wearewinnerseverydaynk.com
Open in
urlscan Pro
104.21.96.134
Public Scan
Effective URL: https://wearewinnerseverydaynk.com/tn/nl1/index.php?uclick=8rxiqqg60&uclickhash=8rxiqqg60-8rxiqqg60-ci3y-0-gmi4-3vi4-3v0-60bfca
Submission: On April 21 via api from US
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 15th 2020. Valid for: a year.
This is the only time wearewinnerseverydaynk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 103.224.182.251 103.224.182.251 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 4 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 1 | 104.21.85.150 104.21.85.150 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
65 | 104.21.96.134 104.21.96.134 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 5.135.242.80 5.135.242.80 | 16276 (OVH) (OVH) | |
1 | 54.37.178.133 54.37.178.133 | 16276 (OVH) (OVH) | |
4 | 104.111.214.80 104.111.214.80 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 148.251.132.182 148.251.132.182 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 51.89.17.234 51.89.17.234 | 16276 (OVH) (OVH) | |
2 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0a::9d | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::2003 | 15169 (GOOGLE) (GOOGLE) | |
85 | 11 |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-251.above.com
capitalonehopping.com |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redira.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-80.deploy.static.akamaitechnologies.com
www.accuweather.com | |
vortex.accuweather.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.182.132.251.148.clients.your-server.de
pix.tagcdn.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
65 |
wearewinnerseverydaynk.com
wearewinnerseverydaynk.com |
889 KB |
4 |
tagcdn.com
pix.tagcdn.com aff.tagcdn.com |
2 KB |
4 |
accuweather.com
www.accuweather.com vortex.accuweather.com |
29 KB |
4 |
1redira.com
1 redirects
1redira.com |
3 KB |
3 |
stabx.net
stabx.net |
629 B |
2 |
google-analytics.com
www.google-analytics.com |
20 KB |
1 |
google.de
www.google.de |
505 B |
1 |
google.com
www.google.com |
296 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
454 B |
1 |
worldtriviacenter.com
worldtriviacenter.com |
5 KB |
1 |
adsertrack.com
1 redirects
adsertrack.com |
911 B |
1 |
capitalonehopping.com
1 redirects
capitalonehopping.com |
1 KB |
85 | 12 |
Domain | Requested by | |
---|---|---|
65 | wearewinnerseverydaynk.com |
1redira.com
wearewinnerseverydaynk.com |
4 | 1redira.com |
1 redirects
1redira.com
|
3 | vortex.accuweather.com |
wearewinnerseverydaynk.com
|
3 | stabx.net |
wearewinnerseverydaynk.com
|
2 | www.google-analytics.com |
wearewinnerseverydaynk.com
www.google-analytics.com |
2 | aff.tagcdn.com |
wearewinnerseverydaynk.com
|
2 | pix.tagcdn.com |
wearewinnerseverydaynk.com
|
1 | www.google.de |
wearewinnerseverydaynk.com
|
1 | www.google.com |
wearewinnerseverydaynk.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.accuweather.com |
wearewinnerseverydaynk.com
|
1 | worldtriviacenter.com |
wearewinnerseverydaynk.com
|
1 | adsertrack.com | 1 redirects |
1 | capitalonehopping.com | 1 redirects |
85 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
sp.worldtriviacenter.com |
eu.de352d1s11165sd60a.com |
www.accuweather.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-12-15 - 2021-12-14 |
a year | crt.sh |
stabx.net R3 |
2021-02-12 - 2021-05-13 |
3 months | crt.sh |
worldtriviacenter.com R3 |
2021-04-08 - 2021-07-07 |
3 months | crt.sh |
*.accuweather.com DigiCert SHA2 Secure Server CA |
2019-06-26 - 2021-09-13 |
2 years | crt.sh |
tagcdn.com R3 |
2021-03-22 - 2021-06-20 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
This page contains 9 frames:
Primary Page:
https://wearewinnerseverydaynk.com/tn/nl1/index.php?uclick=8rxiqqg60&uclickhash=8rxiqqg60-8rxiqqg60-ci3y-0-gmi4-3vi4-3v0-60bfca
Frame ID: 244F50807A4583FB8AE62F53D457B802
Requests: 76 HTTP requests in this frame
Frame:
https://wearewinnerseverydaynk.com/tn/nl1/index_files/pixel.html
Frame ID: 278DA911E12BB19FFEA44BC07C1C8BB8
Requests: 1 HTTP requests in this frame
Frame:
https://wearewinnerseverydaynk.com/tn/nl1/index_files/saved_resource.html
Frame ID: DFADFDB8358C19E67AD8AE1EE8421847
Requests: 1 HTTP requests in this frame
Frame:
https://wearewinnerseverydaynk.com/tn/nl1/index_files/saved_resource(5).html
Frame ID: 282F08DBE5ABED6996FCF683E342A31E
Requests: 1 HTTP requests in this frame
Frame:
https://wearewinnerseverydaynk.com/tn/nl1/index_files/tags.html
Frame ID: D073E5873ADF45DF2700DCCD79FF10E6
Requests: 2 HTTP requests in this frame
Frame:
https://pix.tagcdn.com/pix/?a=scroll_2_8&uid=298217973077810631&hid=6841141310819258383&aid=174418&ac=da2&token=9pmexebp9nDA10855DANL&custom1=b60ac16b35f52eb19b9efa34c8d21126-5906-0622&custom2=Veronika&l=NL&d=worldtriviacenter.com&type=blogveins&was=0
Frame ID: C6F45E7BB25AA16FDAD32122646B863B
Requests: 1 HTTP requests in this frame
Frame:
https://aff.tagcdn.com/pix/?a=scroll_2_8&uid=298217973077810631&l=NL&aid=174418&d=worldtriviacenter.com&hid=6841141310819258383&ac=da2&was=0
Frame ID: FF7216437E24FFDC4840D5A9E06DE726
Requests: 1 HTTP requests in this frame
Frame:
https://pix.tagcdn.com/pix/?a=index&uid=298217973077810631&hid=6841141310819258383&aid=174418&ac=da2&token=9pmexebp9nDA10855DANL&custom1=b60ac16b35f52eb19b9efa34c8d21126-5906-0622&custom2=Veronika&l=NL&d=worldtriviacenter.com&type=blogveins&was=0
Frame ID: D0B4CCDA375D0B910BE8042A21B23CCC
Requests: 1 HTTP requests in this frame
Frame:
https://aff.tagcdn.com/pix/?a=index&uid=298217973077810631&l=NL&aid=174418&d=worldtriviacenter.com&hid=6841141310819258383&ac=da2&was=0
Frame ID: 0F392A2F180401D1DA6026E2B344FD00
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://capitalonehopping.com/
HTTP 302
http://1redira.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yE9xwqOc2%2Fb0F14gdfhBv%2Fh%2FPwSd0IHTVlSgrVT%2... Page URL
-
http://1redira.com/r.php?u=https%3A%2F%2Fadsertrack.com%2Findex.php%3Fkey%3D4ocvaajzvliccakmz26...
HTTP 302
https://adsertrack.com/index.php?key=4ocvaajzvliccakmz26c&cpv=0.050&subid=593534166&kw=.nl.05.deskt... HTTP 302
https://wearewinnerseverydaynk.com/tn/nl1/index.php?uclick=8rxiqqg60&uclickhash=8rxiqqg60-8rxiqqg60-ci3y-0-gmi4... Page URL
Detected technologies
Debian (Operating Systems) ExpandDetected patterns
- headers server /Debian/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
24 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: OVER ONS
Search URL Search Domain Scan URL
Title: NIEUWS
Search URL Search Domain Scan URL
Title: ARTIKELEN
Search URL Search Domain Scan URL
Title: DIAGNOSECENTRUM
Search URL Search Domain Scan URL
Title: ONZE SPECIALISTEN
Search URL Search Domain Scan URL
Title: SLUIT BIJ ONS AAN
Search URL Search Domain Scan URL
Title: ARTIKELEN / NIEUWSTE ONTDEKKINGEN / "Het tijdperk van spataderen is voorbij! Revolutionaire kuur...
Search URL Search Domain Scan URL
Title: prof. Harald Stijnman
Search URL Search Domain Scan URL
Title: Klik hier om de kuur te ontvangen met financiële ondersteuning en voor eens en altijd van je spataderen af te komen >>
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Scroll Right
Search URL Search Domain Scan URL
Title: 1° 09:58RealFeel® -4°Lichte ijsregen
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Get this widget
Search URL Search Domain Scan URL
Title: Vandaagapr 21max 2°RealFeel® -3°Een mix van sneeuw en regenDag - details >
Search URL Search Domain Scan URL
Title: Vannachtapr 21min -4°RealFeel® -13°Gedeeltelijk tot overwegend bewolktDag - details >
Search URL Search Domain Scan URL
Title: Morgenapr 22max 4°RealFeel® -4°Een regen- of sneeuwbuiDag - details >
Search URL Search Domain Scan URL
Title: Regen gaat over in sneeuw en houdt minstens 120 min aan MinuteCast® voor 42.099, -75.918Â
Search URL Search Domain Scan URL
Title: vandaag mix van regen en sneeuwÂ
Search URL Search Domain Scan URL
Title: 9Lichte sneeuwbuien1° 67%10Aanvriezende regen2° 72%11Lichte sneeuwbuien2° 56%12Bewolkt1° 49%1Regen1° 62%2Regen1° 56%
Search URL Search Domain Scan URL
Title: Verwachting per uur >
Search URL Search Domain Scan URL
Title: Videoweerbericht
Search URL Search Domain Scan URL
Title: Binghamton Radar
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://capitalonehopping.com/
HTTP 302
http://1redira.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yE9xwqOc2%2Fb0F14gdfhBv%2Fh%2FPwSd0IHTVlSgrVT%2BZpF%2FJkFuvMS8j%2FXXaZgZBcejKEh5%2BFhKw4UN0lChSherO96SDXeV7g5JkYlZcCxZe%2Fn%2FFu5FZfzsMSI52jSjl0%2F9%2Bsv%2FX2KW4RUGyll5P6Kxa7i5wbFA1hPh2dQJ8p5D34qpjDNqT3hJUjDD5jvaZZ9CU8THpoU69jqoUI7nXhsUe%2FmZmbejGSl%2BhMEJteeOvF%2B3%2FOqTXnp9YcLW8kks41O5YSoQPK9IGgPCZv5TUJXlIEdyhBOa6gIbTTAfFtxrc3tp9G%2FoNo2qJ%2BQ7WIDE5qj%2FblFWvE%2FSDQwTajQs0CsXYSIEM5njqeVrUDn1wb6IJgV32SwwS34NyENNiMH7pfw7AKIMxjYpa8OddrNVVB%2BjMw%2Fc4ofnNWRoWjU%2B7Z1VJrUfNcZLitk4xBgN2cXeWDYpJmC0cyTpb8q0tGPZzTTKaOhRawrvx0arvqiqDggNd7dXQANtOZmyNSW9FHBQ2FXuJuHFz%2Fnme34cl6EGpjz0nom7Li5tQ3lyK6IAeMdaiXqKFMaBfcNyWtjt0buA46ArJkUfEk5Tibm1HBlng%2BohukQ4Mnh39HT8qzGNFLQBDK6mFNxQAsQ9E3TWJEw4czXJNUyEu6bD%2Fp1HBXng1cttjGhtH4pe%2FmZ7oWE%2BYBL9dTtpfDwQEJs6%2FM%2Ftm2Jiw%2BTiMGQpIZI%2F0CtXQoJ8RBVZLZoe12r5pkE3PXcJZ1P0LSnEROBC0HkditDrv1pDhuNTYRSpdRZ2nbGANDWQU5JapGr6UfEkJyBcnpFlDZhyoG0R%2FwnEMG0oYuSqTqiRzl7XPQ%3D%3D Page URL
-
http://1redira.com/r.php?u=https%3A%2F%2Fadsertrack.com%2Findex.php%3Fkey%3D4ocvaajzvliccakmz26c%26cpv%3D0.050%26subid%3D593534166%26kw%3D.nl.05.desktop.windows&s=j
HTTP 302
https://adsertrack.com/index.php?key=4ocvaajzvliccakmz26c&cpv=0.050&subid=593534166&kw=.nl.05.desktop.windows HTTP 302
https://wearewinnerseverydaynk.com/tn/nl1/index.php?uclick=8rxiqqg60&uclickhash=8rxiqqg60-8rxiqqg60-ci3y-0-gmi4-3vi4-3v0-60bfca Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://capitalonehopping.com/ HTTP 302
- http://1redira.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yE9xwqOc2%2Fb0F14gdfhBv%2Fh%2FPwSd0IHTVlSgrVT%2BZpF%2FJkFuvMS8j%2FXXaZgZBcejKEh5%2BFhKw4UN0lChSherO96SDXeV7g5JkYlZcCxZe%2Fn%2FFu5FZfzsMSI52jSjl0%2F9%2Bsv%2FX2KW4RUGyll5P6Kxa7i5wbFA1hPh2dQJ8p5D34qpjDNqT3hJUjDD5jvaZZ9CU8THpoU69jqoUI7nXhsUe%2FmZmbejGSl%2BhMEJteeOvF%2B3%2FOqTXnp9YcLW8kks41O5YSoQPK9IGgPCZv5TUJXlIEdyhBOa6gIbTTAfFtxrc3tp9G%2FoNo2qJ%2BQ7WIDE5qj%2FblFWvE%2FSDQwTajQs0CsXYSIEM5njqeVrUDn1wb6IJgV32SwwS34NyENNiMH7pfw7AKIMxjYpa8OddrNVVB%2BjMw%2Fc4ofnNWRoWjU%2B7Z1VJrUfNcZLitk4xBgN2cXeWDYpJmC0cyTpb8q0tGPZzTTKaOhRawrvx0arvqiqDggNd7dXQANtOZmyNSW9FHBQ2FXuJuHFz%2Fnme34cl6EGpjz0nom7Li5tQ3lyK6IAeMdaiXqKFMaBfcNyWtjt0buA46ArJkUfEk5Tibm1HBlng%2BohukQ4Mnh39HT8qzGNFLQBDK6mFNxQAsQ9E3TWJEw4czXJNUyEu6bD%2Fp1HBXng1cttjGhtH4pe%2FmZ7oWE%2BYBL9dTtpfDwQEJs6%2FM%2Ftm2Jiw%2BTiMGQpIZI%2F0CtXQoJ8RBVZLZoe12r5pkE3PXcJZ1P0LSnEROBC0HkditDrv1pDhuNTYRSpdRZ2nbGANDWQU5JapGr6UfEkJyBcnpFlDZhyoG0R%2FwnEMG0oYuSqTqiRzl7XPQ%3D%3D
85 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
r2.php
1redira.com/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.js
1redira.com/javascript/ |
858 B 701 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.php
1redira.com/ |
0 166 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.php
wearewinnerseverydaynk.com/tn/nl1/ Redirect Chain
|
73 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
saved_resource(1)
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
73 B 631 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
analytics.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
45 KB 45 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
saved_resource(2)
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
260 B 813 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
index.css
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
2 KB 944 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
track-compiled.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
13 KB 13 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery.min.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
94 KB 94 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
componentsStyles.css
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
49 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
script.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
2 KB 3 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
counter.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
346 B 900 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
script.js(1).download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
115 B 670 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
jquery-1.9.1.min.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
90 KB 91 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
widgets-20170109.css
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
112 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
press.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
header_img.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
logo_VEINS_V1.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
logo_VEINS_V2.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
ico_3.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
logo_VEINS_V3.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
logo.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
852 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
press(1).png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
solvenin_prof_mobile.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
930 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
img1.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
71 KB 72 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
img2.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
img2_1.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
img3.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
220 KB 220 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
img3(1).jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
bg-header-logo-20130403.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
awx-orange-sun-logo.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
launch.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
17 KB 18 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img1.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img2.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img3.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img4.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img5.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img6.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img7.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img8.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img9.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sidebar_img10.jpg
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
solvenin_small.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
22 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
default_avatar.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
avatar.png
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
934 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
pixel_load
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
43 B 596 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
nabx.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
1 KB 2 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
track.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
4 KB 5 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
con0.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
1 KB 2 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
fp.min.js.download
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
66 KB 66 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
saved_resource(3)
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
165 B 728 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
saved_resource(4)
wearewinnerseverydaynk.com/tn/nl1/index_files/ |
165 B 720 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
search.png
wearewinnerseverydaynk.com/tn/nl1/index_files/header/img/ |
580 B 580 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
Roboto-Regular.ttf
wearewinnerseverydaynk.com/tn/nl1/index_files/fonts/Roboto/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
Roboto-Bold.ttf
wearewinnerseverydaynk.com/tn/nl1/index_files/fonts/Roboto/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
2.png
wearewinnerseverydaynk.com/tn/nl1/index_files/weather/themes/medical/ |
580 B 580 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
1.png
wearewinnerseverydaynk.com/tn/nl1/index_files/weather/themes/medical/ |
580 B 580 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
33.png
wearewinnerseverydaynk.com/tn/nl1/index_files/weather/themes/medical/ |
580 B 580 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.0 |
/
stabx.net/track_js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
track-compiled.js
worldtriviacenter.com/31/solvenin-med-m/gps/27dc534648nd7ef6dc77d2db989ff73ac4/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dummy.gif
stabx.net/n/tracker/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
pixel.html
wearewinnerseverydaynk.com/tn/nl1/index_files/ Frame 278D |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3day
www.accuweather.com/ajax-service/oap/ |
16 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spinner.gif
vortex.accuweather.com/adc2010/oap/images/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
jsdata
wearewinnerseverydaynk.com/tn/nl1/ |
580 B 643 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
saved_resource.html
wearewinnerseverydaynk.com/tn/nl1/index_files/ Frame DFAD |
483 B 811 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
saved_resource(5).html
wearewinnerseverydaynk.com/tn/nl1/index_files/ Frame 282F |
278 B 703 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
tags.html
wearewinnerseverydaynk.com/tn/nl1/index_files/ Frame D073 |
273 B 668 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
saved_resource
wearewinnerseverydaynk.com/tn/nl1/index_files/ Frame D073 |
35 B 591 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
pix.tagcdn.com/pix/ Frame C6F4 |
0 602 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
aff.tagcdn.com/pix/ Frame FF72 |
0 390 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
29.png
wearewinnerseverydaynk.com/tn/nl1/index_files/weather/themes/medical/ |
580 B 580 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
36.png
wearewinnerseverydaynk.com/tn/nl1/index_files/weather/themes/medical/ |
580 B 580 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
25.png
wearewinnerseverydaynk.com/tn/nl1/index_files/weather/themes/medical/ |
580 B 580 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-header-logo-20130403.png
vortex.accuweather.com/adc2010/images/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
awx-orange-sun-logo.png
vortex.accuweather.com/adc2010/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 454 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
stabx.net/track_js/ |
165 B 629 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 296 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 505 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
pix.tagcdn.com/pix/ Frame D0B4 |
0 602 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
aff.tagcdn.com/pix/ Frame 0F39 |
0 390 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
68 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _aab object| google_tag_data function| ga object| gaplugins function| $ function| jQuery object| awxWidgetInfo string| oapBootstrapVer object| _gaq function| pgfxLoadBlankBroadcasterImage object| lifestyleIndexToDFP string| _tx function| ltabx function| _cb_b99lmygobbs function| AbxTracker string| _d number| _chk number| _t string| vid boolean| loaded object| pixWass1 undefined| en function| tls1 function| formsets1 function| wscrolls1 function| cHeights1 function| sTops1 function| sHeights1 function| filterResultss1 function| isEmbed function| encodeStr function| sendRequest object| XMLHttpFactories function| createXMLHTTPObject number| fid object| form_fields number| index function| postback_core function| sendEvent function| sendCustomEvent number| fid_c object| form_fields_c string| _d0 function| sendValidationRequest function| FP object| __core-js_shared__ undefined| jQuery19106451391283123726_1619013502745 object| accuweather object| $table object| jQuery19106451391283123726 string| GoogleAnalyticsObject function| ga_awxoap object| gaGlobal object| gaData0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1redira.com
adsertrack.com
aff.tagcdn.com
capitalonehopping.com
pix.tagcdn.com
stabx.net
stats.g.doubleclick.net
vortex.accuweather.com
wearewinnerseverydaynk.com
worldtriviacenter.com
www.accuweather.com
www.google-analytics.com
www.google.com
www.google.de
103.224.182.206
103.224.182.251
104.111.214.80
104.21.85.150
104.21.96.134
148.251.132.182
2a00:1450:4001:810::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c0a::9d
5.135.242.80
51.89.17.234
54.37.178.133
002b07296fdfe7a0dce4986992f0fc0233ecb8e1a46326cc4d3ef497453de6a5
0766f527fcf931c99f93825401ea5d39f6cfe63b56bfd1050f9d1689a8266ab4
0c6525c534269c2dd6232c30bf5222dfb8ff0e1cfb4903a33ce00d3db9189073
0eccf53ee2683c8cff729fced534855d46c22b433f4481e17b3e7535bad69058
11fdfd05678bd56cc05c0f432530cea2c9fa5971447060baa109d9f398d7b5c1
19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60
2209bd53a7241ec34bc53629dc90513ad96e67cd4406acaeca6f732fc7eeba17
248bcba27844d8877e6ebfc4fe1a692df7212ad4c8c24fe34a02784c49e8ab10
254dda1d5d5008dbaa7235fedf1f27c94ee9ca6819910eecdf0f9981f3c028fc
26e4de5ad9c902ff6907345e469c32089e343d832c48ab8b877e47d621264924
27dbcc82dbdbfb123675540aade4e4200e6c50e2cde91fe5069bc9d004d93e16
2baf973c86583e993e8dc413b56604b61461f703e8f4e7fb191cf184b734d907
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d79da7121076f1142731545bf45a8299c6834f2f838cd34a763762a81b41476
34ea64f9dc2ec326ffd063c1990209465566d9a00859a5c28e36036345da7b27
371c6f1f2d059f3af7f14f0729c1d8218efe0ba93f8c500ea4ddf1ede197dcb7
3bbf6bfbae589e1d2a7d2d0ed9cf10d7f405f61452cb58723f81466dc4affb82
3ce0c512a07be31126a6711d156f2f710b57b66cc1bf41c2c92be8ba460a8525
3f9f5633f87f5737e12c6dd61adf9e3ccedb03b809a58e98ef8d19b260a37f34
41e85764ce6d13c39e76ec0c23eb2ed812080e76c31480007a4cbf31d371b40d
4a02938eaf3180edb1190a369052bef4b42c089fdac7001a8cf4bf5f90637331
4ab198aa5d145e694752d2847802340470c5cbd051a31b6d22f9423d8ffc0ef7
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
57cfe02726cffb51528cff616599c5ef9da6e39f51063d2fbc6999c8d1b71a3b
587d2d355e8751436fa13d7f485d99c8d29b93d0579eb8244998f6def5ab1f3b
5af4c8e40ae6d6762d3b5b170a50779facb34f5cd8841b755d0e4fac904baea6
5c1e27e968cbce4b83aca670b2f01dff5b493c55f03b21a3595b76f72dca3bde
601bfc71e458721d2c75d2334cfea9a18f80550d9fe9654965afc3f33307abf0
61220a188109bfa35ef35145f3d80a16068fa261eded25c631560f895b1d0db3
63a0b61f8b59dad863037483e90b3e7d653b521d014e779358b851c4e1fa1337
640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565
6b8aa8a995ece7425badc94fc98e53bee84fe36f2248555bbaa8034c17ccba58
6dfa98e9ac96625e59ec54fd15a079b53c8728414348cd3674838aeb45d30a9d
7e39d336eed543d5973d4b1b0b4b62e400d03899a57aa3503d33891296500dd9
825c68495d0d74732f560a0b094395f24be2a650510f2027abe7a8bc75487ce4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8afdd62b01ce8fb2513877efb50b1e23ac7e479521a801d2082a8465d6a499c9
8b58decc848decb0bc37bfec38c84a0b081179163997cd42cdf1074884c33912
8c8f518e77c629e12232ed8f5e69f51bef6821cf000ad78935a5c178a309c8ba
936148bc4962b383a87dd7e34cb427b5af1f08cf12e86ebfdb6da48c60000fba
9cad3a3a670459540fe65656b9c6aac9d05262130b122b25bfcc68bf636d472b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b55db9e8771d0da5843696e7eac3f959b5bf0aa3a659561b07bb657cc4be8b0a
b693a95774281b767def04abe50e7763b68191ee14653ce0b3a54b79a020ffd5
bf3555fd41beb62e47a4d8bf5762526731f2fcef8461712e6a31501eee283a30
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c45275aedd479bc95bf99105859b340e70569ec8ef6c96df8a3f1c786cb1f939
c6b9993583d5fffabb084d7d4aaf4ea11ac9753a22c4f34080d74e99f2530889
c8f8d1c3092c78a4f9bc1c76e5a7ba32a451ea48d5590c3da98dceee9bd05f7f
ca54d43db89db0443dfa7d803023a78491ac504acb9214168167480a03d1c08d
cbf1fdfdb7257daf8b0905d94bd04e2829c502c9c01b1d96bb979069e2ebc895
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e898a576bd5e1621fec3b1f4a82d681a58ebc41422c41a021e9a5e5d4f9f0172
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a0533eca60a5b77906941a9328e2b56305185c107d442f5d90b99f7819ecd4
f3eaa722dc639ae164e26d61b07fbfb83924d441fb117023c99c17f8e58659cb
f54ec912ba982fd260ac4e3cc7bbcd1f3b817062645ed64f499fe4ceca9523f4
fa175c1647935a1de22757b1d0cbb1dc653ad9f0e3c4541307673b11778bf288
fc845a8eaf106ee4c5308df3b9414562b676746791c6dc1563078d9e89ba64b0
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955