nowinypaderewy.xlo.pl Open in urlscan Pro
185.204.218.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nowinypaderewy.xlo.pl/
Submission: On July 04 via api (July 4th 2024, 6:55:56 am UTC) from US — Scanned from PL

Summary HTTP 22 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 185.204.218.7, located in Poland and belongs to CF-GDA, PL. The main domain is nowinypaderewy.xlo.pl.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on June 14th 2024. Valid for: a year.

This is the only time nowinypaderewy.xlo.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
18	185.204.218.7 185.204.218.7		41079 (CF-GDA) (CF-GDA)
1	216.58.206.74 216.58.206.74		15169 (GOOGLE) (GOOGLE)
3	142.250.185.227 142.250.185.227		15169 (GOOGLE) (GOOGLE)
22	3

18 185.204.218.7 (Poland)

ASN41079 (CF-GDA, PL)
PTR: s13.cyber-folks.pl

nowinypaderewy.xlo.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	xlo.pl nowinypaderewy.xlo.pl	407 KB
3	gstatic.com fonts.gstatic.com	51 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	856 B
22	3

	Domain	Requested by
18	nowinypaderewy.xlo.pl	nowinypaderewy.xlo.pl
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	nowinypaderewy.xlo.pl
22	3

This site contains links to these domains. Also see Links.

Domain
wordpress.org
superbthemes.com

Subject Issuer	Validity	Valid
*.cyber-folks.pl Certum Domain Validation CA SHA2	`2024-06-14` - `2025-06-14`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nowinypaderewy.xlo.pl/
Frame ID: 6EE44E438CE7EF54FE623539D0A61241
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

22
Requests

18 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

459 kB
Transfer

783 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://superbthemes.com/
Title: Superb Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nowinypaderewy.xlo.pl/ 55 KB
11 KB 590ms
461ms Document
text/html 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 08ac01230f3bbae12a498f4da44a0856cb39a6eddd1645525734e867ae2e76a3

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Jul 2024 06:55:50 GMT
link: <https://nowinypaderewy.xlo.pl/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2 200 style.min.css
nowinypaderewy.xlo.pl/wp-includes/css/dist/block-library/ 95 KB
12 KB 49ms
48ms Stylesheet
text/css 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-includes/css/dist/block-library/style.min.css?ver=6.2
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Wed, 29 Mar 2023 22:19:28 GMT
server: LiteSpeed
etag: "17ced-6424b970-f7f30d4e3da5a7de;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11775
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 classic-themes.min.css
nowinypaderewy.xlo.pl/wp-includes/css/ 291 B
359 B 80ms
78ms Stylesheet
text/css 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
last-modified: Wed, 29 Mar 2023 22:19:28 GMT
server: LiteSpeed
etag: "123-6424b970-ba0360bd262f2474;;;"
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 291
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 font-awesome.min.css
nowinypaderewy.xlo.pl/wp-content/themes/bloggist/css/ 30 KB
7 KB 79ms
78ms Stylesheet
text/css 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-content/themes/bloggist/css/font-awesome.min.css?ver=6.2
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Tue, 05 Oct 2021 21:07:39 GMT
server: LiteSpeed
etag: "7918-615cbe9b-56aa37dfacd4c753;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6658
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 style.css
nowinypaderewy.xlo.pl/wp-content/themes/bloggist/ 47 KB
10 KB 50ms
48ms Stylesheet
text/css 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-content/themes/bloggist/style.css?ver=6.2
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: ca42f351169e0aa61999198382b8feeecd58d555c03f9f6a725f26fc7ad9053d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Tue, 05 Oct 2021 21:07:39 GMT
server: LiteSpeed
etag: "bdf2-615cbe9b-d2467b670ec4ff2;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10028
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
856 B 443ms
48ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=6.2

Requested by

Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 04 Jul 2024 06:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 04 Jul 2024 05:33:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Jul 2024 06:55:51 GMT

GET
H2 200 jquery.min.js Show response
nowinypaderewy.xlo.pl/wp-includes/js/jquery/ 88 KB
30 KB 68ms
67ms Script
application/javascript 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Wed, 29 Mar 2023 22:19:29 GMT
server: LiteSpeed
etag: "15ed7-6424b971-4a0447c09b508906;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30376
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 jquery-migrate.min.js Show response
nowinypaderewy.xlo.pl/wp-includes/js/jquery/ 13 KB
5 KB 89ms
88ms Script
application/javascript 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Wed, 29 Mar 2023 22:19:29 GMT
server: LiteSpeed
etag: "3470-6424b971-e5fb10df4d43da60;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4603
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 wp-emoji-release.min.js Show response
nowinypaderewy.xlo.pl/wp-includes/js/ 18 KB
5 KB 36ms
36ms Script
application/javascript 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:51 GMT
content-encoding: br
last-modified: Wed, 29 Mar 2023 22:19:29 GMT
server: LiteSpeed
etag: "4904-6424b971-7964210fd64f4223;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Thu, 11 Jul 2024 06:55:51 GMT

GET
H2 200 cropped-Gazeta-X-LO-im.-I.J.-Paderewskiego-Akademickiego-w-Katowicach-1.png
nowinypaderewy.xlo.pl/wp-content/uploads/2021/10/ 120 KB
120 KB 37ms
37ms Image
image/png 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nowinypaderewy.xlo.pl/wp-content/uploads/2021/10/cropped-Gazeta-X-LO-im.-I.J.-Paderewskiego-Akademickiego-w-Katowicach-1.png
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 67fb4244bfe4b960e2bbc6faf4c6b6dcc6de76b2e884fb216941e27c814ae74f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
last-modified: Thu, 07 Oct 2021 20:26:28 GMT
server: LiteSpeed
etag: "1e15d-615f57f4-848eabc6030ec197;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 123229
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 navigation.js Show response
nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/ 3 KB
1012 B 70ms
70ms Script
application/javascript 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/navigation.js?ver=20170823
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Tue, 05 Oct 2021 21:07:39 GMT
server: LiteSpeed
etag: "b97-615cbe9b-48bd87089789c33c;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 951
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 skip-link-focus-fix.js Show response
nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/ 685 B
393 B 32ms
31ms Script
application/javascript 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/skip-link-focus-fix.js?ver=20170823
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Tue, 05 Oct 2021 21:07:39 GMT
server: LiteSpeed
etag: "2ad-615cbe9b-71ae75bcd8865ef1;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 332
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 jquery.flexslider.js Show response
nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/ 53 KB
11 KB 34ms
33ms Script
application/javascript 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/jquery.flexslider.js?ver=20150423
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Tue, 05 Oct 2021 21:07:39 GMT
server: LiteSpeed
etag: "d566-615cbe9b-f60ededc74926e34;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11140
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 script.js Show response
nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/ 4 KB
1 KB 32ms
31ms Script
application/javascript 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/script.js?ver=20160720
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Tue, 05 Oct 2021 21:07:39 GMT
server: LiteSpeed
etag: "f12-615cbe9b-948d398735ed562a;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 996
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 accessibility.js Show response
nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/ 1 KB
511 B 34ms
33ms Script
application/javascript 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/wp-content/themes/bloggist/js/accessibility.js?ver=20160720
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 835d7a36194fd9339412d3d2cb26903914bad74f04203fb75e6c78da2195192b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:50 GMT
content-encoding: br
last-modified: Tue, 05 Oct 2021 21:07:39 GMT
server: LiteSpeed
etag: "540-615cbe9b-cd15732ed39dd0f5;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 450
expires: Thu, 11 Jul 2024 06:55:50 GMT

GET
H2 200 ns.jpg
nowinypaderewy.xlo.pl/wp-content/uploads/2023/05/ 81 KB
81 KB 33ms
32ms Image
image/jpeg 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nowinypaderewy.xlo.pl/wp-content/uploads/2023/05/ns.jpg
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: b3e8aebf420bc01aea69ef451f4b5551aecbf1c21e3ec5825d9123f8f8855b2a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:51 GMT
last-modified: Fri, 19 May 2023 21:47:38 GMT
server: LiteSpeed
etag: "1425b-6467ee7a-f5d9654d43bc149c;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 82523
expires: Thu, 11 Jul 2024 06:55:51 GMT

GET
H2 200 zdrowie.jpg
nowinypaderewy.xlo.pl/wp-content/uploads/2023/05/ 90 KB
90 KB 42ms
42ms Image
image/jpeg 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nowinypaderewy.xlo.pl/wp-content/uploads/2023/05/zdrowie.jpg
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 3468e7e642847b685618982253488de3a8c472d481f9c362127bbd6d6a0ccd7b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:51 GMT
last-modified: Fri, 19 May 2023 18:34:29 GMT
server: LiteSpeed
etag: "16684-6467c135-4a1c5f0dd4ff78b0;;;"
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 91780
expires: Thu, 11 Jul 2024 06:55:51 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 487ms
86ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=6.2

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://nowinypaderewy.xlo.pl
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:56:46 GMT
x-content-type-options: nosniff
age: 143945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 14:56:46 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
23 KB 446ms
45ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=6.2

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://nowinypaderewy.xlo.pl
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:59:04 GMT
x-content-type-options: nosniff
age: 143807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 14:59:04 GMT

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 504ms
104ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=6.2

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://nowinypaderewy.xlo.pl
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 19:56:01 GMT
x-content-type-options: nosniff
age: 557990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 19:56:01 GMT

GET
H2 200 logo_sfn.png
nowinypaderewy.xlo.pl/wp-content/uploads/2021/10/ 20 KB
20 KB 35ms
34ms Image
image/png 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nowinypaderewy.xlo.pl/wp-content/uploads/2021/10/logo_sfn.png
Requested by: Host: nowinypaderewy.xlo.pl
URL: https://nowinypaderewy.xlo.pl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 649bb714a536abe8e4961b20a6feed35d562f5135ca0d70eea1770b72270e3f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:51 GMT
last-modified: Thu, 07 Oct 2021 19:32:38 GMT
server: LiteSpeed
etag: "50cf-615f4b56-24dd4fe607b4c4e8;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20687
expires: Thu, 11 Jul 2024 06:55:51 GMT

GET
H2 404 favicon.ico
nowinypaderewy.xlo.pl/ 10 KB
3 KB 31ms
31ms Other
text/html 185.204.218.7
CF-GDA

General

Check archive.org

Show headers Download Go to

Full URL: https://nowinypaderewy.xlo.pl/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.204.218.7 , Poland, ASN41079 (CF-GDA, PL),
Reverse DNS: s13.cyber-folks.pl
Software: LiteSpeed /
Resource Hash: 2d1b7b34816bd05e5ef9419929d3d13146acc2d1feb6a45649e31062cbc27b72

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nowinypaderewy.xlo.pl/
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:55:51 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2024 14:30:33 GMT
server: LiteSpeed
etag: "2882-65e9cf89-e2bb61f545b87908;br"
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/html
accept-ranges: bytes
content-length: 3431

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nowinypaderewy.xlo.pl/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
nowinypaderewy.xlo.pl
142.250.185.227
185.204.218.7
216.58.206.74
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
08ac01230f3bbae12a498f4da44a0856cb39a6eddd1645525734e867ae2e76a3
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
2d1b7b34816bd05e5ef9419929d3d13146acc2d1feb6a45649e31062cbc27b72
3468e7e642847b685618982253488de3a8c472d481f9c362127bbd6d6a0ccd7b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
649bb714a536abe8e4961b20a6feed35d562f5135ca0d70eea1770b72270e3f7
67fb4244bfe4b960e2bbc6faf4c6b6dcc6de76b2e884fb216941e27c814ae74f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
835d7a36194fd9339412d3d2cb26903914bad74f04203fb75e6c78da2195192b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705
b3e8aebf420bc01aea69ef451f4b5551aecbf1c21e3ec5825d9123f8f8855b2a
bc958a63e17fc254b74b0787f22bd0f5889a057109908050c5148a148b75db91
ca42f351169e0aa61999198382b8feeecd58d555c03f9f6a725f26fc7ad9053d
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c