www.valentimemachine.com
Open in
urlscan Pro
34.237.239.247
Public Scan
Effective URL: https://www.valentimemachine.com/
Submission Tags: falconsandbox
Submission: On September 18 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 5th 2021. Valid for: 3 months.
This is the only time www.valentimemachine.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-239-247.compute-1.amazonaws.com
www.valentimemachine.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-223.deploy.static.akamaitechnologies.com
assets.adobedtm.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-47-27.osl50.r.cloudfront.net
sb.scorecardresearch.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-165-55.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-28-104.eu-west-1.compute.amazonaws.com
clearchannel.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
smy.iheart.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-68-230.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-49.fra2.r.cloudfront.net
sc-static.net |
ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-243-222.eu-west-2.compute.amazonaws.com
aa.agkn.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
su.addthis.com |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com
www.facebook.com |
ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com |
ASN32748 (STEADFAST, US)
PTR: ip172.208-100-17.static.steadfastdns.net
dp2.33across.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
ml314.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-39.fra2.r.cloudfront.net
ads.scorecardresearch.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-192-231.compute-1.amazonaws.com
usermatch.krxd.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-171-193.eu-west-1.compute.amazonaws.com
beacon.krxd.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net |
ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com
tags.bluekai.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-57-53.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com |
Domain | Requested by | |
---|---|---|
18 | dpm.demdex.net |
2 redirects
www.valentimemachine.com
|
8 | www.valentimemachine.com |
1 redirects
www.valentimemachine.com
|
3 | sb.scorecardresearch.com |
1 redirects
www.valentimemachine.com
|
3 | assets.adobedtm.com |
www.valentimemachine.com
assets.adobedtm.com |
2 | sync.crwdcntrl.net | 2 redirects |
2 | trc-events.taboola.com |
cdn.taboola.com
|
2 | ps.eyeota.net | 2 redirects |
2 | ib.mookie1.com | 1 redirects |
2 | global.ib-ibi.com | 2 redirects |
2 | match.adsrvr.org | 2 redirects |
2 | cm.g.doubleclick.net | 2 redirects |
2 | www.facebook.com |
www.valentimemachine.com
|
2 | ib.adnxs.com | 2 redirects |
2 | idsync.rlcdn.com | 2 redirects |
2 | tr.snapchat.com |
www.valentimemachine.com
|
2 | connect.facebook.net |
www.valentimemachine.com
connect.facebook.net |
2 | smy.iheart.com |
assets.adobedtm.com
www.valentimemachine.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | playerservices.live.streamtheworld.com | 1 redirects |
1 | synchroscript.deliveryengine.adswizz.com | 1 redirects |
1 | tags.bluekai.com | 1 redirects |
1 | beacon.krxd.net | |
1 | usermatch.krxd.net | 1 redirects |
1 | abp.mxptint.net | 1 redirects |
1 | ads.scorecardresearch.com | 1 redirects |
1 | ml314.com | 1 redirects |
1 | dp2.33across.com | |
1 | token.rubiconproject.com | |
1 | d.turn.com | 1 redirects |
1 | su.addthis.com |
www.valentimemachine.com
|
1 | aa.agkn.com | 1 redirects |
1 | trc.taboola.com |
cdn.taboola.com
|
1 | cdn.taboola.com |
assets.adobedtm.com
|
1 | sc-static.net |
assets.adobedtm.com
|
1 | cm.everesttech.net | 1 redirects |
1 | clearchannel.demdex.net |
assets.adobedtm.com
|
1 | code.jquery.com |
www.valentimemachine.com
|
1 | fonts.googleapis.com |
www.valentimemachine.com
|
51 | 38 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
twitter.com |
wa.me |
Subject Issuer | Validity | Valid | |
---|---|---|---|
valentimemachine.com R3 |
2021-08-05 - 2021-11-03 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
*.scorecardresearch.com Amazon |
2021-02-28 - 2022-03-29 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
smy.iheart.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-04-26 - 2022-05-27 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-09-09 - 2021-12-08 |
3 months | crt.sh |
sc-static.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-11 - 2022-02-15 |
a year | crt.sh |
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-25 - 2021-12-26 |
a year | crt.sh |
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-19 - 2022-01-23 |
a year | crt.sh |
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA |
2021-04-25 - 2022-04-27 |
a year | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-30 - 2022-04-04 |
a year | crt.sh |
*.33across.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-01 - 2021-09-30 |
a year | crt.sh |
ib.mookie1.com DigiCert SHA2 High Assurance Server CA |
2019-10-07 - 2021-11-12 |
2 years | crt.sh |
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-13 - 2022-01-07 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.valentimemachine.com/
Frame ID: 2FEF3403DF18D0AD63683F419DCA161A
Requests: 31 HTTP requests in this frame
Frame:
https://clearchannel.demdex.net/dest5.html?d_nsid=0
Frame ID: 5D7C3ECD50757FCEF78AEEB90E0AABD3
Requests: 20 HTTP requests in this frame
Frame:
https://tr.snapchat.com/cm/i?pid=015fcbb1-38ea-41dc-ae3e-391a68f31a4b
Frame ID: 669DC01DFB3DBB797BB47C12A6301964
Requests: 1 HTTP requests in this frame
Frame:
https://tr.snapchat.com/p
Frame ID: 58590B12F7E2A197BA400C5D55EBE71B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
2021 Valen-Time Playlist Machine from iHeartRadioPage URL History Show full URLs
-
http://www.valentimemachine.com/
HTTP 307
https://www.valentimemachine.com/ Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
comScore (Analytics) Expand
Detected patterns
- <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
- \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.valentimemachine.com/
HTTP 307
https://www.valentimemachine.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&ts=1631933270657 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=97D902BE53295FEE0A490D4C%40AdobeOrg&d_nsid=0&ts=1631933270657
- https://sb.scorecardresearch.com/b?c1=2&c2=6036262&ns__t=1631933270743&ns_c=UTF-8&cv=3.5&c8=2021%20Valen-Time%20Playlist%20Machine%20from%20iHeartRadio&c7=https%3A%2F%2Fwww.valentimemachine.com%2F&c9= HTTP 302
- https://sb.scorecardresearch.com/b2?c1=2&c2=6036262&ns__t=1631933270743&ns_c=UTF-8&cv=3.5&c8=2021%20Valen-Time%20Playlist%20Machine%20from%20iHeartRadio&c7=https%3A%2F%2Fwww.valentimemachine.com%2F&c9=
- https://cm.everesttech.net/cm/dd?d_uuid=86132849854521846184166273251520923739 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YUVTVgAAAL-nrQQz
- https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=86132849854521846184166273251520923739 HTTP 302
- https://dpm.demdex.net/ibs:dpid=21&dpuuid=164910803913000012195
- https://idsync.rlcdn.com/365868.gif?partner_uid=86132849854521846184166273251520923739 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODYxMzI4NDk4NTQ1MjE4NDYxODQxNjYyNzMyNTE1MjA5MjM3MzkQABoNCNemlYoGEgUI6AcQAEIASgA HTTP 307
- https://dpm.demdex.net/ibs:dpid=477&dpuuid=1ce6b268c64b94154b624d09e3fe79241096151997cd4350a0b4741ab00434dab0da87c991749652
- https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
- https://dpm.demdex.net/ibs:dpid=358&dpuuid=5908971382625476929
- https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=470&dpuuid=9144708991230995580
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODYxMzI4NDk4NTQ1MjE4NDYxODQxNjYyNzMyNTE1MjA5MjM3Mzk= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODYxMzI4NDk4NTQ1MjE4NDYxODQxNjYyNzMyNTE1MjA5MjM3Mzk=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOynMEsskQQBXLcQ3vONN78&google_cver=1?gdpr=0&gdpr_consent=
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
- https://dpm.demdex.net/ibs:dpid=903&dpuuid=c34a7422-8242-4030-bebb-6f1ba1fc7be8
- https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=86132849854521846184166273251520923739 HTTP 302
- https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=86132849854521846184166273251520923739 HTTP 302
- https://dpm.demdex.net/ibs:dpid=285689&dpuuid=86132849854521846184166273251520923739&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D HTTP 302
- https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=86132849854521846184166273251520923739 HTTP 302
- https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=86132849854521846184166273251520923739
- https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
- https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3621668592543596557
- https://ps.eyeota.net/match?bid=6j5b2cv&uid=86132849854521846184166273251520923739&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
- https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=86132849854521846184166273251520923739&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2-cPag8-j2dLQPJkeXzw5jZTA8Av4O2EQd-q6uZIFI_Y
- https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=86132849854521846184166273251520923739&rn=1631933270835&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D86132849854521846184166273251520923739 HTTP 302
- https://dpm.demdex.net/ibs:dpid=73426&dpuuid=86132849854521846184166273251520923739
- https://abp.mxptint.net/sn.ashx HTTP 302
- https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_E39586D1_1DC655F6F&redir=https://abp.mxptint.net/sn.ashx?ak=1
- https://usermatch.krxd.net/um/v2?partner=adobe&id=86132849854521846184166273251520923739 HTTP 302
- https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=86132849854521846184166273251520923739
- https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=86132849854521846184166273251520923739?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=86132849854521846184166273251520923739?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://dpm.demdex.net/ibs:dpid=121998&dpuuid=61c68b8145c04f096c768f89ac01f99c
- https://tags.bluekai.com/site/43981?id=86132849854521846184166273251520923739&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
- https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
- https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=175765&dpuuid=adfe553d9597d059ea345b2ef1fd754d
- https://playerservices.live.streamtheworld.com/api/getuuid?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D963840%26dpuuid%3D%40UUID%40 HTTP 302
- https://dpm.demdex.net/ibs:dpid=963840&dpuuid=8dcd6e24-5e25-442a-9e85-62318d837645
51 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.valentimemachine.com/ Redirect Chain
|
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.min.css
www.valentimemachine.com/css/ |
18 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-38c7b1e4b1bb3e0378e82d10601662aebfb04eda.js
assets.adobedtm.com/98de9919e92a38033805f9f035c43198533e4380/ |
123 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow.svg
www.valentimemachine.com/img/ |
338 B 986 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
radio.svg
www.valentimemachine.com/img/ |
19 KB 20 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.min.js
www.valentimemachine.com/js/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.js
sb.scorecardresearch.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
peeps.svg
www.valentimemachine.com/img/ |
20 KB 21 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hearts.svg
www.valentimemachine.com/img/ |
62 KB 62 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e3t4euO8T-267oIAQAu6jDQyK3nVivM.woff2
fonts.gstatic.com/s/pressstart2p/v9/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TUZ3zwprpvBS1izr_vOMscGKfrUC.woff2
fonts.gstatic.com/s/amaticsc/v16/ |
25 KB 25 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
64 B 329 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
clearchannel.demdex.net/ Frame 5D7C |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
smy.iheart.com/ |
48 B 513 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YUVTVgAAAL-nrQQz
dpm.demdex.net/ Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5df7eee764746d4eee000ea7.js
assets.adobedtm.com/98de9919e92a38033805f9f035c43198533e4380/scripts/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-132757d6aa7af28d56197948120e5082d9a15d23.js
assets.adobedtm.com/98de9919e92a38033805f9f035c43198533e4380/ |
36 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scevent.min.js
sc-static.net/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tfa.js
cdn.taboola.com/libtrc/unip/1148923/ |
74 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
270798540384083
connect.facebook.net/signals/config/ |
306 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
trc.taboola.com/1148923/trc/3/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s45275332253394
smy.iheart.com/b/ss/cccorporate55/1/JS-2.17.0-D7QN/ |
43 B 222 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i
tr.snapchat.com/cm/ Frame 669D |
0 262 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
tr.snapchat.com/ Frame 5859 |
0 207 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=21&dpuuid=164910803913000012195
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usync
su.addthis.com/red/ Frame 5D7C |
0 95 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=477&dpuuid=1ce6b268c64b94154b624d09e3fe79241096151997cd4350a0b4741ab00434dab0da87c991749652
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=358&dpuuid=5908971382625476929
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=470&dpuuid=9144708991230995580
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 313 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
token
token.rubiconproject.com/ Frame 5D7C |
0 214 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
dp2.33across.com/ps/ Frame 5D7C |
0 68 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEOynMEsskQQBXLcQ3vONN78&google_cver=1
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=903&dpuuid=c34a7422-8242-4030-bebb-6f1ba1fc7be8
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.sbxx
ib.mookie1.com/ Frame 5D7C Redirect Chain
|
120 B 925 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=22052&dpuuid=3621668592543596557
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=30064&dpuuid=2-cPag8-j2dLQPJkeXzw5jZTA8Av4O2EQd-q6uZIFI_Y
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=73426&dpuuid=86132849854521846184166273251520923739
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sn.ashx
dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_E39586D1_1DC655F6F&redir=https://abp.mxptint.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame 5D7C Redirect Chain
|
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1148923/log/3/ |
0 253 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=121998&dpuuid=61c68b8145c04f096c768f89ac01f99c
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 963 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=175765&dpuuid=adfe553d9597d059ea345b2ef1fd754d
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=963840&dpuuid=8dcd6e24-5e25-442a-9e85-62318d837645
dpm.demdex.net/ Frame 5D7C Redirect Chain
|
42 B 945 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unip
trc-events.taboola.com/1148923/log/3/ |
0 252 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| _comscore object| analyticsData function| e function| Visitor object| _satellite object| s_c_il number| s_c_in function| udm_ object| ns_p object| COMSCORE function| change_hash function| scrollToAnchor function| getPlaylists function| fbq function| _fbq number| lenCookie function| invokeAnalyticsVendorBeacons function| snaptr object| r object| _tfa function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError boolean| triedToSendCookieToNative object| WebJSBridge object| s_i_cccorporate5533 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sc-static.net/scevent.min.js | Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e |
|
.scorecardresearch.com/ | Name: UID Value: 1E6HUGTGHEQFVSXBYIJTVVg1631933271 |
|
.demdex.net/ | Name: demdex Value: 86132849854521846184166273251520923739 |
|
.valentimemachine.com/ | Name: AMCVS_97D902BE53295FEE0A490D4C%40AdobeOrg Value: 1 |
|
.valentimemachine.com/ | Name: s_cc Value: true |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YUVTVgAAAL-nrQQz |
|
.valentimemachine.com/ | Name: _scid Value: 3c4e5c62-7451-4055-b695-d1498a65a681 |
|
.dpm.demdex.net/ | Name: dpm Value: 86132849854521846184166273251520923739 |
|
.valentimemachine.com/ | Name: AMCV_97D902BE53295FEE0A490D4C%40AdobeOrg Value: -1303530583%7CMCIDTS%7C18889%7CMCMID%7C87801677707340908753999326677950322186%7CMCAAMLH-1632538070%7C6%7CMCAAMB-1632538070%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1631940470s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18896%7CvVersion%7C3.3.0 |
|
.snapchat.com/ | Name: sc_at Value: v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItImJiB54jKFRxvaxcxaz9xJGUyUoL+hJrLCzH2yW7QsMyGa+sHUC2xUTIAAAA= |
|
.agkn.com/ | Name: ab Value: 0001%3A6NjoiMO1jt8MK2GtonrbJonD%2FLR2Q1XP |
|
.rlcdn.com/ | Name: rlas3 Value: eHN1mhka7PoeqUQwUfvpESyPOggbDG4Aj3+6o3t1xJg= |
|
.rlcdn.com/ | Name: pxrc Value: CNemlYoGEgUI6AcQABIGCPHrARAA |
|
.adnxs.com/ | Name: uuid2 Value: 5908971382625476929 |
|
.valentimemachine.com/ | Name: _fbp Value: fb.1.1631933271488.1984607175 |
|
.turn.com/ | Name: uid Value: 9144708991230995580 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnngFfR9qEw0kaByjXFgQLIBtL96NyvztaTz4teqkCUFV917KZFdaX5xQ6zNXw |
|
.adsrvr.org/ | Name: TDID Value: c34a7422-8242-4030-bebb-6f1ba1fc7be8 |
|
.adsrvr.org/ | Name: TDCPM Value: CAESEgoDYWFtEgsIqq7F25eW_TkQBRgFIAEoAjILCOilmYiulv05EAU4AQ.. |
|
.eyeota.net/ | Name: mako_uid Value: 17bf6cd9079-16b40000010f491a |
|
.eyeota.net/ | Name: SERVERID Value: 18714~DM |
|
global.ib-ibi.com/ | Name: ASP.NET_SessionId Value: jth3zfdgyj3grhz4hakigqf0 |
|
.crwdcntrl.net/ | Name: _cc_dc Value: 1 |
|
.crwdcntrl.net/ | Name: _cc_id Value: 61c68b8145c04f096c768f89ac01f99c |
|
.crwdcntrl.net/ | Name: _cc_cc Value: "ACZ4XmNQMDNMNrNIsjA0MU02MEkzsDRLNjezSLOwTEw2MEyztExmAIJE1%2BAIEA0FAEClCek%3D" |
|
.crwdcntrl.net/ | Name: _cc_aud Value: "ABR4XmNgYGBIdA2OAFJQAAAQjQFS" |
|
.demdex.net/ | Name: dextp Value: 21-1-1631933271024|420-1-1631933271125|60-1-1631933271226|358-1-1631933271327|470-1-1631933271427|481-1-1631933271528|601-1-1631933271629|771-1-1631933271730|903-1-1631933271831|2299-1-1631933271931|22052-1-1631933272032|30064-1-1631933272133|73426-1-1631933272234|75557-1-1631933272335|66757-1-1631933272436|121998-1-1631933272536|134096-1-1631933272637|175765-1-1631933272738|963840-1-1631933272839 |
|
.mxptint.net/ | Name: mxpim Value: R1B341_E39586D1_1DC655F6F.1.0000000000000000000000000000000000000000000000000000000061455358 |
|
.krxd.net/ | Name: _kuid_ Value: OXlX0zs4 |
|
.live.streamtheworld.com/ | Name: uuid-s Value: 8dcd6e24-5e25-442a-9e85-62318d837645 |
|
ib.mookie1.com/ | Name: ASP.NET_SessionId Value: gbkn0ner2lezvfq1rd2jszlt |
|
.ib.mookie1.com/ | Name: ibkukiuno Value: s=e68d3abd-6221-4602-8cb6-98a4e3807207&h=&v=9750203675&l=-8585696735925197422&op=&hl=0&vlu=3&tcs=1&dcc=-8585696735923304664 |
|
.ib.mookie1.com/ | Name: ibkukinet Value: 3632493104=-8585696735925197422&3632493104=-8585696735925197422 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aa.agkn.com
abp.mxptint.net
ads.scorecardresearch.com
assets.adobedtm.com
beacon.krxd.net
cdn.taboola.com
clearchannel.demdex.net
cm.everesttech.net
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.turn.com
dp2.33across.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
ib.adnxs.com
ib.mookie1.com
idsync.rlcdn.com
match.adsrvr.org
ml314.com
playerservices.live.streamtheworld.com
ps.eyeota.net
sb.scorecardresearch.com
sc-static.net
smy.iheart.com
su.addthis.com
sync.crwdcntrl.net
synchroscript.deliveryengine.adswizz.com
tags.bluekai.com
token.rubiconproject.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
usermatch.krxd.net
www.facebook.com
www.valentimemachine.com
104.75.88.126
104.90.192.27
107.20.192.231
13.225.78.39
13.225.78.49
13.36.218.177
141.226.228.48
142.250.185.194
142.250.185.202
142.250.74.195
143.204.47.27
151.101.1.44
18.200.165.55
18.203.57.53
185.33.220.145
185.60.216.19
192.173.29.77
2.21.141.223
204.2.255.224
208.100.17.172
3.8.243.222
31.13.92.36
34.237.239.247
35.186.226.184
35.244.174.68
46.228.164.13
52.208.28.104
52.57.150.20
54.194.226.253
54.229.143.145
54.75.68.230
54.77.171.193
64.58.232.179
69.16.175.42
69.169.86.39
69.173.144.138
76.223.111.131
0ebc98833e016145f284909f23e1ed94b58b07899d6fe98e09a2df95e90323a0
10262a7c2a3581c77805325dcdc244148c80d70dec7d764cca4eca90b2839555
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
286b036ee1f257d57b16656dd0a816c90ab31e0ea65f2d5fac18d65256558f37
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
501a183e2643acb9506cea517051e94b936421acef7f0890e4aa4cdb3ec1149b
54110d2d4924f6f779d4de987c632603ca7d19bd85cfa952893015d8645bfa90
6f7c82862519e526ebb34df4ef6c15ac6cb55a732f3bc162ddd46ef1a5db3576
79eec2c3de1bc857f71a107bd2bba7067bd2c7556bb27969c7ec8fc899d815e4
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8f6004d8c83b76303a581a6ca19a9bcbdc333b5d8b7ad44d37210dc8c8308fe9
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
a97929707c2110fb46a060e222a397e56215cff56e896f08b75ea42092d465a5
af480221af30a89d9aadbbde3d832f36616962c8ce3ed5903e742be614f514e7
b0c1c68746c01126787127aa2165bdb2ed32797430bc444bfc1fc91be01e5887
b48eb0741c8596e060254c01b2ecfaf6bcb05015991c04e0f2f5f18916f5b271
b527f3ed59f48345843451af9538a9747be08f120299ca888000d45257f1711e
c904550c21d82287255203d4dde45e4ff35f67a6841d32c33b804eaa690e897a
d924ad074e853fc66219d47bd9e33d4973a101e95a6566ab76346f7f55d413a6
db8a7d25b5c69ba61dd05ac5fddd07c4611d8f8af7eb869c9e244d29a8a82f01
dcdd195dca0f05884e3ccc468da91ce025f73c2a2fbf5fd9a8f82d2271f68622
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c2a75f98fb7611ced44ec72732a94af5500b4013cb8c2ef80a8f58d299c61b
e971251105e976a697d4a8ad119732c99b2cdf034d4d267940d52c261dce81b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa0c931923e10a0adafd0122ca707f6555ad3949a6b00afa03e4b79839f0bc0