urlscan.io logo urlscan.io
SecurityTrails logo

valopromotion.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://valopromotion.com/login
Effective URL: https://valopromotion.com/blog/
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 19 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 40 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is valopromotion.com.
TLS certificate: Issued by E1 on June 12th 2023. Valid for: 3 months.
This is the only time valopromotion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 52.203.114.80 14618 (AMAZON-AES)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
4 116.202.159.137 24940 (HETZNER-AS)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 35.186.253.211 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
3 3 37.252.173.215 29990 (ASN-APPNEX)
2 2 99.81.190.73 16509 (AMAZON-02)
40 7
18    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
valopromotion.com
7    52.203.114.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-114-80.compute-1.amazonaws.com
www.thegamer.com
9    2606:4700:10::ac43:f19 (United States)

ASN13335 (CLOUDFLARENET, US)
static1.thegamerimages.com
4    116.202.159.137 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy02.cl01.het.mrf.io
mbid.marfeelrev.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum.casalemedia.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    99.81.190.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-190-73.eu-west-1.compute.amazonaws.com
ad.360yield.com
Apex Domain
Subdomains		 Transfer
18 valopromotion.com
valopromotion.com
188 KB
9 thegamerimages.com
static1.thegamerimages.com — Cisco Umbrella Rank: 112396
180 KB
7 thegamer.com
www.thegamer.com — Cisco Umbrella Rank: 50742
119 KB
4 marfeelrev.com
mbid.marfeelrev.com — Cisco Umbrella Rank: 20310
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 249
3 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 662
748 B
2 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1386
1 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
239 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1042
236 B
40 9
Domain Requested by
18 valopromotion.com 1 redirects valopromotion.com
9 static1.thegamerimages.com valopromotion.com
7 www.thegamer.com valopromotion.com
4 mbid.marfeelrev.com valopromotion.com
3 ib.adnxs.com 3 redirects
2 ad.360yield.com 2 redirects
2 ssum.casalemedia.com 1 redirects
1 pixel.rubiconproject.com
1 rtb.openx.net
40 9

This site contains no links.

Subject Issuer Validity Valid
valopromotion.com
E1		 2023-06-12 -
2023-09-10		 3 months crt.sh
thegamer.com
R3		 2023-06-15 -
2023-09-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
ssl02.cert.cl01.k8s.mrf.io
R3		 2023-06-01 -
2023-08-30		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh

This page contains 3 frames:

Primary Page: https://valopromotion.com/blog/
Frame ID: 787E47C5EA32A430E04963284E7B1123
Requests: 31 HTTP requests in this frame

Frame: https://valopromotion.com/blog/files/cookie-sync.html
Frame ID: 65B03C59267E1B21922EA491C0CB198F
Requests: 8 HTTP requests in this frame

Frame: https://valopromotion.com/blog/files/saved_resource.html
Frame ID: C3AF01C3C1E063300601FA8370EB5686
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Valorant: Complete Beginner's Guide

Page URL History Show full URLs

  1. https://valopromotion.com/login HTTP 302
    https://valopromotion.com/blog/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

40
Requests

90 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

491 kB
Transfer

882 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://valopromotion.com/login HTTP 302
    https://valopromotion.com/blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb= HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Request Chain 36
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2834631520842884497
Request Chain 37
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=fdadd5f7-1e9b-478c-a276-45f45a0e7258
Request Chain 38
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2834631520842884497

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
valopromotion.com/blog/
Redirect Chain
  • https://valopromotion.com/login
  • https://valopromotion.com/blog/
124 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3fa34b1a1efa3de23987fb35cda599baba3f9c3bef83758449e808f5aceb748

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d98161098550b3e-AMS
content-encoding
br
content-type
text/html
date
Mon, 19 Jun 2023 01:44:19 GMT
last-modified
Sat, 17 Jun 2023 19:58:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JA6izFqB%2FTl2cCRjvSgbpWPc9Y3WmGz6fOx%2FhawUJ%2B%2BW7RFQl2mTHtRW3cnTXBTrdykc9MABvAcyIb2vL%2BZnXemR5onFUYkH1Oi5vmAfhfElW1xwfJNil5grWim2NlFmAzaE1K238aKmRBkJCdZ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d98160ecf280b3e-AMS
content-type
text/html; charset=UTF-8
date
Mon, 19 Jun 2023 01:44:19 GMT
location
/blog/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSpeaD%2FIACm49MndVNPp%2FofsIkdLEOt6IcSCQwwwVN3POaMG3Ghnm4UsFRI9%2FbILY7IKr6Bu71wCi%2BhzDxCtZXK1SKmNDhq2EyiSz%2Bs6DNKhx8g5oiqJxoJAEhBuVcPD%2BzvuswUfJuc2oNb%2Fkbozmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
newsletter-popup.e7b3ff0e.js
www.thegamer.com/public/build/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/newsletter-popup.e7b3ff0e.js
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bd588f338804d52bb4b2da080d43a604fea9a8bc397b23377c1a903ba80e387f
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
W/"648cbfb4-164a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
expires
Tue, 18 Jun 2024 01:44:19 GMT
pjimage-16-2.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/pjimage-16-2.jpg?q=50&fit=contain&w=1140&h=570&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e24826b79dd8d6027c75dcb429dedd26bf976b9b50d8371efb929f80e7d14e7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
HIT
age
99008
content-disposition
inline; filename="pjimage-16-2.avif"
alt-svc
h3=":443"; ma=86400
content-length
27833
x-request-id
3ZigYqPfH2Kax78eAB-eQ
server
cloudflare
etag
"V7mkl9OdJMEOV-5MCPNX8UP2qO65-T6lujgSnSsIq68/RIndBVF9KSk1TWU91WDg1MVA4bTZaWFEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d9816118eb1b8eb-AMS
expires
Sun, 16 Jun 2024 22:14:11 GMT
rajdhani-regular.woff2
www.thegamer.com/public/build/fonts/rajdhani/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/rajdhani/rajdhani-regular.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
559b43f7beabc7c03b99de9f0820c720b5e6c8ae68867d0c90cfee83d52b7f45
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14980
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-3a84"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Tue, 18 Jun 2024 01:44:19 GMT
rajdhani-bold.woff2
www.thegamer.com/public/build/fonts/rajdhani/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/rajdhani/rajdhani-bold.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c886e7ce6980565f56761a4e921edd13df2fa16deb88a13f4e2f2500d0ca5a82
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15716
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-3d64"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Tue, 18 Jun 2024 01:44:19 GMT
roboto-regular_.woff2
www.thegamer.com/public/build/fonts/roboto/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/roboto/roboto-regular_.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3bcf9f5dd1769dbd241485b17788201d9d8d53f5ab2bb2f89a94ae12f154740c
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
18988
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-4a2c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Tue, 18 Jun 2024 01:44:19 GMT
roboto-bold_.woff2
www.thegamer.com/public/build/fonts/roboto/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/roboto/roboto-bold_.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
15dcef640cac0fe6f9f5006624cdc828b1ae6292b618aece6607c9952a6ae1cf
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
19076
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-4a84"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Tue, 18 Jun 2024 01:44:19 GMT
icomoon.woff2
www.thegamer.com/public/build/fonts/icons/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/icons/icomoon.woff2?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15888
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-3e10"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Tue, 18 Jun 2024 01:44:19 GMT
icomoon.woff
www.thegamer.com/public/build/fonts/icons/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/icons/icomoon.woff?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
31216
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-79f0"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Tue, 18 Jun 2024 01:44:19 GMT
article-regular.a5aa35cd.css
valopromotion.com/blog/files/ 		322 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/article-regular.a5aa35cd.css
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c95380ef7e6fbda4146e9b208c2d78ef32be34c1c147757edb6099fc3e6dd3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 07 Jun 2023 06:42:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"648026ec-508aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqRUQhB5EVHQfp%2FSAb7c%2FWGBlUbruZOjD4qy7zaf%2FBpLGfow4g31TjYtj%2FNi9RMPOKE4Z8nqpqXQPBmmxpKgfgk55Z%2FTD%2F7Gbn8N%2FiMV%2B%2FF9iISZ1126FEwtSn8mpOIXubVjLtl8y%2BV9B214mb7BzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7d9816110b2e1e89-AMS
alt-svc
h3=":443"; ma=86400
css
valopromotion.com/blog/files/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/css
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"648026ed-455"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9pRrAh1FgYfW7Zro8nhZh4V6mmyn5CmLbaG5gxY3VTMb%2Fwj2qOqDANFxd0sh2pHpn38h0N73HQ3SCJq2zaq70qEtPR4U2Hkxw2QheYVhBi0O2rs%2FUyDisGmjOSmw%2BaiZxBb2LZtoH%2FA6Cfw5k%2F6xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d9816110b2f1e89-AMS
alt-svc
h3=":443"; ma=86400
content-length
1109
tg-logo-full-colored-light.svg
valopromotion.com/blog/files/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://valopromotion.com/blog/files/tg-logo-full-colored-light.svg
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f136be1c736721a3a258ffed1d6870f3b87cf1266c7ac43cc61250ed117637a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"648026ed-bbb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVn%2FbM36a70ATMMFSy5DOwW474TLXDTCZkjFmZKKMwYRzh0BTvt2nRHxQM%2BKZVh2iYAswABcFL5enIeE5wPZIdAvswyFE0T7YwdU%2BKT3SfwHJZYER9NoTjSYtn5w8AH%2BnDA2220ZkLI9bXPj2IKPYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7d9816112b361e89-AMS
alt-svc
h3=":443"; ma=86400
Valorant.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b64d1c3350c7857821888624135a8d45fcb9c8834662a7baa63a652c018ad75d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
HIT
age
99008
content-disposition
inline; filename="Valorant.avif"
alt-svc
h3=":443"; ma=86400
content-length
40609
x-request-id
WMe98Axf_jGZbCe1YLE39
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIjdqc0RHUllwc0FtN2JGTTNvTlF2TWci"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d9816118eb2b8eb-AMS
expires
Sun, 16 Jun 2024 22:14:11 GMT
Valorant-1.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-1.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce45860ca3759528116c6a0f1a858eef24eb15b7bc96b67b869c1b126e14468

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
HIT
age
99008
content-disposition
inline; filename="Valorant-1.avif"
alt-svc
h3=":443"; ma=86400
content-length
28970
x-request-id
LUQ7bii9EBMeEymGlPiYw
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIlZPWkxtSC1jNnAyV0hHT1lGbnpmLUEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d9816118eb4b8eb-AMS
expires
Sun, 16 Jun 2024 22:14:11 GMT
Valorant-2.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-2.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e866f910c86828f62271e792fbb1024938453fe60d38f3a74586cdb8c51b60a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
HIT
age
99008
content-disposition
inline; filename="Valorant-2.avif"
alt-svc
h3=":443"; ma=86400
content-length
32122
x-request-id
soPCDs2Tep7lEZzGK7UJZ
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIjFtNmxUU1RBQkRFVF9MSTdRamttMlEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d9816118eb6b8eb-AMS
expires
Sun, 16 Jun 2024 22:00:49 GMT
Valorant-3.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-3.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af104fe80a7951752cbc52101ac6bb04f7097c0d1d9b603ef27330a46fd17ae4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
HIT
age
99008
content-disposition
inline; filename="Valorant-3.avif"
alt-svc
h3=":443"; ma=86400
content-length
14205
x-request-id
KD89V-D1PixWYQ3AZvU4V
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIkFUZ0JKdk45MllReDU4NURKSUNqWlEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d9816118eb7b8eb-AMS
expires
Sun, 16 Jun 2024 22:14:11 GMT
Valorant-4.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-4.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2e63f2470ca2324513755bcf8f91b7c1843c3b4b35b2745cd7fabc52772c3b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
HIT
age
99008
content-disposition
inline; filename="Valorant-4.avif"
alt-svc
h3=":443"; ma=86400
content-length
18624
x-request-id
2emSr_b5VUc1dbioQe3jm
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIkxvQjVoMG5OMThQay1Ybkw4SXhSdVEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d9816118eb8b8eb-AMS
expires
Sun, 16 Jun 2024 22:14:11 GMT
zodiac-signs-and-demons-of-d4-mephisto-lilith-bhaal.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/zodiac-signs-and-demons-of-d4-mephisto-lilith-bhaal.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c481601926be6ed26d5b22eb4c499563ba4d571e353a8ebdcea53dd44412f5da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
HIT
age
99008
content-disposition
inline; filename="zodiac-signs-and-demons-of-d4-mephisto-lilith-bhaal.avif"
alt-svc
h3=":443"; ma=86400
content-length
4919
x-request-id
WwCYa6irh4izzuR_27V5c
server
cloudflare
etag
"ao_7tkgpsvxXqrDCYD3jjKL1cTnKiThhkUHqCjFtNJQ/RIjR5M3RMWEp6RHF4eGhrdjNtTFJBSHci"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d981611aec9b8eb-AMS
expires
Sun, 16 Jun 2024 22:14:11 GMT
june-spotlight-hour-featured-image.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/june-spotlight-hour-featured-image.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b779b139e8c9473f93b75c093a32afeabfc4fd29a6415be4ea59cc8c4147b07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
HIT
age
99008
content-disposition
inline; filename="june-spotlight-hour-featured-image.avif"
alt-svc
h3=":443"; ma=86400
content-length
6626
x-request-id
puh9Kl7LG11rCICc1t0BK
server
cloudflare
etag
"ao_7tkgpsvxXqrDCYD3jjKL1cTnKiThhkUHqCjFtNJQ/RIlVRZnpieC1BdFlYYklqWnI0S0lTRVEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d981611aeccb8eb-AMS
expires
Sun, 16 Jun 2024 22:14:11 GMT
diablo-4-altar-of-lilith.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/diablo-4-altar-of-lilith.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20d10126b236125f98acd3f319d110cd0b3ba01c4123cf553fb979ef07633e92

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
HIT
age
99008
content-disposition
inline; filename="diablo-4-altar-of-lilith.avif"
alt-svc
h3=":443"; ma=86400
content-length
8704
x-request-id
e37bysgew4lXQqz5N3rzm
server
cloudflare
etag
"ao_7tkgpsvxXqrDCYD3jjKL1cTnKiThhkUHqCjFtNJQ/RIlFMOUtKcG85YXhfN0I2WnBFUWdIZVEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d981611bed0b8eb-AMS
expires
Sun, 16 Jun 2024 22:14:11 GMT
email-decode.min.js
valopromotion.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Jun 2023 10:17:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"648ae541-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPuu%2BcuDVvScFMg4Vg0%2B5CUcSGKgJ6S%2B12vfdiKO1t5vnq2bmjiszaob0s9k%2B3OihCPeE9FUfH4WVXFrepsBkZjNqU1RP%2Fd2YvRv%2BI9o6RKHRGGAv0TINivp%2FrK57ixrnXa6lXvQ20dMOMIPXmznsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7d9816112b381e89-AMS
expires
Wed, 21 Jun 2023 01:44:19 GMT
oPS.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
valopromotion.com/blog/files/ 		108 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/oPS.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e47ba52cdf6b89d811f5f499336136c66b4e68d43ba178fcc8563e081306e01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"648026ed-1affb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcSOmCdxYu8c7d8JZsNkkHn5boGhDfFB850GdYL2uAexKmcH8y%2FC3nodIfnaMeFW1ZtFx3P4u4TjYUD1ydDxEQVoMNa5Tz64XXDg8MnYIl6UjEji3BByzS4XE%2BUkL82xGU5c0TptPFQuLFNd62UmXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d9816112b391e89-AMS
alt-svc
h3=":443"; ma=86400
content-length
110587
primisslate.css
valopromotion.com/blog/files/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/primisslate.css
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"648026ed-469b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWfIjY7gRQxmVjPiQIZfyB8A1idoUG8h2%2FZF8c83UJ%2BdZ7nFWU8ZkV3jR%2B%2FPS4MY02OD2WMy2s3UT3id1gjeGEZX7olbfGDwXyzJdO2ZSTU%2FLgV%2FUlWchNRVnhRsNb6jMx0AFTXyCLJvNd%2BEIhgPJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7d9816112b3a1e89-AMS
alt-svc
h3=":443"; ma=86400
icomoon.woff
valopromotion.com/public/build/fonts/icons/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/icons/icomoon.woff?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7nxX7xCW9hPQQ8EsSq5MTRuki%2FiKNMI%2BPpZUeUEaeiH01eP%2F5zBdBQp1ji8cFau1r%2BW5rDnuoEdKDHA5jTWtyAZdQS%2FVucSfkXhCXlLfXVJhpA0U90aENdnzAuhRvjFH6i38SGMcbbO%2FjdGAvQC0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d981611fb6d1e89-AMS
alt-svc
h3=":443"; ma=86400
cookie-sync.html
valopromotion.com/blog/files/ Frame 65B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/cookie-sync.html
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a86bddab19afda6f9c635ca7e0d917e37affe511ae6e3c51bfbfe3589dce520c

Request headers

Referer
https://valopromotion.com/blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d9816124b7a1e89-AMS
content-encoding
br
content-type
text/html
date
Mon, 19 Jun 2023 01:44:19 GMT
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haHXGYetm9E%2Ba7Ydyo4NZ8XGGMWpb5udRj4Uk2VOWvIIl9rf%2F6S%2BtciFGtY4CYPBCMuMGm%2Bgm%2FI4dtOKdjWzGLpn2G6tPg3xKkl6OopnXyQdup3LoVuB9U8ebVDH8ocaVBf3AT5FWpC1KRfhoJVY6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
saved_resource.html
valopromotion.com/blog/files/ Frame C3AF 		152 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/saved_resource.html
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3

Request headers

Referer
https://valopromotion.com/blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d9816125b7d1e89-AMS
content-encoding
br
content-type
text/html
date
Mon, 19 Jun 2023 01:44:19 GMT
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOFyfv8rpiLZjVABdqFPdS9lADBtNBmEb9PwfQN2NoM3NWm66XjxNmgXddhbUeqe3CLOFFVi%2FblUneOBBvIlZkiRwHb99PPjJEXTNw92XW11tjQXy1MqAK6UbXy6IBdSfQoxGyh3QCeEmsxye%2FVZmg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tg-logo-full-white.fc9e742a.svg
valopromotion.com/public/build/images/ 		207 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://valopromotion.com/public/build/images/tg-logo-full-white.fc9e742a.svg
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/files/article-regular.a5aa35cd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/files/article-regular.a5aa35cd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xq5G9NDfM0lye9B4xmleSk6RNI8HQ6q4z9qhF8THbV1I3PwCSTIqQpHSB5hF4m1eDf359GjEP1rHfAado1Eh%2Fkzj%2FfqdmG1a%2FSM0A9SUcMShhlNjbkUw0LLBQsXMBEXjghOFB2ciWD1LSyQtU25A8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d9816125b7f1e89-AMS
alt-svc
h3=":443"; ma=86400
rajdhani-bold.woff2
valopromotion.com/public/build/fonts/rajdhani/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atSaygjwPwPYRM2eKrjDWNXnsLLmQxemZiE%2B2zjiFtEsI%2FBmGQLFQ9D7xZu0rIuVOtSBNqIo8A5Ae0ppN%2Fd29lfEeUipD8G1ysCekXvTqY4OP9jRmR8e%2FCWmhiQ5QBU0GksVop2J0E1A191bGtCIVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d9816125b801e89-AMS
alt-svc
h3=":443"; ma=86400
rajdhani-regular.woff2
valopromotion.com/public/build/fonts/rajdhani/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6F6SALRC%2F7GjxJ94gCJwfdWzqltmInmdPPJb2xyaGWXIyrKB3YJgzmbaiqgKCZz8hGn0AS%2BRaTvqAkXSwvr5aFyAzWZlcr8o3hNFRhrEDJCvZLzUsL0oLIqACcMW58D21tBpnBUwaYWv8nai31F2tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d9816125b811e89-AMS
alt-svc
h3=":443"; ma=86400
icomoon.woff2
valopromotion.com/public/build/fonts/icons/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/icons/icomoon.woff2?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuySiI7Uu3kfIMOq0Bk8OvUbte6VmBCJW4ci%2B4dgDb%2FM2TphHaZlpG8Eemq0OOXuSmKr62SoAyEG6x8ZBae3HAjMsPz5po%2BbuM5syiGmauedOxEtBoiW7lYLBppAkiB7LNL5y3iFBtyKFFn%2Fai81vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d981612cb9f1e89-AMS
alt-svc
h3=":443"; ma=86400
rajdhani-bold.woff
valopromotion.com/public/build/fonts/rajdhani/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIO0psMwfHFwUPdKo2ovQvY6J%2FmPgJ%2FXSXWZs6f13BEbjHIFPEtQDyZNn7Tg5ZjWNaaWfuY90gE3ntMMp5engoTu%2BEMbukUEhte5kjCUKOMB7s1qKgqiJz%2BYurYbXhPCmsOFCI14mzAfg%2FwifsISow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d9816131baa1e89-AMS
alt-svc
h3=":443"; ma=86400
rajdhani-regular.woff
valopromotion.com/public/build/fonts/rajdhani/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNDj6J2YRiVedDGj7URJBKnKQt7uAguEZBHPRUkdRBPhkzcag94vMSFNaKASO%2F6GgsMTii0uPWo5DR%2FBQQg9h8y3XUM3%2BMsmEANe1BfsF7xBVdwcetvj6Z5FDQLg8W2V%2BjV7ZPWKuCf2MbgTKD3vww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d9816132baf1e89-AMS
alt-svc
h3=":443"; ma=86400
cookie_sync
mbid.marfeelrev.com/ Frame 65B0 		1 KB
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mbid.marfeelrev.com/cookie_sync
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/files/cookie-sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.159.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl01.het.mrf.io
Software
istio-envoy /
Resource Hash
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d

Request headers

Referer
https://valopromotion.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
gzip
server
istio-envoy
content-type
application/json
access-control-allow-origin
https://valopromotion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
content-length
435
expires
0
icomoon.ttf
valopromotion.com/public/build/fonts/icons/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/icons/icomoon.ttf?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 01:44:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUlhhy%2FoIVz5y%2FVClH58hjfmhrrsV%2FGEMHSF%2F%2Bfo1H6r%2FgKqwFSekxOKOpG3lc2pw%2B3XQsiAGkr227njMtWfm%2BpETgl5FBpUk0xPq%2FInl6TQElnuwwu0Szq7joK42yZdH%2Fb9B3QnIxO0GEgm3vrOQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d9816136bb71e89-AMS
alt-svc
h3=":443"; ma=86400
usermatchredir
ssum.casalemedia.com/ Frame 65B0
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb=
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Jun 2023 01:44:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Jun 2023 01:44:20 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/usermatchredir?s=184550&cb=&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
prebid
rtb.openx.net/sync/ Frame 65B0 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 01:44:20 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
sync.php
pixel.rubiconproject.com/exchange/ Frame 65B0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-marfeel&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
mbid.marfeelrev.com/ Frame 65B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2834631520842884497
86 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2834631520842884497
Protocol
H2
Server
116.202.159.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl01.het.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 01:44:20 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
expires
0

Redirect headers

Date
Mon, 19 Jun 2023 01:44:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
31.204.152.150; 31.204.152.150; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b9ab6c67-d985-49ba-b2fb-d6900b5359bf
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2834631520842884497
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
mbid.marfeelrev.com/ Frame 65B0
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid...
  • https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di...
  • https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=fdadd5f7-1e9b-478c-a276-45f45a0e7258
86 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=fdadd5f7-1e9b-478c-a276-45f45a0e7258
Protocol
H2
Server
116.202.159.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl01.het.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 01:44:20 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
expires
0

Redirect headers

location
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=fdadd5f7-1e9b-478c-a276-45f45a0e7258
access-control-allow-origin
*
date
Mon, 19 Jun 2023 01:44:20 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
mbid.marfeelrev.com/ Frame 65B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2834631520842884497
86 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2834631520842884497
Protocol
H2
Server
116.202.159.137 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy02.cl01.het.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 01:44:20 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
expires
0

Redirect headers

Date
Mon, 19 Jun 2023 01:44:21 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
31.204.152.150; 31.204.152.150; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
47a3fb0e-bdcc-40ff-a2d5-256818593e69
Server
nginx/1.23.4
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2834631520842884497
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend function| opt_getSlotById function| opt_insightsAvailable function| opt_setupRefresh undefined| timeout undefined| opt_dateObj undefined| opt_month undefined| opt_day undefined| opt_year undefined| opt_today undefined| opt_activeDates undefined| p95720507 string| p95720562 number| p95720563 function| oAddDVTag_ function| oGetPageStats_ function| p95720592 function| oGetSlotRenderedLineItemIdByDivId_ function| p95720587 function| p95720584 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p95720581 function| oProdKPageViews_ function| oCheckDump_ function| oCheckProdK_ function| p95720564 function| p95720560 function| p95720617 function| p95720558 function| p95720570 function| p95720567 function| p95720565 function| p95720541 function| p95720546 function| p95720532 function| p95720531 function| p95720529 function| p95720522 function| oEnableNullChecklistener_ function| p95720574 function| p95720513 function| oPageUnload function| p95720442 function| p95720447 function| oSetDataParam function| p95720566 number| p95720432 boolean| p95720433 object| p95720434 object| p95720435 boolean| p95720436 number| p95720438 number| p95720439 object| p95720460 string| p95720502 number| p95720443 object| p95720510 string| p95720478 string| p95720479 object| p95720516 number| p95720517 boolean| p95720521 number| p95720523 boolean| p95720525 boolean| p95720575 boolean| p95720550 boolean| p95720577 boolean| oObserverChanges_ boolean| p95720576 boolean| p95720578 boolean| oAudienceListenerEnabled_ object| p95720527 string| oDevice string| p95720615 number| p95720618 string| oParentHostname_ string| oParentPathname_ boolean| p95720528 boolean| p95720530 number| p95720545 boolean| p95720547 number| p95720548 object| p95720537 object| oAdSlots_ object| otkjs boolean| p95720568 boolean| p95720569 object| optimeraInsights string| p95720579 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p95720590 object| p95720591 boolean| oEnableInfiniteScrollUrls_ boolean| p95720586 object| p95720589 object| p95720593 boolean| oHasStnVideo_ object| p95720616 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ string| p95720487 function| p95720440 string| p95720441 boolean| p95720509 boolean| p95720489 object| p95720488 number| p95720491 undefined| p95720595 undefined| p95720596 object| opbjs object| oaudLibjs object| ovpjs number| p95720490

7 Cookies

Domain/Path Name / Value
.casalemedia.com/ Name: CMID
Value: ZI.y9CMs8UVjw6bWi-FSFAAA
.casalemedia.com/ Name: CMPS
Value: 2128
.casalemedia.com/ Name: CMPRO
Value: 2128
.adnxs.com/ Name: uuid2
Value: 2834631520842884497
.360yield.com/ Name: tuuid
Value: fdadd5f7-1e9b-478c-a276-45f45a0e7258
.360yield.com/ Name: tuuid_lu
Value: 1687139060
.mbid.marfeelrev.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiMjgzNDYzMTUyMDg0Mjg4NDQ5NyIsImV4cGlyZXMiOiIyMDIzLTA3LTAzVDAxOjQ0OjIxLjA2MVoifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiZmRhZGQ1ZjctMWU5Yi00NzhjLWEyNzYtNDVmNDVhMGU3MjU4IiwiZXhwaXJlcyI6IjIwMjMtMDctMDNUMDE6NDQ6MjAuOTc0WiJ9fSwiYmRheSI6IjIwMjMtMDYtMTlUMDE6NDQ6MjAuNjkyWiJ9

16 Console Messages

Source Level URL
Text
network error URL: https://valopromotion.com/public/build/fonts/icons/icomoon.woff?v=1.3
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://valopromotion.com/blog/files/cookie-sync.html
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/images/tg-logo-full-white.fc9e742a.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/icons/icomoon.woff2?v=1.3
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/icons/icomoon.ttf?v=1.3
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://valopromotion.com/blog/
Message:
The resource https://www.thegamer.com/public/build/fonts/icons/icomoon.woff?v=1.3 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://valopromotion.com/blog/
Message:
The resource https://www.thegamer.com/public/build/fonts/roboto/roboto-regular_.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://valopromotion.com/blog/
Message:
The resource https://www.thegamer.com/public/build/newsletter-popup.e7b3ff0e.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://valopromotion.com/blog/
Message:
The resource https://www.thegamer.com/public/build/fonts/rajdhani/rajdhani-regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://valopromotion.com/blog/
Message:
The resource https://www.thegamer.com/public/build/fonts/rajdhani/rajdhani-bold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://valopromotion.com/blog/
Message:
The resource https://www.thegamer.com/public/build/fonts/icons/icomoon.woff2?v=1.3 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://valopromotion.com/blog/
Message:
The resource https://www.thegamer.com/public/build/fonts/roboto/roboto-bold_.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ib.adnxs.com
mbid.marfeelrev.com
pixel.rubiconproject.com
rtb.openx.net
ssum.casalemedia.com
static1.thegamerimages.com
valopromotion.com
www.thegamer.com
116.202.159.137
185.80.39.216
2606:4700:10::ac43:f19
2a06:98c1:3120::3
35.186.253.211
37.252.173.215
52.203.114.80
69.173.144.139
99.81.190.73
15dcef640cac0fe6f9f5006624cdc828b1ae6292b618aece6607c9952a6ae1cf
1b779b139e8c9473f93b75c093a32afeabfc4fd29a6415be4ea59cc8c4147b07
1e24826b79dd8d6027c75dcb429dedd26bf976b9b50d8371efb929f80e7d14e7
20d10126b236125f98acd3f319d110cd0b3ba01c4123cf553fb979ef07633e92
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26c95380ef7e6fbda4146e9b208c2d78ef32be34c1c147757edb6099fc3e6dd3
2c2e63f2470ca2324513755bcf8f91b7c1843c3b4b35b2745cd7fabc52772c3b
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d
3bcf9f5dd1769dbd241485b17788201d9d8d53f5ab2bb2f89a94ae12f154740c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
559b43f7beabc7c03b99de9f0820c720b5e6c8ae68867d0c90cfee83d52b7f45
6e47ba52cdf6b89d811f5f499336136c66b4e68d43ba178fcc8563e081306e01
7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23
a86bddab19afda6f9c635ca7e0d917e37affe511ae6e3c51bfbfe3589dce520c
af104fe80a7951752cbc52101ac6bb04f7097c0d1d9b603ef27330a46fd17ae4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b64d1c3350c7857821888624135a8d45fcb9c8834662a7baa63a652c018ad75d
bce45860ca3759528116c6a0f1a858eef24eb15b7bc96b67b869c1b126e14468
bd588f338804d52bb4b2da080d43a604fea9a8bc397b23377c1a903ba80e387f
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3fa34b1a1efa3de23987fb35cda599baba3f9c3bef83758449e808f5aceb748
c481601926be6ed26d5b22eb4c499563ba4d571e353a8ebdcea53dd44412f5da
c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4
c886e7ce6980565f56761a4e921edd13df2fa16deb88a13f4e2f2500d0ca5a82
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e866f910c86828f62271e792fbb1024938453fe60d38f3a74586cdb8c51b60a1
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80
f136be1c736721a3a258ffed1d6870f3b87cf1266c7ac43cc61250ed117637a1