urlscan.io logo urlscan.io
SecurityTrails logo

valopromotion.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://valopromotion.com/
Effective URL: https://valopromotion.com/blog/
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 18 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 40 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is valopromotion.com.
TLS certificate: Issued by E1 on June 12th 2023. Valid for: 3 months.
This is the only time valopromotion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 19 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 52.203.114.80 14618 (AMAZON-AES)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
4 138.201.57.250 24940 (HETZNER-AS)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 35.227.252.103 15169 (GOOGLE)
1 69.173.144.165 26667 (RUBICONPR...)
3 3 185.89.210.212 29990 (ASN-APPNEX)
2 2 54.155.4.234 16509 (AMAZON-02)
40 7
19    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
valopromotion.com
7    52.203.114.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-114-80.compute-1.amazonaws.com
www.thegamer.com
9    2606:4700:10::ac43:f19 (United States)

ASN13335 (CLOUDFLARENET, US)
static1.thegamerimages.com
4    138.201.57.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: worker01a.cl05.het.mrf.io
mbid.marfeelrev.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum.casalemedia.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    54.155.4.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-4-234.eu-west-1.compute.amazonaws.com
ad.360yield.com
Apex Domain
Subdomains		 Transfer
19 valopromotion.com
valopromotion.com
188 KB
9 thegamerimages.com
static1.thegamerimages.com — Cisco Umbrella Rank: 112396
180 KB
7 thegamer.com
www.thegamer.com — Cisco Umbrella Rank: 50742
119 KB
4 marfeelrev.com
mbid.marfeelrev.com — Cisco Umbrella Rank: 20310
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 249
3 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 662
748 B
2 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1386
1 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
239 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1042
245 B
40 9
Domain Requested by
19 valopromotion.com 2 redirects valopromotion.com
9 static1.thegamerimages.com valopromotion.com
7 www.thegamer.com valopromotion.com
4 mbid.marfeelrev.com valopromotion.com
3 ib.adnxs.com 3 redirects
2 ad.360yield.com 2 redirects
2 ssum.casalemedia.com 1 redirects
1 pixel.rubiconproject.com
1 rtb.openx.net
40 9

This site contains no links.

Subject Issuer Validity Valid
valopromotion.com
E1		 2023-06-12 -
2023-09-10		 3 months crt.sh
thegamer.com
R3		 2023-06-15 -
2023-09-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-29 -
2024-04-28		 a year crt.sh
ssl02.cert.cl01.k8s.mrf.io
R3		 2023-06-01 -
2023-08-30		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh

This page contains 3 frames:

Primary Page: https://valopromotion.com/blog/
Frame ID: B9E955AE69F9CA46D569449A068B2FC0
Requests: 31 HTTP requests in this frame

Frame: https://valopromotion.com/blog/files/cookie-sync.html
Frame ID: 788FDD4838B3067C8DBEE48918E03B0B
Requests: 8 HTTP requests in this frame

Frame: https://valopromotion.com/blog/files/saved_resource.html
Frame ID: 16D8078C5D8D29EE14B1A903F256D5F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Valorant: Complete Beginner's Guide

Page URL History Show full URLs

  1. http://valopromotion.com/ HTTP 301
    https://valopromotion.com/ HTTP 302
    https://valopromotion.com/blog/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

40
Requests

90 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

7
IPs

4
Countries

490 kB
Transfer

882 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://valopromotion.com/ HTTP 301
    https://valopromotion.com/ HTTP 302
    https://valopromotion.com/blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb= HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Request Chain 36
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2754993900317749206
Request Chain 37
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=05478697-e4ea-4bb5-b8b4-7068ca39b9d2
Request Chain 38
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2754993900317749206

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
valopromotion.com/blog/
Redirect Chain
  • http://valopromotion.com/
  • https://valopromotion.com/
  • https://valopromotion.com/blog/
124 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f77f0e9166039a48f1bc672927d3c055b7f70e9e8cc01961155835c31db1cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d8f6e87b8bc1953-FRA
content-encoding
br
content-type
text/html
date
Sun, 18 Jun 2023 00:31:51 GMT
last-modified
Sat, 17 Jun 2023 19:58:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LilxzMJLU6T%2Bns68gDfDC3FQGeFTyZnjYpVb9ynn74CvlrWk1YVBn1uIrAtWbjh83gzEwpu37kgswlV0yOuLmZntFK1jErocYrzfrnUZSszA5Ttz0J0qEPxwoaQ4w%2FoIn9AKyllzOWtb3Sc9W7sIPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d8f6e8728461953-FRA
content-type
text/html; charset=UTF-8
date
Sun, 18 Jun 2023 00:31:50 GMT
location
/blog/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLFHDpk6r0ORMiMXpUVUGBWU78MXL%2BdWzrP63bj%2FIZmbQojlvFbF23BtELi9rpL%2F1aKxtfNZ21QOGeSsB5X%2Flb9da%2F6CWPgCN8BY%2BHPZAkSAv53DDj3uIJ0SZjM08TrzU0mcpU061PFN5RMT4LZgAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
newsletter-popup.e7b3ff0e.js
www.thegamer.com/public/build/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/newsletter-popup.e7b3ff0e.js
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bd588f338804d52bb4b2da080d43a604fea9a8bc397b23377c1a903ba80e387f
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
W/"648cbfb4-164a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, max-age=31536000, public
expires
Mon, 17 Jun 2024 00:31:51 GMT
pjimage-16-2.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/pjimage-16-2.jpg?q=50&fit=contain&w=1140&h=570&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e24826b79dd8d6027c75dcb429dedd26bf976b9b50d8371efb929f80e7d14e7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
MISS
content-disposition
inline; filename="pjimage-16-2.avif"
alt-svc
h3=":443"; ma=86400
content-length
27833
x-request-id
77CVVy_x2vv8SY4CaN3qs
server
cloudflare
etag
"V7mkl9OdJMEOV-5MCPNX8UP2qO65-T6lujgSnSsIq68/RIndBVF9KSk1TWU91WDg1MVA4bTZaWFEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d8f6e88ad3a9be0-FRA
expires
Mon, 17 Jun 2024 00:31:51 GMT
rajdhani-regular.woff2
www.thegamer.com/public/build/fonts/rajdhani/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/rajdhani/rajdhani-regular.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
559b43f7beabc7c03b99de9f0820c720b5e6c8ae68867d0c90cfee83d52b7f45
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14980
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-3a84"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Mon, 17 Jun 2024 00:31:51 GMT
rajdhani-bold.woff2
www.thegamer.com/public/build/fonts/rajdhani/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/rajdhani/rajdhani-bold.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c886e7ce6980565f56761a4e921edd13df2fa16deb88a13f4e2f2500d0ca5a82
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15716
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-3d64"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Mon, 17 Jun 2024 00:31:51 GMT
roboto-regular_.woff2
www.thegamer.com/public/build/fonts/roboto/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/roboto/roboto-regular_.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3bcf9f5dd1769dbd241485b17788201d9d8d53f5ab2bb2f89a94ae12f154740c
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
18988
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-4a2c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Mon, 17 Jun 2024 00:31:51 GMT
roboto-bold_.woff2
www.thegamer.com/public/build/fonts/roboto/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/roboto/roboto-bold_.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
15dcef640cac0fe6f9f5006624cdc828b1ae6292b618aece6607c9952a6ae1cf
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
19076
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-4a84"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Mon, 17 Jun 2024 00:31:51 GMT
icomoon.woff2
www.thegamer.com/public/build/fonts/icons/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/icons/icomoon.woff2?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15888
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-3e10"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Mon, 17 Jun 2024 00:31:51 GMT
icomoon.woff
www.thegamer.com/public/build/fonts/icons/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thegamer.com/public/build/fonts/icons/icomoon.woff?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.114.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-114-80.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://valopromotion.com/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
31216
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Jun 2023 20:01:56 GMT
server
nginx
etag
"648cbfb4-79f0"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, max-age=31536000, public
accept-ranges
bytes
expires
Mon, 17 Jun 2024 00:31:51 GMT
article-regular.a5aa35cd.css
valopromotion.com/blog/files/ 		322 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/article-regular.a5aa35cd.css
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c95380ef7e6fbda4146e9b208c2d78ef32be34c1c147757edb6099fc3e6dd3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 06:42:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5243
etag
W/"648026ec-508aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkZr3y0t8ZmC6zMyThKWS9r07eckUnFmLPY6LEb83u6MnS5oGUlDq5Kk1HVAFIPQ0OOAAI7pZuihnEZ4P3kUEEgAoNqxyMDjJJrlrRCdUgszIaKA0Fb1lOFqIt%2FMtgrkgrIyf9uFrJm17diqHe%2BgiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7d8f6e8819081953-FRA
alt-svc
h3=":443"; ma=86400
css
valopromotion.com/blog/files/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/css
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"648026ed-455"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4JaSVbO0BZ5bywZvFbCN8vL%2FcYMMK6xodO1KeO62AM4Dha94jmtcWYS12r2MrwxyUqzWVgYJHp1zz%2FgJbk8nzcYKywHWlAjtAL132KS%2FtigO673osUACBwSu6Fjbp96HY%2FNJZQkQT%2FW4gDnH9dIbXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d8f6e88190a1953-FRA
alt-svc
h3=":443"; ma=86400
content-length
1109
tg-logo-full-colored-light.svg
valopromotion.com/blog/files/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://valopromotion.com/blog/files/tg-logo-full-colored-light.svg
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f136be1c736721a3a258ffed1d6870f3b87cf1266c7ac43cc61250ed117637a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5243
etag
W/"648026ed-bbb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzeBfXbkYTi5FvTaG3oRetVrtAGooSN%2BMYYd5Ik2fLEcnIfSNNPwn8kde1HNdkOiQioiWNtm52LnPx1ELlYpxzPQbQOKmbiKs1QY44Js9WkNok0ZxoeNFaiWNNcXO38qxhB6ro%2FgrQPEhweuhdeq7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7d8f6e8829241953-FRA
alt-svc
h3=":443"; ma=86400
Valorant.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b64d1c3350c7857821888624135a8d45fcb9c8834662a7baa63a652c018ad75d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
MISS
content-disposition
inline; filename="Valorant.avif"
alt-svc
h3=":443"; ma=86400
content-length
40609
x-request-id
b6Tjmi3AbBpyW-YtzoPSN
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIjdqc0RHUllwc0FtN2JGTTNvTlF2TWci"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d8f6e88ad419be0-FRA
expires
Mon, 17 Jun 2024 00:31:51 GMT
Valorant-1.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-1.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce45860ca3759528116c6a0f1a858eef24eb15b7bc96b67b869c1b126e14468

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
MISS
content-disposition
inline; filename="Valorant-1.avif"
alt-svc
h3=":443"; ma=86400
content-length
28970
x-request-id
HRwlc375MjKIQjbuoCzwE
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIlZPWkxtSC1jNnAyV0hHT1lGbnpmLUEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d8f6e88ad3f9be0-FRA
expires
Mon, 17 Jun 2024 00:31:51 GMT
Valorant-2.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-2.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e866f910c86828f62271e792fbb1024938453fe60d38f3a74586cdb8c51b60a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
MISS
content-disposition
inline; filename="Valorant-2.avif"
alt-svc
h3=":443"; ma=86400
content-length
32122
x-request-id
xbUhxFxtZEnvruNdVMMyU
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIjFtNmxUU1RBQkRFVF9MSTdRamttMlEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d8f6e88ad429be0-FRA
expires
Mon, 17 Jun 2024 00:31:51 GMT
Valorant-3.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-3.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af104fe80a7951752cbc52101ac6bb04f7097c0d1d9b603ef27330a46fd17ae4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
MISS
content-disposition
inline; filename="Valorant-3.avif"
alt-svc
h3=":443"; ma=86400
content-length
14205
x-request-id
FfVwOJws5Axn4wrCMjMEG
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIkFUZ0JKdk45MllReDU4NURKSUNqWlEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d8f6e88ad3d9be0-FRA
expires
Mon, 17 Jun 2024 00:31:51 GMT
Valorant-4.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2021/06/Valorant-4.jpg?q=50&fit=crop&w=740&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2e63f2470ca2324513755bcf8f91b7c1843c3b4b35b2745cd7fabc52772c3b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
MISS
content-disposition
inline; filename="Valorant-4.avif"
alt-svc
h3=":443"; ma=86400
content-length
18624
x-request-id
A9ILnL7kFf84qM20ubtQT
server
cloudflare
etag
"kZiz7bHaNXMeShQJrwpwUpwLA3weXxJ7sguUjENOq_s/RIkxvQjVoMG5OMThQay1Ybkw4SXhSdVEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d8f6e88ad3c9be0-FRA
expires
Mon, 17 Jun 2024 00:31:51 GMT
zodiac-signs-and-demons-of-d4-mephisto-lilith-bhaal.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/zodiac-signs-and-demons-of-d4-mephisto-lilith-bhaal.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c481601926be6ed26d5b22eb4c499563ba4d571e353a8ebdcea53dd44412f5da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
HIT
age
975559
content-disposition
inline; filename="zodiac-signs-and-demons-of-d4-mephisto-lilith-bhaal.avif"
alt-svc
h3=":443"; ma=86400
content-length
4919
x-request-id
6OYmRyBtglC4D_dqd-T5I
server
cloudflare
etag
"ao_7tkgpsvxXqrDCYD3jjKL1cTnKiThhkUHqCjFtNJQ/RIjR5M3RMWEp6RHF4eGhrdjNtTFJBSHci"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d8f6e892d919be0-FRA
expires
Wed, 05 Jun 2024 16:31:08 GMT
june-spotlight-hour-featured-image.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/june-spotlight-hour-featured-image.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b779b139e8c9473f93b75c093a32afeabfc4fd29a6415be4ea59cc8c4147b07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
MISS
content-disposition
inline; filename="june-spotlight-hour-featured-image.avif"
alt-svc
h3=":443"; ma=86400
content-length
6626
x-request-id
JIOMBSwkDtt3rBgT3AS12
server
cloudflare
etag
"ao_7tkgpsvxXqrDCYD3jjKL1cTnKiThhkUHqCjFtNJQ/RIlVRZnpieC1BdFlYYklqWnI0S0lTRVEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d8f6e892d939be0-FRA
expires
Mon, 17 Jun 2024 00:31:51 GMT
diablo-4-altar-of-lilith.jpg
static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.thegamerimages.com/wordpress/wp-content/uploads/2023/06/diablo-4-altar-of-lilith.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20d10126b236125f98acd3f319d110cd0b3ba01c4123cf553fb979ef07633e92

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
HIT
age
1048617
content-disposition
inline; filename="diablo-4-altar-of-lilith.avif"
alt-svc
h3=":443"; ma=86400
content-length
8704
x-request-id
4d0rdmtSpT5nJv8w7cq9L
server
cloudflare
etag
"ao_7tkgpsvxXqrDCYD3jjKL1cTnKiThhkUHqCjFtNJQ/RIlFMOUtKcG85YXhfN0I2WnBFUWdIZVEi"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7d8f6e892d949be0-FRA
expires
Tue, 04 Jun 2024 19:09:03 GMT
email-decode.min.js
valopromotion.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Jun 2023 10:17:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"648ae541-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFKwarNBOeFz3DdJ9VFEZsykFU8iEpI%2BSmlZFVq%2Bli1QObb1GX9gZmPIiLkydmyRYWquUOeKddf6SBsH%2FNGCk3IDFozh9jiLpIGfTRiCTf3FXh2JJxYQf%2B7nMf67kG4vHwnmuQjEVzhp80bq4e71TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7d8f6e8839281953-FRA
expires
Tue, 20 Jun 2023 00:31:51 GMT
oPS.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
valopromotion.com/blog/files/ 		108 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/oPS.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e47ba52cdf6b89d811f5f499336136c66b4e68d43ba178fcc8563e081306e01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"648026ed-1affb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB6TvdTPnYPeOhspuh0p768Es091g7QSuYOKL24XoAc68j2Aq6ZXlIEFuCNb4Uk7n96n2q9TMeQjtmh2P4iVu7ZUSMa9Grghsgl%2BjkNvjXIBBBskbU4OuXhlFiiR7tP%2FdcUJVxn%2FoFBjYoDaLg2m%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7d8f6e88392b1953-FRA
alt-svc
h3=":443"; ma=86400
content-length
110587
primisslate.css
valopromotion.com/blog/files/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/primisslate.css
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5243
etag
W/"648026ed-469b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aecVVJR01ZDfEX4SbQLyc4W2OdmlLTB%2FovQzH2cr%2FQPfHQvSXspDfHIXfCmhJWYIueZAbw47xY9K5Dl6F9wO64XmImEkUdMONjpsZ0Rrb%2Bgb7anEGhvKtAPOSpbDrf%2BKFI1SotZ%2BQltnEse38OADaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7d8f6e8839291953-FRA
alt-svc
h3=":443"; ma=86400
icomoon.woff
valopromotion.com/public/build/fonts/icons/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/icons/icomoon.woff?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUhLcQZT223yoyLMY1rXPa2KTPJvfOkP8yKmMdrehV1CKw82YpkH2H0Ja%2BWf9zLzZhRn2I7mcv1%2B%2B5galL9%2BJbsJPWvhwva%2F66E8gvBz9nTR1arduZZHsQtv67d%2Fv8KSLFPZCgTYU8f57Ns8rZ2WBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d8f6e88cdb93730-FRA
alt-svc
h3=":443"; ma=86400
cookie-sync.html
valopromotion.com/blog/files/ Frame 788F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/cookie-sync.html
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a86bddab19afda6f9c635ca7e0d917e37affe511ae6e3c51bfbfe3589dce520c

Request headers

Referer
https://valopromotion.com/blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d8f6e88edd23730-FRA
content-encoding
br
content-type
text/html
date
Sun, 18 Jun 2023 00:31:51 GMT
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgsVCtNdWYMmrLDk%2FII4Sgz7OEWsMEi7qCJb1KLOCHe57gzsD1YCm5MfpQWKeLSzMx1e4%2FGzgXeGfNOLDLHtdCJr103kP3xiLgKiBhQcrRQ3f8%2BALjVqr6KCisuRcH52uytoNMy%2Ffg9E%2Be5iAwmvJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
saved_resource.html
valopromotion.com/blog/files/ Frame 16D8 		152 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/blog/files/saved_resource.html
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3

Request headers

Referer
https://valopromotion.com/blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d8f6e88edd43730-FRA
content-encoding
br
content-type
text/html
date
Sun, 18 Jun 2023 00:31:51 GMT
last-modified
Wed, 07 Jun 2023 06:42:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiJ%2BlYpoM%2FiHcPe%2BdHa3aytwkSdwfRTW7qdHxF7MBB2ojHBiC4EUg3%2FsJV5Hm1a%2FxiJL7q93uc4a8I3NSBXhmOmF9Fjb%2Fz%2FP30sMBfSbhVEkJeU7dI%2FY3wNOduPvqPhSnt%2BehDw%2Bv4lJ73LB3kf%2FnA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tg-logo-full-white.fc9e742a.svg
valopromotion.com/public/build/images/ 		207 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://valopromotion.com/public/build/images/tg-logo-full-white.fc9e742a.svg
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/files/article-regular.a5aa35cd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/blog/files/article-regular.a5aa35cd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGLowbvV4h1XWfM1r1vI9dtjwnEpWnlvsVgH5mAIv8V9sv79Rd2oD7ujU2isH0FkgUNZxiCurRrACQ%2BgzJK0uvGfF%2B1MTUmcBTJPpIXcSxFSK7pl2oxflEpd6bVeDyzqetazcW2NeFNwXIW6%2Fve%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d8f6e88edd63730-FRA
alt-svc
h3=":443"; ma=86400
rajdhani-bold.woff2
valopromotion.com/public/build/fonts/rajdhani/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElX%2B0EvEfZGKm0fD6OrfvfmmOOGcy0amG3%2BzhGMaE%2FEWA3yN0Dursrm%2F1QAMbc99bRYGqFHL9BQYnkGBgfHnVFseX83ULQa8Ci4rRosr%2B1ptGU8oUrBVs1R5cheOCV9oaS3M0hV%2FJhZKcEDjdRUjVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d8f6e88edd93730-FRA
alt-svc
h3=":443"; ma=86400
rajdhani-regular.woff2
valopromotion.com/public/build/fonts/rajdhani/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff2
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snuHyDMEubMvWbyhnW6Z4MIo%2FWP6xkhJdOXF3tNZ3y4vNYxNKv6vkBZ1hLtyhC6Z0AYm1EW3ZZxRuek5p6%2BlJCzdfOu1fgHZ9OYArvEaPQ4D9aJKvXgBloRegg6fZyDZ0iRWIHV%2B0%2BFPhZUEaM164A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d8f6e88fddb3730-FRA
alt-svc
h3=":443"; ma=86400
icomoon.woff2
valopromotion.com/public/build/fonts/icons/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/icons/icomoon.woff2?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFkqLN%2FnuS9WyrBrCur7epVI4%2Fq1hYBeV%2F5lQTLlgo%2B7SDNQhqd9CretMQttdZ7uiYFpc9RDPFh%2BJbDCfvmIh6PDpx4lBfT%2FruyFm6DMl4B45MbuUerYUN%2F3ovF624gld3rc1DQBeY764N640vMTLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d8f6e892e093730-FRA
alt-svc
h3=":443"; ma=86400
rajdhani-bold.woff
valopromotion.com/public/build/fonts/rajdhani/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4zpkBEnYFeLTqAyfLFH3qN9fxDUWMbmSMOox3Mt2kv%2Bs%2F0HRcjout7CP5ucUIpmDqu1uOOrpmiNYjTuSgCxZHKSVdt3x4snTA2c0KLljls8aJZAS5yHfT2ldX1HyJGWQSc4Y9m44oh1JXMTeGqrhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d8f6e895e2d3730-FRA
alt-svc
h3=":443"; ma=86400
cookie_sync
mbid.marfeelrev.com/ Frame 788F 		1 KB
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mbid.marfeelrev.com/cookie_sync
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/files/cookie-sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.57.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
worker01a.cl05.het.mrf.io
Software
istio-envoy /
Resource Hash
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d

Request headers

Referer
https://valopromotion.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
gzip
server
istio-envoy
content-type
application/json
access-control-allow-origin
https://valopromotion.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
435
expires
0
rajdhani-regular.woff
valopromotion.com/public/build/fonts/rajdhani/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STvZ2pgYfirvSlyIJ%2FELeoLB3tFU3if3kvsCK4rr3i9JNp%2FkEaUdzjo7WGt%2BxJRCL9gwLmk5aDODLLSBEChE5b6IgMRTWDpUEkUsvB25jaiCOv%2BhZbCs52bIARzc3VPxw%2FTwr9TGyzTPqHKuD0dwqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d8f6e896e383730-FRA
alt-svc
h3=":443"; ma=86400
icomoon.ttf
valopromotion.com/public/build/fonts/icons/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://valopromotion.com/public/build/fonts/icons/icomoon.ttf?v=1.3
Requested by
Host: valopromotion.com
URL: https://valopromotion.com/blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://valopromotion.com/blog/
Origin
https://valopromotion.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 00:31:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtj%2FEg8Bi8oGbFEJjVWp2uvT4jcdUVE7CVAu4Z6YuAinljaBZ9Cfcl952k%2BRv6uL5BB%2F%2FvOtWgmQ9TbK9W%2FcELQx1tci8fykWHSSIcc04QXfwnotGHd30dd2PA5LawyGg3hHU0WR0UW7%2FWuMz39TsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d8f6e899e623730-FRA
alt-svc
h3=":443"; ma=86400
usermatchredir
ssum.casalemedia.com/ Frame 788F
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb=
  • https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 00:31:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 18 Jun 2023 00:31:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/usermatchredir?s=184550&cb=&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
prebid
rtb.openx.net/sync/ Frame 788F 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 00:31:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
sync.php
pixel.rubiconproject.com/exchange/ Frame 788F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-marfeel&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
mbid.marfeelrev.com/ Frame 788F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2754993900317749206
86 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2754993900317749206
Protocol
H2
Server
138.201.57.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
worker01a.cl05.het.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 00:31:54 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
expires
0

Redirect headers

Date
Sun, 18 Jun 2023 00:31:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
95.211.199.139; 95.211.199.139; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
eb79596a-0d5b-49cd-b235-6bf6ef8b6c2a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2754993900317749206
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
mbid.marfeelrev.com/ Frame 788F
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid...
  • https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di...
  • https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=05478697-e4ea-4bb5-b8b4-7068ca39b9d2
86 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=05478697-e4ea-4bb5-b8b4-7068ca39b9d2
Protocol
H2
Server
138.201.57.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
worker01a.cl05.het.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 00:31:54 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
expires
0

Redirect headers

location
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=05478697-e4ea-4bb5-b8b4-7068ca39b9d2
access-control-allow-origin
*
date
Sun, 18 Jun 2023 00:31:54 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
mbid.marfeelrev.com/ Frame 788F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
  • https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2754993900317749206
86 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2754993900317749206
Protocol
H2
Server
138.201.57.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
worker01a.cl05.het.mrf.io
Software
istio-envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://valopromotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Jun 2023 00:31:54 GMT
content-encoding
gzip
server
istio-envoy
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
expires
0

Redirect headers

Date
Sun, 18 Jun 2023 00:31:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
95.211.199.139; 95.211.199.139; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3bad52dd-ee5e-4759-a963-6721e258508a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=2754993900317749206
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend function| opt_getSlotById function| opt_insightsAvailable function| opt_setupRefresh undefined| timeout undefined| opt_dateObj undefined| opt_month undefined| opt_day undefined| opt_year undefined| opt_today undefined| opt_activeDates undefined| p95720507 string| p95720562 number| p95720563 function| oAddDVTag_ function| oGetPageStats_ function| p95720592 function| oGetSlotRenderedLineItemIdByDivId_ function| p95720587 function| p95720584 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p95720581 function| oProdKPageViews_ function| oCheckDump_ function| oCheckProdK_ function| p95720564 function| p95720560 function| p95720617 function| p95720558 function| p95720570 function| p95720567 function| p95720565 function| p95720541 function| p95720546 function| p95720532 function| p95720531 function| p95720529 function| p95720522 function| oEnableNullChecklistener_ function| p95720574 function| p95720513 function| oPageUnload function| p95720442 function| p95720447 function| oSetDataParam function| p95720566 number| p95720432 boolean| p95720433 object| p95720434 object| p95720435 boolean| p95720436 number| p95720438 number| p95720439 object| p95720460 string| p95720502 number| p95720443 object| p95720510 string| p95720478 string| p95720479 object| p95720516 number| p95720517 boolean| p95720521 number| p95720523 boolean| p95720525 boolean| p95720575 boolean| p95720550 boolean| p95720577 boolean| oObserverChanges_ boolean| p95720576 boolean| p95720578 boolean| oAudienceListenerEnabled_ object| p95720527 string| oDevice string| p95720615 number| p95720618 string| oParentHostname_ string| oParentPathname_ boolean| p95720528 boolean| p95720530 number| p95720545 boolean| p95720547 number| p95720548 object| p95720537 object| oAdSlots_ object| otkjs boolean| p95720568 boolean| p95720569 object| optimeraInsights string| p95720579 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p95720590 object| p95720591 boolean| oEnableInfiniteScrollUrls_ boolean| p95720586 object| p95720589 object| p95720593 boolean| oHasStnVideo_ object| p95720616 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ string| p95720487 function| p95720440 string| p95720441 boolean| p95720509 boolean| p95720489 object| p95720488 number| p95720491 undefined| p95720595 undefined| p95720596 object| opbjs object| oaudLibjs object| ovpjs number| p95720490

7 Cookies

Domain/Path Name / Value
.casalemedia.com/ Name: CMID
Value: ZI5QeLLbMQSMAKUB8Q9xFwAA
.casalemedia.com/ Name: CMPS
Value: 3217
.casalemedia.com/ Name: CMPRO
Value: 3217
.adnxs.com/ Name: uuid2
Value: 2754993900317749206
.360yield.com/ Name: tuuid
Value: 05478697-e4ea-4bb5-b8b4-7068ca39b9d2
.360yield.com/ Name: tuuid_lu
Value: 1687048314
.mbid.marfeelrev.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiMjc1NDk5MzkwMDMxNzc0OTIwNiIsImV4cGlyZXMiOiIyMDIzLTA3LTAyVDAwOjMxOjU0LjgyN1oifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiMDU0Nzg2OTctZTRlYS00YmI1LWI4YjQtNzA2OGNhMzliOWQyIiwiZXhwaXJlcyI6IjIwMjMtMDctMDJUMDA6MzE6NTQuNDgyWiJ9fSwiYmRheSI6IjIwMjMtMDYtMThUMDA6MzE6NTQuMTc1WiJ9

9 Console Messages

Source Level URL
Text
network error URL: https://valopromotion.com/public/build/fonts/icons/icomoon.woff?v=1.3
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/images/tg-logo-full-white.fc9e742a.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://valopromotion.com/blog/files/cookie-sync.html
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/icons/icomoon.woff2?v=1.3
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-bold.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/rajdhani/rajdhani-regular.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://valopromotion.com/public/build/fonts/icons/icomoon.ttf?v=1.3
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ib.adnxs.com
mbid.marfeelrev.com
pixel.rubiconproject.com
rtb.openx.net
ssum.casalemedia.com
static1.thegamerimages.com
valopromotion.com
www.thegamer.com
138.201.57.250
185.80.39.216
185.89.210.212
2606:4700:10::ac43:f19
2a06:98c1:3121::3
35.227.252.103
52.203.114.80
54.155.4.234
69.173.144.165
15dcef640cac0fe6f9f5006624cdc828b1ae6292b618aece6607c9952a6ae1cf
1b779b139e8c9473f93b75c093a32afeabfc4fd29a6415be4ea59cc8c4147b07
1e24826b79dd8d6027c75dcb429dedd26bf976b9b50d8371efb929f80e7d14e7
20d10126b236125f98acd3f319d110cd0b3ba01c4123cf553fb979ef07633e92
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26c95380ef7e6fbda4146e9b208c2d78ef32be34c1c147757edb6099fc3e6dd3
2c2e63f2470ca2324513755bcf8f91b7c1843c3b4b35b2745cd7fabc52772c3b
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d
3bcf9f5dd1769dbd241485b17788201d9d8d53f5ab2bb2f89a94ae12f154740c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
559b43f7beabc7c03b99de9f0820c720b5e6c8ae68867d0c90cfee83d52b7f45
5f77f0e9166039a48f1bc672927d3c055b7f70e9e8cc01961155835c31db1cbd
6e47ba52cdf6b89d811f5f499336136c66b4e68d43ba178fcc8563e081306e01
7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23
a86bddab19afda6f9c635ca7e0d917e37affe511ae6e3c51bfbfe3589dce520c
af104fe80a7951752cbc52101ac6bb04f7097c0d1d9b603ef27330a46fd17ae4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b64d1c3350c7857821888624135a8d45fcb9c8834662a7baa63a652c018ad75d
bce45860ca3759528116c6a0f1a858eef24eb15b7bc96b67b869c1b126e14468
bd588f338804d52bb4b2da080d43a604fea9a8bc397b23377c1a903ba80e387f
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c481601926be6ed26d5b22eb4c499563ba4d571e353a8ebdcea53dd44412f5da
c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4
c886e7ce6980565f56761a4e921edd13df2fa16deb88a13f4e2f2500d0ca5a82
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e866f910c86828f62271e792fbb1024938453fe60d38f3a74586cdb8c51b60a1
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80
f136be1c736721a3a258ffed1d6870f3b87cf1266c7ac43cc61250ed117637a1