legaalgokken.be Open in urlscan Pro
2a0b:7280:100:0:4ce:e8ff:fe00:20b0  Public Scan

Submitted URL: http://latest-511748.dingligh.ru/click/rtb?node=76&winPrice=31.30434782608696&force=1&winCurrency=RUB&id=1565814600000-2964
Effective URL: https://legaalgokken.be/
Submission: On August 15 via manual from LK

Summary

This website contacted 8 IPs in 3 countries across 10 domains to perform 32 HTTP transactions. The main IP is 2a0b:7280:100:0:4ce:e8ff:fe00:20b0, located in Netherlands and belongs to ASTRALUS, NL. The main domain is legaalgokken.be.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 23rd 2019. Valid for: 3 months.
This is the only time legaalgokken.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 88.85.84.124 35415 (WEBZILLA)
1 1 185.178.208.189 57724 (DDOS-GUARD)
10 188.42.143.108 7979 (SERVERS)
1 205.185.208.52 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 78.140.179.99 35415 (WEBZILLA)
2 4 151.139.128.10 20446 (HIGHWINDS3)
16 2a0b:7280:100... 48635 (ASTRALUS)
32 8
Apex Domain
Subdomains
Transfer
16 legaalgokken.be
legaalgokken.be
167 KB
10 chepotabakam.com
chepotabakam.com
620 KB
2 jads.co
redir.jads.co
3 KB
2 juicyads.com
xapi.juicyads.com
4 KB
2 shinasi.info
shinasi.info
851 B
2 dopor.info
dopor.info
703 B
1 cloudflare.com
cdnjs.cloudflare.com
773 B
1 jquery.com
code.jquery.com
30 KB
1 jeregeyto.info
jeregeyto.info
172 B
1 dingligh.ru
latest-511748.dingligh.ru
215 B
32 10
Domain Requested by
16 legaalgokken.be redir.jads.co
legaalgokken.be
10 chepotabakam.com dopor.info
chepotabakam.com
code.jquery.com
2 redir.jads.co 1 redirects xapi.juicyads.com
2 xapi.juicyads.com 1 redirects shinasi.info
2 shinasi.info 1 redirects chepotabakam.com
2 dopor.info 1 redirects
1 cdnjs.cloudflare.com chepotabakam.com
1 code.jquery.com chepotabakam.com
1 jeregeyto.info 1 redirects
1 latest-511748.dingligh.ru 1 redirects
32 10

This site contains links to these domains. Also see Links.

Domain
web.whatsapp.com
banners.livepartners.com
twitter.com
gokhulp.be
www.gamingcommission.be
Subject Issuer Validity Valid
dopor.info
Let's Encrypt Authority X3
2019-06-14 -
2019-09-12
3 months crt.sh
chepotabakam.com
Let's Encrypt Authority X3
2019-08-13 -
2019-11-11
3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-10 -
2020-02-16
6 months crt.sh
shinasi.info
Let's Encrypt Authority X3
2019-06-14 -
2019-09-12
3 months crt.sh
legaalgokken.be
Let's Encrypt Authority X3
2019-07-23 -
2019-10-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://legaalgokken.be/
Frame ID: DD5818E34844581152340A4358D293D1
Requests: 44 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://latest-511748.dingligh.ru/click/rtb?node=76&winPrice=31.30434782608696&force=1&winCurrency=RUB&id=1565... HTTP 302
    https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined Page URL
  2. https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined&echck=166036.0342695 HTTP 302
    https://jeregeyto.info/7/?site=6805&sub1=869855 HTTP 302
    https://chepotabakam.com/7/?site=6805&sub1=869855 Page URL
  3. https://shinasi.info/?directlink=1&code_type=1&sid=872937 Page URL
  4. https://shinasi.info/?directlink=1&code_type=1&sid=872937&echck=166036.0343773 HTTP 302
    http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fe... Page URL
  5. http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fe... HTTP 302
    http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628 Page URL
  6. http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628 HTTP 302
    https://legaalgokken.be/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Page Statistics

32
Requests

94 %
HTTPS

25 %
IPv6

10
Domains

10
Subdomains

8
IPs

3
Countries

839 kB
Transfer

1225 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://latest-511748.dingligh.ru/click/rtb?node=76&winPrice=31.30434782608696&force=1&winCurrency=RUB&id=1565814600000-2964 HTTP 302
    https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined Page URL
  2. https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined&echck=166036.0342695 HTTP 302
    https://jeregeyto.info/7/?site=6805&sub1=869855 HTTP 302
    https://chepotabakam.com/7/?site=6805&sub1=869855 Page URL
  3. https://shinasi.info/?directlink=1&code_type=1&sid=872937 Page URL
  4. https://shinasi.info/?directlink=1&code_type=1&sid=872937&echck=166036.0343773 HTTP 302
    http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1 Page URL
  5. http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1 HTTP 302
    http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628 Page URL
  6. http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628 HTTP 302
    https://legaalgokken.be/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://latest-511748.dingligh.ru/click/rtb?node=76&winPrice=31.30434782608696&force=1&winCurrency=RUB&id=1565814600000-2964 HTTP 302
  • https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined
Request Chain 1
  • https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined&echck=166036.0342695 HTTP 302
  • https://jeregeyto.info/7/?site=6805&sub1=869855 HTTP 302
  • https://chepotabakam.com/7/?site=6805&sub1=869855
Request Chain 14
  • https://shinasi.info/?directlink=1&code_type=1&sid=872937&echck=166036.0343773 HTTP 302
  • http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1
Request Chain 15
  • http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1 HTTP 302
  • http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
dopor.info/
Redirect Chain
  • http://latest-511748.dingligh.ru/click/rtb?node=76&winPrice=31.30434782608696&force=1&winCurrency=RUB&id=1565814600000-2964
  • https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined
418 B
454 B
Document
General
Full URL
https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.85.84.124 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
v-5-20-29-d7085-124.webazilla.com
Software
nginx/1.16.0 /
Resource Hash
c26f8eb1fcf2ca595ad38707c868df7df5622d43786973bd3896e16d7fadfb22

Request headers

Host
dopor.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.16.0
Date
Thu, 15 Aug 2019 03:40:42 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx/1.16.0
Date
Thu, 15 Aug 2019 03:40:42 GMT
Transfer-Encoding
chunked
Connection
keep-alive
location
https://dopor.info?directlink=1&code_type=1&sid=869855&subid=undefined
/
chepotabakam.com/7/
Redirect Chain
  • https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined&echck=166036.0342695
  • https://jeregeyto.info/7/?site=6805&sub1=869855
  • https://chepotabakam.com/7/?site=6805&sub1=869855
1 KB
1 KB
Document
General
Full URL
https://chepotabakam.com/7/?site=6805&sub1=869855
Requested by
Host: dopor.info
URL: https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a95a7ec5f61076a9d9d167128439bd6df0f37459829852b779b5a84cb3c6beeb

Request headers

:method
GET
:authority
chepotabakam.com
:scheme
https
:path
/7/?site=6805&sub1=869855
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://dopor.info/?directlink=1&code_type=1&sid=869855&subid=undefined

Response headers

status
200
server
nginx/1.14.2
date
Thu, 15 Aug 2019 03:40:43 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*

Redirect headers

status
302
server
ngjit
set-cookie
__ddg_=29289; path=/; Expires=Wed, 01 Jan 2020 00:00:00 GMT
date
Thu, 15 Aug 2019 03:40:43 GMT
content-type
text/html; charset=UTF-8
location
https://chepotabakam.com/7/?site=6805&sub1=869855
access-control-allow-origin
*
content-encoding
br
vary
Accept-Encoding
jquery-3.2.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/7/?site=6805&sub1=869855
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 15 Aug 2019 03:40:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2017 19:01:15 GMT
Server
nginx
ETag
W/"58d026fb-15283"
Vary
Accept-Encoding
X-HW
1565840443.dop001.am5.shc,1565840443.dop001.am5.t,1565840443.cds007.am5.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30125
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/
1 KB
773 B
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/7/?site=6805&sub1=869855
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7867190
status
200
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:12 GMT
server
cloudflare
etag
W/"5afd494c-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
506826134cedd715-FRA
expires
Tue, 04 Aug 2020 03:40:43 GMT
push.js
chepotabakam.com/
7 KB
7 KB
Script
General
Full URL
https://chepotabakam.com/push.js
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
079c1843d7c3a7829df37c161aab9d36e570f403e9e2576708867669a439c6f3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/7/?site=6805&sub1=869855
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:43 GMT
last-modified
Mon, 08 Apr 2019 13:21:49 GMT
server
nginx/1.14.2
etag
"5cab4aed-1b11"
status
200
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
6929
style.css
chepotabakam.com/landing/7/
4 KB
4 KB
Stylesheet
General
Full URL
https://chepotabakam.com/landing/7/style.css
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f3eef65abc04f45cd65eaca1dddf0206592862a57665bdc074a7aba0ee8c67b5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/7/?site=6805&sub1=869855
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:43 GMT
last-modified
Mon, 08 Apr 2019 13:30:20 GMT
server
nginx/1.14.2
etag
"5cab4cec-f39"
status
200
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
3897
iPhone.png
chepotabakam.com/landing/7/
38 KB
38 KB
Image
General
Full URL
https://chepotabakam.com/landing/7/iPhone.png
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1aa1cee7a92590ed2a3a608d7117031f1b1ad70df3def9486ce8d82afbb2c990

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/7/?site=6805&sub1=869855
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:43 GMT
last-modified
Mon, 08 Apr 2019 13:30:20 GMT
server
nginx/1.14.2
etag
"5cab4cec-97cf"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
38863
slide4.jpg
chepotabakam.com/landing/7/
138 KB
138 KB
Image
General
Full URL
https://chepotabakam.com/landing/7/slide4.jpg
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
095b77d2baad91ebdafa7e205f08f59b169523ed7e65adc38b1da6927a8bdec7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/landing/7/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:43 GMT
last-modified
Mon, 08 Apr 2019 13:30:20 GMT
server
nginx/1.14.2
etag
"5cab4cec-227d1"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
141265
slide1.jpg
chepotabakam.com/landing/7/
181 KB
181 KB
Image
General
Full URL
https://chepotabakam.com/landing/7/slide1.jpg
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
dc76f4f9d73a0546abe10515e356c2440a1c02d7501db7bb904c90919cee5932

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/landing/7/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:43 GMT
last-modified
Mon, 08 Apr 2019 13:30:20 GMT
server
nginx/1.14.2
etag
"5cab4cec-2d462"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
185442
slide3.jpg
chepotabakam.com/landing/7/
140 KB
140 KB
Image
General
Full URL
https://chepotabakam.com/landing/7/slide3.jpg
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8af02eab7b6d49fe7c4724e2044cdaf2ee3d98f873e26b0afb7fc0f2075e091c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/landing/7/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:43 GMT
last-modified
Mon, 08 Apr 2019 13:30:20 GMT
server
nginx/1.14.2
etag
"5cab4cec-22f81"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
143233
slide2.jpg
chepotabakam.com/landing/7/
104 KB
104 KB
Image
General
Full URL
https://chepotabakam.com/landing/7/slide2.jpg
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
99c0eebd7a363c503e44a79afb7c1a5180c5b4e305fc7a438abbcd519dff748f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/landing/7/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:43 GMT
last-modified
Mon, 08 Apr 2019 13:30:20 GMT
server
nginx/1.14.2
etag
"5cab4cec-19f72"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
106354
arrow.png
chepotabakam.com/landing/7/
6 KB
6 KB
Image
General
Full URL
https://chepotabakam.com/landing/7/arrow.png
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/7/?site=6805&sub1=869855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d83902954f037dfd3a83f3b3b0516f60f1dfc0c909d06603bb555caecbcd34a6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://chepotabakam.com/landing/7/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:43 GMT
last-modified
Mon, 08 Apr 2019 13:30:20 GMT
server
nginx/1.14.2
etag
"5cab4cec-168f"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
5775
traffic-back
chepotabakam.com/7/
82 B
207 B
XHR
General
Full URL
https://chepotabakam.com/7/traffic-back?site=6805&sub1=869855&type=reject
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.42.143.108 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Accept
*/*
Referer
https://chepotabakam.com/7/?site=6805&sub1=869855
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Thu, 15 Aug 2019 03:40:43 GMT
server
nginx/1.14.2
access-control-allow-origin
*, *
content-type
application/json; charset=UTF-8
/
shinasi.info/
418 B
454 B
Document
General
Full URL
https://shinasi.info/?directlink=1&code_type=1&sid=872937
Requested by
Host: chepotabakam.com
URL: https://chepotabakam.com/push.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.179.99 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
v-5-20-29-d7230-99.webazilla.com
Software
nginx/1.16.0 /
Resource Hash
772464a7f95358e3475af0192e77ab2951f6ca769419983017a368de2c84bbff

Request headers

Host
shinasi.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://chepotabakam.com/7/?site=6805&sub1=869855
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://chepotabakam.com/7/?site=6805&sub1=869855

Response headers

Server
nginx/1.16.0
Date
Thu, 15 Aug 2019 03:40:43 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
Cookie set service_advanced.php
xapi.juicyads.com/
Redirect Chain
  • https://shinasi.info/?directlink=1&code_type=1&sid=872937&echck=166036.0343773
  • http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1
11 KB
3 KB
Document
General
Full URL
http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1
Requested by
Host: shinasi.info
URL: https://shinasi.info/?directlink=1&code_type=1&sid=872937
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
fbs /
Resource Hash
b4b691fd79ca39626babbea074f64e1077a69a6d3451c3c69461baf2814aefb9

Request headers

Host
xapi.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate

Response headers

Date
Thu, 15 Aug 2019 03:40:44 GMT
Cache-Control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Last-Modified
Fri, 02 Jan 1970 08:00:00 GMT
Set-Cookie
DSR=2Z16lJ5IXCRpFDpKvrFHpHTI21/xQVqFFu+Dc5aejvmSHt1gRiL57eQ2uykrUqLXWV8zMscve5n8dS20FP/7KA==; Path=/ DCSS=B2C3E70F9BE4CF31582CC75329F4B102E55110D; Path=/
X-Accel-Expires
0
Server
fbs
X-HW
1565840444.cds056.am5.h2,1565840444.cds031.am5.sc,1565840444.cdn2-wafbe01-ams1.stackpath.systems.-.w,1565840444.cds031.am5.p
Connection
keep-alive

Redirect headers

Server
nginx/1.16.0
Date
Thu, 15 Aug 2019 03:40:44 GMT
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
clickId=1565840400000-138; path=/; httponly
location
http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1
Cookie set pu_uu.php
redir.jads.co/
Redirect Chain
  • http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1
  • http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628
5 KB
2 KB
Document
General
Full URL
http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628
Requested by
Host: xapi.juicyads.com
URL: http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
fbs /
Resource Hash
98320a57ff696016aa093ed0d20b46f8b7074b3ee316815f68d8ddc5747c8bfb

Request headers

Host
redir.jads.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://xapi.juicyads.com/service_advanced.php?code=3474t2d4x2245674v2037434u2&u=https%253A%252F%252Fegaml.youhavewon.net%252Fc%252F1f0a2cb367c37dee%253Fs1%253D31095%2526s2%253D362963%2526j6%253D1

Response headers

Date
Thu, 15 Aug 2019 03:40:44 GMT
Cache-Control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Last-Modified
Fri, 02 Jan 1970 08:00:00 GMT
Set-Cookie
DSR=yJSdxKrRHukhQTHn7KluBlZXHBOa6E73P1OOIpaDN3nQfYTeqjWwYbLnFkqQRvY1eKlb5cYmHXzaUQhiJ6ZJUQ==; Path=/ DCSS=5046A0C2787211B967902D64AA5D0447D8630DF; Path=/
X-Accel-Expires
0
Server
fbs
X-HW
1565840444.cds067.am5.h2,1565840444.cds028.am5.sc,1565840444.cdn2-redis01-ams1.stackpath.systems.-.w,1565840444.cds028.am5.p
Connection
keep-alive

Redirect headers

Date
Thu, 15 Aug 2019 03:40:44 GMT
Cache-Control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Content-Type
text/html; charset=UTF-8
Set-Cookie
DCST=pE9; Path=/; HttpOnly SPSI=2133972777902b457a49f56d2df5b313; Path=/ spcsrf=f23d1cef10db87e9c3fd291f13a42ee5; Expires=Thu, 15-Aug-19 05:40:44 GMT; Path=/; HttpOnly; SameSite=Strict adOtr=obsvl; Expires=Thu, 2 Aug 2001 20:47:11 UTC; Path=/ UTGv2=D-h436a6842bc1c84e2f774fe2e10a01a0c696; Expires=Fri, 14-Aug-20 03:40:44 GMT; Path=/ surferid=fa195a543c9ea8ea41be43ef348fbf44; expires=Fri, 14-Aug-2020 03:40:44 GMT; Max-Age=31536000; path=/; domain=.juicyads.com sp_lit=E6y0+8FLF63cDsuL4REZ6w==; Expires=Thu, 15-Aug-19 03:45:44 GMT; Path=/; HttpOnly; SameSite=Strict
Location
http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628
Server
fbs
X-HW
1565840444.cds056.am5.h2,1565840444.cds031.am5.sc,1565840444.cdn2-wafbe01-ams1.stackpath.systems.-.wx,1565840444.cds031.am5.p
Connection
keep-alive
Content-Length
0
Primary Request /
legaalgokken.be/
Redirect Chain
  • http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628
  • https://legaalgokken.be/
25 KB
7 KB
Document
General
Full URL
https://legaalgokken.be/
Requested by
Host: redir.jads.co
URL: http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 / PHP/5.6.40
Resource Hash
7618c69c9c6267288bf5db8d7d19f24bc43a53ecd1105931f95c444e532e6e64

Request headers

:method
GET
:authority
legaalgokken.be
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://redir.jads.co/pu_uu.php?cb=1565840444&uu=30BBE461-0A64-FCC5-845C-C368F5CEF628

Response headers

status
200
date
Thu, 15 Aug 2019 03:40:44 GMT
server
Apache/2
x-powered-by
PHP/5.6.40
link
<https://legaalgokken.be/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
6673
content-type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 15 Aug 2019 03:40:44 GMT
Cache-Control
no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
Content-Type
text/html; charset=UTF-8
Set-Cookie
DCST=pE9; Path=/; HttpOnly SPSI=79f6b70715bd72ca01a80912f075e25d; Path=/ spcsrf=dc1b9b7216853e1067d148b207067080; Expires=Thu, 15-Aug-19 05:40:44 GMT; Path=/; HttpOnly; SameSite=Strict adOtr=obsvl; Expires=Thu, 2 Aug 2001 20:47:11 UTC; Path=/ UTGv2=D-h4fc506acd6b63fa30e2233e10e9fb897962; Expires=Fri, 14-Aug-20 03:40:44 GMT; Path=/ sp_lit=E6y0+8FLF63cDsuL4REZ6w==; Expires=Thu, 15-Aug-19 03:45:44 GMT; Path=/; HttpOnly; SameSite=Strict
Access-Control-Allow-Origin
*
Location
https://legaalgokken.be
Server
fbs
X-HW
1565840444.cds067.am5.h2,1565840444.cds028.am5.sc,1565840444.cdn2-redis01-ams1.stackpath.systems.-.wx,1565840444.cds028.am5.p
Connection
keep-alive
Content-Length
0
custom-fonts.css
legaalgokken.be/wp-content/themes/gokken/assets/css/
4 KB
684 B
Stylesheet
General
Full URL
https://legaalgokken.be/wp-content/themes/gokken/assets/css/custom-fonts.css?ver=20180413
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
3f9f72e277fa76d8468cd73a5cb94dea2e98e9c8276614694c0d6c11359d180b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 01:40:25 GMT
server
Apache/2
etag
"eb6-58a25193cbf3e-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
572
style.min.css
legaalgokken.be/wp-includes/css/dist/block-library/
29 KB
5 KB
Stylesheet
General
Full URL
https://legaalgokken.be/wp-includes/css/dist/block-library/style.min.css?ver=5.2.2
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Sat, 11 May 2019 16:17:08 GMT
server
Apache/2
etag
"726f-5889f03d4068e-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
4767
front.min.css
legaalgokken.be/wp-content/plugins/cookie-notice/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://legaalgokken.be/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.2.2
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
db7e27157a918cd3ebf833e1544924cab8837dbcaebe9e00989020ad3e43283d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Thu, 30 May 2019 18:29:34 GMT
server
Apache/2
etag
"c04-58a1f14627ad6-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
981
style.css
legaalgokken.be/wp-content/themes/gokken/
51 KB
9 KB
Stylesheet
General
Full URL
https://legaalgokken.be/wp-content/themes/gokken/style.css?ver=9.7.3
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
f2ef73092497e6d73069824171eb0436d9cff5ab4a4f2d5a43aa892d8decb0bf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Tue, 04 Jun 2019 23:36:44 GMT
server
Apache/2
etag
"cc2b-58a87f41fdb7e-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
9310
genericons.css
legaalgokken.be/wp-content/themes/gokken/assets/genericons/
28 KB
16 KB
Stylesheet
General
Full URL
https://legaalgokken.be/wp-content/themes/gokken/assets/genericons/genericons.css?ver=3.4.1
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 01:40:27 GMT
server
Apache/2
etag
"6e6a-58a2519646796-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
16441
sassy-social-share-public.css
legaalgokken.be/wp-content/plugins/sassy-social-share/public/css/
34 KB
10 KB
Stylesheet
General
Full URL
https://legaalgokken.be/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.2.26
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
785fe8c316e371b74ce643a906cad2c87063ff31dbaef6f25c83004a050b09a5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Mon, 15 Jul 2019 10:22:58 GMT
server
Apache/2
etag
"893c-58db5a4ddd795-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
9823
sassy-social-share-svg.css
legaalgokken.be/wp-content/plugins/sassy-social-share/admin/css/
108 KB
33 KB
Stylesheet
General
Full URL
https://legaalgokken.be/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.2.26
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
5e90103caaec5f569839eeb2f5271e9e9ba6ad163059a062fadf49512f402f91

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Mon, 15 Jul 2019 10:22:57 GMT
server
Apache/2
etag
"1af15-58db5a4db2045-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
33950
jquery.js
legaalgokken.be/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://legaalgokken.be/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Wed, 22 May 2019 07:53:59 GMT
server
Apache/2
etag
"17a69-5897544a24a96-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
33776
jquery-migrate.min.js
legaalgokken.be/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://legaalgokken.be/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 10:11:28 GMT
server
Apache/2
etag
"2748-5334350625400-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4014
front.min.js
legaalgokken.be/wp-content/plugins/cookie-notice/js/
5 KB
1 KB
Script
General
Full URL
https://legaalgokken.be/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.46
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
b82eefb6a4f332f80cf77897057def50d542447398557c6be322d86a3ebe613b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Thu, 30 May 2019 18:29:35 GMT
server
Apache/2
etag
"14f0-58a1f146f676e-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1217
navigation.js
legaalgokken.be/wp-content/themes/gokken/assets/js/
5 KB
2 KB
Script
General
Full URL
https://legaalgokken.be/wp-content/themes/gokken/assets/js/navigation.js?ver=20160719
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
3a92e6cd6b69b197a79a53014fc58ce8a2102273cc9754889abbe23604ec5686

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 01:40:29 GMT
server
Apache/2
etag
"1493-58a25197cd196-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1581
777.jpg
legaalgokken.be/wp-content/uploads/2019/05/
29 KB
29 KB
Image
General
Full URL
https://legaalgokken.be/wp-content/uploads/2019/05/777.jpg
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
51e005ec92ccf85529d619a31a42c5cf24b1c4c11f1f28e24d78b64a972bc269

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
last-modified
Fri, 31 May 2019 01:48:15 GMT
server
Apache/2
etag
"7204-58a25353c74d6"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
29188
sassy-social-share-public.js
legaalgokken.be/wp-content/plugins/sassy-social-share/public/js/
44 KB
11 KB
Script
General
Full URL
https://legaalgokken.be/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.2.26
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
eafe6ad47bc746308a3c19936cccac5db22c5bc256b574886dcb6b4970b9345d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Mon, 15 Jul 2019 10:22:58 GMT
server
Apache/2
etag
"b170-58db5a4dddf65-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
11360
wp-embed.min.js
legaalgokken.be/wp-includes/js/
1 KB
830 B
Script
General
Full URL
https://legaalgokken.be/wp-includes/js/wp-embed.min.js?ver=5.2.2
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Fri, 07 Dec 2018 10:08:04 GMT
server
Apache/2
etag
"57b-57c6bca7d8fc9-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
753
wp-emoji-release.min.js
legaalgokken.be/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://legaalgokken.be/wp-includes/js/wp-emoji-release.min.js?ver=5.2.2
Requested by
Host: legaalgokken.be
URL: https://legaalgokken.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0b:7280:100:0:4ce:e8ff:fe00:20b0 , Netherlands, ASN48635 (ASTRALUS, NL),
Reverse DNS
Software
Apache/2 /
Resource Hash
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://legaalgokken.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 15 Aug 2019 03:40:45 GMT
content-encoding
gzip
last-modified
Sat, 11 May 2019 16:17:09 GMT
server
Apache/2
etag
"3610-5889f03daf3fe-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4622
truncated
/
302 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
682 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
913 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16f708e5165a9e2302fec421f8f9d341e3f66a0954a5b7c962460406c7f2be4e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
425 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
780 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71410de1f37e7f42ef4bc1e8d86672888211c1efb6b97ae0c52eb4e4d05dfd94

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
436 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
346 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
706b60c871be65726479e872d219c82f59373249338874be494dd6b4aeb47543

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e82fb664035b3fe35ad679a586e725ee9845276cc077492d02bebb4801a301b2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42a7978db55dd5a013617c47977a86d7e06d7689de4c498496cbc1c5059af0e1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
327 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://legaalgokken.be

Response headers

Content-Type
application/x-font-woff;charset=utf-8
truncated
/
233 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40b6e1ca905b4c3e8b2f1e7f4c4cee6a8b46bddbb3b524281ffe83097df5d856

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| heateorSssLoadEvent string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText function| heateorSssPopup string| heateorSssWhatsappShareAPI object| _wpemojiSettings undefined| $ function| jQuery object| cnArgs object| maxwell_menu_title object| twemoji object| wp function| heateorSssCallAjax function| heateorSssGetScript function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing object| heateorSssFacebookTargetUrls function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing

0 Cookies

4 Console Messages

Source Level URL
Text
console-api log URL: https://chepotabakam.com/push.js(Line 258)
Message:
Is in private mode:
console-api log URL: https://chepotabakam.com/push.js(Line 211)
Message:
Service Worker is supported
console-api log URL: https://chepotabakam.com/push.js(Line 248)
Message:
Failed 2:^(
console-api log URL: https://legaalgokken.be/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
chepotabakam.com
code.jquery.com
dopor.info
jeregeyto.info
latest-511748.dingligh.ru
legaalgokken.be
redir.jads.co
shinasi.info
xapi.juicyads.com
151.139.128.10
185.178.208.189
188.42.143.108
205.185.208.52
2606:4700::6813:c597
2a0b:7280:100:0:4ce:e8ff:fe00:20b0
78.140.179.99
88.85.84.124
079c1843d7c3a7829df37c161aab9d36e570f403e9e2576708867669a439c6f3
095b77d2baad91ebdafa7e205f08f59b169523ed7e65adc38b1da6927a8bdec7
16f708e5165a9e2302fec421f8f9d341e3f66a0954a5b7c962460406c7f2be4e
1aa1cee7a92590ed2a3a608d7117031f1b1ad70df3def9486ce8d82afbb2c990
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2662e0eef0f270830358bb255f079f695da71794ecbe8ba0825200862d8e9746
3a92e6cd6b69b197a79a53014fc58ce8a2102273cc9754889abbe23604ec5686
3f9f72e277fa76d8468cd73a5cb94dea2e98e9c8276614694c0d6c11359d180b
40b6e1ca905b4c3e8b2f1e7f4c4cee6a8b46bddbb3b524281ffe83097df5d856
42a7978db55dd5a013617c47977a86d7e06d7689de4c498496cbc1c5059af0e1
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
51e005ec92ccf85529d619a31a42c5cf24b1c4c11f1f28e24d78b64a972bc269
54c9560cb0117d8d1f955aefe0f88b843517964e118512d8f1a224a8a9b662f4
5e90103caaec5f569839eeb2f5271e9e9ba6ad163059a062fadf49512f402f91
706b60c871be65726479e872d219c82f59373249338874be494dd6b4aeb47543
71410de1f37e7f42ef4bc1e8d86672888211c1efb6b97ae0c52eb4e4d05dfd94
7618c69c9c6267288bf5db8d7d19f24bc43a53ecd1105931f95c444e532e6e64
772464a7f95358e3475af0192e77ab2951f6ca769419983017a368de2c84bbff
785fe8c316e371b74ce643a906cad2c87063ff31dbaef6f25c83004a050b09a5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8af02eab7b6d49fe7c4724e2044cdaf2ee3d98f873e26b0afb7fc0f2075e091c
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
98320a57ff696016aa093ed0d20b46f8b7074b3ee316815f68d8ddc5747c8bfb
99c0eebd7a363c503e44a79afb7c1a5180c5b4e305fc7a438abbcd519dff748f
a95a7ec5f61076a9d9d167128439bd6df0f37459829852b779b5a84cb3c6beeb
b4b691fd79ca39626babbea074f64e1077a69a6d3451c3c69461baf2814aefb9
b82eefb6a4f332f80cf77897057def50d542447398557c6be322d86a3ebe613b
b980f62a2d545d64f24e6f96902c8fbf5da0018569c369bc18f9e5b5fcf099ed
c26f8eb1fcf2ca595ad38707c868df7df5622d43786973bd3896e16d7fadfb22
c2e8b4fba49f90cfca5a43371c09879aed7447e0ba2ed4abd75b81448776c4f7
d31374e862fe63f0cfabb3f4cebf0723e3ee46c70589a8576daa1643cebdd651
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d83902954f037dfd3a83f3b3b0516f60f1dfc0c909d06603bb555caecbcd34a6
db7e27157a918cd3ebf833e1544924cab8837dbcaebe9e00989020ad3e43283d
dc76f4f9d73a0546abe10515e356c2440a1c02d7501db7bb904c90919cee5932
e82fb664035b3fe35ad679a586e725ee9845276cc077492d02bebb4801a301b2
eafe6ad47bc746308a3c19936cccac5db22c5bc256b574886dcb6b4970b9345d
f2ef73092497e6d73069824171eb0436d9cff5ab4a4f2d5a43aa892d8decb0bf
f3eef65abc04f45cd65eaca1dddf0206592862a57665bdc074a7aba0ee8c67b5
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe