www.medonet.pl
Open in
urlscan Pro
143.204.98.97
Public Scan
Effective URL: https://www.medonet.pl/
Submission: On April 17 via api from US — Scanned from PL
Summary
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on June 6th 2023. Valid for: a year.
This is the only time www.medonet.pl was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-97.fra50.r.cloudfront.net
www.medonet.pl |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-102.fra60.r.cloudfront.net
ocdn.eu |
ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f104.1e100.net
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-76.fra53.r.cloudfront.net
pulsembed.eu |
ASN12990 (ONET-PL-AS1 Onet.pl portal network, PL)
PTR: gemius4.pdmz.onet.pl
onet.hit.gemius.pl |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-127.fra56.r.cloudfront.net
sgqcvfjvr.onet.pl |
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-89.fra56.r.cloudfront.net
lib.onet.pl |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-79.fra53.r.cloudfront.net
pulsembed.eu |
ASN16509 (AMAZON-02, US)
PTR: ae6bee98fe393bd2a.awsglobalaccelerator.com
events.ocdn.eu |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-17.fra56.r.cloudfront.net
csr.onet.pl |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-14.fra56.r.cloudfront.net
csr.onet.pl |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-80.fra56.r.cloudfront.net
cmp.dreamlab.pl |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: a1ef697b048852c56.awsglobalaccelerator.com
cdp.ems.onet.pl | |
cmp.ringpublishing.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-71.ams58.r.cloudfront.net
cdn.opecloud.com |
ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f142.1e100.net
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: a029bad6b57782c80.awsglobalaccelerator.com
third-party-cookie.raspcs.pl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
ocdn.eu
1 redirects
ocdn.eu — Cisco Umbrella Rank: 45036 events.ocdn.eu — Cisco Umbrella Rank: 52037 |
312 KB |
11 |
onet.pl
sgqcvfjvr.onet.pl — Cisco Umbrella Rank: 74162 lib.onet.pl — Cisco Umbrella Rank: 69033 csr.onet.pl — Cisco Umbrella Rank: 59334 cdp.ems.onet.pl — Cisco Umbrella Rank: 89477 |
153 KB |
5 |
gemius.pl
1 redirects
onet.hit.gemius.pl — Cisco Umbrella Rank: 78714 ls.hit.gemius.pl — Cisco Umbrella Rank: 22667 |
22 KB |
4 |
pushpushgo.com
s-eu-1.pushpushgo.com — Cisco Umbrella Rank: 45724 |
36 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33 region1.google-analytics.com — Cisco Umbrella Rank: 2548 |
21 KB |
3 |
medonet.pl
www.medonet.pl — Cisco Umbrella Rank: 690037 |
106 KB |
2 |
raspcs.pl
third-party-cookie.raspcs.pl — Cisco Umbrella Rank: 430986 |
735 B |
2 |
opecloud.com
cdn.opecloud.com — Cisco Umbrella Rank: 6247 raspl.tagger.opecloud.com |
16 KB |
2 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 |
170 KB |
2 |
dreamlab.pl
cmp.dreamlab.pl — Cisco Umbrella Rank: 116255 |
119 KB |
2 |
pulsembed.eu
pulsembed.eu — Cisco Umbrella Rank: 94253 |
3 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42 |
179 KB |
1 |
ringpublishing.com
cmp.ringpublishing.com — Cisco Umbrella Rank: 143326 |
560 B |
1 |
brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2374 |
3 KB |
72 | 14 |
Domain | Requested by | |
---|---|---|
30 | ocdn.eu |
www.medonet.pl
ocdn.eu sgqcvfjvr.onet.pl cmp.dreamlab.pl |
5 | sgqcvfjvr.onet.pl |
www.medonet.pl
|
4 | events.ocdn.eu |
1 redirects
www.medonet.pl
sgqcvfjvr.onet.pl |
4 | onet.hit.gemius.pl |
1 redirects
www.medonet.pl
onet.hit.gemius.pl |
4 | s-eu-1.pushpushgo.com |
www.medonet.pl
s-eu-1.pushpushgo.com |
3 | lib.onet.pl |
www.medonet.pl
sgqcvfjvr.onet.pl |
3 | www.medonet.pl |
sgqcvfjvr.onet.pl
|
2 | third-party-cookie.raspcs.pl |
ocdn.eu
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.medonet.pl |
2 | securepubads.g.doubleclick.net |
sgqcvfjvr.onet.pl
securepubads.g.doubleclick.net |
2 | cmp.dreamlab.pl |
sgqcvfjvr.onet.pl
|
2 | csr.onet.pl |
sgqcvfjvr.onet.pl
|
2 | pulsembed.eu |
www.medonet.pl
pulsembed.eu |
2 | www.googletagmanager.com |
www.medonet.pl
www.googletagmanager.com |
1 | raspl.tagger.opecloud.com |
cdn.opecloud.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | cdn.opecloud.com |
lib.onet.pl
|
1 | cmp.ringpublishing.com |
sgqcvfjvr.onet.pl
|
1 | cdn.brandmetrics.com |
www.medonet.pl
|
1 | cdp.ems.onet.pl |
sgqcvfjvr.onet.pl
|
1 | ls.hit.gemius.pl |
onet.hit.gemius.pl
|
72 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
zywienie.medonet.pl |
uroda.medonet.pl |
dziecko.medonet.pl |
narodowytestzdrowia.medonet.pl |
polityka-prywatnosci.onet.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.medonet.pl GeoTrust TLS RSA CA G1 |
2023-06-06 - 2024-06-05 |
a year | crt.sh |
*.ocdn.eu GeoTrust TLS RSA CA G1 |
2023-12-21 - 2024-12-20 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.pulsembed.eu R3 |
2024-04-10 - 2024-07-09 |
3 months | crt.sh |
*.pushpushgo.com cyber_Folks |
2024-03-10 - 2025-03-09 |
a year | crt.sh |
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA |
2023-09-14 - 2024-09-25 |
a year | crt.sh |
*.onet.pl GeoTrust TLS ECC CA G1 |
2023-07-11 - 2024-05-14 |
10 months | crt.sh |
*.dreamlab.pl GeoTrust TLS RSA CA G1 |
2023-06-14 - 2024-06-13 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.ems.onet.pl R3 |
2024-02-21 - 2024-05-21 |
3 months | crt.sh |
brandmetrics.com GTS CA 1P5 |
2024-03-01 - 2024-05-30 |
3 months | crt.sh |
*.ringpublishing.com GeoTrust TLS RSA CA G1 |
2024-03-15 - 2025-03-14 |
a year | crt.sh |
cdn.opecloud.com Amazon RSA 2048 M02 |
2023-12-16 - 2025-01-12 |
a year | crt.sh |
*.raspcs.pl R3 |
2024-03-18 - 2024-06-16 |
3 months | crt.sh |
*.tagger.opecloud.com Amazon RSA 2048 M03 |
2024-04-02 - 2025-05-01 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.medonet.pl/
Frame ID: F5D8BECC8FF4A136D994E7C0087A3B95
Requests: 66 HTTP requests in this frame
Frame:
https://pulsembed.eu/p2em/w2X3KYbNb/
Frame ID: 8895B9A99B382E4FC0DB9661A7545747
Requests: 1 HTTP requests in this frame
Frame:
https://ls.hit.gemius.pl/lsget.html
Frame ID: 382A668A86D187A20E00583545538256
Requests: 1 HTTP requests in this frame
Frame:
https://csr.onet.pl/1746213/cmp?v=3
Frame ID: FD5D33734ABFDEF99EAD5022CD7CBD75
Requests: 1 HTTP requests in this frame
Frame:
https://lib.onet.pl/static/lps/Analytics-Prebid/tpl.min.js?120
Frame ID: 3C42C22DC4401362F81D07C454B44629
Requests: 1 HTTP requests in this frame
Frame:
https://lib.onet.pl/static/lps/DMP-1plusX-SDK/tpl.min.js?120
Frame ID: B9C0DCA315767D9BB3F03EF7CD6F2630
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Zdrowie w Twoich rękach - Medonet.plPage URL History Show full URLs
-
http://www.medonet.pl/
HTTP 307
https://www.medonet.pl/ Page URL
Detected technologies
Gemius (Analytics) ExpandDetected patterns
- hit\.gemius\.pl/xgemius\.js
- hit\.gemius\.pl
- xgemius\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Mautic (Marketing Automation) Expand
Detected patterns
- [^a-z]mtc.*\.js
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: Żywienie Small Arrow Icon
Search URL Search Domain Scan URL
Title: Uroda Small Arrow Icon
Search URL Search Domain Scan URL
Title: Dziecko Small Arrow Icon
Search URL Search Domain Scan URL
Title: Sprawdź swoje zdrowie! Zrób krótki TEST
Search URL Search Domain Scan URL
Title: medonet zywienie logo Polacy omijają tę rybę z daleka, a to błąd. Jest turbo zdrowa i tańsza niż dorsz Marlena Kostyńska
Search URL Search Domain Scan URL
Title: medonet zywienie logo Napój, który pozwala schudnąć 18 kg w dwa miesiące? Oto jak działa Marlena Kostyńska
Search URL Search Domain Scan URL
Title: medonet uroda Logo Naturalny odsiwiacz do włosów za grosze. Działa lepiej niż chemiczna farba Hanna Szczygieł
Search URL Search Domain Scan URL
Title: medonet uroda Logo Największy błąd przy depilacji wąsika. To najgorsza możliwa metoda Tatiana Naklicka
Search URL Search Domain Scan URL
Title: medonet dziecko logo Wybitnie uzdolnione dziecko można rozpoznać po jednej emocji. To pułapka [FRAGMENT KSIĄŻKI]
Search URL Search Domain Scan URL
Title: medonet dziecko logo Ginekolog: poprzednie prawo aborcyjne było lepsze, bo nie narażało kobiet PAP
Search URL Search Domain Scan URL
Title: Grzybowy elementarz
Search URL Search Domain Scan URL
Title: Ogrodowa apteczka
Search URL Search Domain Scan URL
Title: Hej, zaczekaj - mamy coś dla ciebie! Sprawdź, czy to działa Sprawdź →
Search URL Search Domain Scan URL
Title: tutaj
Search URL Search Domain Scan URL
Title: tutaj
Search URL Search Domain Scan URL
Title: Grupy RAS Polska
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.medonet.pl/
HTTP 307
https://www.medonet.pl/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 40- https://events.ocdn.eu/v2/EA-1746213/me?_ac=events&_ts=1713322764876 HTTP 302
- https://events.ocdn.eu/v2/EA-1746213/me?_ac=events&_ts=1713322764876&_ca=1&uuid=202404170459251120106680
- https://onet.hit.gemius.pl/_1713322765105/rexdot.js?l=100&sendf=24&id=ba1K6Ed0qzmD.M_8uctjJLdMXmd8cqLncrmMweYCBoT.u7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fwww.medonet.pl%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=v1DbPUxn2vDWKCHZySsm3kLePXdLEP39Ma7ud6Wt5ib.97ZoS8zhtBbQdonCyy9d3gngY4EQf3tPf3sY532lwo7_l6g./S_Tb30WM4T0sj/&fpdata=Z6GFgoP.E0As2QGdCVEqoZfoFSXu81XYKWwC_tsP8oT.v7<ime=304&fr=1&ref=&inner=_ver%3D349%7C_ch_arch%3Dx86%7C_ch_pm%3DWin32%7C_ch_pver%3D10.0.0%7C_ch_bits%3D64%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7B%22Google%20Chrome%22%2C%22123.0.6312.122%22%7D%2C%7B%22Not%3AA-Brand%22%2C%228.0.0.0%22%7D%2C%7B%22Chromium%22%2C%22123.0.6312.122%22%7D&exid=661f3b0c2faaba36&brts=1713322765&fpcap= HTTP 301
- https://onet.hit.gemius.pl/__/_1713322765105/rexdot.js?l=100&sendf=24&id=ba1K6Ed0qzmD.M_8uctjJLdMXmd8cqLncrmMweYCBoT.u7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fwww.medonet.pl%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=v1DbPUxn2vDWKCHZySsm3kLePXdLEP39Ma7ud6Wt5ib.97ZoS8zhtBbQdonCyy9d3gngY4EQf3tPf3sY532lwo7_l6g./S_Tb30WM4T0sj/&fpdata=Z6GFgoP.E0As2QGdCVEqoZfoFSXu81XYKWwC_tsP8oT.v7<ime=304&fr=1&ref=&inner=_ver%3D349%7C_ch_arch%3Dx86%7C_ch_pm%3DWin32%7C_ch_pver%3D10.0.0%7C_ch_bits%3D64%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7B%22Google%20Chrome%22%2C%22123.0.6312.122%22%7D%2C%7B%22Not%3AA-Brand%22%2C%228.0.0.0%22%7D%2C%7B%22Chromium%22%2C%22123.0.6312.122%22%7D&exid=661f3b0c2faaba36&brts=1713322765&fpcap=
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.medonet.pl/ Redirect Chain
|
439 KB 84 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage.css
ocdn.eu/ucs/static/medonet/e9bed653ab0555d774a301b9481358fa/css/desktop/ |
49 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nojs.css
ocdn.eu/ucs/static/medonet/e9bed653ab0555d774a301b9481358fa/css/desktop/ |
34 B 454 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
249 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.js
ocdn.eu/ucs/static/medonet/e9bed653ab0555d774a301b9481358fa/js/desktop/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZXgk9kpTURBXy9lYjk4NzhkMjU1MDI2ZWQ4YjFmN2M3Yjg1NDllMDAxMC5wbmeRkwXNAujNAXjeAAGhMAU
ocdn.eu/pulscms-transforms/1/ |
29 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tj3k9kpTURBXy9lNDI4MWRjOTYyY2YzNDRmNzgzYWQ1YzZlZDU3MjZiNC5qcGeRkwXMkMxo3gABoTAF
ocdn.eu/pulscms-transforms/1/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1mUk9kpTURBXy8wYjU3MjdiZGZkZjM1ZGM3NjQyOTkyMmVmZWFjYzdmNS5qcGeRkwXMkMxo3gABoTAF
ocdn.eu/pulscms-transforms/1/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tpUk9kpTURBXy9iMWIyZWJlMjdjMjk0ZWIzMGU5NWM0Zjk0ZjEwOGRmMS5qcGeRkwXMkMxo3gABoTAF
ocdn.eu/pulscms-transforms/1/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PBCk9kpTURBXy9iNGMyM2Y1ZTVjMWM2ZTg5ZTM2N2EyZjRmZmJmNGJmOS5qcGeRkwXMkMxo3gABoTAF
ocdn.eu/pulscms-transforms/1/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pulsembed.js
pulsembed.eu/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage.js
ocdn.eu/ucs/static/medonet/e9bed653ab0555d774a301b9481358fa/js/desktop/ |
108 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
60cc5dad94edcde389f525de.js
s-eu-1.pushpushgo.com/js/ |
79 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xgemius.js
onet.hit.gemius.pl/ |
68 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YnVpbGQvezlza2x0NDA5fWRsQXBpL2RsLmxpYntOTWFzXzQwOX0ubWluLmpz
sgqcvfjvr.onet.pl/ |
325 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dl.aureus.min.js
sgqcvfjvr.onet.pl/build/dlApi/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clickmap.min.js
sgqcvfjvr.onet.pl/simetra/clickmap/5.1.0/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dl.cmp.min.js
sgqcvfjvr.onet.pl/build/dlApi/ |
140 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
artemis.min.js
sgqcvfjvr.onet.pl/simetra/artemis/0.6.2/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel-module.js
lib.onet.pl/static/pixel/1.7.1/ |
29 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poppins-regular-webfont.woff
ocdn.eu/medonet/fonts/ |
20 KB 21 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poppins-semibold-webfont.woff
ocdn.eu/medonet/fonts/ |
21 KB 21 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tIik9kpTURBXy8yMjIyYzljODM0NTRmNjM1M2IyYmY2ZjJkNjgyZjJmZS5qcGeRkwUYGN4AAaEwBQ
ocdn.eu/pulscms-transforms/1/ |
442 B 915 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lbfk9kpTURBXy8xMmFmYzYyYzJiMzlmOTc1NjA3MTgxODI1M2FhMDFmYi5qcGeRkwXNAWjM0N4AAaEwBQ
ocdn.eu/pulscms-transforms/1/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Wrck9kpTURBXy9iM2JjYmFiM2Y3NmVjMjdkNmUzMDQyYWIwOTNjZmI0My5qcGeRkwXNAWjM0N4AAaEwBQ
ocdn.eu/pulscms-transforms/1/ |
9 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jj4k9kpTURBXy9hMzI3MDRkYjQ0MDY1OGYzMWQxNzgzOGNjNDUyNWNlMi5qcGeRkwUYGN4AAaEwBQ
ocdn.eu/pulscms-transforms/1/ |
200 B 675 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LV1k9kpTURBXy9jNmQ1NDkwNzc3MWYxYjJkOWQ5YzljYmM3ZmJmZGIxYy5qcGeRkwXNAWjM0N4AAaEwBQ
ocdn.eu/pulscms-transforms/1/ |
9 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VfOk9kpTURBXy9iN2VlN2Q5YTUyMTE3NTY2MjIzNjJiYWQ1N2U0Y2Q5MS5qcGeRkwXNAWjM0N4AAaEwBQ
ocdn.eu/pulscms-transforms/1/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hrnk9kpTURBXy9jZWJhNjMwZTAwMDhmMWM4YmFmZDUwMDAwMjA5Nzg3OS5qcGeRkwUYGN4AAaEwBQ
ocdn.eu/pulscms-transforms/1/ |
540 B 1013 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yR-k9kpTURBXy9jMDkzNWVkZTQ1N2I1YzU1ZGFkNjk1Mjc1NTdlMmFkZi5wbmeRkwXNAWjM0N4AAaEwBQ
ocdn.eu/pulscms-transforms/1/ |
25 KB 25 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3ADk9kpTURBXy8yNWRhYzcxZjBiM2RkMzdjNGMzNjBkZTg2NzhlNGZkMy5qcGeRkwXNAWjM0N4AAaEwBQ
ocdn.eu/pulscms-transforms/1/ |
5 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5NRk9kpTURBXy8wMmMwNmEzYzQ0NGY0ODRlMjUxN2Q2MDYwNWFhN2FlZC5qcGeRkwXMkMxo3gABoTAF
ocdn.eu/pulscms-transforms/1/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
T5fk9kpTURBXy9lZTU4ODQzOTc0ZjEwYTU1MjY3ZWY5ODNlNTM4NmVlOS5qcGeRkwXMkMxo3gABoTAF
ocdn.eu/pulscms-transforms/1/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kHCk9kpTURBXy9lYjk4NzhkMjU1MDI2ZWQ4YjFmN2M3Yjg1NDllMDAxMC5wbmeRkwXMkMxo3gABoTAF
ocdn.eu/pulscms-transforms/1/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poppins-bold-webfont.woff
ocdn.eu/medonet/fonts/ |
20 KB 21 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
pulsembed.eu/p2em/w2X3KYbNb/ Frame 8895 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpdata.js
onet.hit.gemius.pl/ |
279 B 394 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lsget.html
ls.hit.gemius.pl/ Frame 382A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin-push.js
s-eu-1.pushpushgo.com/scripts/660fee388e5b4ab097c15dfb/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin-beacon.js
s-eu-1.pushpushgo.com/scripts/660fee388e5b4ab097c15dfb/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugin-geolocation.js
s-eu-1.pushpushgo.com/scripts/660fee388e5b4ab097c15dfb/ |
482 B 635 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
me
events.ocdn.eu/v2/EA-1746213/ Redirect Chain
|
93 B 281 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consent
csr.onet.pl/1746213/ |
2 B 476 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cmp
csr.onet.pl/1746213/ Frame FD5D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-list.json
cmp.dreamlab.pl/vendor-list/v3/1746213/ |
539 KB 63 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
89 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tags
www.medonet.pl/njYjD8BNiL/1746213/ |
274 KB 20 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
me
cdp.ems.onet.pl/1746213/ |
228 B 580 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rexdot.js
onet.hit.gemius.pl/__/_1713322765105/ Redirect Chain
|
167 B 653 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tpl.min.js
lib.onet.pl/static/lps/Analytics-Prebid/ Frame 3C42 |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tpl.min.js
lib.onet.pl/static/lps/DMP-1plusX-SDK/ Frame B9C0 |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6b999216c8a0621788057b02229aa8a2.js
ocdn.eu/files/mastt/NmU7MDA_/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MEDONET.js
cdn.brandmetrics.com/tag/55264f219caf410499e18628624d80a9/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get-config
cmp.ringpublishing.com/1746213/ |
250 B 560 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cmp.bundle.js
cmp.dreamlab.pl/static-v2/ |
225 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyNDA0MTcwNDU5MjUxMTIwMTA2NjgwIiwiZ2xvYmFsIjoiMjAyNDA0MTcwNDU5MjUxMTIwMTA2NjgwIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vd...
events.ocdn.eu/v2/EA-1746213/user/ |
145 B 522 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ope-raspl.js
cdn.opecloud.com/ Frame B9C0 |
81 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cmp.min.css
ocdn.eu/cmp/styles/1746213/18/ |
16 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cmp.min.css
ocdn.eu/cmp/styles/1746213/20/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
translation.json
ocdn.eu/cmp/translations/1746213/pl/516/ |
40 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404150101/ |
451 KB 141 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
273 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5_1_0_loginbar.css
ocdn.eu/medonet/loginbar/ |
2 KB 954 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5_1_0_loginbar.js
ocdn.eu/medonet/loginbar/ |
91 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
www.medonet.pl/ |
37 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
set
third-party-cookie.raspcs.pl/ |
126 B 379 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check
third-party-cookie.raspcs.pl/ |
151 B 356 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
events.ocdn.eu/v2/ |
0 142 B |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk-consent-delayed
raspl.tagger.opecloud.com/raspl/v2/metrics/ Frame B9C0 |
0 177 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
90 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| ringDataLayer object| accConf object| dataLayer string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| onetAds number| numberOfDoctorsOnline boolean| healthAssistantAutoOpenMobile boolean| healthAssistantAutoOpenDesktop boolean| isMobile string| video_intext_preset object| pulse2EmbedConfig function| dlApiRequire function| dlApiDefine function| dlApiExec function| loadScript object| regeneratorRuntime function| openDialog function| closeDialog function| replaceDialog function| pulsembed object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_cmd function| pp_gemius_cmd function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt object| ppg function| __cdnJSPath function| webpackJsonpppg__name_ object| Base64Url object| EventsApi object| $onet object| dlApi function| RasPrebidAnalytics function| __tcfapi object| googletag object| onetBoxes function| OnetBoxes function| onetAddAudit function| onetAddFif function| onetShowAsynchAds function| onetShowAsyncSlots function| getBannerSize function| onetAddAsync function| onet string| onet_proto function| OnetApi string| trackingUrl object| elements object| providers function| watch boolean| ppidTagEmbeded object| __tcfConfig object| google_tag_manager object| google_tag_data object| pbjs object| onetStickyAd object| core object| ggeac object| google_js_reporting_queue function| gtag string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing function| onYouTubeIframeAPIReady object| gaGlobal object| brandmetrics function| __assign object| gaplugins object| gaData function| LoginBarSdk function| third_party_cookie_test_callback20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.medonet.pl/ | Name: acc_segment Value: 54 |
|
pulsembed.eu/ | Name: acc_segment Value: 18 |
|
.medonet.pl/ | Name: __gfp_64b Value: Z6GFgoP.E0As2QGdCVEqoZfoFSXu81XYKWwC_tsP8oT.v7|1713322764 |
|
.hit.gemius.pl/ | Name: receive-cookie-deprecation Value: 1 |
|
.events.ocdn.eu/ | Name: ea_uuid Value: 202404170459251120106680 |
|
events.ocdn.eu/ | Name: acc_segment Value: 80 |
|
cdp.ems.onet.pl/ | Name: acc_segment Value: 26 |
|
csr.onet.pl/ | Name: acc_segment Value: 22 |
|
.medonet.pl/ | Name: ea_uuid Value: 202404170459251120106680 |
|
embed.videos.ringpublishing.com/ | Name: acc_segment Value: 86 |
|
.medonet.pl/ | Name: adp_dmp_dls Value: %7B%22nk%22%3A1715137165273%2C%22sso%22%3A1713927565273%2C%22sympatia%22%3A1713927565273%2C%22geo%22%3A1713927565273%2C%22dmp1px%22%3A1713409165273%7D |
|
.medonet.pl/ | Name: ats_ri Value: ri=&model=&models=eyJhdHNfcmkiOm51bGx9&ttl_ms=3600000&expires_ms=1713326365308&version=1713322765.283 |
|
cmp.ringpublishing.com/ | Name: acc_segment Value: 46 |
|
.pulsembed.eu/ | Name: __gfp_s_64b Value: Idxsape1kP4sp9jT6YiCA4txFZdRDoZ5oUs9g3sJPT..67|1713322765 |
|
third-party-cookie.raspcs.pl/ | Name: acc_segment Value: 80 |
|
.pulsembed.eu/ | Name: ea_uuid Value: 202404170459251120106680 |
|
.pulsembed.eu/ | Name: ats_ri Value: ri=&model=&models=eyJhdHNfcmkiOm51bGx9&ttl_ms=3600000&expires_ms=1713326366751&version=1713322766.71 |
|
cmp.dreamlab.pl/ | Name: acc_segment Value: 81 |
|
.hit.gemius.pl/ | Name: Gdyn Value: KlS_VMaGQMGG1fg9T1JlccXUssGMC1LoL6nxmGBBD-KMY8nnGsRP5x7tGKGGqPvvgGl8leB2GQRPgS9gaQG. |
|
.hit.gemius.pl/ | Name: Gdynp Value: 7pXBOuDTDRRX1Z1DDcz7tfIhCHXym3dlZ4BX5QIYywr.g7 |
62 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.brandmetrics.com
cdn.opecloud.com
cdp.ems.onet.pl
cmp.dreamlab.pl
cmp.ringpublishing.com
csr.onet.pl
events.ocdn.eu
lib.onet.pl
ls.hit.gemius.pl
ocdn.eu
onet.hit.gemius.pl
pulsembed.eu
raspl.tagger.opecloud.com
region1.google-analytics.com
s-eu-1.pushpushgo.com
securepubads.g.doubleclick.net
sgqcvfjvr.onet.pl
third-party-cookie.raspcs.pl
www.google-analytics.com
www.googletagmanager.com
www.medonet.pl
108.138.7.127
108.138.7.14
108.138.7.17
13.32.121.102
143.204.215.76
143.204.215.79
143.204.98.97
146.59.30.100
15.197.153.132
172.217.16.130
172.217.23.104
172.67.69.191
18.239.83.71
18.244.18.89
18.66.112.80
213.180.139.178
216.239.34.36
216.58.212.142
3.121.23.187
51.83.214.237
75.2.119.157
76.223.91.230
008d46bf7a6b9a858d6a273989c477d3fe7d97cafc96f5e5c60b6dc90ba2df2e
079915f91717f2051bfe927c0ed716a4a8816fe090e232a0a18611bd26a62ac9
0c24f20cfcc073e1475d414e9d84ae2cd4185c75e546f2d9ca5ef87ae69b5f8b
0fb9b1beef76604171e253fb0acabfe299423dc033360833122f4af88690268e
10af53bea102412a4480a917fdb216da6f877dba24035984e231af73467c264f
123b71a569a249218b61f5cfbcf82d2a1ac83fdf848ca02142687d8fde0377ff
1245d768da4e3a9d74290134457860505033da8b8faa265d1c7a8d70cf4a2963
1ce9266ab4b9a7542f875cbd05c8512e68e365a2e557c90d4916a9da8ae68927
2107a43f0996dd7aaf5af38b407aeb144bdaaad7083f87744cb803233e0ad3e1
24961f8c909c027144690c14fe77049fe893231e85fc4e16dc6a3ecbdc9966c5
26c6c13de6db480dd961bf8dc8cae1e2da007fa9f6bc1692e29da80bdc652769
2d991e0ab82500cf4f73b5c5f2d7fe0f8063f8033cd94bef705f3e4905604aa9
2e1b169f4c3fbf3c407b3556491f673365c00e44283018e9ab5ed53e28c3686f
30cb36dc754a6c079081e99dbc591add341656f114d19ef748c2b3d2d06e5251
31c0812d0d333f5aca420316442a3921c9b5b49e100d17e93c441e714a64ba6d
3f03304031fe7d7788cfefdf5913bf88821b4f3b7fba74d9ff4bbc8c190420d1
3fb55d3c0e78cc348a3d6a1be444e61a921b867479fe926104ea9e6a0b8872f1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4576dabb64e5292a9e1bb8852e6a4ee7a58559b7cd0ae760a84df478f3dd9d80
4c3c30d6c302cd0ee4032d2a8284481fbf491cbd606a5a6163819e49a6f6ee40
4db1d4b1acda5f39723cac7ac0e77cccaabd5821938749d3ac82944a85091d96
519110e813055309497ca6438a417debb11946ea9abffd52913963a70b07e4ca
5624e381bd10235ab37d989a5d19eb7b266c16b3db3c191d9a2990651c1d5e3c
597ffae5e583a34e947d8b205979393e71173ac99e011f69a942023e0dff9b31
5d14e1187c5fa7ab14e7bc2d30098b319f5b4bfa9b9666b2b25cbce6b3bfee7c
5d2f4e2be054f656151427a3caeadcf9c87fee093d2e82145be6333d98b29669
61dbf8b592a526fe280a528230ebeb49829e526865f8417c07a6eeaf178d7472
633c9376b166ad482fb17c95f16a2e3f383f92cabcdd26e7317dc6b9679cf521
683428198e84cbf8e412e13d7f989e8e4a514f22c1a1486f461618c1b8841bb0
6fe258af5cd5e54c8689635c3edff9dac2fabfd4070aeaf2be00fc7459984eab
738be4747e8f670d1b0646529c6f1ab28b100da33542390ce4551c6a35e5509d
7a5fd159ba5b5aa2fdecc2299b3f331b62f3ac3d5d5c88cba2b08e04d6fca963
7e6bfa643bf104c338203d6340cfed91d6f88aeeb39124ce7cc7a54abadfd821
820244db0a3c2102675121cb293c44cad97662f2486534f612dca8edaa4fe7c2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834c04c6d4ee8efa02052e0051b414344010d0f555fff416f9a161e72cce181b
933479d9f6dcab85868b15e7cb60f50422753c7eb125ac5d62d1038eb940a8c4
96586fc1b9b12aba3e75cc019783b3205dacc8dfdd6eec1921ef70099de47cff
a09b465aa8823e63aed08ce2834b2c4173928151854138ebadfb188f6bab0f09
a5aef72093739db01e43cf3131916434e76e9e0531d4a6c6b545193cbb2e1fd7
a7333c85c0187b18a9b742f0d33e3c5cb57a3ef1fbc8d33c172ef077b0d93124
a858343e21abcb235dcc60a90d2bc66cc797e715dbe2daed8ee706a3fa9a6d89
aaae4aa9532a0d29d75f501420392cf81e7e0277e6ba096053eadadcb28ba53e
ab30bbe5ff4404adba3a7e60348156bc3e7c67619a848fa25e8a9418867ebbfa
abae2cd5aaac6e54e1fd77aba080034858cbd255a78a4f896347a5d93d4dadd0
b6665cd281c4f01c2222d952ec6943c68707232a48eb9a3c72298f4f4eb28015
bf52095b7d44ff28bc210f569e20b976cf6d15172f63ab06254a761bd083be99
c085a3d65ea5dd32e50869cbfc3885e5f8b8009f4759265a6bb83326daab4c39
c5e757b42cf6c3788a1c1f2518a3cfca2cc52cba97edef88c25c2e56d0ffdd01
c9a2052acdfd766570a0df6fd1de0e2759b1eb2d3903842eeedb6d3a056f47ff
cac22a994cb966c6ca01507ad47672c7e2f9d20d98678b1b99aff95366ee6197
cd2aafce040c1cd6c3335da267dd9783dea7d862648835f8f2be5aec535bbaec
d0a294f56ef90afdf398330076f77d00956db851fed8dca901b92afa1bfeb8f8
d29e4f0d3baa56756245625fd39e4f078ca7691c0cd163d02f3bf165446ab409
daaa8d1625d5762a5ee90e33cd43cce9b4129e0974169a7149ecb9fc04e92e4d
ddc56f287088dc4532059ea13b11f2525d9c786b236ceb43840461c2c83c2ea0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e02d1eadf87e71d79baba0c0c4b4465e694e2c188090799c7dca2a4a70bc6515
e177d381a4cadc00ef946c82e43a32aa118316dc58233224de75d4db0e5d83f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e00474b0c15688781b9a0da6fcf52a6b22e8992ecf31a68c6c0f87f2cf19e5
e58bc2649baad13d8b3c81188dbaa64ecf70f346cb077e7cd6d6db75eaffadbb
e670f43d05325abb8ddf3d0d129f7ad297a0ff73fc3622688025747ddee6f7c5
eb99b01f43154e2377134ffdfd33aa554474e6d3abdf652a6e644ed64724cabb
ed661d78634e4304ef220a94b9a7934b8eca8325cf21feb18ed7ce45cd4fb05d
efe9851c1715406b4f7ccdb4120e25a3aa1b2308d44268a758ad84dfc7cd6752
f0362f52a068ee2b11f76b189242debc0289a4ef35dd80ad962496420244c71f
f997ccecf214cd1717c9c01ae4abb30a1aeab9e4d4ef8568dc10a6bcf3587642