urlscan.io logo urlscan.io
SecurityTrails logo

screening.theheartrevolution.film Open in urlscan Pro
108.139.210.86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://screening.theheartrevolution.film/
Effective URL: https://screening.theheartrevolution.film/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On April 03 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 9 domains to perform 36 HTTP transactions. The main IP is 108.139.210.86, located in United States and belongs to AMAZON-02, US. The main domain is screening.theheartrevolution.film.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 3rd 2024. Valid for: a year.
This is the only time screening.theheartrevolution.film was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    108.139.210.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-210-86.fco50.r.cloudfront.net
screening.theheartrevolution.film
2    172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net
www.googletagmanager.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    108.139.210.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-210-128.fco50.r.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
3    13.35.246.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-246-130.fco50.r.cloudfront.net
d6r6gym8ueyux.cloudfront.net
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
7    13.35.198.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-198-127.fco50.r.cloudfront.net
d1yei2z3i6k35z.cloudfront.net
5    108.139.217.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-217-120.fco50.r.cloudfront.net
d3syewzhvzylbl.cloudfront.net
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net
stats.g.doubleclick.net
2    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
16 cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d6r6gym8ueyux.cloudfront.net
d1yei2z3i6k35z.cloudfront.net
d3syewzhvzylbl.cloudfront.net
986 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
417 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3274
www.google.com — Cisco Umbrella Rank: 2
393 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 7528
127 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
74 KB
2 theheartrevolution.film
screening.theheartrevolution.film
56 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
274 B
36 9
Domain Requested by
7 d1yei2z3i6k35z.cloudfront.net screening.theheartrevolution.film
5 d3syewzhvzylbl.cloudfront.net screening.theheartrevolution.film
5 www.googletagmanager.com screening.theheartrevolution.film
www.googletagmanager.com
3 d6r6gym8ueyux.cloudfront.net screening.theheartrevolution.film
2 www.google.com screening.theheartrevolution.film
2 www.google.de screening.theheartrevolution.film
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net screening.theheartrevolution.film
connect.facebook.net
2 screening.theheartrevolution.film
1 www.facebook.com screening.theheartrevolution.film
1 region1.analytics.google.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 d3fit27i5nzkqh.cloudfront.net screening.theheartrevolution.film
36 14
Subject Issuer Validity Valid
screening.theheartrevolution.film
Amazon RSA 2048 M02		 2024-04-03 -
2025-05-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-12 -
2024-04-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://screening.theheartrevolution.film/
Frame ID: 9812181DE81FF2769D640680CE71B4BD
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 error page

Page URL History Show full URLs

  1. http://screening.theheartrevolution.film/ HTTP 307
    https://screening.theheartrevolution.film/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

36
Requests

100 %
HTTPS

27 %
IPv6

9
Domains

14
Subdomains

15
IPs

2
Countries

1556 kB
Transfer

4250 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://screening.theheartrevolution.film/ HTTP 307
    https://screening.theheartrevolution.film/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
screening.theheartrevolution.film/
Redirect Chain
  • http://screening.theheartrevolution.film/
  • https://screening.theheartrevolution.film/
260 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.210.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-210-86.fco50.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
5d759a4e2e1063ec0c093b2d4caa5a35ed54a065669ad35dd258bd0e59217946

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
max-age=30, must-revalidate, public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 03 Apr 2024 18:43:31 GMT
server
nginx/1.24.0
vary
Accept-Encoding,Origin
via
1.1 45e38c301d8f5d7768c00a851e284846.cloudfront.net (CloudFront)
x-amz-cf-id
cDK32JZ0c29PMyak5IL4PfnW-kIxIGumO0bZHihY367djBrgpf4gBw==
x-amz-cf-pop
FCO50-P3
x-cache
Error from cloudfront

Redirect headers

Location
https://screening.theheartrevolution.film/
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/ 		197 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2610411-14
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
d7d311c4ad783a94bf4e94c3db54b91d622b78b289571b2e5f0c83ca0236562f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:43:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73125
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 Apr 2024 18:43:32 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Apr 2024 18:43:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58040
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=12, mss=1288, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
3ByPimJZuEJX6hfwpP/GHLMDZlYkABv8ksED3ySUcsQdAtlatT6nJKEnNtVxZaeilbpP6ENYd7ZjIO+h6bebhw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10906740577
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
22d06eb5e3816566fe18a76b6e70614381667394d4dad04e235633e1e05be24a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:43:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81313
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Apr 2024 18:43:32 GMT
all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ 		486 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.210.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-210-128.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 23 Oct 2023 14:49:04 GMT
content-encoding
gzip
via
1.1 4bb17b20f07b97e7472fead1eb7336cc.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 12:25:57 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P3
age
14097269
etag
W/"325672b036bab9b57f6873aed5eccc43"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
NwnjrZMGSSHbzt3aTubxdsCB1LbEoIhqiT_HQh3bUjxuJA34iKBUaQ==
runtimeSimplePage.1f5d57551aa31777b361.js
d6r6gym8ueyux.cloudfront.net/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6gym8ueyux.cloudfront.net/runtimeSimplePage.1f5d57551aa31777b361.js
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.246.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-246-130.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 07:59:46 GMT
content-encoding
gzip
via
1.1 d0acf6bc5bb556b6da009b581df0b85e.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P6
age
46535
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:4b0aca4f-f9b5-40ab-9ed6-0712483148af
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
6de41486f383e0d6b25d2b8c1f20d5b0
last-modified
Mon, 01 Apr 2024 14:18:32 GMT
server
AmazonS3
etag
W/"b36fb59db1b08c77338df8b86396266b"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
99c5f5eda2a22c4d6d0bd9fa49fbbf472d2587cd41c031e57edbb52fc8f10fd8
x-amz-cf-id
h-fM4ktrV4bDbPPOqRcxGfbXN0KcTtEiohc4Ot4rNGDmeBuGCB13fw==
simplePage.8bb7ae5f2adb7a57b472.js
d6r6gym8ueyux.cloudfront.net/ 		573 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6gym8ueyux.cloudfront.net/simplePage.8bb7ae5f2adb7a57b472.js
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.246.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-246-130.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02894609985b723579df383665a6b5f9fd53701289ba11f5b68612dfeda20763

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 04:55:14 GMT
content-encoding
gzip
via
1.1 d0acf6bc5bb556b6da009b581df0b85e.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P6
age
51573
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:54d6a27f-d24e-42b9-8ba3-a3641df0cfb5
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
e4edb211d97834dc68b65f4bffdcbd18
last-modified
Fri, 29 Mar 2024 08:05:21 GMT
server
AmazonS3
etag
W/"f5ffe552e5a183526b78f6ceceb57c5c"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
b6b749b4c684c3e1c67035d1b8243571e3e1a5a6f1fbd86e73a4bad7529b74c6
x-amz-cf-id
-d4K1qVP5Wrh_VvIHCO7OVkexEA-irsubn0XWYeZTy8QpXckY8ODsQ==
vendors~simplePage.54d652335cc34d21921c.js
d6r6gym8ueyux.cloudfront.net/ 		724 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6r6gym8ueyux.cloudfront.net/vendors~simplePage.54d652335cc34d21921c.js
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.246.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-246-130.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6612524e156bd0fe87b62a36dd82fe23c246231fb1843f78dcdd0a1359dc3656

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 04:54:55 GMT
content-encoding
gzip
via
1.1 d0acf6bc5bb556b6da009b581df0b85e.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P6
age
49722
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:54d6a27f-d24e-42b9-8ba3-a3641df0cfb5
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
e4edb211d97834dc68b65f4bffdcbd18
last-modified
Fri, 29 Mar 2024 08:05:21 GMT
server
AmazonS3
etag
W/"407bc32638c8560616b4e6c666925743"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
b6b749b4c684c3e1c67035d1b8243571e3e1a5a6f1fbd86e73a4bad7529b74c6
x-amz-cf-id
M-nimExFRIBl7LNIm719_QKdxNsxZBj6Yqq77JeQU16wxPsaCbiDGQ==
js
www.googletagmanager.com/gtag/ 		221 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10906740577&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2610411-14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1834d65b4233823dbf7b73d2ed2b2da1d2e3efb236cd4e27bc91eccf6c85473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:43:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81372
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Apr 2024 18:43:32 GMT
js
www.googletagmanager.com/gtag/ 		321 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XCFQZ5TE6W&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2610411-14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c67856a1246ac064c986c60023d0b1744602e4806242feb95ad690c38eeaa5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:43:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104883
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 Apr 2024 18:43:32 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2610411-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Apr 2024 17:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3891
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 03 Apr 2024 19:38:42 GMT
552668142934839
connect.facebook.net/signals/config/ 		66 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/552668142934839?v=2.9.151&r=stable&domain=screening.theheartrevolution.film&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
44b7946e9639c13604d6d0c2a37443f1ff595f21bedde6514d34736833e8ae31
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Apr 2024 18:43:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=65, mss=1288, tbw=63183, tp=-1, tpl=-1, uplat=694, ullat=0
pragma
public
x-fb-debug
9N2nXrL9keQpRGHXXPhAlLqBMae5ARQyyu64TtVzC5Nr7m14ZnUt0MWxX0oG49taIoFnX67ceRRJ7lyz6aTTLw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		236 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KW36JT
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c903653bbcb3d0cabdd00be884efde08e7e14991d0a558ed8c64e4ef4779f079
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:43:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85901
x-xss-protection
0
last-modified
Wed, 03 Apr 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Apr 2024 18:43:32 GMT
60c2138356a3b_Rectangle5.png
d1yei2z3i6k35z.cloudfront.net/161/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/161/60c2138356a3b_Rectangle5.png
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.198.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-198-127.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08d3b011dc414ed782cead39761818d4667e7bf7061462433bbd5f43ca928da0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 23 Mar 2024 21:42:04 GMT
via
1.1 57544ee45c8e75af9c91b3cefede1692.cloudfront.net (CloudFront)
last-modified
Thu, 10 Jun 2021 13:28:37 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P6
age
939690
etag
"0ad9b7081a2ed231ce8b53e8aea491dc"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
24793
x-amz-cf-id
SWns46y3VUbHU7jwfjmXKJE0Ci87tZhfXlldbuiVd7dWzcFPQyY_FQ==
regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/regular.woff2
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.217.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-217-120.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73ba62a6e6a8335135fc997dc56bd2c9dc602ce6c1a1f42a696f37439a7e6299

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
Origin
https://screening.theheartrevolution.film
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 09:00:37 GMT
via
1.1 2a48f38805c4f695a18ce571a51eaeba.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P3
age
35103
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33028
last-modified
Fri, 14 Apr 2023 06:24:35 GMT
server
AmazonS3
etag
"b39b161a2ac276e8cd0e573eff7eb905"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
e_51QQvbUyRXx8WiMakSK1tmzxOVItP4ggIOUmth4TmV9NS4A9jlDA==
regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/poppins/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/poppins/regular.woff2
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.217.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-217-120.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
790c77393a605975655c0c41a5a689791c8394b8593f0e49f134856ef7f45499

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
Origin
https://screening.theheartrevolution.film
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 03:00:35 GMT
via
1.1 2a48f38805c4f695a18ce571a51eaeba.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P3
age
56579
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
47436
last-modified
Fri, 14 Apr 2023 06:25:02 GMT
server
AmazonS3
etag
"cad4f07ea4f99fe6568f91c7320cbbce"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
YWYTw6rrP2HCpBTPw3ND4TDPdDKYK5NlNhtbP854n-XG24XIc_zTdg==
700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/ 		95 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/700.woff2
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.217.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-217-120.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56239df581596d9f59e4234d40d8063510a298dbaebb537b6e4500920b54b30e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
Origin
https://screening.theheartrevolution.film
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 01:43:01 GMT
via
1.1 2a48f38805c4f695a18ce571a51eaeba.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P3
age
61308
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
97272
last-modified
Fri, 14 Apr 2023 06:25:55 GMT
server
AmazonS3
etag
"e67a51623103aaeb28a214b32108b46a"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
DW8V6Wdx6H1LrPtXcc-hLYNi3GwspILTt9M2APx8j8da8raqDjyMkg==
700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/700.woff2
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.217.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-217-120.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92ce515eed3b949bdb0c372f032c27f5c7dda57ac3ba7703e267da5bf468539b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
Origin
https://screening.theheartrevolution.film
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 05:31:07 GMT
via
1.1 2a48f38805c4f695a18ce571a51eaeba.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P3
age
48127
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32856
last-modified
Fri, 14 Apr 2023 06:24:34 GMT
server
AmazonS3
etag
"e4a7489fd359edc9a3bc2b2240007029"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
PHqI9pqykKA73engyJ7RLdNCwAgKx1bXKMtHF1xA1mPK1II-O6fOZQ==
regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/ 		109 KB
110 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/regular.woff2
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.217.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-217-120.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d90c23b813ac21cd3d6d5225a075e7626a22d6d2cb1a222617709701eb60f40

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
Origin
https://screening.theheartrevolution.film
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 01:26:18 GMT
via
1.1 2a48f38805c4f695a18ce571a51eaeba.cloudfront.net (CloudFront)
x-amz-cf-pop
FCO50-P3
age
62716
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
111640
last-modified
Fri, 14 Apr 2023 06:25:55 GMT
server
AmazonS3
etag
"29fd689814bb4c452774ed374c99c5e3"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
PWURqV_LH0beb4EASU6zeVUxzBVlm4zivmzp3M7RzWSugOrZhG9PfA==
6093bf5960c6b_image10.png
d1yei2z3i6k35z.cloudfront.net/161/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/161/6093bf5960c6b_image10.png
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.198.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-198-127.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
965d05bb17799fd95ec87bcebba0d88648927a429633608dcbd118abb70daaa9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 19:27:41 GMT
via
1.1 57544ee45c8e75af9c91b3cefede1692.cloudfront.net (CloudFront)
last-modified
Thu, 06 May 2021 10:05:15 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P6
age
515753
etag
"ce2dc83fc7c7ca93ee8b9830602fe05d"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
36009
x-amz-cf-id
CuTpiFd4keO8WRIrlzzTjaqJDeRHYmIcsObHFHF66FP8ZB0zotcALA==
60b8ef872852d_Groupe26913x.png
d1yei2z3i6k35z.cloudfront.net/161/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/161/60b8ef872852d_Groupe26913x.png
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.198.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-198-127.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e66c4b8c6b620d3ab43877027ce1caaaf86509f5d5867bd9bd2edd2fe0f85c02

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 18:45:51 GMT
via
1.1 57544ee45c8e75af9c91b3cefede1692.cloudfront.net (CloudFront)
last-modified
Thu, 03 Jun 2021 15:04:41 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P6
age
518263
etag
"39913f0f14dbe5b75d6d1cd75af7ec84"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
188155
x-amz-cf-id
KySQ_iCedr2Bey3Wok3jotDElFnEHgF_sOd1SegaJTwqUJd7SP_1Cg==
61c04e6ad6420_social-4.png
d1yei2z3i6k35z.cloudfront.net/161/ 		885 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/161/61c04e6ad6420_social-4.png
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.198.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-198-127.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
268f358f185ccf505f623ad719cfa3df946b5213da83481f58121ccc25e0d052

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 18:45:51 GMT
via
1.1 57544ee45c8e75af9c91b3cefede1692.cloudfront.net (CloudFront)
last-modified
Mon, 20 Dec 2021 09:35:40 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P6
age
518263
etag
"b2c798b236023ec1906d021ede34c89e"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
885
x-amz-cf-id
YgI17bmOdwSpvnKJ2JvbIT7sJ5U4T3y3YPjwZuKaAga7KCgBX7xwGw==
61c04e7d46ba5_social-3.png
d1yei2z3i6k35z.cloudfront.net/161/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/161/61c04e7d46ba5_social-3.png
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.198.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-198-127.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bda769b185921ba59aafac77aa27725b1ac053e03b98b197154c7225f3af9925

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 18:45:51 GMT
via
1.1 57544ee45c8e75af9c91b3cefede1692.cloudfront.net (CloudFront)
last-modified
Mon, 20 Dec 2021 09:35:58 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P6
age
518263
etag
"a362ec55390d51c8700e853daf60a27f"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
2108
x-amz-cf-id
V-JjXwydHETq7VGbnDf6HLnLo0d5ybcNBAniet4qPo3VxKXYys4eNw==
61c04e8b2ca31_social-1.png
d1yei2z3i6k35z.cloudfront.net/161/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/161/61c04e8b2ca31_social-1.png
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.198.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-198-127.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19a977ec665d533462261c35f13da8e6f67faf39de1d5faa3ed45f19777b2ceb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 18:45:51 GMT
via
1.1 57544ee45c8e75af9c91b3cefede1692.cloudfront.net (CloudFront)
last-modified
Mon, 20 Dec 2021 09:36:12 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P6
age
518263
etag
"921dfe9376655d769b8ece3cd3b54a4f"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
2416
x-amz-cf-id
1xcxqEcIb72SPTaAcfQTCr7I8ZUE31Co-zVo5DmDxXz3UoSOD4PLWg==
61c04ec29edf1_social.png
d1yei2z3i6k35z.cloudfront.net/161/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/161/61c04ec29edf1_social.png
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.198.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-198-127.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aec78978271f1cc49d96ca221e0eee45276200d5aa6718387bef19dda41b4b43

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 18:45:51 GMT
via
1.1 57544ee45c8e75af9c91b3cefede1692.cloudfront.net (CloudFront)
last-modified
Mon, 20 Dec 2021 09:37:08 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P6
age
518263
etag
"605813348ddfa66b1e7652c768dd824d"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
2957
x-amz-cf-id
8epcYW8J1n2LTyZsnQnVrQADd0HqRjyWjROqY8vNgHi_PHnRmmg2yQ==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10906740577/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10906740577/?random=1712169812638&cv=11&fst=1712169812638&bg=ffffff&guid=ON&async=1&gtm=45be4410v890741734za200&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fscreening.theheartrevolution.film%2F&hn=www.googleadservices.com&frm=0&tiba=404%20error%20page&npa=0&pscdl=noapi&auid=769385600.1712169813&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10906740577
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
814aad8cf3e0ff3d8a0f22805ca385cfc9f20eb9359bc3b4706854a2fbebb5aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 18:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1277
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XCFQZ5TE6W&gtm=45je4410v899155866za200&_p=1712169811917&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=833597108.1712169813&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1712169812&sct=1&seg=0&dl=https%3A%2F%2Fscreening.theheartrevolution.film%2F&dt=404%20error%20page&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1766
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XCFQZ5TE6W&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 18:43:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screening.theheartrevolution.film
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XCFQZ5TE6W&cid=833597108.1712169813&gtm=45je4410v899155866za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XCFQZ5TE6W&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 18:43:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screening.theheartrevolution.film
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XCFQZ5TE6W&cid=833597108.1712169813&gtm=45je4410v899155866za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1583322480
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 18:43:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10906740577/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10906740577/?random=1712169812638&cv=11&fst=1712167200000&bg=ffffff&guid=ON&async=1&gtm=45be4410v890741734za200&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fscreening.theheartrevolution.film%2F&frm=0&tiba=404%20error%20page&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqYZs_IonpTiDCdWvc8dJuVRCpbIuQVA&random=2097711306&rmt_tld=0&ipr=y
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 18:43:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10906740577/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10906740577/?random=1712169812638&cv=11&fst=1712167200000&bg=ffffff&guid=ON&async=1&gtm=45be4410v890741734za200&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fscreening.theheartrevolution.film%2F&frm=0&tiba=404%20error%20page&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqYZs_IonpTiDCdWvc8dJuVRCpbIuQVA&random=2097711306&rmt_tld=1&ipr=y
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 18:43:32 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=973274966&t=pageview&_s=1&dl=https%3A%2F%2Fscreening.theheartrevolution.film%2F&ul=en-us&de=UTF-8&dt=404%20error%20page&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=205507570&gjid=640283680&cid=833597108.1712169813&tid=UA-2610411-14&_gid=1127591277.1712169813&_r=1&gtm=457e4410za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1726553894
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 18:43:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screening.theheartrevolution.film
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2610411-14&cid=833597108.1712169813&jid=205507570&gjid=640283680&_gid=1127591277.1712169813&_u=YADAAUAAAAAAACAAI~&z=1614597780
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 03 Apr 2024 18:43:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screening.theheartrevolution.film
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2610411-14&cid=833597108.1712169813&jid=205507570&_u=YADAAUAAAAAAACAAI~&z=1295554070
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 18:43:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=552668142934839&ev=PageView&dl=https%3A%2F%2Fscreening.theheartrevolution.film%2F&rl=&if=false&ts=1712169813566&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1712169813561.261034871&cs_est=true&ler=empty&cdl=API_unavailable&it=1712169812504&coo=false&rqm=GET
Requested by
Host: screening.theheartrevolution.film
URL: https://screening.theheartrevolution.film/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=10, mss=1288, tbw=2789, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 03 Apr 2024 18:43:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
60a777c6b6c23_60a777c6b6c22_favicon.png
screening.theheartrevolution.film/161/ 		105 KB
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://screening.theheartrevolution.film/161/60a777c6b6c23_60a777c6b6c22_favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.210.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-210-86.fco50.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
3910c3aaca09b07c9973ed8603f920f17e5a2f4ca077310721650af8c8ac645c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://screening.theheartrevolution.film/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 18:43:34 GMT
content-encoding
gzip
via
1.1 45e38c301d8f5d7768c00a851e284846.cloudfront.net (CloudFront)
server
nginx/1.24.0
x-amz-cf-pop
FCO50-P3
vary
Accept-Encoding,Origin
x-cache
Error from cloudfront
content-type
text/html; charset=UTF-8
cache-control
max-age=30, must-revalidate, public
x-amz-cf-id
8OmZHh38aqXyUiF72cEltuPHbVPNXDundJY0I8KFtl7sT4wKAPl9DA==

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| initialI18nStore string| initialLanguage function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| webpackChunkeditor object| scCGSHMRCache object| regeneratorRuntime function| setImmediate function| clearImmediate

7 Cookies

Domain/Path Name / Value
.theheartrevolution.film/ Name: _gcl_au
Value: 1.1.769385600.1712169813
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.theheartrevolution.film/ Name: _ga_XCFQZ5TE6W
Value: GS1.1.1712169812.1.0.1712169812.60.0.0
.theheartrevolution.film/ Name: _ga
Value: GA1.2.833597108.1712169813
.theheartrevolution.film/ Name: _gid
Value: GA1.2.1127591277.1712169813
.theheartrevolution.film/ Name: _gat_gtag_UA_2610411_14
Value: 1
.theheartrevolution.film/ Name: _fbp
Value: fb.1.1712169813561.261034871

6 Console Messages

Source Level URL
Text
network error URL: https://screening.theheartrevolution.film/
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://screening.theheartrevolution.film/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://screening.theheartrevolution.film/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://screening.theheartrevolution.film/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/552668142934839?v=2.9.151&r=stable&domain=screening.theheartrevolution.film&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://screening.theheartrevolution.film/161/60a777c6b6c23_60a777c6b6c22_favicon.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d1yei2z3i6k35z.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d3syewzhvzylbl.cloudfront.net
d6r6gym8ueyux.cloudfront.net
googleads.g.doubleclick.net
region1.analytics.google.com
screening.theheartrevolution.film
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
108.139.210.128
108.139.210.86
108.139.217.120
13.35.198.127
13.35.246.130
142.250.185.78
157.240.0.35
157.240.0.6
172.217.16.136
216.239.34.36
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:82b::2004
64.233.167.157
02894609985b723579df383665a6b5f9fd53701289ba11f5b68612dfeda20763
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
08d3b011dc414ed782cead39761818d4667e7bf7061462433bbd5f43ca928da0
19a977ec665d533462261c35f13da8e6f67faf39de1d5faa3ed45f19777b2ceb
22d06eb5e3816566fe18a76b6e70614381667394d4dad04e235633e1e05be24a
268f358f185ccf505f623ad719cfa3df946b5213da83481f58121ccc25e0d052
3910c3aaca09b07c9973ed8603f920f17e5a2f4ca077310721650af8c8ac645c
406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b
44b7946e9639c13604d6d0c2a37443f1ff595f21bedde6514d34736833e8ae31
56239df581596d9f59e4234d40d8063510a298dbaebb537b6e4500920b54b30e
5d759a4e2e1063ec0c093b2d4caa5a35ed54a065669ad35dd258bd0e59217946
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6612524e156bd0fe87b62a36dd82fe23c246231fb1843f78dcdd0a1359dc3656
6c67856a1246ac064c986c60023d0b1744602e4806242feb95ad690c38eeaa5d
73ba62a6e6a8335135fc997dc56bd2c9dc602ce6c1a1f42a696f37439a7e6299
790c77393a605975655c0c41a5a689791c8394b8593f0e49f134856ef7f45499
814aad8cf3e0ff3d8a0f22805ca385cfc9f20eb9359bc3b4706854a2fbebb5aa
92ce515eed3b949bdb0c372f032c27f5c7dda57ac3ba7703e267da5bf468539b
965d05bb17799fd95ec87bcebba0d88648927a429633608dcbd118abb70daaa9
9d90c23b813ac21cd3d6d5225a075e7626a22d6d2cb1a222617709701eb60f40
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
aec78978271f1cc49d96ca221e0eee45276200d5aa6718387bef19dda41b4b43
bda769b185921ba59aafac77aa27725b1ac053e03b98b197154c7225f3af9925
c903653bbcb3d0cabdd00be884efde08e7e14991d0a558ed8c64e4ef4779f079
d7d311c4ad783a94bf4e94c3db54b91d622b78b289571b2e5f0c83ca0236562f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66c4b8c6b620d3ab43877027ce1caaaf86509f5d5867bd9bd2edd2fe0f85c02
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1834d65b4233823dbf7b73d2ed2b2da1d2e3efb236cd4e27bc91eccf6c85473