urlscan.io logo urlscan.io
SecurityTrails logo

messagent.roulartamail.be Open in urlscan Pro
91.212.185.86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clicks-roularta.adhese.com/adc/_5158_IN02_/E-LB1/20200212/ci/ge/inT_AGE_55_64/tlall
Effective URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCO...
Submission: On February 13 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 14 domains to perform 31 HTTP transactions. The main IP is 91.212.185.86, located in Mechelen, Belgium and belongs to ROULARTA-MEDIA-GROUP-AS, BE. The main domain is messagent.roulartamail.be.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 5th 2018. Valid for: 2 years.
This is the only time messagent.roulartamail.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    37.72.160.15 (Lommel, Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: n-f.static-37-72-160.as30961.net
clicks-roularta.adhese.com
1    217.19.237.54 (Brussels, Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: 217.19.237.54.static.hosted.by.combell.com
www.sportmagazine.be
1    95.131.143.129 (France)

ASN47841 (OXALIDE, FR)
sportmagazine.knack.be
9    91.212.185.86 (Mechelen, Belgium)

ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE)
PTR: 86-185-212-91.rmg.be
messagent.roulartamail.be
3    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
2    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    178.32.205.233 (Poland)

ASN16276 (OVH, FR)
gabe.hit.gemius.pl
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
10 gabe.hit.gemius.pl 3 redirects messagent.roulartamail.be
gabe.hit.gemius.pl
9 messagent.roulartamail.be messagent.roulartamail.be
code.jquery.com
4 www.google-analytics.com 1 redirects www.googletagmanager.com
messagent.roulartamail.be
2 stackpath.bootstrapcdn.com messagent.roulartamail.be
2 fonts.gstatic.com messagent.roulartamail.be
code.jquery.com
2 www.googletagmanager.com messagent.roulartamail.be
2 code.jquery.com messagent.roulartamail.be
2 fonts.googleapis.com messagent.roulartamail.be
2 clicks-roularta.adhese.com 2 redirects
1 www.google.de messagent.roulartamail.be
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 maxcdn.bootstrapcdn.com messagent.roulartamail.be
1 sportmagazine.knack.be 1 redirects
1 www.sportmagazine.be 1 redirects
31 15

This site contains no links.

Subject Issuer Validity Valid
messagent.roulartamail.be
COMODO RSA Domain Validation Secure Server CA		 2018-10-05 -
2020-10-04		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Frame ID: 70AD51830B0D8CF550DEBBBECE0EEC28
Requests: 13 HTTP requests in this frame

Frame: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Frame ID: 5A0764DE87EAF508694008E212CA8265
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clicks-roularta.adhese.com/adc/_5158_IN02_/E-LB1/20200212/ci/ge/inT_AGE_55_64/tlall HTTP 302
    https://clicks-roularta.adhese.com/raylene/ad2784984//sl567482////ge/ci/da20200212/inT_AGE_55_64//coGB/rgGBH9;G... HTTP 302
    http://www.sportmagazine.be/sportvoetbalquiz HTTP 301
    https://sportmagazine.knack.be/sport/?origin=sportmagazine.be&destination=/sportvoetbalquiz HTTP 302
    https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: %
Detected patterns
  • script /hit\.gemius\.pl\/xgemius\.js/i
  • script /hit\.gemius\.pl/i
  • script /xgemius\.js/i

Page Statistics

31
Requests

100 %
HTTPS

64 %
IPv6

14
Domains

15
Subdomains

9
IPs

5
Countries

1088 kB
Transfer

2035 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicks-roularta.adhese.com/adc/_5158_IN02_/E-LB1/20200212/ci/ge/inT_AGE_55_64/tlall HTTP 302
    https://clicks-roularta.adhese.com/raylene/ad2784984//sl567482////ge/ci/da20200212/inT_AGE_55_64//coGB/rgGBH9;GB.ENG////dtunknown//ogcontrol//deunknown////tlall////A20.0.0.0/ HTTP 302
    http://www.sportmagazine.be/sportvoetbalquiz HTTP 301
    https://sportmagazine.knack.be/sport/?origin=sportmagazine.be&destination=/sportvoetbalquiz HTTP 302
    https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=680241120&t=pageview&_s=1&dl=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx&dp=virtual%2Fprod%2Fsport%2Fvoetbalquiz2020%2F202002%2Fnl%2Fframe&ul=en-us&de=UTF-8&dt=voetbalquiz%202020%20-%20frame&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=702458931&gjid=521591868&cid=1370206304.1581608763&tid=UA-8272409-18&_gid=382837731.1581608763&_r=1&gtm=2wg250MHVRMGQ&cd10=sport&cd11=voetbalquiz%202020&cd12=202002&cd13=nl&cd14=frame&cd17=RMG&cd18=site-messagent-nl&z=990355515 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8272409-18&cid=1370206304.1581608763&jid=702458931&_gid=382837731.1581608763&gjid=521591868&_v=j81&z=990355515 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8272409-18&cid=1370206304.1581608763&jid=702458931&_v=j81&z=990355515 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8272409-18&cid=1370206304.1581608763&jid=702458931&_v=j81&z=990355515&slf_rd=1&random=1669619690
Request Chain 27
  • https://gabe.hit.gemius.pl/_1581608762832/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=b912Jdf59.r.K6l.DqF6I4CxWGt3o6Tzirrbk84sV37.u7&vis=1 HTTP 301
  • https://gabe.hit.gemius.pl/__/_1581608762832/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=b912Jdf59.r.K6l.DqF6I4CxWGt3o6Tzirrbk84sV37.u7&vis=1
Request Chain 28
  • https://gabe.hit.gemius.pl/_1581608762872/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=2&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3DQtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm&ref=&screen=1600x1200r1000&col=24&window=1570x900&ltime=0&lsdata=-NOTSUP&fpdata=.0zcUTgoj9t5ptJMBiTPsNJv6WZxOYroI96s6iIF9kz.p7&vis=1 HTTP 301
  • https://gabe.hit.gemius.pl/__/_1581608762872/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=2&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3DQtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm&ref=&screen=1600x1200r1000&col=24&window=1570x900&ltime=0&lsdata=-NOTSUP&fpdata=.0zcUTgoj9t5ptJMBiTPsNJv6WZxOYroI96s6iIF9kz.p7&vis=1
Request Chain 29
  • https://gabe.hit.gemius.pl/_1581608771990/redot.js?l=109&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=smpsonar&hsrc=0&extra=_ASF%3D40%7Clan%3DNL%7Ckey%3Dkw&eventid=1581608762&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=b912Jdf59.r.K6l.DqF6I4CxWGt3o6Tzirrbk84sV37.u7&vis=1 HTTP 301
  • https://gabe.hit.gemius.pl/__/_1581608771990/redot.js?l=109&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=smpsonar&hsrc=0&extra=_ASF%3D40%7Clan%3DNL%7Ckey%3Dkw&eventid=1581608762&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=b912Jdf59.r.K6l.DqF6I4CxWGt3o6Tzirrbk84sV37.u7&vis=1

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request optiextension.dll
messagent.roulartamail.be/optiext/
Redirect Chain
  • https://clicks-roularta.adhese.com/adc/_5158_IN02_/E-LB1/20200212/ci/ge/inT_AGE_55_64/tlall
  • https://clicks-roularta.adhese.com/raylene/ad2784984//sl567482////ge/ci/da20200212/inT_AGE_55_64//coGB/rgGBH9;GB.ENG////dtunknown//ogcontrol//deunknown////tlall////A20.0.0.0/
  • http://www.sportmagazine.be/sportvoetbalquiz
  • https://sportmagazine.knack.be/sport/?origin=sportmagazine.be&destination=/sportvoetbalquiz
  • https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0aea2ca6a48cd3b8e070dab35133b9b4ec99e0de88a462e4abec9b40bf47affc

Request headers

Host
messagent.roulartamail.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Content-Type
text/html
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Date
Thu, 13 Feb 2020 15:46:00 GMT
X-Varnish-PTTL
0.000
X-Varnish-C
N
Content-Encoding
gzip
X-Varnish
4217436
Age
0
Via
1.1 varnish-v4
X-Varnish-H
M
X-Varnish-B
messagt
Content-Length
1659
Accept-Ranges
bytes

Redirect headers

Server
nginx
Date
Thu, 13 Feb 2020 15:46:02 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
305
Connection
keep-alive
Cache-Control
no-cache
Location
//messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Content-Encoding
gzip
Accept-Ranges
bytes
Age
0
X-Backend
dir_www_01
X-Cache
MISS :(
X-Powered-By
Oxalide [01]
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Origin
https://messagent.roulartamail.be
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 15:46:02 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:10 GMT
access-control-allow-origin
*
etag
"1544639650"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
20563
css
fonts.googleapis.com/ 		5 KB
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8938cd92fd8af6467ad9a22c43f96d0d9ca052bef95485720cd2ba2870e4b288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 15:46:02 GMT
server
ESF
date
Thu, 13 Feb 2020 15:46:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Feb 2020 15:46:02 GMT
jquery-latest.js
code.jquery.com/ 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 15:46:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
"54499a48-4508e"
Vary
Accept-Encoding
X-HW
1581608762.dop019.fr8.shc,1581608762.dop019.fr8.t,1581608762.cds012.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
83875
iframeResizer.min.js
messagent.roulartamail.be/images/Preweb/scripts/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://messagent.roulartamail.be/images/Preweb/scripts/iframeResizer.min.js
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f6158ef3bcca7b61b70e402aaf44109edbef0835cc012a76f81d23e5a1d2c329

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 15:45:30 GMT
Via
1.1 varnish-v4
Age
31
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Mon, 28 Nov 2016 12:59:30 GMT
Content-Length
5575
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#127/3569.487
ETag
"443a26427749d21:0"
X-Varnish-PTTL
3600.000
X-Varnish
4558530 4818685
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/ 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MHVRMGQ
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14b9289fbd971496412d3e8644d3874d50952b14d71ca3b1827a838abeb14348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 15:46:02 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36310
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Feb 2020 15:46:02 GMT
optiextension.dll
messagent.roulartamail.be/optiext/ Frame 5A07 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3b44d4cfd113d35e07357cff7ea6c196533b3dbff8915d4214dad931028b74a4

Request headers

Host
messagent.roulartamail.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx

Response headers

Content-Type
text/html
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Access-Control-Allow-Origin
*
Date
Thu, 13 Feb 2020 15:46:00 GMT
X-Varnish-PTTL
0.000
X-Varnish-C
N
Content-Encoding
gzip
X-Varnish
1670463
Age
0
Via
1.1 varnish-v4
X-Varnish-H
M
X-Varnish-B
messagt
Content-Length
2846
Accept-Ranges
bytes
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Origin
https://messagent.roulartamail.be
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1802131
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 22 Jan 2021 19:10:31 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHVRMGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4350
date
Thu, 13 Feb 2020 14:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Thu, 13 Feb 2020 16:33:32 GMT
xgemius.js
gabe.hit.gemius.pl/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/xgemius.js
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.32.205.233 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
53d2b310b78267a9c18bc1bbc3885d58d12d8fe5b286d8c9aa482331757b9812

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 15:46:02 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 06:37:34 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
max-age=43200
accept-ranges
none
content-type
application/x-javascript
content-length
9255
expires
Fri, 14 Feb 2020 03:46:02 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=680241120&t=pageview&_s=1&dl=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nk...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8272409-18&cid=1370206304.1581608763&jid=702458931&_gid=382837731.1581608763&gjid=521591868&_v=j81&z=990355515
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8272409-18&cid=1370206304.1581608763&jid=702458931&_v=j81&z=990355515
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8272409-18&cid=1370206304.1581608763&jid=702458931&_v=j81&z=990355515&slf_rd=1&random=1669619690
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8272409-18&cid=1370206304.1581608763&jid=702458931&_v=j81&z=990355515&slf_rd=1&random=1669619690
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 15:46:02 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 15:46:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8272409-18&cid=1370206304.1581608763&jid=702458931&_v=j81&z=990355515&slf_rd=1&random=1669619690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ Frame 5A07 		156 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Origin
https://messagent.roulartamail.be
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 15:46:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Nov 2019 17:52:46 GMT
access-control-allow-origin
*
etag
"1574963566"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
23681
css
fonts.googleapis.com/ Frame 5A07 		901 B
477 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web&display=swap
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eba62a7c983b24abb775849200198c5fbdc02060c81c3f22c1357917c5066732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 15:46:02 GMT
server
ESF
date
Thu, 13 Feb 2020 15:46:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Feb 2020 15:46:02 GMT
jquery-latest.js
code.jquery.com/ Frame 5A07 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 15:46:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
"54499a48-4508e"
Vary
Accept-Encoding
X-HW
1581608762.dop019.fr8.shc,1581608762.dop019.fr8.t,1581608762.cds012.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
83875
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ Frame 5A07 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Origin
https://messagent.roulartamail.be
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 15:46:02 GMT
content-encoding
gzip
last-modified
Thu, 28 Nov 2019 17:52:52 GMT
access-control-allow-origin
*
etag
"1574963572"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
15919
logo-gent.png
messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/ Frame 5A07 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/logo-gent.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
96319867a6aad573df70bec1be0d8cfca281621ac1b209af9020d12d7b0de2a9

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 15:38:19 GMT
Via
1.1 varnish-v4
Age
461
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Tue, 11 Feb 2020 08:40:26 GMT
Content-Length
4963
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#1/3139.279
ETag
"3cb59de8b6e0d51:0"
X-Varnish-PTTL
3600.000
X-Varnish
3792055 749579
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/png
vitamin-well-v2.png
messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/ Frame 5A07 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/vitamin-well-v2.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
654afd89bfee721475831d61960afe2c9f699de2eab45e368c9363810a194364

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 15:38:19 GMT
Via
1.1 varnish-v4
Age
461
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Tue, 11 Feb 2020 14:40:11 GMT
Content-Length
7297
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#1/3139.264
ETag
"2a8f3e2ae9e0d51:0"
X-Varnish-PTTL
3600.000
X-Varnish
2089580 749584
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/png
bal.png
messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/ Frame 5A07 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/bal.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
27868a5c63f22ceea9b4215608ca2d4666bb6dd384a30668b006f7526fa588e2

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 15:38:19 GMT
Via
1.1 varnish-v4
Age
461
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Tue, 11 Feb 2020 08:40:26 GMT
Content-Length
24672
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#1/3139.244
ETag
"8811aae8b6e0d51:0"
X-Varnish-PTTL
3600.000
X-Varnish
1670471 3066783
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/png
voetbal-quiz.png
messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/ Frame 5A07 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/voetbal-quiz.png
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c890af9353592c264e0ec88146ee99e8b5f636cd51631e9a892be3fa474dfb6c

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 15:38:19 GMT
Via
1.1 varnish-v4
Age
461
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Tue, 11 Feb 2020 08:40:27 GMT
Content-Length
22311
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#1/3139.317
ETag
"9299bde8b6e0d51:0"
X-Varnish-PTTL
3600.000
X-Varnish
2089585 3304913
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/png
go.jpg
messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/ Frame 5A07 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/go.jpg
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b27b6bd0b1f9b8d40e17ad30ced2dcc24380c0c49ea0e1311e6505edb62abc11

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 15:38:19 GMT
Via
1.1 varnish-v4
Age
461
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Tue, 11 Feb 2020 08:40:27 GMT
Content-Length
1596
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#1/3139.291
ETag
"bcacd0e8b6e0d51:0"
X-Varnish-PTTL
3600.000
X-Varnish
1670475 3979785
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/jpeg
gtm.js
www.googletagmanager.com/ Frame 5A07 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MHVRMGQ
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14b9289fbd971496412d3e8644d3874d50952b14d71ca3b1827a838abeb14348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 15:46:02 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36310
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Feb 2020 15:46:02 GMT
xgemius.js
gabe.hit.gemius.pl/ Frame 5A07 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/xgemius.js
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.32.205.233 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
53d2b310b78267a9c18bc1bbc3885d58d12d8fe5b286d8c9aa482331757b9812

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 15:46:02 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 06:37:34 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
max-age=43200
accept-ranges
none
content-type
application/x-javascript
content-length
9255
expires
Fri, 14 Feb 2020 03:46:02 GMT
back-zonder.jpg
messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/ Frame 5A07 		639 KB
640 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://messagent.roulartamail.be/images/preweb2/journey/sport/2020/quiz/back-zonder.jpg
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.212.185.86 Mechelen, Belgium, ASN49333 (ROULARTA-MEDIA-GROUP-AS, BE),
Reverse DNS
86-185-212-91.rmg.be
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3f5d4f071e067600b2a1ac056df8240e999c587beb8bfc2a4897b2d668ae5fd2

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 15:38:19 GMT
Via
1.1 varnish-v4
Age
461
X-Powered-By
ASP.NET
X-Varnish-B
messagt
Last-Modified
Tue, 11 Feb 2020 08:40:28 GMT
Content-Length
654835
X-Varnish-C
Y
Server
Microsoft-IIS/10.0
X-Varnish-H
H#1/3139.307
ETag
"b6d16fe9b6e0d51:0"
X-Varnish-PTTL
3600.000
X-Varnish
2124472 4268523
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/jpeg
NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
fonts.gstatic.com/s/titilliumweb/v8/ Frame 5A07 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v8/NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Titillium+Web&display=swap
Origin
https://messagent.roulartamail.be
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 05:07:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:34 GMT
server
sffe
age
815904
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12344
x-xss-protection
0
expires
Wed, 03 Feb 2021 05:07:38 GMT
fpdata.js
gabe.hit.gemius.pl/ 		273 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/fpdata.js?href=messagent.roulartamail.be
Requested by
Host: gabe.hit.gemius.pl
URL: https://gabe.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.32.205.233 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
d08e2f2083a8f655acf4a778d0a5e84788c2fa8990e24ed5000228ba045fa15f

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 15:46:02 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
273
expires
Sat, 14 Mar 2020 15:46:02 GMT
analytics.js
www.google-analytics.com/ Frame 5A07 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHVRMGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4350
date
Thu, 13 Feb 2020 14:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Thu, 13 Feb 2020 16:33:32 GMT
collect
www.google-analytics.com/ Frame 5A07 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=2115914504&t=pageview&_s=1&dl=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3DQtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm&dp=virtual%2Fprod%2Fsport%2Fvoetbalquiz2020%2F202002%2Fnl%2Fhome&ul=en-us&de=UTF-8&dt=voetbalquiz%202020%20-%20home&sd=24-bit&sr=1600x1200&vp=1570x900&je=0&_u=QACAAEAB~&jid=&gjid=&cid=1370206304.1581608763&tid=UA-8272409-18&_gid=382837731.1581608763&gtm=2wg250MHVRMGQ&cd10=sport&cd11=voetbalquiz%202020&cd12=202002&cd13=nl&cd14=home&cd17=RMG&cd18=site-messagent-nl&z=901335806
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 01 Feb 2020 00:34:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1091470
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fpdata.js
gabe.hit.gemius.pl/ Frame 5A07 		273 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/fpdata.js?href=messagent.roulartamail.be
Requested by
Host: gabe.hit.gemius.pl
URL: https://gabe.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.32.205.233 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
0b15118994279362374ad14067f34f25e4297a008a52c0f8e5a5aa4a921ceb19

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 15:46:02 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
273
expires
Sat, 14 Mar 2020 15:46:02 GMT
rexdot.js
gabe.hit.gemius.pl/__/_1581608762832/
Redirect Chain
  • https://gabe.hit.gemius.pl/_1581608762832/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-60&fv=-&href=http...
  • https://gabe.hit.gemius.pl/__/_1581608762832/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-60&fv=-&href=h...
180 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/__/_1581608762832/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=b912Jdf59.r.K6l.DqF6I4CxWGt3o6Tzirrbk84sV37.u7&vis=1
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.32.205.233 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
0336ffac0d128cb202aad06513e89770ade29296334e1bfb1d889bec1f056261

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 15:46:02 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
180
expires
Wed, 12 Feb 2020 15:46:02 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 15:46:02 GMT
server
GHC
location
/__/_1581608762832/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=b912Jdf59.r.K6l.DqF6I4CxWGt3o6Tzirrbk84sV37.u7&vis=1
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
301
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Wed, 12 Feb 2020 15:46:02 GMT
rexdot.js
gabe.hit.gemius.pl/__/_1581608762872/ Frame 5A07
Redirect Chain
  • https://gabe.hit.gemius.pl/_1581608762872/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=2&tz=-60&fv=-&href=http...
  • https://gabe.hit.gemius.pl/__/_1581608762872/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=2&tz=-60&fv=-&href=h...
180 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/__/_1581608762872/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=2&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3DQtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm&ref=&screen=1600x1200r1000&col=24&window=1570x900&ltime=0&lsdata=-NOTSUP&fpdata=.0zcUTgoj9t5ptJMBiTPsNJv6WZxOYroI96s6iIF9kz.p7&vis=1
Requested by
Host: messagent.roulartamail.be
URL: https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.32.205.233 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
0336ffac0d128cb202aad06513e89770ade29296334e1bfb1d889bec1f056261

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=QtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 15:46:02 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
180
expires
Wed, 12 Feb 2020 15:46:02 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 15:46:02 GMT
server
GHC
location
/__/_1581608762872/rexdot.js?l=100&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=view&hsrc=1&initsonar=1&extra=lan%3DNL%7Ckey%3Dkw&eventid=0&fr=2&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3DQtSC5y9P_N3Ql0cSRTsk0OemuQgjg10Kahrtx7BWNQJQF1oPeNdC95nnVhf4u5mj1ZlxcorliTqLCm&ref=&screen=1600x1200r1000&col=24&window=1570x900&ltime=0&lsdata=-NOTSUP&fpdata=.0zcUTgoj9t5ptJMBiTPsNJv6WZxOYroI96s6iIF9kz.p7&vis=1
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
301
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Wed, 12 Feb 2020 15:46:02 GMT
redot.js
gabe.hit.gemius.pl/__/_1581608771990/
Redirect Chain
  • https://gabe.hit.gemius.pl/_1581608771990/redot.js?l=109&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=smpsonar&hsrc=0&extra=_ASF%3D40%7Clan%3DNL%7Ckey%3Dkw&eventid=1581608762&fr=1&tz=-60&fv...
  • https://gabe.hit.gemius.pl/__/_1581608771990/redot.js?l=109&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=smpsonar&hsrc=0&extra=_ASF%3D40%7Clan%3DNL%7Ckey%3Dkw&eventid=1581608762&fr=1&tz=-60...
2 B
183 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabe.hit.gemius.pl/__/_1581608771990/redot.js?l=109&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=smpsonar&hsrc=0&extra=_ASF%3D40%7Clan%3DNL%7Ckey%3Dkw&eventid=1581608762&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=b912Jdf59.r.K6l.DqF6I4CxWGt3o6Tzirrbk84sV37.u7&vis=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
178.32.205.233 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://messagent.roulartamail.be/optiext/optiextension.dll?ID=8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 15:46:12 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
2
expires
Wed, 12 Feb 2020 15:46:12 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 15:46:12 GMT
server
GHC
location
/__/_1581608771990/redot.js?l=109&id=ndo70jLvcOkCg9tcys2RFaRu.l0uwIcmnz5DMEj9D6P.r7&et=smpsonar&hsrc=0&extra=_ASF%3D40%7Clan%3DNL%7Ckey%3Dkw&eventid=1581608762&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmessagent.roulartamail.be%2Foptiext%2Foptiextension.dll%3FID%3D8UY8wJ9ix9D_BA8oBnerBRu91sHKwabF7nkDKyKrwoW6wdI2z3ZipTaP2RTu1IUxQCOnlvkujc1Wtx&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=b912Jdf59.r.K6l.DqF6I4CxWGt3o6Tzirrbk84sV37.u7&vis=1
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
301
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Wed, 12 Feb 2020 15:46:12 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| dataLayer function| iFrameResize object| google_tag_manager string| GoogleAnalyticsObject function| ga string| pp_gemius_identifier object| pp_gemius_extraparameters object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gemius_cmpclient object| gemius_hcconn function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event number| pp_gemius_cnt boolean| gemius_hcref

4 Cookies

Domain/Path Name / Value
.roulartamail.be/ Name: _gat_UA-8272409-18
Value: 1
.roulartamail.be/ Name: _gid
Value: GA1.2.382837731.1581608763
.roulartamail.be/ Name: __gfp_64b
Value: .0zcUTgoj9t5ptJMBiTPsNJv6WZxOYroI96s6iIF9kz.p7
.roulartamail.be/ Name: _ga
Value: GA1.2.1370206304.1581608763

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicks-roularta.adhese.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
gabe.hit.gemius.pl
maxcdn.bootstrapcdn.com
messagent.roulartamail.be
sportmagazine.knack.be
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.sportmagazine.be
178.32.205.233
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3b
217.19.237.54
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2004
2a00:1450:4001:818::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81e::200a
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9d
37.72.160.15
91.212.185.86
95.131.143.129
0336ffac0d128cb202aad06513e89770ade29296334e1bfb1d889bec1f056261
0aea2ca6a48cd3b8e070dab35133b9b4ec99e0de88a462e4abec9b40bf47affc
0b15118994279362374ad14067f34f25e4297a008a52c0f8e5a5aa4a921ceb19
14b9289fbd971496412d3e8644d3874d50952b14d71ca3b1827a838abeb14348
27868a5c63f22ceea9b4215608ca2d4666bb6dd384a30668b006f7526fa588e2
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
3b44d4cfd113d35e07357cff7ea6c196533b3dbff8915d4214dad931028b74a4
3f5d4f071e067600b2a1ac056df8240e999c587beb8bfc2a4897b2d668ae5fd2
53d2b310b78267a9c18bc1bbc3885d58d12d8fe5b286d8c9aa482331757b9812
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
654afd89bfee721475831d61960afe2c9f699de2eab45e368c9363810a194364
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8938cd92fd8af6467ad9a22c43f96d0d9ca052bef95485720cd2ba2870e4b288
96319867a6aad573df70bec1be0d8cfca281621ac1b209af9020d12d7b0de2a9
b27b6bd0b1f9b8d40e17ad30ced2dcc24380c0c49ea0e1311e6505edb62abc11
c890af9353592c264e0ec88146ee99e8b5f636cd51631e9a892be3fa474dfb6c
d08e2f2083a8f655acf4a778d0a5e84788c2fa8990e24ed5000228ba045fa15f
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eba62a7c983b24abb775849200198c5fbdc02060c81c3f22c1357917c5066732
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6158ef3bcca7b61b70e402aaf44109edbef0835cc012a76f81d23e5a1d2c329