
settings
dev.api.mta-live.com/api/v1/ 		60 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.api.mta-live.com/api/v1/settings
Requested by
Host: dev.watch.mta-live.com
URL: https://dev.watch.mta-live.com/static/js/main.1119358f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.76.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-76-27.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c0922dce77c353407407507aecb528c755d153b55ae74efeffe6e41e8580b65e
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:58 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
x-xss-protection
0
referrer-policy
no-referrer
server
nginx
cross-origin-opener-policy
same-origin
etag
W/"f0d3-W5JWWZn7JUxKTLU3vPJ3Tmy5xpQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
all.js
portrait-tracker.s3.amazonaws.com/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portrait-tracker.s3.amazonaws.com/all.js
Requested by
Host: dev.watch.mta-live.com
URL: https://dev.watch.mta-live.com/static/js/main.1119358f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.3.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0d442120d2b60deb30df02e017358ba9e8057e57af2a52aadaceb08200dc5118

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Apr 2024 21:34:59 GMT
x-amz-version-id
DJTsKKAXZAjX88yytY8IZ9oo.cyFutLW
Last-Modified
Tue, 12 Mar 2024 18:03:33 GMT
Server
AmazonS3
x-amz-request-id
48TYEFREV5XN5G8Q
ETag
"7a4866af82b3d9c4147211938ab5004d"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
38527
x-amz-id-2
Lrv9LAIT3ZKd1ezeYHMb4VV1vYBu8WKodxmRO2DMtD0qMUofDnh2ZnHTK2oMrbpKfyng8dlacB9oTSPMl48qcQ==
favicon.ico
s3.amazonaws.com/REPLACE/favicon/ 		0
0
latest.min.js
c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c5498e6b566cbdce24d58c797661ae67e8dfb2d75f3d5592017a881f9b1762
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:58 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2158
content-encoding
br
last-modified
Thu, 04 Apr 2024 20:59:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ERAsUhUf1VAnrEo6h7bU2W4aM%2BFM3xIHUSQT4vjPHHY4BDyOBowgEbFWs4cJ51T0p2bUlBCFfD8q5BW%2FDdTgJYUf%2FbCjTG0vWFB1iadqvEUggGgpL9eVxDouY222Enx91ngODCo3Dbv8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
2067b974cf21d334b299937e9fa4cd79
cf-ray
86f46cf17b6a9f84-AMS
blueshift.js
cdn.getblueshift.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getblueshift.com/blueshift.js
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 04 Apr 2024 21:18:44 GMT
Content-Encoding
gzip
Via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
977
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2826
Last-Modified
Wed, 24 Jan 2024 03:44:50 GMT
Server
AmazonS3
ETag
"bd39fba69cd2745738daf44e0e350f6e"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Amz-Cf-Id
k1R89yr70MEd9PfO_jwS50WFkXzGQFnLMKaTP9VmiK3evSNGJ72pTQ==
gtm.js
www.googletagmanager.com/ 		344 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTM4C7C
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c09fbb2f8fa9273a07155eb385d8fd2983f664dcca96232a714779d2a56ad9c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104447
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Apr 2024 21:34:58 GMT
Yj6IHtdKE_uEgDYYW30i0.svg
i.moal.tech/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.moal.tech/Yj6IHtdKE_uEgDYYW30i0.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c42811da2e3046bca0ab367cc5fd241fa1bed78d59a7fcb0fabbf6472d690d88

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:33:25 GMT
content-encoding
br
via
1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2024 19:08:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
94
etag
W/"1facf7c182d9d4e1655fa49975b9501e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
O7Vd2WnEVdQF8I10SfJLzeTGmUAC4boBRJGLA47Mc7-2ZuJP38e25Q==
wp75U93TZ5rwZcfha3aLn.svg
i.moal.tech/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.moal.tech/wp75U93TZ5rwZcfha3aLn.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
913d8318f2e123ccef12a75bbbc09a922cd2c4dda22a961ec810740e61b3c7c8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:33:25 GMT
content-encoding
br
via
1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2024 19:08:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
94
etag
W/"a2c158437294ff2d98d2f134deece2c8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
qMfuAQJx5eJZwrAcOc5m1v0tGDJkcVqIG5uTIAssnYxlP8gJF4_xHA==
7x4vuZVG7uYLo-J3ODT5l.svg
i.moal.tech/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.moal.tech/7x4vuZVG7uYLo-J3ODT5l.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
913d8318f2e123ccef12a75bbbc09a922cd2c4dda22a961ec810740e61b3c7c8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:33:25 GMT
content-encoding
br
via
1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2024 19:08:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
94
etag
W/"a2c158437294ff2d98d2f134deece2c8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
jomubBEE6UHDmmeD5pSbHgs_my5MjeDeqZzjkivgDTEf45bvTjVOkA==
/
dev.api.mta-live.com/api/v1/publicMessage/all/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.api.mta-live.com/api/v1/publicMessage/all/
Requested by
Host: dev.watch.mta-live.com
URL: https://dev.watch.mta-live.com/static/js/main.1119358f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.200.76.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-76-27.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ff3919569220e90872a924953af8854fcc4a257ebd64eb8c6a0bae517150414f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/plain, */*
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:58 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
x-xss-protection
0
referrer-policy
no-referrer
server
nginx
cross-origin-opener-policy
same-origin
etag
W/"150b-33mIxtd8DAY6RaCT0OX4tYnhdko"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
-nVFLKjIAT9pkA4ETE7Zm.png
i.moal.tech/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.moal.tech/-nVFLKjIAT9pkA4ETE7Zm.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa4572e1cf06a952ad02cca22b0dc11469c6e7780c4af21469a3ea7488489a66

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:33:25 GMT
via
1.1 20ce720be9c31a6a95223700ba5f8724.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2024 19:07:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
94
etag
"e36b92bf4e25610dc237b47b1ba313a8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10302
x-amz-cf-id
ZN6kqdVaCATY4tRCH7Y9ovR1NkyDXNjgNFNF02tfunNldH-AP5qZGQ==
index.html
portrait-tracker.s3.amazonaws.com/ Frame 800C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://portrait-tracker.s3.amazonaws.com/index.html
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.137.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://dev.watch.mta-live.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
nl-NL,nl;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Length
2371
Content-Type
text/html
Date
Thu, 04 Apr 2024 21:35:00 GMT
ETag
"c029f674b13b082e9a03b16217c3f576"
Last-Modified
Wed, 03 Nov 2021 21:10:09 GMT
Server
AmazonS3
x-amz-id-2
UqFq8qNYjGQUYww3Zrl+IIJk2Rq/M3cktszyrnj/ytpUyICvuRWoACePhgUZRraa0Og+76BSTII=
x-amz-request-id
BF1QA634KZMD3RGX
x-amz-version-id
X1zblgbOV1d.Qkc55AyQidmgNGbabuW5
debff28b-23d1-42b5-8b28-d1cf53162c05
c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/ 		254 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/personalize/9c32784e3cc4888a693a7988ad64c63d/user/_uid/debff28b-23d1-42b5-8b28-d1cf53162c05?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22debff28b-23d1-42b5-8b28-d1cf53162c05%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A2%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%22800x600%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22dev.watch.mta-live.com%2F%22%2C%22_v%22%3A%223.0.35%22%7D&ts=1712266498939&callback=u_674229136146955000
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43cfa201c9bd8de39eff689bf117f3c9e250c592b085b0610b1c0b03be6de4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:59 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aL%2BS4dExyB6tW78qMB5RtIrA5MpFKan5qiYLseihqW4mZ27J%2BgAyjqTS3GJSBKVwzeaz0NfoS6p5tHn70wIB1exFlhp7mI0VLtyX7zXp6mthgLfFgjUo%2ByClDH9p5p5DZkpUJSGX3GSv"}],"group":"cf-nel","max_age":604800}
x-lytics-trace
abab16079a971d16732ea9c046afc5e0
cf-ray
86f46cf26ca79f84-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
9c32784e3cc4888a693a7988ad64c63d
c.lytics.io/c/ 		35 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d?_e=pv&_sesstart=1&_tz=2&_ul=en-US&_sz=800x600&_ts=1712266498936&_nmob=t&_device=desktop&url=dev.watch.mta-live.com%2F&_v=3.0.35&_uid=debff28b-23d1-42b5-8b28-d1cf53162c05&_getid=t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:59 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADzfdUeuJlYD7U4PNJn15i0uo%2F1dK%2FDtbUZqQRLmD3YweDY7nClUe5vslbvwD0kSacIBRFL1%2BhcuRzEAJRgJiY1Hu75OTtJct74oVgCM5lXR0xPbB%2B2BX8kVGCNoGRzTdPZtC20pUmMh"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
0f9c2a5226cf9b2ca7f5858d7f120faa
cf-ray
86f46cf26ca99f84-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
cm
trc.taboola.com/sg/lytics/1/ 		43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3Ddebff28b-23d1-42b5-8b28-d1cf53162c05%26account_id%3D9c32784e3cc4888a693a7988ad64c63d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
83
date
Thu, 04 Apr 2024 21:34:59 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
81481
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mad2200130-MAD
pragma
no-cache
server
nginx
x-timer
S1712266499.262383,VS0,VE83
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: dev.watch.mta-live.com
URL: https://dev.watch.mta-live.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 04 Apr 2024 21:34:58 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C7257E1304BB4A688E98B9D0CE11E43E Ref B: FRAEDGE1311 Ref C: 2024-04-04T21:34:59Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ 		76 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Requested by
Host: portrait-tracker.s3.amazonaws.com
URL: https://portrait-tracker.s3.amazonaws.com/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-50.fra60.r.cloudfront.net
Software
/
Resource Hash
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 04 Apr 2024 21:34:59 GMT
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
484918ea-b9a5-4a54-87a6-da7934893ddc
x-amzn-trace-id
Root=1-660f1d03-73c7d45d2783ef4376815d65;Parent=3be00cedcf47d8b1;Sampled=0;lineage=17be0e8a:0
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
VuF4nEHTIAMEfYg=
content-length
76
x-amz-cf-id
E_YEumDsfcY57nZYxSBs70_VaT1I4mNBlZLjkH4BfBvzZL8sEjXffw==
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
GetLyticsUserData
dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dnzkifeab6.execute-api.us-east-1.amazonaws.com/Prod/GetLyticsUserData
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-50.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dev.watch.mta-live.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
3
content-type
application/json
date
Thu, 04 Apr 2024 21:34:59 GMT
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
x-amz-apigw-id
VuF4mGHboAMESMw=
x-amz-cf-id
N2sErUiPXY6-wQSOKHgZC2oSdoUdMS88nlABmhXOrt_Y8MO9sf8bCQ==
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
61b68082-25cd-4808-a96d-f937dfb46c7d
x-cache
Miss from cloudfront
portrait
c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/ 		35 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.lytics.io/c/9c32784e3cc4888a693a7988ad64c63d/portrait?page.url=https%3A%2F%2Fdev.watch.mta-live.com%2F&page.timestamp=1712266498746&page.page_domain=dev.watch.mta-live.com&page.page_referrer=&page.page_title=MTA%20Live&identity.sessionid=_r1t86yxv3sm&identity.device_width=large&identity.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&identity.clientid=606146c7-42f7-434f-be37-09aa55dd0dc5&identity.login_state=logged-out&_ts=1712266499207&_nmob=t&_device=desktop&url=dev.watch.mta-live.com%2F&_uid=debff28b-23d1-42b5-8b28-d1cf53162c05&_v=3.0.35&_uido=debff28b-23d1-42b5-8b28-d1cf53162c05
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:59 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
35
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ru1seqjp9jwk5zlqgBlF%2BNOhx2nIQyrl1SDPd%2B3LvdWUBo7lJrdzb9EMaLIZwl851M%2FGjZgyg9c7JfVHE%2BocO1G5T0SYyQ%2FjWhrLuJhV%2BDl8jVTstyZ5D%2BJLbHssxTuw5KLUBD4Erj7V"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
x-lytics-trace
c8db78c1c03745ae53b01b980bbe2aeb
cf-ray
86f46cf41e639f84-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires
0
15322609.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/15322609.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 04 Apr 2024 21:34:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 072A12EFB2414713A5AF0F74BE7E80BD Ref B: FRAEDGE1311 Ref C: 2024-04-04T21:34:59Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=15322609&Ver=2&mid=c2523644-1512-4a65-8cf4-b56f28184fa6&sid=300647d0f2cb11ee999605061e939bec&vid=30065630f2cb11ee9553530f897fa9aa&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=MTA%20Live&p=https%3A%2F%2Fdev.watch.mta-live.com%2F&r=&lt=1082&evt=pageLoad&sv=1&rn=313329
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Apr 2024 21:34:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EE29E4073A934C44B7C699835D4EE7F4 Ref B: FRAEDGE1311 Ref C: 2024-04-04T21:34:59Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pathfora.min.js
c.lytics.io/static/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:59 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 04 Apr 2024 20:30:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3881
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHLwGweEMCk5PKxgytK1ABrCcFn0ZAAduOo5PyyP9n4n0WplBaz3kSE2FIhhWF4g0CWEkTGHInMQpNGXruuno6eQPJBe5S%2Bwg7AoWjy%2BChsCMXRg1OGFojsbRqBWjrCZuRSrW2oLl0xI"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
86f46cf6d9569f84-AMS
pathfora.min.css
c.lytics.io/static/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/static/pathfora.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:59 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 04 Apr 2024 20:49:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2732
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Q%2Fw04PjN33O%2BJ3Z2rWX9KTExTf8QPMG8mfezBdoTBFUbUPO6HsIIMRThkMrc8wIKqUOLNC%2B7E02E%2Bw%2BcKUHoeiq0O8ZQs0GrWPoRaEtcGnpqeA49TFMfNFTERImKk8%2FlYPs3XY4TobQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
content-encoding
br
cache-control
max-age=7200
cf-ray
86f46cf7097b9f84-AMS
lytics_overrides.min.css
storage.googleapis.com/lioservices/2470-oxford-club/ 		602 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/lioservices/2470-oxford-club/lytics_overrides.min.css
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:04:09 GMT
age
1850
x-guploader-uploadid
ABPtcPpqEESaw3KfyDhZwnC5fG57PoZV-7FUPr6_xwRqfSISde8uzWY-Wxt0-mt3kvdVptQrNT3i-3LnNQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
602
last-modified
Thu, 04 Oct 2018 21:47:26 GMT
server
UploadServer
etag
"9df2d5ae6031369aa6e0f3685608cd8c"
x-goog-generation
1538689646128559
x-goog-hash
crc32c=VZEimQ==, md5=nfLVrmAxNpqm4PNoVgjNjA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
602
accept-ranges
bytes
content-type
text/css
expires
Thu, 04 Apr 2024 22:04:09 GMT
config.js
c.lytics.io/api/program/campaign/config/9c32784e3cc4888a693a7988ad64c63d/ 		353 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.lytics.io/api/program/campaign/config/9c32784e3cc4888a693a7988ad64c63d/config.js
Requested by
Host: c.lytics.io
URL: https://c.lytics.io/api/tag/9c32784e3cc4888a693a7988ad64c63d/latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8144dd81871ff83480f71004b56e62a6cf2aa40cc9e3e1fa6c8f4a8a3bb6090f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 21:34:59 GMT
strict-transport-security
max-age=63072000;
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2816
content-encoding
br
last-modified
Thu, 04 Apr 2024 20:48:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u9OJfZRP%2FH387JO7ZP0gL1O4Hl2LQeVcGjyuVKG6mqNaxz72XTc2wd1%2BOlM%2FyfG2KLGIKcUCHksB%2F3GppS0VRmMwUpDAIWfZezEy9zvocP3eYuu7kYVqEUUNqTeX%2BFLHwhK6ZK2iMgQC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
x-lytics-trace
d2cea11009eb948763085e86a8785b97
cf-ray
86f46cf78a359f84-AMS
unity.gif
api.getblueshift.com/ 		42 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getblueshift.com/unity.gif?t=1712266500&e=pageload&r=&z=477926&x=5475fa15fca6698857e67e2705849cfa&k=03c45feb-2fc3-8e81-cd82-aac86782ea12&u=https%3A%2F%2Fdev.watch.mta-live.com%2F
Requested by
Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.18.110 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-18-110.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dev.watch.mta-live.com/
accept-language
nl-NL,nl;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://dev.watch.mta-live.com
date
Thu, 04 Apr 2024 21:35:00 GMT
access-control-expose-headers
etag
content-length
42
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/REPLACE/favicon/favicon.ico

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FontAwesomeConfig object| ___FONT_AWESOME___ object| AWS object| vttjs function| WebVTT object| regeneratorRuntime string| event_api_key object| jstag string| _blueshiftid object| blueshift object| bundles object| portraitReady object| portraitLyticsLoaded object| portraitPageLoaded object| portraitPurchase object| portraitReversePurchase object| portraitIdentity object| portraitEventTrigger object| portraitXHRHook boolean| initIdentityCallComplete object| liosetup object| dataLayer object| Portrait object| __lytics__jstag__ object| google_tag_manager object| google_tag_data undefined| u_674229136146955000 string| clientid object| LyticsPortrait undefined| containers object| uetq string| ly_cookie_id function| UET function| UET_init function| UET_push object| ueto_fa9a97f30e object| pathfora string| req

7 Cookies

Domain/Path Name / Value
.dev.watch.mta-live.com/ Name: seerses
Value: e
.dev.watch.mta-live.com/ Name: seerid
Value: debff28b-23d1-42b5-8b28-d1cf53162c05
.lytics.io/ Name: seerid
Value: debff28b-23d1-42b5-8b28-d1cf53162c05
.mta-live.com/ Name: _uetsid
Value: 300647d0f2cb11ee999605061e939bec
.mta-live.com/ Name: _uetvid
Value: 30065630f2cb11ee9553530f897fa9aa
.bing.com/ Name: MUID
Value: 0A5F51D93B9463091900458E3A466276
.dev.watch.mta-live.com/ Name: _bs
Value: 03c45feb-2fc3-8e81-cd82-aac86782ea12

6 Console Messages

Source Level URL
Text
other warning URL: https://dev.watch.mta-live.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dev.watch.mta-live.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dev.watch.mta-live.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dev.watch.mta-live.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dev.watch.mta-live.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dev.watch.mta-live.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getblueshift.com
bat.bing.com
c.lytics.io
cdn.getblueshift.com
dev.api.mta-live.com
dev.watch.mta-live.com
dnzkifeab6.execute-api.us-east-1.amazonaws.com
i.moal.tech
portrait-tracker.s3.amazonaws.com
s3.amazonaws.com
storage.googleapis.com
trc.taboola.com
www.googletagmanager.com
s3.amazonaws.com
13.224.189.35
18.173.205.106
18.245.60.50
2606:4700:20::681a:216
2620:1ec:c11::237
2a00:1450:4001:80e::201b
2a00:1450:4001:82b::2008
2a04:4e42::300
3.5.3.140
44.235.18.110
52.200.76.27
54.231.137.225
0d442120d2b60deb30df02e017358ba9e8057e57af2a52aadaceb08200dc5118
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0efd1a0f2f52ed3d1bbd90257616b1f3f057163e50e3ed7d36af06ffa10b7b06
1f6e70fc4337b6769a4c498cf721491cb1f31a14e342cb9c584ccea00fee9d1b
3624a67e6cce33f8efae6d74ecc036df7828f79ead5c8848c8adc86dc8b12d78
40b4e520baea8dc8450fd3e0ca52ed343b0cf0d1e7347145090cf007e46a695c
464ad5d70f6d5fe4adef4d3057e1ae91e4983b02ef4ec9db0b067dcad4e53685
63c5498e6b566cbdce24d58c797661ae67e8dfb2d75f3d5592017a881f9b1762
674d1ff7419bdf7f1dafd4a41db01a4feb1d802122213ecc456dd43f72791984
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8144dd81871ff83480f71004b56e62a6cf2aa40cc9e3e1fa6c8f4a8a3bb6090f
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
913d8318f2e123ccef12a75bbbc09a922cd2c4dda22a961ec810740e61b3c7c8
a97c4e09767a155128f03c8a72efccc7d8e38e2e8e78daf14c8e5beaf72ff1a5
b43cfa201c9bd8de39eff689bf117f3c9e250c592b085b0610b1c0b03be6de4e
c0922dce77c353407407507aecb528c755d153b55ae74efeffe6e41e8580b65e
c09fbb2f8fa9273a07155eb385d8fd2983f664dcca96232a714779d2a56ad9c4
c42811da2e3046bca0ab367cc5fd241fa1bed78d59a7fcb0fabbf6472d690d88
dac8959f454c5b1f4dcd23a1195e5d5a2058e25a3dca59181e75a605339de9fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa4572e1cf06a952ad02cca22b0dc11469c6e7780c4af21469a3ea7488489a66
ff3919569220e90872a924953af8854fcc4a257ebd64eb8c6a0bae517150414f