urlscan.io logo urlscan.io
SecurityTrails logo

www.bacaoy.com Open in urlscan Pro
2606:4700:3032::681c:1309  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bacaoy.com/smiles-br?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQ...
Effective URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZT...
Submission: On December 07 via api from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3032::681c:1309, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bacaoy.com.
This is the only time www.bacaoy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    2606:4700:3032::681c:1309 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bacaoy.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
1.gravatar.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
15 www.bacaoy.com 1 redirects www.bacaoy.com
2 fonts.gstatic.com fonts.googleapis.com
2 1.gravatar.com 1 redirects www.bacaoy.com
2 ajax.googleapis.com www.bacaoy.com
1 www.facebook.com www.bacaoy.com
1 cdnjs.cloudflare.com www.bacaoy.com
1 fonts.googleapis.com www.bacaoy.com
22 7

This site contains links to these domains. Also see Links.

Domain
storeviews.net
track.flexlinkspro.com
mythemeshop.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Frame ID: 729974609F6BA9A37B469FE0CFA2F817
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpromo.coupons.deals&width=292&colorscheme=light&show_faces=true&stream=false&header=false&height=260
Frame ID: E6985E8089304055B2B5724D66994CAC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.bacaoy.com/smiles-br?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJ... HTTP 301
    http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmND... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

22
Requests

23 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

287 kB
Transfer

659 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bacaoy.com/smiles-br?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM HTTP 301
    http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://cdnjs.cloudflare.com/ajax/libs/zeroclipboard/2.1.6/ZeroClipboard.js?ver=4.0 HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/zeroclipboard/2.1.6/ZeroClipboard.js?ver=4.0
Request Chain 13
  • https://1.gravatar.com/avatar/3da7d8d65c7c6c7f7c883f64648282fa?s=85&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D85&r=G HTTP 302
  • http://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=85

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bacaoy.com/smiles-br/
Redirect Chain
  • http://www.bacaoy.com/smiles-br?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
  • http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdaee071b29075e7a5b0d801dcee60ccfb261ef6a9f2852cf1d136c18931bd98

Request headers

Host
www.bacaoy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=dcd65dd061c8f8bc5d4a1c63b9d10236f1607376707
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Pingback
http://www.bacaoy.com/xmlrpc.php
Link
<http://www.bacaoy.com/?p=4953>; rel=shortlink
CF-Cache-Status
DYNAMIC
cf-request-id
06e0b7396300000601a4363000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VQb4iMTD8e%2F%2B9EEiyc6IvGy0dqsKnY0e%2F0Thpz3DgHqhZKkaMM7pckfRfKLCkKvMyrZwWwSuYql8cEgDs%2Beh1lIq7RthE8%2FeNSotroPB4DFFP8am5OXDL3kL5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5fe15b0899f10601-FRA
Content-Encoding
gzip

Redirect headers

Date
Mon, 07 Dec 2020 21:31:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dcd65dd061c8f8bc5d4a1c63b9d10236f1607376707; expires=Wed, 06-Jan-21 21:31:47 GMT; path=/; domain=.bacaoy.com; HttpOnly; SameSite=Lax
X-Pingback
http://www.bacaoy.com/xmlrpc.php
Location
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
CF-Cache-Status
DYNAMIC
cf-request-id
06e0b7382500000601a0014000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MY6NmmJMuyHysupsM6X2zFJw51zvyXyiT28aiKaVosirjZsw5aDkMb9O612j2iYDY49GI%2BZga6RCR%2B4nnNxGK3s6TD4EdrzUiDIZdCd4ihAnGaLs5AiBmvZpQA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5fe15b06ace00601-FRA
style.css
www.bacaoy.com/wp-content/themes/ribbon/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-content/themes/ribbon/style.css
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c35afe6c5b348103f761de36bc1aa37dc03340c70e0dad15b87b896ede471e

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73aeb00000601681e8000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
W/"59bf3577-803c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n4j5URpKTTCKlE%2BxyCJxIhl3todZMkMqIkFnfB5B7b6PUuVhXhbaqExBUqJxFwZ9c30y7OYvypI%2B82kvll9t0mYfQ2oMPoqOn1Nd3eC0yuMHOQW%2FF87GSx%2BBrA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0b18a40601-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
dashicons.min.css
www.bacaoy.com/wp-includes/css/ 		40 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-includes/css/dashicons.min.css?ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d220473ebf623d40191c9946dbc48383c30b2290bc13bce2f70750236640c79f

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73aef0000c2d186902000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
W/"59bf3577-9e02"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8nIdWSF9KaSJ2Mbi8S5%2BIWujL40ny25pgcGg%2BpTP5UtN8%2BKaBovSW26xxF5vppWdZNzKhWXiv%2B6rT6pxYVv24jnNH0mLz7k%2BfL470TnZ%2FEkpHCebACorcqN4Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0b1ec1c2d1-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
editor.min.css
www.bacaoy.com/wp-includes/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-includes/css/editor.min.css?ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc6ce6f304378280f46c163222f9057ccd26ef69bd6b3b60e2ab7a1a7891be5

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73aef00000601b88f4000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
W/"59bf3577-6991"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K4PqVae0gmBmVHLD02feUzOv7vf%2F%2BN%2BmDE2e8rBztUIY8fg2EkzrykNdQqUMsOuA%2FTukUxKrHXHvuLs%2F29IYc9n2I1rYKNRWJX%2BDJBcy6NXclMwzt9hqSftLNg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0b18b80601-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
css
fonts.googleapis.com/ 		1 KB
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Monda%3Aregular%2Cbold&v1&ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9f80fd1134d27b4e033d7c614298048ef9d9449538c8da73710bbb50887aa009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Dec 2020 21:31:48 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Mon, 07 Dec 2020 21:31:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 07 Dec 2020 21:31:48 GMT
coupon.css
www.bacaoy.com/wp-content/plugins/slim-coupon/assets/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-content/plugins/slim-coupon/assets/css/coupon.css?ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7ef03b00327029896b24ca3a32439bbbc2e6f21b1b37a836e71efacfbd3901

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73aef0000d6b1c98ba000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
W/"59bf3577-cb4"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9kApciGZBJWMMmLZftj4eGZGviw3yrj8I88UK4YR4fme8zMv4fgEbCv3lK2MUwGkM0XbKmMp1Drwx%2FTEOFJ5SLFmJaCcIYAo408ZHzN8KVhXY7dIVfxPGJ%2Bd2w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0b1b0ad6b1-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
tipsy.css
www.bacaoy.com/wp-content/plugins/slim-coupon/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-content/plugins/slim-coupon/assets/css/tipsy.css?ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c62a53644084cfbde52ccacb7c74c4f55d1b1dff61b24978e58f8ac740b840b

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73aef0000c2d138a85000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
W/"59bf3577-434"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HvYyDlJaMw9kNl1GDckY2%2BapmvRbHNFK8am%2BjA4%2FDNJt2UlwsnZqtJOyOMY70Hl1TmJkIpooJmIFsKmt8icRksBpVntn%2Fo8CwMsF1O93pAcYgO4Dx%2BtuqHOLSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0b1ec2c2d1-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js?ver=1.7.1
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Dec 2020 10:14:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
386262
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33593
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 03 Dec 2021 10:14:06 GMT
ZeroClipboard.js
cdnjs.cloudflare.com/ajax/libs/zeroclipboard/2.1.6/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/zeroclipboard/2.1.6/ZeroClipboard.js?ver=4.0
  • https://cdnjs.cloudflare.com/ajax/libs/zeroclipboard/2.1.6/ZeroClipboard.js?ver=4.0
73 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/zeroclipboard/2.1.6/ZeroClipboard.js?ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f724c2db7b62ea015ae038455fd4573b7581d8ad0c8e2239d8bb5b6eb873d1d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Dec 2020 21:31:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
464648
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
13340
cf-request-id
06e0b73afe00002c0d440b3000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:18:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04043-12258"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pvKC2o2oV%2FR4hdigpUFnNGb2fvrHX1VbEKcTJ2Dr3ENr5O6J3qGredv2vtgPrnHbpVNC5RFpcTH5nw2073yw0X9BFk3X8NL%2BtSGm6BBRP6wyI5ebjxQ%2BWimOl6Oku5KeIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fe15b0b2b972c0d-FRA
expires
Sat, 27 Nov 2021 21:31:48 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/zeroclipboard/2.1.6/ZeroClipboard.js?ver=4.0
Non-Authoritative-Reason
HSTS
jquery.tipsy.js
www.bacaoy.com/wp-content/plugins/slim-coupon/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-content/plugins/slim-coupon/assets/js/jquery.tipsy.js?ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff261a314f41ba1d8cf558cfb330130bce09e3f0ecf812c61f05b3b80d0e8bcb

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73af00000980e390ca000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
W/"59bf3577-1cdd"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cbmcZbNw71w8EyzS83RC7VISROuN2VC3sFoOhl2RvT5G1zTOf4mhwrrXAeIRqErPMvN%2BguBOfWosAx%2Fg7dW7gSVzMMKb8%2B4uHZscrFW2VgwdmrysRM6fSad5UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0b1d7b980e-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/ 		232 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js?ver=1.8.16
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Dec 2020 10:16:05 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
386143
Cross-Origin-Resource-Policy
cross-origin
Content-Length
62563
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 03 Dec 2021 10:16:05 GMT
modernizr.min.js
www.bacaoy.com/wp-content/themes/ribbon/js/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-content/themes/ribbon/js/modernizr.min.js?ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50aa0a03bbdf5ef2efb0943af54da213a68aa08c4472c5f33998f882cbbe2ec0

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73ba70000060168203000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
W/"59bf3577-3682"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ht2t9bBRYFMxk1DsxEFUS5TpoQ%2B%2FNoqddLa2T2ainFIGnEND6A6xxlTz81OCmFIm%2B%2B7ytwOZYrtQzYny8SvoNpqI1cAGPr%2BKp7s3Ke9hdd4YZGqlnPAc87944A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0c3c190601-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
customscript.js
www.bacaoy.com/wp-content/themes/ribbon/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-content/themes/ribbon/js/customscript.js?ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e3e853b6c4b817b2f0a1bbac6a8eb2f592c109f8a2b4d64aa463fa9675544a8

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
content-encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73bad0000c2d138a94000000001
pragma
public
last-modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
etag
W/"59bf3577-2341"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VeAtRntHCNsTVKuqjtfZ1GLOAno6%2B542SSk94OdyYOkzLKSAGPUYjDmyp0xz7HhrTzllxmes2vc8E8shNb2c0oLN%2F47PAMpLZQYQqjwnVzkAUTuwY1SM%2FdhXEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0c48dbc2d1-FRA
expires
Wed, 06 Jan 2021 21:31:48 GMT
5-300x176.png
www.bacaoy.com/wp-content/uploads/2020/11/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bacaoy.com/wp-content/uploads/2020/11/5-300x176.png
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a31d8ed293d64e0e3d3fc971002aaeaaff83f053061cf4aead84084b342dc59f

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
56768
cf-request-id
06e0b73c710000d6b1a1054000000001
Pragma
public
Last-Modified
Mon, 02 Nov 2020 06:33:58 GMT
Server
cloudflare
ETag
"5f9fa856-ddc0"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E3OOgYxAtVTkJW6%2BGoHz3IMmCBqTBXw9%2FCsJL8Xb6U7VKLvvaLj1KPGSikosOFebY%2F0I8uHPzRau1LbYVDOMYShvGcgOM9lF5DgyG4X6tKLIBScmijbIgz9EkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
CF-RAY
5fe15b0d8888d6b1-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
ad516503a11cd5ca435acc9bb6523536
1.gravatar.com/avatar/
Redirect Chain
  • https://1.gravatar.com/avatar/3da7d8d65c7c6c7f7c883f64648282fa?s=85&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D85&r=G
  • http://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=85
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=85
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
da848951adbbbf3ba51c9475f8e57b3c0704bce178e50237b620bd51995dfd46

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-nc
HIT ams 4
Date
Mon, 07 Dec 2020 21:31:48 GMT
Last-Modified
Sat, 01 Mar 2008 02:44:06 GMT
Server
nginx
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Content-Disposition
inline; filename="ad516503a11cd5ca435acc9bb6523536.png"
Connection
keep-alive
Accept-Ranges
bytes
Link
<https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=85>; rel="canonical"
Content-Length
2629
Expires
Mon, 07 Dec 2020 21:36:48 GMT

Redirect headers

x-nc
MISS ams 4
date
Mon, 07 Dec 2020 21:31:48 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
text/html; charset=utf-8
location
http://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=85
cache-control
max-age=300
link
<https://www.gravatar.com/avatar/3da7d8d65c7c6c7f7c883f64648282fa?s=85&d=http%3A%2F%2F1.gravatar.com%2Favatar%2Fad516503a11cd5ca435acc9bb6523536%3Fs%3D85&r=G>; rel="canonical"
content-length
0
expires
Mon, 07 Dec 2020 21:36:48 GMT
455-200x125.png
www.bacaoy.com/wp-content/uploads/2020/11/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bacaoy.com/wp-content/uploads/2020/11/455-200x125.png
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af39fc8234ddddbbf0da761369da8d467093c1b98f68b7a7662ec1d68acff1a

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
30639
cf-request-id
06e0b73c700000980e3e908000000001
Pragma
public
Last-Modified
Tue, 24 Nov 2020 02:30:06 GMT
Server
cloudflare
ETag
"5fbc702e-77af"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G4uLEebWRgrSEmcB0TN2gtgug3CY2dWGswHhdtNP9FoagxwbVEFinmSM4swKS9AP1Q9yus9MQoeoN3TGKXp2O7RzpvKKkvAXPwq6YYn8uZXKFHFIytOFJdktKg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
CF-RAY
5fe15b0d7f00980e-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
relthumb.png
www.bacaoy.com/wp-content/themes/ribbon/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.bacaoy.com/wp-content/themes/ribbon/images/relthumb.png
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e12b5b76f107f4e9c89813c466259d63f72fad10a5e74d610cd89ced036c8ab

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
4082
cf-request-id
06e0b73c700000c2d149163000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
"59bf3577-ff2"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nZV29pQSmMHtdfFGcbGVrJxHKLCX00xkf3e0Qu4LHe61NiX5J3opQMmPRPHrx0tRIfM2YsskRHd7QJNx4KqZezUcolzVWDgfx9V6oYv0kWjiBi9BvXr%2FdAqu%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
CF-RAY
5fe15b0d8b1ec2d1-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
comment-reply.min.js
www.bacaoy.com/wp-includes/js/ 		757 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-includes/js/comment-reply.min.js?ver=4.0
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73c62000006016ab74000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
W/"59bf3577-2f5"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FSs4Y%2F%2FnPHApB0eJXYDjkYWuTcugNuGmGId50kr9FffWQHK79awRDm7%2FyvB7zI6NwSzQKvu0%2BsPKfUcDxsSNAYRnqwE0XGaFjkjRrEBQe01eJek0oafuMq%2BjNw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0d681f0601-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
zc.js
www.bacaoy.com/wp-content/plugins/slim-coupon/assets/js/ 		431 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bacaoy.com/wp-content/plugins/slim-coupon/assets/js/zc.js?ver=2.1.6
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
HTTP/1.1
Server
2606:4700:3032::681c:1309 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17595f700ecec3a09bfffda4ad34ae11e7973cfad2d86c9e71d12d79537a155e

Request headers

Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 07 Dec 2020 21:31:48 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
06e0b73c620000c2d1f31cb000000001
Pragma
public
Last-Modified
Mon, 18 Sep 2017 02:54:47 GMT
Server
cloudflare
ETag
W/"59bf3577-1af"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uzqs06W1w3TUrBH065Hp1Fw1lg%2FOL2I7YlWDTAY6Kc6t2GbVpjqrl9ItaJbc1lHtq8eqzfahD90aH7sIzG5MzS9zidgELWcVOYupTKSSEy9%2F%2FmZWGYJZbOKTwg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=2592000, public, must-revalidate, proxy-revalidate
CF-RAY
5fe15b0d6b02c2d1-FRA
Expires
Wed, 06 Jan 2021 21:31:48 GMT
likebox.php
www.facebook.com/plugins/ Frame E698 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpromo.coupons.deals&width=292&colorscheme=light&show_faces=true&stream=false&header=false&height=260
Requested by
Host: www.bacaoy.com
URL: http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpromo.coupons.deals&width=292&colorscheme=light&show_faces=true&stream=false&header=false&height=260
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bacaoy.com/smiles-br/?rd=572160328&zeqjm=MTYyMTczNzA2MTdiOTE1NDA2MjJlMWMzN2RhM2Q2YzVmNDJjYzBiOTBlNGJhYzljZTQzYWQ0ZDdiN2NiYTE0M2YwZTQzNzMwYTEMTQlYZM

Response headers

vary
Accept-Encoding
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
1QE7yLeuN7HhYjTUjj+8dQaumDBNhBhXagyBTwWbBPTwyJOVPv/N9PcMOf63AOxO5ab75OzFmksW6jYO9S3HdA==
date
Mon, 07 Dec 2020 21:31:48 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
truncated
/ 		462 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aabc38a824c641661944eaa777b5d5bc809d88de302a3a66de8de7e552433443

Request headers

Referer
http://www.bacaoy.com/wp-content/plugins/slim-coupon/assets/css/coupon.css?ver=4.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
TK3gWkYFABsmjsLaGw8EneptKZ2s.woff2
fonts.gstatic.com/s/monda/v10/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/monda/v10/TK3gWkYFABsmjsLaGw8EneptKZ2s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monda%3Aregular%2Cbold&v1&ver=4.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b07e4c5344fab546586dfc8cbd5400f58cb87b96a15f8637543c6e219fb3d8c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.bacaoy.com
Referer
https://fonts.googleapis.com/css?family=Monda%3Aregular%2Cbold&v1&ver=4.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 09:57:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 03:46:56 GMT
server
sffe
age
473634
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9072
x-xss-protection
0
expires
Thu, 02 Dec 2021 09:57:54 GMT
TK3tWkYFABsmjsphPhopv-dH.woff2
fonts.gstatic.com/s/monda/v10/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/monda/v10/TK3tWkYFABsmjsphPhopv-dH.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monda%3Aregular%2Cbold&v1&ver=4.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6521c9e018578cd01ecfcd94e7df11c4c2a811837550e76a82c9fc4b1d402941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.bacaoy.com
Referer
https://fonts.googleapis.com/css?family=Monda%3Aregular%2Cbold&v1&ver=4.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 10:11:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 03:46:55 GMT
server
sffe
age
472817
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8916
x-xss-protection
0
expires
Thu, 02 Dec 2021 10:11:31 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| ZeroClipboard function| DP_jQuery_1607376708560 object| Modernizr object| respond function| yepnope function| swt_format_twitter function| relative_time object| addComment

1 Cookies

Domain/Path Name / Value
.bacaoy.com/ Name: __cfduid
Value: dcd65dd061c8f8bc5d4a1c63b9d10236f1607376707

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.gravatar.com
ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
www.bacaoy.com
www.facebook.com
2606:4700:3032::681c:1309
2606:4700::6810:135e
2a00:1450:4001:808::200a
2a00:1450:4001:819::2003
2a00:1450:4001:820::200a
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
0f724c2db7b62ea015ae038455fd4573b7581d8ad0c8e2239d8bb5b6eb873d1d
17595f700ecec3a09bfffda4ad34ae11e7973cfad2d86c9e71d12d79537a155e
3cc6ce6f304378280f46c163222f9057ccd26ef69bd6b3b60e2ab7a1a7891be5
4e3e853b6c4b817b2f0a1bbac6a8eb2f592c109f8a2b4d64aa463fa9675544a8
50aa0a03bbdf5ef2efb0943af54da213a68aa08c4472c5f33998f882cbbe2ec0
5c62a53644084cfbde52ccacb7c74c4f55d1b1dff61b24978e58f8ac740b840b
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6521c9e018578cd01ecfcd94e7df11c4c2a811837550e76a82c9fc4b1d402941
7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040
8af39fc8234ddddbbf0da761369da8d467093c1b98f68b7a7662ec1d68acff1a
9e12b5b76f107f4e9c89813c466259d63f72fad10a5e74d610cd89ced036c8ab
9f80fd1134d27b4e033d7c614298048ef9d9449538c8da73710bbb50887aa009
a31d8ed293d64e0e3d3fc971002aaeaaff83f053061cf4aead84084b342dc59f
aabc38a824c641661944eaa777b5d5bc809d88de302a3a66de8de7e552433443
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0
b07e4c5344fab546586dfc8cbd5400f58cb87b96a15f8637543c6e219fb3d8c3
b2c35afe6c5b348103f761de36bc1aa37dc03340c70e0dad15b87b896ede471e
bdaee071b29075e7a5b0d801dcee60ccfb261ef6a9f2852cf1d136c18931bd98
ca7ef03b00327029896b24ca3a32439bbbc2e6f21b1b37a836e71efacfbd3901
d220473ebf623d40191c9946dbc48383c30b2290bc13bce2f70750236640c79f
da848951adbbbf3ba51c9475f8e57b3c0704bce178e50237b620bd51995dfd46
ff261a314f41ba1d8cf558cfb330130bce09e3f0ecf812c61f05b3b80d0e8bcb