www.oz-offers.com
Open in
urlscan Pro
104.27.152.63
Public Scan
Effective URL: http://www.oz-offers.com/cgi-bin/wingame.pl?partner_pk=478&wingame_pk=59&freetest_pk=190&wingame_special_prize1=2000_amaz...
Submission: On September 06 via manual from AU
Summary
This is the only time www.oz-offers.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
29 | 104.27.152.63 104.27.152.63 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 2a00:1450:401... 2a00:1450:401b:801::2004 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 92.123.93.139 92.123.93.139 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 52.84.32.134 52.84.32.134 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 151.101.114.2 151.101.114.2 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 2.21.246.10 2.21.246.10 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:401... 2a00:1450:4016:809::2003 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 2600:9000:201... 2600:9000:2013:a200:6:44e3:f8c0:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200e | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 2a00:1450:400... 2a00:1450:400c:c04::9b | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 92.123.93.93 92.123.93.93 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 54.231.73.11 54.231.73.11 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 95.172.94.44 95.172.94.44 | 27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation) | |
1 | 2.21.246.17 2.21.246.17 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 92.123.93.2 92.123.93.2 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a00:1288:110... 2a00:1288:110:833::4000 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
2 | 54.228.220.31 54.228.220.31 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 35.189.237.200 35.189.237.200 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 104.244.42.195 104.244.42.195 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
1 | 37.252.172.80 37.252.172.80 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 | 107.21.24.13 107.21.24.13 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 173.241.240.143 173.241.240.143 | 36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES) | |
1 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
62 | 27 |
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
www.oz-offers.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-139.deploy.akamaitechnologies.com
cdn.optimizely.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-32-134.ewr50.r.cloudfront.net
script.crazyegg.com |
ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com | |
trc.taboola.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-93.deploy.akamaitechnologies.com
tags.bkrtx.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com
gtrk.s3.amazonaws.com |
ASN27281 (QUANTCAST - Quantcast Corporation, US)
PTR: pixel.quantserve.com
pixel.quantserve.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-2.deploy.akamaitechnologies.com
s.adroll.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-220-31.eu-west-1.compute.amazonaws.com
d.adroll.com |
ASN15169 (GOOGLE - Google Inc., US)
PTR: 200.237.189.35.bc.googleusercontent.com
x.bidswitch.net |
ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 152.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-21-24-13.compute-1.amazonaws.com
idsync.rlcdn.com |
ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
us-u.openx.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
Domain | Requested by | |
---|---|---|
29 | www.oz-offers.com |
www.oz-offers.com
|
3 | fonts.gstatic.com |
www.oz-offers.com
|
2 | d.adroll.com | |
2 | connect.facebook.net | |
2 | gtrk.s3.amazonaws.com |
www.oz-offers.com
|
1 | www.facebook.com | |
1 | us-u.openx.net | |
1 | idsync.rlcdn.com | |
1 | ib.adnxs.com | |
1 | analytics.twitter.com | |
1 | x.bidswitch.net | |
1 | ads.yahoo.com | |
1 | s.adroll.com |
www.oz-offers.com
|
1 | a.adroll.com |
www.oz-offers.com
|
1 | pixel.quantserve.com |
www.oz-offers.com
|
1 | tags.bkrtx.com |
www.oz-offers.com
|
1 | stats.g.doubleclick.net |
www.oz-offers.com
|
1 | www.google-analytics.com |
www.oz-offers.com
|
1 | rules.quantcount.com |
edge.quantserve.com
|
1 | www.gstatic.com |
www.google.com
|
1 | trc.taboola.com |
www.oz-offers.com
|
1 | edge.quantserve.com |
www.oz-offers.com
|
1 | cdn.taboola.com |
www.oz-offers.com
|
1 | script.crazyegg.com |
www.oz-offers.com
|
1 | cdn.optimizely.com |
www.oz-offers.com
|
1 | www.google.com |
www.oz-offers.com
|
1 | fonts.googleapis.com |
www.oz-offers.com
|
0 | tags.bluekai.com Failed |
www.oz-offers.com
|
0 | www.australiatrackingap.com Failed |
www.oz-offers.com
|
62 | 29 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.google.com Google Internet Authority G2 |
2017-08-15 - 2017-11-07 |
3 months | crt.sh |
*.optimizely.com Symantec Class 3 Secure Server CA - G4 |
2016-11-11 - 2017-11-11 |
a year | crt.sh |
*.google.com Google Internet Authority G2 |
2017-08-15 - 2017-11-07 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G2 |
2017-08-15 - 2017-11-07 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2017-09-01 - 2017-11-24 |
3 months | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2016-07-29 - 2017-11-29 |
a year | crt.sh |
*.adroll.com Symantec Class 3 Secure Server CA - G4 |
2016-11-07 - 2018-01-06 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2016-12-09 - 2018-01-25 |
a year | crt.sh |
ad.yieldmanager.com Symantec Class 3 Secure Server CA - G4 |
2017-07-27 - 2018-01-23 |
6 months | crt.sh |
*.bidswitch.net COMODO RSA Domain Validation Secure Server CA |
2017-03-14 - 2018-04-13 |
a year | crt.sh |
*.twitter.com DigiCert SHA2 High Assurance Server CA |
2015-07-30 - 2018-08-03 |
3 years | crt.sh |
*.adnxs.com GeoTrust SSL CA - G3 |
2016-02-25 - 2018-05-26 |
2 years | crt.sh |
*.rlcdn.com Go Daddy Secure Certificate Authority - G2 |
2017-05-08 - 2019-06-21 |
2 years | crt.sh |
*.openx.net GeoTrust SSL CA - G3 |
2017-05-11 - 2020-07-09 |
3 years | crt.sh |
This page contains 5 frames:
Primary Page:
http://www.oz-offers.com/cgi-bin/wingame.pl?partner_pk=478&wingame_pk=59&freetest_pk=190&wingame_special_prize1=2000_amazon_brand_testing_voucher&sub_id=7171-&sub_id_postback=10217e5999f614c1d5b52623a10568
Frame ID: 25079.1
Requests: 39 HTTP requests in this frame
Frame:
http://www.oz-offers.com/sc/RWgKrGmwooIgsxvKGQkgsgrOwihGkrggKoxhsNKgxsHwxilhPKhKgmsMxGkuxvKGqgmkpuotOkkmtOgoIqKoxnwJQhnoxGlRixlQoKKzhstxIjpjisPwImKtkspwusKziGRLGgkhgwOIkosiRghGGuuwHvwpMkthtkooiGoxivlGoxgxykkIrQhQIRjgspymuLpHszyupKLzsxwIstjhmHxjqKzjspzmotjgsHxIhXmthlxwgmimwNzqokpiQhKkKgLtnsxzIoLtgz
Frame ID: 25079.2
Requests: 19 HTTP requests in this frame
Frame:
http://www.australiatrackingap.com/sc/hlzmwyKWgKggjhiKtLiHikxuwkxkIrXsijskgnyMkowoLiirlhgRvosLkoLiQgLOOy
Frame ID: 25079.4
Requests: 1 HTTP requests in this frame
Frame:
http://www.oz-offers.com/sc/kwrRgzGoMiRgxWgoyIqjswjGlrOiuxjorpiigHiktNpNksPymrormthlxwgmigwNwItOgoIqKoxswQOgXOwNKoROJligkiwpssjgs
Frame ID: 25079.5
Requests: 2 HTTP requests in this frame
Frame:
http://tags.bluekai.com/site/45055?dt=0&r=1386786798&sig=2139351660&bkca=KJ0BMX+rQp9xHqXs5GAypfOQDSkvZASaBo+tjyWhjLesMrlDCvIF6NjPkoPs/Xt85NbvZv/l7wZ0CXADsezMcglGXqbV0GcKsmkaeNbT5Vs+UR+kJq3mvnNrOUKLoqO3Rn3o1BsSAfPAUguP+E/EDPMKoLqjhQFEUd6cJqAM7unWWsNIW13em8KVo/VSru+Q/zMJRH9WrmqN/iqz3cGbTPrgzIBwzVkfGk0pFMxRELbzGx0+dQYVxorZqgIlOYcvuJn7KjKirWV7oW7YB/h3aYEo8F8d2odl5KFuSBVHnMFh9AzbFNBhljXcqRz5DhPz8AWGYDY4ReuknW42KrPvvs8bBkFvQ5gufANah48XWnmtqhU23sh8W143ZxW5yD3+Obo2OCh1W4FBmca5/aXPuHGkuHEsUyAY7L/=
Frame ID: 25079.6
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
MooTools (JavaScript Frameworks) Expand
Detected patterns
- script /mootools.*\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /cloudflare/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: supported browser
Search URL Search Domain Scan URL
Title: Why is this happening to me?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request 42- https://www.google-analytics.com/r/collect?v=1&_v=j60&a=202593371&t=pageview&_s=1&dl=http%3A%2F%2Fwww.oz-offers.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D478%26wingame_pk%3D59%26freetest_pk%3D190%2...
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43654917-9&cid=2012443731.1504665918&jid=1300512257&_gid=824519229.1504665918&gjid=1005811215&_v=j60&z=902827791
- http://tags.bluekai.com/site/45055?ret=html&phint=__bk_k%3D&phint=__bk_pr%3Dhttp%3A%2F%2Fwww.oz-offers.com%2Fcgi-bin%2Fwingame.pl%3Fpartner_pk%3D478%26wingame_pk%3D59%26freetest_pk%3D190%26wingame_...
- http://tags.bluekai.com/site/45055?dt=0&r=1386786798&sig=2139351660&bkca=KJ0BMX+rQp9xHqXs5GAypfOQDSkvZASaBo+tjyWhjLesMrlDCvIF6NjPkoPs/Xt85NbvZv/l7wZ0CXADsezMcglGXqbV0GcKsmkaeNbT5Vs+UR+kJq3mvnNrOUKL...
- https://d.adroll.com/pixel/PMNU5M2W5FFKDOTTSRW7YY/YMG3CAG5NFD4LFX5QUEJNX?pv=27802512063.868633&cookie=&keyw=&name=9c66fe1b&arrfrr=http%3A%2F%2Fwww.oz-offers.com%2Fsc%2FRWgKrGmwooIgsxvKGQkgsgrOwihGk...
- https://s.adroll.com/pixel/PMNU5M2W5FFKDOTTSRW7YY/YMG3CAG5NFD4LFX5QUEJNX/37LXOCBQAZDIFN3L3XBIO3.js
- http://connect.facebook.net/en_US/fbevents.js
- https://connect.facebook.net/en_US/fbevents.js
- https://d.adroll.com/cm/r/out
- https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
- https://x.bidswitch.net/sync?dsp_id=44&user_id=NjNlZjJlMmZiODRiMzAyZTM4ZDYzMjliZWY4YjQ4ZDA
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjNlZjJlMmZiODRiMzAyZTM4ZDYzMjliZWY4YjQ4ZDA
- https://d.adroll.com/cm/w/out
- https://analytics.twitter.com/i/adsct?p_user_id=NjNlZjJlMmZiODRiMzAyZTM4ZDYzMjliZWY4YjQ4ZDA&p_id=823423
- https://d.adroll.com/cm/x/out
- https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27NjNlZjJlMmZiODRiMzAyZTM4ZDYzMjliZWY4YjQ4ZDA%27)
- https://idsync.rlcdn.com/377928.gif?partner_uid=63ef2e2fb84b302e38d6329bef8b48d0
- https://idsync.rlcdn.com/377928.gif?partner_uid=63ef2e2fb84b302e38d6329bef8b48d0&redirect=1
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=63ef2e2fb84b302e38d6329bef8b48d0
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=63ef2e2fb84b302e38d6329bef8b48d0
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=Y-8uL7hLMC441jKb74tI0A&google_ula=1535926&google_tc=
- https://d.adroll.com/cm/g/in?google_ula=1535926,0
- http://connect.facebook.net/signals/config/261061830956140?v=2.7.21
- https://connect.facebook.net/signals/config/261061830956140?v=2.7.21
62 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
wingame.pl
www.oz-offers.com/cgi-bin/ Redirect Chain
|
28 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
www.oz-offers.com/_global/css/ |
731 B 452 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
basic.css
www.oz-offers.com/_global/css/ |
2 KB 798 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.css
www.oz-offers.com/_global/css/ |
327 B 217 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global_mobile.css
www.oz-offers.com/_global/css/ |
385 B 193 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
www.oz-offers.com/_global/fonts/font-awesome-4.6.3/css/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
fonts.googleapis.com/ |
1 KB 390 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sponsoren_iframe.css
www.oz-offers.com/_global/css/ |
2 KB 626 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
series.css
www.oz-offers.com/_global/wingame/57/css/ |
32 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sweepstake.css
www.oz-offers.com/wingame/59/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MooTools-Core-1.6.0-compat-compressed.js
www.oz-offers.com/_global/js/framework/ |
94 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
moolidator.js
www.oz-offers.com/_global/js/ |
31 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
moolidator_rules.js
www.oz-offers.com/_global/js/ |
18 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
api.js
www.google.com/recaptcha/ |
797 B 440 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.js
www.oz-offers.com/_global/js/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global.js
www.oz-offers.com/wingame/global/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
series.js
www.oz-offers.com/_global/wingame/57/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sweepstake.js
www.oz-offers.com/wingame/59/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image_190_104.png
www.oz-offers.com/files/web/freetest/_images/ |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
progress_active.png
www.oz-offers.com/_global/wingame/57/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
progress_form.png
www.oz-offers.com/_global/wingame/57/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
progress_gift.png
www.oz-offers.com/_global/wingame/57/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
progress_cup.png
www.oz-offers.com/_global/wingame/57/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image_190_103.png
www.oz-offers.com/files/web/freetest/_images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
graph_symbol.jpg
www.oz-offers.com/_global/wingame/55/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sweepstake_countdown.png
www.oz-offers.com/_global/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6374270376.js
cdn.optimizely.com/js/ |
178 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RWgKrGmwooIgsxvKGQkgsgrOwihGkrggKoxhsNKgxsHwxilhPKhKgmsMxGkuxvKGqgmkpuotOkkmtOgoIqKoxnwJQhnoxGlRixlQoKKzhstxIjpjisPwImKtkspwusKziGRLGgkhgwOIkosiRghGGuuwHvwpMkthtkooiGoxivlGoxgxykkIrQhQIRjgspymuLpHs...
www.oz-offers.com/sc/ Frame 2507 |
2 KB 978 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
k3k702ZOKiLJc3WVjuplzInF5uFdDttMLvmWuJdhhgs.ttf
fonts.gstatic.com/s/opensans/v14/ |
27 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content_bg.png
www.oz-offers.com/_global/wingame/57/images/ |
155 B 155 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/opensans/v14/ |
26 KB 17 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
fonts.gstatic.com/s/opensans/v14/ |
27 KB 18 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exit_link.png
www.oz-offers.com/_global/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
hlzmwyKWgKggjhiKtLiHikxuwkxkIrXsijskgnyMkowoLiirlhgRvosLkoLiQgLOOy
www.australiatrackingap.com/sc/ Frame 2507 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2186.js
script.crazyegg.com/pages/scripts/0052/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tfa.js
cdn.taboola.com/libtrc/egentic-sc/ Frame 2507 |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quant.js
edge.quantserve.com/ Frame 2507 |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mark
trc.taboola.com/egentic-sc/log/3/ Frame 2507 |
0 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
recaptcha__en.js
www.gstatic.com/recaptcha/api2/r20170829114530/ |
217 KB 70 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rules-p-xWHZCnEBh6zNW.js
rules.quantcount.com/ Frame 2507 |
3 B 3 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kwrRgzGoMiRgxWgoyIqjswjGlrOiuxjorpiigHiktNpNksPymrormthlxwgmigwNwItOgoIqKoxswQOgXOwNKoROJligkiwpssjgs
www.oz-offers.com/sc/ Frame 2507 |
417 B 290 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
32 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s5-bfp.js
www.oz-offers.com/_global/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bk-coretag.js
tags.bkrtx.com/js/ Frame 2507 |
38 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s
gtrk.s3.amazonaws.com/ |
32 B 32 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
u
gtrk.s3.amazonaws.com/ |
32 B 32 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
45055
tags.bluekai.com/site/ Frame 2507 Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel;r=1091577165;labels=_fp.event.Aussie%20Homeware%20Landing%20Page;event=refresh;rf=0;a=p-xWHZCnEBh6zNW;url=http%3A%2F%2Fwww.oz-offers.com%2Fsc%2FRWgKrGmwooIgsxvKGQkgsgrOwihGkrggKoxhsNKgxsHwxil...
pixel.quantserve.com/ Frame 2507 |
35 B 35 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
a.adroll.com/j/ Frame 2507 |
25 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
37LXOCBQAZDIFN3L3XBIO3.js
s.adroll.com/pixel/PMNU5M2W5FFKDOTTSRW7YY/YMG3CAG5NFD4LFX5QUEJNX/ Frame 2507 Redirect Chain
|
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
fbevents.js
connect.facebook.net/en_US/ Frame 2507 Redirect Chain
|
34 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
ads.yahoo.com/ Frame 2507 Redirect Chain
|
0 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
out
d.adroll.com/cm/f/ Frame 2507 |
35 B 35 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Frame 2507 Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
adsct
analytics.twitter.com/i/ Frame 2507 Redirect Chain
|
43 B 74 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pxj
ib.adnxs.com/ Frame 2507 Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
377928.gif
idsync.rlcdn.com/ Frame 2507 Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sd
us-u.openx.net/w/1.0/ Frame 2507 Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in
d.adroll.com/cm/g/ Frame 2507 Redirect Chain
|
35 B 35 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
261061830956140
connect.facebook.net/signals/config/ Frame 2507 Redirect Chain
|
41 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
/
www.facebook.com/tr/ Frame 2507 |
44 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.australiatrackingap.com
- URL
- http://www.australiatrackingap.com/sc/hlzmwyKWgKggjhiKtLiHikxuwkxkIrXsijskgnyMkowoLiirlhgRvosLkoLiQgLOOy
- Domain
- tags.bluekai.com
- URL
- http://tags.bluekai.com/site/45055?dt=0&r=1386786798&sig=2139351660&bkca=KJ0BMX+rQp9xHqXs5GAypfOQDSkvZASaBo+tjyWhjLesMrlDCvIF6NjPkoPs/Xt85NbvZv/l7wZ0CXADsezMcglGXqbV0GcKsmkaeNbT5Vs+UR+kJq3mvnNrOUKLoqO3Rn3o1BsSAfPAUguP+E/EDPMKoLqjhQFEUd6cJqAM7unWWsNIW13em8KVo/VSru+Q/zMJRH9WrmqN/iqz3cGbTPrgzIBwzVkfGk0pFMxRELbzGx0+dQYVxorZqgIlOYcvuJn7KjKirWV7oW7YB/h3aYEo8F8d2odl5KFuSBVHnMFh9AzbFNBhljXcqRz5DhPz8AWGYDY4ReuknW42KrPvvs8bBkFvQ5gufANah48XWnmtqhU23sh8W143ZxW5yD3+Obo2OCh1W4FBmca5/aXPuHGkuHEsUyAY7L/=
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bluekai.com/ | Name: bku Value: dbX99e8CgNAYypNz |
|
.bluekai.com/ | Name: bkdc Value: iad |
|
.australiatrackingap.com/ | Name: __cfduid Value: d208a5d35b4bd2360f00f220910502e051504665917 |
|
.www.oz-offers.com/ | Name: __ar_v4 Value: |
|
.oz-offers.com/ | Name: __qca Value: P0-783963753-1504665918207 |
|
.oz-offers.com/ | Name: __cfduid Value: db7eac96eda14dd3ef2f3888c50629e341504665913 |
|
.oz-offers.com/ | Name: optimizelyBuckets Value: %7B%7D |
|
.oz-offers.com/ | Name: _ceg.u Value: ovu7ni |
|
.oz-offers.com/ | Name: optimizelyPendingLogEvents Value: %5B%5D |
|
.oz-offers.com/ | Name: _ga Value: GA1.2.2012443731.1504665918 |
|
.oz-offers.com/ | Name: optimizelySegments Value: %7B%7D |
|
.oz-offers.com/ | Name: _gid Value: GA1.2.824519229.1504665918 |
|
.oz-offers.com/ | Name: optimizelyEndUserId Value: oeu1504665917979r0.7965345346104085 |
|
.oz-offers.com/ | Name: _gat Value: 1 |
|
.oz-offers.com/ | Name: _ceg.s Value: ovu7ni |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.adroll.com
ads.yahoo.com
analytics.twitter.com
cdn.optimizely.com
cdn.taboola.com
connect.facebook.net
d.adroll.com
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
gtrk.s3.amazonaws.com
ib.adnxs.com
idsync.rlcdn.com
pixel.quantserve.com
rules.quantcount.com
s.adroll.com
script.crazyegg.com
stats.g.doubleclick.net
tags.bkrtx.com
tags.bluekai.com
trc.taboola.com
us-u.openx.net
www.australiatrackingap.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.oz-offers.com
x.bidswitch.net
tags.bluekai.com
www.australiatrackingap.com
104.244.42.195
104.27.152.63
107.21.24.13
151.101.114.2
173.241.240.143
2.21.246.10
2.21.246.17
2600:9000:2013:a200:6:44e3:f8c0:93a1
2a00:1288:110:833::4000
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:820::200e
2a00:1450:400c:c04::9b
2a00:1450:4016:809::2003
2a00:1450:401b:801::2004
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.189.237.200
37.252.172.80
52.84.32.134
54.228.220.31
54.231.73.11
92.123.93.139
92.123.93.2
92.123.93.93
95.172.94.44
0356044214bfbedb4744e88e7b07a853ac4fa09bb7381832e48886d6d4b7096e
0406aefd4de1968dcb7141a46ceb5e585c4a25399cb0112b2a9eb481f605745b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
118e1e9f8051a3d2cb41438c802ef354febdf61ad6050a9ddce076e6640231e6
2530f75762e5ff7d99c31fd09cb0395fc9140630780f34823c80d7cad8a49419
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
2abe861caf51ab1391dbb25a2cc08c44009818a403a6ecbf47af715a1d85a247
2c472c487756edbe3b34d5a0764234fbb078c537acd8a02cebd9c4059c69c3b6
2cab4befa3eb51095f6ec6db77d38ceedec216fb18e14d634c58cf448f85ac1a
2d9422a488f26a28e5cd3791e232af2f7547df10260e96bb76f68f29468c8819
3d20db2ca3330421b9074b01020f6d451227aa651288972668c0df437dc05733
3dc81ba70a9b8e653482686ca30b898dfbb3b8687d7f4223210cbdb5698f73f6
40f254e3e0edb40a1e74a94586f0f9c18ebded7ae20002d3efda1f503755a60e
4a90e8779711f8b5285c8e017177432c3da08bc6301aa9c1e12976fbe179e365
4d94af6ba9ff6b7a0cf0238ca39e38610ddc9456351d7366cde99268cafad22a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
512aa48291b189db206e6209d8dc676d9c6f956a5a3aa21a422e34739808885c
522cc831f77209aa434abd05e5a9a114ec3aab233232394877ea5446130584de
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59cbcc31f7edcee9f785f6b052b24a9871ddb9858d184d3055859cc84db805f5
64b268f744312ee134c2df4d909b41d531a7d5cd2cf25bdff8619327872380be
64c2b64790ca64f89125356bba780609cafa1cdfadb9ce3cb8614b0b6d953a71
651833d3329964dd98c76471d179c027b1c73f57adf220c2f335dfe0c07100cc
658d6016cea77c1079b3684ab5b88f428b161545fdb5b32a8a9efc7a406b1f29
66f9302d13e0abbcc534f4559fbf57319a38c13dd3cdc2c07d541c0c4b4a6d30
793c9557c2fcfd79a48b2ace2d2c2e6a14a09f50d1d3812828838623d643e455
7cf6a26f54f78e828b738d2121db37708a0e64c9f701637692c8f71359a9eddd
7ec8cad2e06dfe81cf44121032ec6e4dcfe98f973669716f95db93e258daaa7b
8015c44be2fa8ba307c65a87dc739b64338215515e6abd9c0b634081fb196245
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
93870857462f9d1aaf57bb1e470de36445040e43d8b5bc4de79bb47d17ea41fd
9629e0eadc54f8c78e52f511289dc48a680732afb660580bc57739a7c642b3ad
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15f1c59363dbd56d0e0abc0727d5af7cfe58fc9f93fcf3caed1de7f31eb1a42
a21831ac4f24048810bd0abb23b69ff4655e5d3290d04b6d8af637180698ac3b
a78b0d611fb76a9ef573318d1519e9915a4da57b8860d66c01b07ff07eafa058
a96fb43e00479651d742bad1719193a42852c8c58583666d41cd773379eb7bb6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeb65d0d8a2a7d7bfdb3b8f2012413df65abd0dfddcbf02c69f994f2ada9ed4a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b21fd57be940d3fe11c2533e9604c8f3a752d586e9d0b7f6b9714a59667552e8
bc00e3dc75482b72867224a8cca776668b70466820ddffc634725b18baf94a02
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd4c8f51bee563540c10456abc2cc84185f4ecf5af8a45b80eb8c16c620cfc0a
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
d25c6f0bd4685954d31793d8afd04de39f58d7ce25c3dd5280ceb5008c23b678
d40aa5b01d1c75b6d48a4f74feb6871814301279124281b91fdb2a9ea5a2ee93
dc549e7b2a60079f05145721d02c5a943a9a67330a204488c27323defbef0ddd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e8b99f73f8a52d7a036ee06bf341a978517b56a5fc9d358261715b33021147
e8e2fc412ae8035d396c8b03c10cdbed17aa68b76b7248fc4c527bcd0b8fbd7f
f10d2ade7166fc48eea7c0262f655adbd33dc2a356e4bb92034a408217e20140
f6de9ced41ed54dbfc4f51abfeb65d843bd8dd33a45cbb773ecf5f92d065dd52
f8f7011da51c1d4c55a123107fa854c1750daff3c8dcc3331e0c0633727c797d
ffdf548f4384d976fd86c6c417394cc8509ec511040cf50bb798330135ad01d6