urlscan.io logo urlscan.io
SecurityTrails logo

amazonianmelt.positivvibe.com Open in urlscan Pro
2606:4700:3108::ac42:2879  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://amazonianmelt.positivvibe.com/
Effective URL: https://amazonianmelt.positivvibe.com/
Submission: On March 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3108::ac42:2879, located in United States and belongs to CLOUDFLARENET, US. The main domain is amazonianmelt.positivvibe.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 11th 2023. Valid for: a year.
This is the only time amazonianmelt.positivvibe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3108::ac42:2b87 (United States)

ASN13335 (CLOUDFLARENET, US)
amazonianmelt.positivvibe.com
1    2606:4700:3108::ac42:2879 (United States)

ASN13335 (CLOUDFLARENET, US)
amazonianmelt.positivvibe.com
1    13.225.63.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-16.ewr53.r.cloudfront.net
cdn.clkmc.com
1    2607:f8b0:4006:80f::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2400:52e0:1a00::940:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
cdn.convertri.com
3    2a04:4e42:79::720 (United States)

ASN54113 (FASTLY, US)
convertri.imgix.net
5    2607:f8b0:4006:80b::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:81c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    34.199.229.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-229-192.compute-1.amazonaws.com
snowplow.convertri.com
1    2607:f8b0:4006:816::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
5 gstatic.com
fonts.gstatic.com
109 KB
4 convertri.com
cdn.convertri.com — Cisco Umbrella Rank: 152843
snowplow.convertri.com — Cisco Umbrella Rank: 165837
154 KB
3 imgix.net
convertri.imgix.net — Cisco Umbrella Rank: 172271
40 KB
2 positivvibe.com
amazonianmelt.positivvibe.com
24 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
65 KB
1 clkmc.com
cdn.clkmc.com — Cisco Umbrella Rank: 106409
14 KB
17 8
Domain Requested by
5 fonts.gstatic.com amazonianmelt.positivvibe.com
3 convertri.imgix.net amazonianmelt.positivvibe.com
3 cdn.convertri.com amazonianmelt.positivvibe.com
2 amazonianmelt.positivvibe.com 1 redirects
1 www.google.com amazonianmelt.positivvibe.com
1 snowplow.convertri.com amazonianmelt.positivvibe.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com amazonianmelt.positivvibe.com
1 cdn.clkmc.com amazonianmelt.positivvibe.com
17 9

This site contains links to these domains. Also see Links.

Domain
www.clkmg.com
positivvibe.com
www.positivvibe.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-11 -
2024-03-09		 a year crt.sh
*.clkmc.com
AlphaSSL CA - SHA256 - G2		 2022-11-17 -
2023-12-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
cdn.convertri.com
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-05 -
2024-04-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
snowplow.convertri.com
Amazon RSA 2048 M01		 2023-01-25 -
2024-02-24		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://amazonianmelt.positivvibe.com/
Frame ID: 5C7B7D2FFFC8DC5E3AF3EAAC48B5F2B3
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ancient Amazonian Sunrise Ritual Burn Away Years Of Stubborn Fat

Page URL History Show full URLs

  1. http://amazonianmelt.positivvibe.com/ HTTP 301
    https://amazonianmelt.positivvibe.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

80 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

407 kB
Transfer

1043 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://amazonianmelt.positivvibe.com/ HTTP 301
    https://amazonianmelt.positivvibe.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
amazonianmelt.positivvibe.com/
Redirect Chain
  • http://amazonianmelt.positivvibe.com/
  • https://amazonianmelt.positivvibe.com/
154 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2879 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d49a0db5f6b69c4c025d20620999828831469ae4ce89925fb4b6828ea48141f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7acd780efa47d157-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 24 Mar 2023 08:15:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsqwvTIwGZ%2BMkotQcYukd2vVFIHPRgOP2L%2BZANslZTb3ZezWw9GAOGaV0EICEvlxNYva7HPR65p6%2BObUgDs%2FQKakLvVhh%2FvZmr32MxjhnAJD%2FdC9ZDw4AmD9ZErPIkAPikpycbIps9X%2FajBq2w%2F4gwv0BKsyu2zVKY4S"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7acd780e4b66d15b-BUF
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 24 Mar 2023 08:15:54 GMT
Expires
Fri, 24 Mar 2023 09:15:54 GMT
Location
https://amazonianmelt.positivvibe.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDLjYysBpn26Ncb431YS0KvNIseEC40%2Fxnm%2BubHd%2Fu75DlC90UxK7FBzkhTIb0XQleInksp7yUbulalRFe8SCxSUZD3boQUhIGR5YZrpiTxk2AQ3N1ew3pJRLfIGYRMlNk3Z7VPqtl6XpzvCLNcw0wGXfI6ig2ZcnYxm"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
cmc.js
cdn.clkmc.com/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clkmc.com/cmc.js
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-16.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
ccc38e2814372ff7164f821c076d82f0ba51df81dc0ec65c693100f69e383ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Tue, 28 Feb 2023 22:59:29 GMT
Via
1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-Permitted-Cross-Domain-Policies
none
X-Amz-Cf-Pop
EWR53-C1
Age
2020588
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
12993
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 28 Feb 2023 22:58:52 GMT
Server
nginx
ETag
"63fe872c-32c1"
Access-Control-Max-Age
300
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public, no-transform
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id
RS38LRTdwF6GxIcHsChluuq5mTn4n3tEcOFVVq7_eqHiNPqsszkQwg==
Expires
Thu, 30 Mar 2023 22:59:29 GMT
js
www.googletagmanager.com/gtag/ 		175 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-598223814
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1faede3c29c7605d3e215422803b44502e7230da61a9bf4b6e8db391e1b47ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 08:15:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65680
x-xss-protection
0
last-modified
Fri, 24 Mar 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Mar 2023 08:15:57 GMT
jquery-1.12.2.min.js
cdn.convertri.com/ 		382 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/jquery-1.12.2.min.js?v=2022-08-23-07-20-02
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::940:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-940 /
Resource Hash
2bd8746c9641b9c1ec49b8972f313c64e94a011686f54f00214b29b577aeec48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 08:15:57 GMT
content-encoding
br
cdn-edgestorageid
1068
x-amz-request-id
0GCKXXNPKVX36M86
x-amz-server-side-encryption
AES256
cdn-cachedat
03/21/2023 10:26:17
cdn-pullzone
408079
x-amz-id-2
vq6vV4gNpg2gpNM/+mXkg4JIzPn9yAOItjDA9mm1GM4GAY0IrKZpZf7bshxXBasMvt4r1rwdLbk=
last-modified
Tue, 21 Mar 2023 10:25:04 GMT
server
BunnyCDN-IL1-940
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"c4cbe07d3b67b50d7092f2e853c50a49"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
max-age=604800
cdn-requestid
664bd1649f250301c9a87abd699930ef
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
sunrise-pv.jpg
convertri.imgix.net/3523ff9b-3007-11eb-abef-0697e5ca793e/b7b87aeeb42de55f3f605977f5908e61cabe6658/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/3523ff9b-3007-11eb-abef-0697e5ca793e/b7b87aeeb42de55f3f605977f5908e61cabe6658/sunrise-pv.jpg?auto=compress%2Cformat&fit=crop&h=1.0&w=1600
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
8a3431cf361581805d136d84f5d1499cd3045cd824c70591a9f6c09c98cf2caf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 08:15:57 GMT
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS
x-imgix-id
468dcea7216793e73c68d024bf49b4a0cfcebeb7
cross-origin-resource-policy
cross-origin
content-length
10508
x-served-by
cache-sjc10028-SJC, cache-iad-kcgs7200077-IAD
x-imgix-render-farm
01.8776
last-modified
Fri, 24 Mar 2023 08:15:57 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYA.ttf
fonts.gstatic.com/s/oswald/v49/ 		20 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYA.ttf
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e062d7a9ec40361a7c3b13ddf71d6928a2bf5abbb968af5e171b88296bdd8590
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amazonianmelt.positivvibe.com/
Origin
https://amazonianmelt.positivvibe.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 10:02:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13330
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:23:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 10:02:07 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrQ.ttf
fonts.gstatic.com/s/raleway/v28/ 		46 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrQ.ttf
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9891703ade29ba9b994c78712d7fa90f9b0ae4b6a13655e4d41fd1dc23c62dd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amazonianmelt.positivvibe.com/
Origin
https://amazonianmelt.positivvibe.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:56:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28039
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:57:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 09:56:05 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrQ.ttf
fonts.gstatic.com/s/raleway/v28/ 		46 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrQ.ttf
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccea64b644439db63b8dbe4e042401ceffbb0ba0ab7338e856aa7fb1f4d33e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amazonianmelt.positivvibe.com/
Origin
https://amazonianmelt.positivvibe.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27688
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:57:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 09:57:31 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amazonianmelt.positivvibe.com/
Origin
https://amazonianmelt.positivvibe.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20776
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 16:55:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v30/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amazonianmelt.positivvibe.com/
Origin
https://amazonianmelt.positivvibe.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 16:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20828
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 16:55:25 GMT
cdn.min.css
cdn.convertri.com/ 		64 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/cdn.min.css?v=2022-08-23-07-20-02
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::940:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-940 /
Resource Hash
59fe8ac9c8c9cd319fcdc14f91530aad33e7ad2cc421caaeccc9f1c1cf8ebf32

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 08:15:57 GMT
content-encoding
br
cdn-edgestorageid
1067
x-amz-request-id
94F99NB1NVFPR1VT
x-amz-server-side-encryption
AES256
cdn-cachedat
03/21/2023 10:26:18
cdn-pullzone
408079
x-amz-id-2
UNucOmLl3mLSwCEhJsErUcgcPM4EeZgOjhYysOsrZfK8QMvgH8rQ/kHrgL6qfe5CSfNSzvU/ZsM=
last-modified
Tue, 21 Mar 2023 10:25:08 GMT
server
BunnyCDN-IL1-940
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"b0d55c9bb284b269b2781a94102dffbf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=604800
cdn-requestid
02671b7d483cddc7aacf5f6546c56707
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/598223814/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/598223814/?random=1679645757604&cv=11&fst=1679645757604&bg=ffffff&guid=ON&async=1&gtm=45be33m0&u_w=1600&u_h=1200&url=https%3A%2F%2Famazonianmelt.positivvibe.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ancient%20Amazonian%20Sunrise%20Ritual%20Burn%20Away%20Years%20Of%20Stubborn%20Fat&auid=1935308035.1679645758&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-598223814
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62500af2f0ef33a6294263ce00121d22c55eefb99af738f502a070c13e9c98c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Mar 2023 08:15:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1240
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
snowplow.convertri.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snowplow.convertri.com/i?stm=1679645757934&e=pv&url=https%3A%2F%2Famazonianmelt.positivvibe.com%2F&page=Ancient%20Amazonian%20Sunrise%20Ritual%20Burn%20Away%20Years%20Of%20Stubborn%20Fat&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=09d76539-5da6-4862-bfdf-2eace3d80e7d&dtm=1679645757928&vp=1600x1200&ds=1600x2716&vid=1&sid=02bad9f5-8091-442a-b919-d71dceb1990f&duid=29c17193-6543-4123-9eef-a9bd21684d55&fp=2417809956
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.229.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-229-192.compute-1.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Mar 2023 08:15:58 GMT
access-control-allow-credentials
true
content-type
image/gif
server
spray-can/1.3.3
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
/
www.google.com/pagead/1p-user-list/598223814/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/598223814/?random=1679645757604&cv=11&fst=1679644800000&bg=ffffff&guid=ON&async=1&gtm=45be33m0&u_w=1600&u_h=1200&url=https%3A%2F%2Famazonianmelt.positivvibe.com%2F&frm=0&tiba=Ancient%20Amazonian%20Sunrise%20Ritual%20Burn%20Away%20Years%20Of%20Stubborn%20Fat&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2064413031&rmt_tld=0&ipr=y
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Mar 2023 08:15:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LP_front_image_pura_1%20%281%29.png
convertri.imgix.net/3523ff9b-3007-11eb-abef-0697e5ca793e/ca77e596342079852922545789611c2ea8989ee3/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/3523ff9b-3007-11eb-abef-0697e5ca793e/ca77e596342079852922545789611c2ea8989ee3/LP_front_image_pura_1%20%281%29.png?auto=compress,format&fit=scale&w=864&h=576
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3b560f29ffad59b01b5a2896909c3ee20a01661863664f80751f4724dc374cfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 08:15:58 GMT
x-content-type-options
nosniff
age
244411
x-cache
HIT, HIT
x-imgix-id
0f4144993e8a29270592b62af009c6093ae0e6ce
cross-origin-resource-policy
cross-origin
content-length
28843
x-served-by
cache-sjc10021-SJC, cache-iad-kcgs7200077-IAD
x-imgix-render-farm
01.8776
last-modified
Tue, 21 Mar 2023 12:22:26 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*
play-3.gif
cdn.convertri.com/3523ff9b-3007-11eb-abef-0697e5ca793e/0db6d5369b2d9bb2846bdb67aee9cee020dd2d8f/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.convertri.com/3523ff9b-3007-11eb-abef-0697e5ca793e/0db6d5369b2d9bb2846bdb67aee9cee020dd2d8f/play-3.gif
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::940:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-940 /
Resource Hash
ef72d55efc518348b921b42cb021f8208bf1f55397baa893039b81aa922789ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 08:15:58 GMT
x-downloadsize
31150
cdn-edgestorageid
845
cdn-cachedat
03/21/2023 12:22:26
cdn-pullzone
408079
content-length
31150
x-bo-server
ASB-211
last-modified
Tue, 21 Mar 2023 12:22:26 GMT
server
BunnyCDN-IL1-940
cdn-requestpullcode
200
cdn-proxyver
1.03
x-bo-origindownloadtime
62
content-type
image/gif
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
public, max-age=2592000
cdn-requestid
a97a9be68bfab269d15086925294525e
accept-ranges
bytes
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
sound_icon.png
convertri.imgix.net/3523ff9b-3007-11eb-abef-0697e5ca793e/2514b32d04ef7000598f5c5a7a0352e263a2ed57/ 		714 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertri.imgix.net/3523ff9b-3007-11eb-abef-0697e5ca793e/2514b32d04ef7000598f5c5a7a0352e263a2ed57/sound_icon.png?auto=compress,format&fit=scale&w=28&h=28
Requested by
Host: amazonianmelt.positivvibe.com
URL: https://amazonianmelt.positivvibe.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:79::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1cb9889a1b9f6f22d67d09f442292bed45d624a9df9e439072bbfb6d423fbf05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://amazonianmelt.positivvibe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 08:15:58 GMT
x-content-type-options
nosniff
age
1280095
x-cache
HIT, HIT
x-imgix-id
d4189ea20d1dc3464b5a4c2def1b62170de40f19
cross-origin-resource-policy
cross-origin
content-length
714
x-served-by
cache-sjc10040-SJC, cache-iad-kcgs7200077-IAD
x-imgix-render-farm
01.9288
last-modified
Thu, 09 Mar 2023 12:41:02 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| documentClassList object| CONVERTRI_CONSTANTS object| convertriParameters object| warningMessages object| submitMessages object| dataLayer object| ConvertriScriptConsent object| clickmagick_cmc object| bots function| gtag string| _cvt_gsi function| needsJQuery function| convertriLoadDeferredStyles function| raf function| managePopovers function| Popover object| FormValidator object| UrlUtils object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| CheckoutValidationErrorRenderer function| AnalyticsUtils function| ClickAnalyticsEventBuilder function| OpenCheckoutAnalyticsEventBuilder function| PurchaseAnalyticsEventBuilder function| PurchaseAnalyticsLegacyEventBuilder function| SubmitFormAnalyticsEventBuilder function| GmtDataLayerTracker function| AnalyticsEvent function| ClickAnalyticsEvent function| OpenCheckoutAnalyticsEvent function| PurchaseAnalyticsLegacyEvent function| PurchaseAnalyticsEvent function| SubmitFormAnalyticsEvent function| convertriCheckoutApiFactory function| convertriFormApiFactory function| convertriCheckoutFormApiFactory function| convertriCheckoutFormValidatorFactory function| jQueryToPromise function| orderDataFactory function| PaypalBasePaymentButton function| PaypalException function| PaypalOneTimePaymentButtonConfigFactory function| PaypalOneTimePaymentButton function| convertToPaypalOrder function| PaypalButtonConfigFactory function| PaypalSubscriptionButtonConfigFactory function| PaypalSubscriptionButton function| ShippingZonesHelper function| StripeElements function| CheckoutModalCustomValidatorFactory function| uniqueSelector function| visibilityChanged function| yall object| ConvertriCheckoutCurrencies object| ConvertriCheckoutEvents object| ConvertriCheckoutModalEvents object| ConvertriProductSelectionModalEvents function| ConvertriAnalytics object| CheckoutCoupons object| ConvertriAbandonedCartHandler object| ConvertriCheckoutController object| formWidgetCartInfo object| BlankFormValidator object| CheckoutHelpers object| PromiseHelpers object| ConvertriCheckoutPaymentDetailsForm object| ConvertriCheckoutModal object| ConvertriPreCheckoutProductSelection object| ConvertriCheckoutModalRenderer object| MobileDetector object| QueryArgBag function| ViewportResizer object| GlobalSnowplowNamespace function| ConvertriAnalyticsSnowplow function| Cookies object| doT function| ES6Promise function| $ function| jQuery object| Snowplow function| UAParser object| fbEventInfo object| fbPixelProxy function| getPresentCoupon function| handleCheckoutResponse string| newVal object| match object| jQuery112207551234309182537

4 Cookies

Domain/Path Name / Value
.positivvibe.com/ Name: _gcl_au
Value: 1.1.1935308035.1679645758
amazonianmelt.positivvibe.com/ Name: _sp_ses.a374
Value: *
amazonianmelt.positivvibe.com/ Name: _sp_id.a374
Value: 29c17193-6543-4123-9eef-a9bd21684d55.1679645758.1.1679645758.1679645758.02bad9f5-8091-442a-b919-d71dceb1990f
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazonianmelt.positivvibe.com
cdn.clkmc.com
cdn.convertri.com
convertri.imgix.net
fonts.gstatic.com
googleads.g.doubleclick.net
snowplow.convertri.com
www.google.com
www.googletagmanager.com
13.225.63.16
2400:52e0:1a00::940:1
2606:4700:3108::ac42:2879
2606:4700:3108::ac42:2b87
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2002
2a04:4e42:79::720
34.199.229.192
1cb9889a1b9f6f22d67d09f442292bed45d624a9df9e439072bbfb6d423fbf05
1faede3c29c7605d3e215422803b44502e7230da61a9bf4b6e8db391e1b47ce5
2bd8746c9641b9c1ec49b8972f313c64e94a011686f54f00214b29b577aeec48
3b560f29ffad59b01b5a2896909c3ee20a01661863664f80751f4724dc374cfa
59fe8ac9c8c9cd319fcdc14f91530aad33e7ad2cc421caaeccc9f1c1cf8ebf32
62500af2f0ef33a6294263ce00121d22c55eefb99af738f502a070c13e9c98c7
8a3431cf361581805d136d84f5d1499cd3045cd824c70591a9f6c09c98cf2caf
8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca
9891703ade29ba9b994c78712d7fa90f9b0ae4b6a13655e4d41fd1dc23c62dd1
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccc38e2814372ff7164f821c076d82f0ba51df81dc0ec65c693100f69e383ddd
ccea64b644439db63b8dbe4e042401ceffbb0ba0ab7338e856aa7fb1f4d33e49
d49a0db5f6b69c4c025d20620999828831469ae4ce89925fb4b6828ea48141f7
e062d7a9ec40361a7c3b13ddf71d6928a2bf5abbb968af5e171b88296bdd8590
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef72d55efc518348b921b42cb021f8208bf1f55397baa893039b81aa922789ce