Submitted URL: https://linkprotect.cudasvc.com/url?a=http://echo7.bluehornet.com/ct/56231592:JsPKVSbqN:m:1:3105498553:78802C4129CF5287B96C9051F...
Effective URL: https://premiumaanbod.be/
Submission: On November 05 via api from BE

Summary

This website contacted 9 IPs in 4 countries across 12 domains to perform 30 HTTP transactions. The main IP is 188.165.129.145, located in Spain and belongs to OVH, FR. The main domain is premiumaanbod.be.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 4th 2020. Valid for: 3 months.
This is the only time premiumaanbod.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
11 premiumaanbod.be 1 redirects premiumaanbod.be
4 pagead2.googlesyndication.com premiumaanbod.be
pagead2.googlesyndication.com
3 maxcdn.bootstrapcdn.com premiumaanbod.be
maxcdn.bootstrapcdn.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com premiumaanbod.be
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com premiumaanbod.be
1 echo7.bluehornet.com 1 redirects
1 linkprotect.cudasvc.com 1 redirects
30 14

This site contains no links.

Subject Issuer Validity Valid
loudingads.com
Let's Encrypt Authority X3
2020-11-04 -
2021-02-02
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-20 -
2021-01-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.google.de
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh

This page contains 4 frames:

Primary Page: https://premiumaanbod.be/
Frame ID: 89A0327BC771AB1B8DEAC1A0EC538B77
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html
Frame ID: 0F782B3AB24E76613BBBF61C44ABF47D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5125921093675975&output=html&adk=1812271804&adf=3025194257&lmt=1604583058&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fpremiumaanbod.be%2F&ea=0&flash=0&pra=5&wgl=1&dt=1604583058159&bpp=14&bdt=190&idt=122&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6617702240866&frm=20&pv=2&ga_vid=1612380483.1604583058&ga_sid=1604583058&ga_hid=83737646&ga_fc=0&iag=0&icsg=45227&dssz=10&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44726949%2C21067467&oid=3&pvsid=2072134700587111&pem=327&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=148
Frame ID: A5FE3AB2192D326D6DE7C8A3BA2F5249
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 1C915C2BBB336B0CA0F8B6087CB082B6
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://linkprotect.cudasvc.com/url?a=http://echo7.bluehornet.com/ct/56231592:JsPKVSbqN:m:1:3105498553:78802... HTTP 302
    http://echo7.bluehornet.com/ct/56231592:JsPKVSbqN:m:1:3105498553:78802C4129CF5287B96C9051F94AA283:r HTTP 302
    http://premiumaanbod.be/ HTTP 302
    https://premiumaanbod.be/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

30
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

9
IPs

4
Countries

5566 kB
Transfer

6058 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://linkprotect.cudasvc.com/url?a=http://echo7.bluehornet.com/ct/56231592:JsPKVSbqN:m:1:3105498553:78802C4129CF5287B96C9051F94AA283:r&c=E,1,B8XFUYuGcIx-m3yVNDECdSL_ZRdA4Ro254QdqQ1i-pOpWJgoEPfzomLY3hyb7Z0N1oOGCGaElTak5KtD5LHgIYzfoAvheyc6BqCl6qxgRiLjTIQcAtc,&typo=1 HTTP 302
    http://echo7.bluehornet.com/ct/56231592:JsPKVSbqN:m:1:3105498553:78802C4129CF5287B96C9051F94AA283:r HTTP 302
    http://premiumaanbod.be/ HTTP 302
    https://premiumaanbod.be/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
premiumaanbod.be/
Redirect Chain
  • https://linkprotect.cudasvc.com/url?a=http://echo7.bluehornet.com/ct/56231592:JsPKVSbqN:m:1:3105498553:78802C4129CF5287B96C9051F94AA283:r&c=E,1,B8XFUYuGcIx-m3yVNDECdSL_ZRdA4Ro254QdqQ1i-pOpWJgoEPfzo...
  • http://echo7.bluehornet.com/ct/56231592:JsPKVSbqN:m:1:3105498553:78802C4129CF5287B96C9051F94AA283:r
  • http://premiumaanbod.be/
  • https://premiumaanbod.be/
41 KB
13 KB
Document
General
Full URL
https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache / PHP/7.1
Resource Hash
40c3b71cb1004b058ae3d17bb3fb85ccadee2b2106b291b7da2bb8dab8a3a4e5

Request headers

:method
GET
:authority
premiumaanbod.be
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 05 Nov 2020 13:30:57 GMT
content-type
text/html; charset=UTF-8
server
Apache
x-powered-by
PHP/7.1
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Date
Thu, 05 Nov 2020 13:30:57 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
209
Server
Apache
Location
https://premiumaanbod.be/
X-IPLB-Request-ID
52661388:4482_BCA58191:0050_5FA3FE91_9B1A:1CA2
X-IPLB-Instance
17097
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://premiumaanbod.be
Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
style.css
premiumaanbod.be/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://premiumaanbod.be/css/style.css
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache /
Resource Hash
a37612dea4d5774ba05d8e61a462b0acdfb3b94d6605d20aa086429c8cfb1b4e

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:57 GMT
content-encoding
gzip
last-modified
Mon, 17 Dec 2018 17:12:38 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
1148
expires
Thu, 05 Nov 2020 13:45:57 GMT
validate.js
premiumaanbod.be/js/
2 KB
702 B
Script
General
Full URL
https://premiumaanbod.be/js/validate.js
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache /
Resource Hash
c7fc3c73fc095d1a9c3f77624971efc91d9e2160433eaf253419eea365cde883

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:57 GMT
content-encoding
gzip
last-modified
Mon, 02 Jul 2018 08:25:10 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
478
expires
Thu, 05 Nov 2020 13:45:57 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 12:22:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4116
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Nov 2021 12:22:21 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/
36 KB
10 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://premiumaanbod.be
Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
status
200
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
css
fonts.googleapis.com/
2 KB
634 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 12:07:29 GMT
server
ESF
date
Thu, 05 Nov 2020 13:30:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Nov 2020 13:30:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
134 KB
46 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06592edaa4c0ec3766a7b83730fd5fc1ed62c1bf8b546f44badc6ccbe7b8a784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
46518
x-xss-protection
0
server
cafe
etag
9272287904180736456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 05 Nov 2020 13:30:58 GMT
css
fonts.googleapis.com/
1 KB
560 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Alfa+Slab+One
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
083718736238582d1249a8b30b77814a6bfa558b3b0faceab2c86e1757d90877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 13:30:57 GMT
server
ESF
date
Thu, 05 Nov 2020 13:30:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Nov 2020 13:30:57 GMT
sushi.jpg
premiumaanbod.be/src/img/
749 KB
750 KB
Image
General
Full URL
https://premiumaanbod.be/src/img/sushi.jpg
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache /
Resource Hash
7780b1038ae1c5a2fee1eeb0484bc99f78cf5f9ae4ce93706f9f577bce20a067

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
last-modified
Thu, 19 Apr 2018 08:17:44 GMT
server
Apache
content-type
image/jpeg
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
766684
expires
Thu, 05 Nov 2020 13:45:58 GMT
wine.jpg
premiumaanbod.be/src/img/
1020 KB
1022 KB
Image
General
Full URL
https://premiumaanbod.be/src/img/wine.jpg
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache /
Resource Hash
b66e62e8614bfea9862a75bdb811f28c7ca014addc1544e26384f390654fa074

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
last-modified
Thu, 19 Apr 2018 08:15:08 GMT
server
Apache
content-type
image/jpeg
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
1044770
expires
Thu, 05 Nov 2020 13:45:58 GMT
massage.jpg
premiumaanbod.be/src/img/
668 KB
669 KB
Image
General
Full URL
https://premiumaanbod.be/src/img/massage.jpg
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache /
Resource Hash
38eaff0bd1bbb090c26c14b194bfae75a5329449f2521f18d3f2a97065727beb

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
last-modified
Thu, 19 Apr 2018 08:17:28 GMT
server
Apache
content-type
image/jpeg
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
684244
expires
Thu, 05 Nov 2020 13:45:58 GMT
travel.jpg
premiumaanbod.be/src/img/
1 MB
1 MB
Image
General
Full URL
https://premiumaanbod.be/src/img/travel.jpg
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache /
Resource Hash
ff64c028e3f545c8cf2eca9f18c385dbd8873c3e85a1d3d7c85c12c0b455c9d3

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
last-modified
Thu, 19 Apr 2018 08:55:40 GMT
server
Apache
content-type
image/jpeg
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
1517897
expires
Thu, 05 Nov 2020 13:45:58 GMT
shopping.jpg
premiumaanbod.be/src/img/
1 MB
1 MB
Image
General
Full URL
https://premiumaanbod.be/src/img/shopping.jpg
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache /
Resource Hash
92357cc27e7afbd636410766ea777026a5426104b74cd6561dbb2c64fa8f5bf1

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
last-modified
Thu, 19 Apr 2018 09:01:38 GMT
server
Apache
content-type
image/jpeg
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
1168171
expires
Thu, 05 Nov 2020 13:45:58 GMT
cookies.js
premiumaanbod.be/js/
938 B
788 B
Script
General
Full URL
https://premiumaanbod.be/js/cookies.js
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache /
Resource Hash
87ceabbef237bfb691ca30b3ad666514feb28255320856298941495cc1d2ef50

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
last-modified
Wed, 10 Apr 2019 11:31:44 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
564
expires
Thu, 05 Nov 2020 13:45:58 GMT
madrid.jpg
premiumaanbod.be/src/img/background/
208 KB
209 KB
Image
General
Full URL
https://premiumaanbod.be/src/img/background/madrid.jpg
Requested by
Host: premiumaanbod.be
URL: https://premiumaanbod.be/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.165.129.145 , Spain, ASN16276 (OVH, FR),
Reverse DNS
cluster026.hosting.ovh.net
Software
Apache /
Resource Hash
8c9d44fc1e1c2aecf66f8cc6af3cac83e4072c218db6bf11392e2466a9c9a887

Request headers

Referer
https://premiumaanbod.be/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
last-modified
Wed, 18 Apr 2018 18:50:11 GMT
server
Apache
content-type
image/jpeg
status
200
cache-control
max-age=900
accept-ranges
bytes
content-length
213448
expires
Thu, 05 Nov 2020 13:45:58 GMT
6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhe_escmA.woff2
fonts.gstatic.com/s/alfaslabone/v10/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alfaslabone/v10/6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhe_escmA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alfa+Slab+One
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425c9762ede39af04a6845603ba18b3579f5109146709d68c94619c940390aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://premiumaanbod.be
Referer
https://fonts.googleapis.com/css?family=Alfa+Slab+One
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 11:25:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:37:04 GMT
server
sffe
age
525951
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10536
x-xss-protection
0
expires
Sat, 30 Oct 2021 11:25:07 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://premiumaanbod.be
Referer
https://fonts.googleapis.com/css?family=Roboto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 11:20:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
526224
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 30 Oct 2021 11:20:34 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/
18 KB
18 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://premiumaanbod.be
Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
18056
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/
230 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88237
x-xss-protection
0
server
cafe
etag
8916267561321754551
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Nov 2020 13:30:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/ Frame 0F78
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201029/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://premiumaanbod.be/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://premiumaanbod.be/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 05 Nov 2020 02:23:42 GMT
expires
Thu, 19 Nov 2020 02:23:42 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
40036
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
206 B
264 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=premiumaanbod.be&callback=_gfp_s_&client=ca-pub-5125921093675975
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
5b2a50176df583545a6da282111e3ef65bab73afefe48c43a7bccee38a61a5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
109 B
168 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=premiumaanbod.be
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
168 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=premiumaanbod.be
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A5FE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5125921093675975&output=html&adk=1812271804&adf=3025194257&lmt=1604583058&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fpremiumaanbod.be%2F&ea=0&flash=0&pra=5&wgl=1&dt=1604583058159&bpp=14&bdt=190&idt=122&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6617702240866&frm=20&pv=2&ga_vid=1612380483.1604583058&ga_sid=1604583058&ga_hid=83737646&ga_fc=0&iag=0&icsg=45227&dssz=10&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44726949%2C21067467&oid=3&pvsid=2072134700587111&pem=327&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=148
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5125921093675975&output=html&adk=1812271804&adf=3025194257&lmt=1604583058&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fpremiumaanbod.be%2F&ea=0&flash=0&pra=5&wgl=1&dt=1604583058159&bpp=14&bdt=190&idt=122&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6617702240866&frm=20&pv=2&ga_vid=1612380483.1604583058&ga_sid=1604583058&ga_hid=83737646&ga_fc=0&iag=0&icsg=45227&dssz=10&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44726949%2C21067467&oid=3&pvsid=2072134700587111&pem=327&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=148
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://premiumaanbod.be/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://premiumaanbod.be/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 05 Nov 2020 13:30:58 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 05-Nov-2020 13:45:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Thu, 05 Nov 2020 13:30:58 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a44b4e645ecc10fef54f53f4d0983af2b365f39ba3c458280d12307231a09e81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1604493480950496"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27590
x-xss-protection
0
expires
Thu, 05 Nov 2020 13:30:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201029&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50508c7c9eaaba42e640ba938db57f719bee0ab1632bd883e1b10c5ff5d710d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6424
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 05 Nov 2020 13:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Thu, 05 Nov 2020 13:30:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 1C91
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://premiumaanbod.be/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://premiumaanbod.be/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Thu, 05 Nov 2020 12:30:43 GMT
expires
Fri, 05 Nov 2021 12:30:43 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3615
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
87 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201029&jk=2072134700587111&bg=!-vml-dnNAAU7ZAKtO1ghx_nz4OMkgAIAAABoUgAAABJoAQcKAXOUdF6YksmwrnA2qsC-RA21d7uhOCLiwkzxONeD8FgxNekTNbhsfdHpQ5gTnfc9JOaTdSOBjqaSQ9NmpM-JV7UIa1JI55YcMWlY8O45TFy6IciDcEj7t8RN6CMjkuKtWBFLpovTGOWn9s8QYuPvorsZJaRAQsYomQysnzMDMtKtguDn6hEmP6eeZmZoYZcTW7M5_oXS-DmOTSTI9TXt-ZGemCN5oj-KD467hmgh9Ql2xWFsql4O0Qi41MQ4mfa2K8dWi6_gmvlj5H6_De1K30CCO75eW_uvcacVWsHjCL7pjNlxBikv6fFPSHaO-rhYq-iwNqjCoVUeenTQny6Iawi4G_lqVYUIeTJ_OYWNm3CjaTruaKiNkDGBZBk5WE6H08wH4HPu_R7WE28lQ5niYt_l0IDHy3nu6ZOveRvtlizTorULL_HZodd-2jWz2H64tLnc1mBUKPxKdKEkiJYeLGSfUma-1tQfqCcjM46yUlLORQZiYJkBqSNCNlDqr65Mwv9xhQ7MlcQdwH_8srqitfwH1zabA-3za03GjUXT0SuckhQBP_FR05wYIWQkyFRURLTXfVFROV3Rp8PfVJVOaLp9YZrBQZeQWq10JlXIyGIch86DHF37v0aZrf4z39F8Gpvo1AKBjGYWX4ZcJy9cjMt31nhvleEh9Wy1h2BsA6RQOXAmipRp_shiyBbf8B8YqLt7NcJKyCcdxDPAqs02oPYQF-McOxTfzlZ6yLh6l0tHgjagNF-6q27fLcQWC3BQ7kaSzEKj9k2EyWKeRPd7XVZ7TnK4TGRiWRteeBzwRpRvGRHVtiHCX5kJfOtRQceJsU19ZEECJ0J1wh8oBrlY1SRsB38D2FztqEPvzd5eiCG_bf7EwShnLkLu1F8KRdkRgRGyzG3K8IygeY6xOt2vC8y58zWEshRPeJvvbZ4ZWde-sATut2S3WI79Uqqx9eh1AJG6mEgW-B-lWO-NcfKrR-pExzATUY9Z3fsixjzB32O7v5KH6gL0JK08LYMejfjcz_34B07tu7wwJI-j6v9qa8FHXKDamoRBjv1fjqxcNWRi
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://premiumaanbod.be/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Nov 2020 13:30:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| validateForm function| validateComment function| $ function| jQuery object| adsbygoogle object| c undefined| co function| cookies object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.premiumaanbod.be/ Name: __gads
Value: ID=06e0c736fe5327df-22d0879923b90088:T=1604583058:RT=1604583058:S=ALNI_Ma9LkEUJwgNbDqn_I3BElNycKUQXw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
echo7.bluehornet.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
linkprotect.cudasvc.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
premiumaanbod.be
tpc.googlesyndication.com
www.googletagservices.com
188.165.129.145
2001:4de0:ac19::1:b:1a
216.58.212.130
2a00:1450:4001:803::200a
2a00:1450:4001:814::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::200a
2a00:1450:4001:824::2002
2a00:1450:4001:825::2001
35.156.174.8
35.167.199.168
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06592edaa4c0ec3766a7b83730fd5fc1ed62c1bf8b546f44badc6ccbe7b8a784
083718736238582d1249a8b30b77814a6bfa558b3b0faceab2c86e1757d90877
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
38eaff0bd1bbb090c26c14b194bfae75a5329449f2521f18d3f2a97065727beb
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
40c3b71cb1004b058ae3d17bb3fb85ccadee2b2106b291b7da2bb8dab8a3a4e5
425c9762ede39af04a6845603ba18b3579f5109146709d68c94619c940390aba
50508c7c9eaaba42e640ba938db57f719bee0ab1632bd883e1b10c5ff5d710d6
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5b2a50176df583545a6da282111e3ef65bab73afefe48c43a7bccee38a61a5ad
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
7780b1038ae1c5a2fee1eeb0484bc99f78cf5f9ae4ce93706f9f577bce20a067
87ceabbef237bfb691ca30b3ad666514feb28255320856298941495cc1d2ef50
8c9d44fc1e1c2aecf66f8cc6af3cac83e4072c218db6bf11392e2466a9c9a887
92357cc27e7afbd636410766ea777026a5426104b74cd6561dbb2c64fa8f5bf1
9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad
a37612dea4d5774ba05d8e61a462b0acdfb3b94d6605d20aa086429c8cfb1b4e
a44b4e645ecc10fef54f53f4d0983af2b365f39ba3c458280d12307231a09e81
b66e62e8614bfea9862a75bdb811f28c7ca014addc1544e26384f390654fa074
c7fc3c73fc095d1a9c3f77624971efc91d9e2160433eaf253419eea365cde883
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff64c028e3f545c8cf2eca9f18c385dbd8873c3e85a1d3d7c85c12c0b455c9d3