urlscan.io logo urlscan.io
SecurityTrails logo

easy-winning.pl Open in urlscan Pro
94.130.51.151  Public Scan

Go To Rescan Add Verdict Report
URL: http://easy-winning.pl/pri/
Submission: On March 02 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 7 countries across 13 domains to perform 21 HTTP transactions. The main IP is 94.130.51.151, located in Ukraine and belongs to HETZNER-AS, DE. The main domain is easy-winning.pl.
This is the only time easy-winning.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 94.130.51.151 24940 (HETZNER-AS)
1 172.217.18.170 15169 (GOOGLE)
1 146.185.16.146 13213 (UK2NET-AS)
2 216.58.207.67 15169 (GOOGLE)
1 69.4.231.30 36351 (SOFTLAYER)
1 67.202.94.94 32748 (STEADFAST)
1 104.16.88.26 13335 (CLOUDFLAR...)
1 208.100.17.190 32748 (STEADFAST)
1 208.100.17.186 32748 (STEADFAST)
2 2 185.33.223.80 29990 (ASN-APPNEXUS)
1 54.72.152.28 16509 (AMAZON-02)
1 2 52.6.188.109 14618 (AMAZON-AES)
2 3 35.156.247.14 16509 (AMAZON-02)
4 4 216.58.207.66 15169 (GOOGLE)
3 3 136.144.49.28 54825 (PACKET)
1 195.181.174.25 60068 (CDN77)
21 14
8    94.130.51.151 (Ukraine)

ASN24940 (HETZNER-AS, DE)
PTR: ssd5.linuxpl.com
easy-winning.pl
1    172.217.18.170 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f10.1e100.net
fonts.googleapis.com
1    146.185.16.146 (United Kingdom)

ASN13213 (UK2NET-AS, GB)
PTR: 92b91092.rdns.100tb.com
waust.at
2    216.58.207.67 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f3.1e100.net
fonts.gstatic.com
1    69.4.231.30 (Providence, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: no-rdns.ord02.hostingservicesinc.net
t.dtscout.com
1    67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
1    104.16.88.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.tynt.com
1    208.100.17.190 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip190.208-100-17.static.steadfastdns.net
ic.tynt.com
1    208.100.17.186 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip186.208-100-17.static.steadfastdns.net
de.tynt.com
2    185.33.223.80 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
1    54.72.152.28 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-152-28.eu-west-1.compute.amazonaws.com
s.cpx.to
2    52.6.188.109 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-6-188-109.compute-1.amazonaws.com
idsync.rlcdn.com
3    35.156.247.14 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-247-14.eu-central-1.compute.amazonaws.com
ps.eyeota.net
4    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
cm.g.doubleclick.net
3    136.144.49.28 (Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
loadus.exelator.com
loadm.exelator.com
1    195.181.174.25 (United Kingdom)

ASN60068 (CDN77, GB)
PTR: frankfurt-20.cdn77.com
load77.exelator.com
Domain Requested by
8 easy-winning.pl easy-winning.pl
4 cm.g.doubleclick.net 4 redirects
3 ps.eyeota.net 2 redirects
2 loadus.exelator.com 2 redirects
2 idsync.rlcdn.com 1 redirects
2 ib.adnxs.com 2 redirects
2 fonts.gstatic.com easy-winning.pl
1 load77.exelator.com
1 loadm.exelator.com 1 redirects
1 s.cpx.to
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com easy-winning.pl
1 cdn.tynt.com waust.at
1 whos.amung.us waust.at
1 t.dtscout.com waust.at
1 waust.at easy-winning.pl
1 fonts.googleapis.com easy-winning.pl
21 17

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://easy-winning.pl/pri/
Frame ID: (527AAFD14169411DF6472B905C2E171E)
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

21
Requests

0 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

14
IPs

7
Countries

126 kB
Transfer

216 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID HTTP 302
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID HTTP 302
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=1789354434089853730
Request Chain 18
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlqYuYwNYARu6kMcAg%3D%3D HTTP 302
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlqYuYwNYARu6kMcAg%3D%3D&redirect=1
Request Chain 19
  • http://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&random=1519958412859 HTTP 302
  • http://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&random=1519958412859 HTTP 302
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1 HTTP 302
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc= HTTP 302
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESELBtbuBJxSEDsWJgLSouGKI&google_cver=1
Request Chain 20
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKlqYuYwNYARu6kMcAg%3D%3D&random=1519958412859 HTTP 302
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKlqYuYwNYARu6kMcAg%3D%3D&random=1519958412859&xl8blockcheck=1 HTTP 302
  • http://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_sc HTTP 302
  • http://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm=&google_sc=&google_tc= HTTP 302
  • http://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESED8dZU4pUu8uDI9FIcuK53Y&google_cver=1 HTTP 302
  • http://load77.exelator.com/pixel.gif

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
easy-winning.pl/pri/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
94.130.51.151 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ssd5.linuxpl.com
Software
LiteSpeed / PHP/5.6.32
Resource Hash
34c4b09208b5b6d4f91a5e8cf070070d39ccbc20d35218768f5ae45f9b2c29b1

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
easy-winning.pl
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Content-Encoding
gzip
Server
LiteSpeed
X-Powered-By
PHP/5.6.32
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1570
lander2.css
easy-winning.pl/pri/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://easy-winning.pl/pri/lander2.css
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
94.130.51.151 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ssd5.linuxpl.com
Software
LiteSpeed /
Resource Hash
54b20aa6868edebf457acc06f2bebcfd5005672db1c81da8c0d6692c9dc763fa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
easy-winning.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://easy-winning.pl/pri/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Feb 2018 15:53:42 GMT
Server
LiteSpeed
ETag
"22bf-5a942d86-2504750a6153baaa;gz"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1848
Expires
Fri, 09 Mar 2018 02:40:12 GMT
normalize.css
easy-winning.pl/pri/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://easy-winning.pl/pri/normalize.css
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
94.130.51.151 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ssd5.linuxpl.com
Software
LiteSpeed /
Resource Hash
cbd7e3958eec849f55f0965ee5fc0a9750b7174e4e0e70a9f8b441aa3d9c40a8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
easy-winning.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://easy-winning.pl/pri/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Feb 2018 15:53:43 GMT
Server
LiteSpeed
ETag
"1d50-5a942d87-8e86b8776ed69357;gz"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2223
Expires
Fri, 09 Mar 2018 02:40:12 GMT
css
fonts.googleapis.com/ 		2 KB
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Overpass:300,400,700
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
SPDY
Server
172.217.18.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f10.1e100.net
Software
ESF /
Resource Hash
0df62fafb41ecced0e8ce6ce5dc97185948a0e2d67306c9e4cc45f4c8b5dbd99
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 02 Mar 2018 02:40:12 GMT
content-encoding
gzip
last-modified
Fri, 02 Mar 2018 02:40:12 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Fri, 02 Mar 2018 02:40:12 GMT
prisma-logo.png
easy-winning.pl/pri/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://easy-winning.pl/pri/prisma-logo.png
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
94.130.51.151 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ssd5.linuxpl.com
Software
LiteSpeed /
Resource Hash
ac16ec369b3218329b91428569997f4b9deb3820412331c4f0c6732db63c7081

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
easy-winning.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://easy-winning.pl/pri/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Last-Modified
Mon, 26 Feb 2018 15:53:43 GMT
Server
LiteSpeed
ETag
"3635-5a942d87-4e2538a4e57563e3;;;"
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
13877
Expires
Fri, 09 Mar 2018 02:40:12 GMT
giftcard.png
easy-winning.pl/pri/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://easy-winning.pl/pri/giftcard.png
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
94.130.51.151 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ssd5.linuxpl.com
Software
LiteSpeed /
Resource Hash
c1651420324b5d7d4c508349f1e30c525296c84bd42e3525e40e3888361b9d43

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
easy-winning.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://easy-winning.pl/pri/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Last-Modified
Mon, 26 Feb 2018 15:53:42 GMT
Server
LiteSpeed
ETag
"6043-5a942d86-9ee8dededc884b0e;;;"
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
24643
Expires
Fri, 09 Mar 2018 02:40:12 GMT
jquery.min.js
easy-winning.pl/pri/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://easy-winning.pl/pri/jquery.min.js
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
94.130.51.151 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ssd5.linuxpl.com
Software
LiteSpeed /
Resource Hash
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
easy-winning.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://easy-winning.pl/pri/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Feb 2018 15:53:43 GMT
Server
LiteSpeed
ETag
"1787c-5a942d87-b4bd824c2db65a0c;gz"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33414
Expires
Fri, 09 Mar 2018 02:40:12 GMT
script2.js
easy-winning.pl/pri/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://easy-winning.pl/pri/script2.js
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
94.130.51.151 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ssd5.linuxpl.com
Software
LiteSpeed /
Resource Hash
3871e9fb4684bb3a05b99fc823effba13eb1c252a08947fd9dc387045d1b0d6c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
easy-winning.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
*/*
Referer
http://easy-winning.pl/pri/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Feb 2018 15:53:43 GMT
Server
LiteSpeed
ETag
"9be-5a942d87-e7f737d3a1eb14e0;gz"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
870
Expires
Fri, 09 Mar 2018 02:40:12 GMT
d.js
waust.at/ 		11 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://waust.at/d.js
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
146.185.16.146 , United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
92b91092.rdns.100tb.com
Software
/
Resource Hash
735b2453af77e0da4ae2ec067585817678a2b36c14426679c53f859dda4b732f

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Feb 2018 01:59:03 GMT
ETag
W/"5a8a2f67-2caf"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, private
Connection
keep-alive
Expires
Sat, 03 Mar 2018 02:40:12 GMT
fonts.css
easy-winning.pl/pri/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://easy-winning.pl/pri/fonts.css
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
94.130.51.151 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ssd5.linuxpl.com
Software
LiteSpeed /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
easy-winning.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://easy-winning.pl/pri/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Mar 2018 02:40:12 GMT
Server
LiteSpeed
Content-Type
text/html
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1148
qFdA35WCmI96Ajtm81keds7N4hoiiVI6.woff2
fonts.gstatic.com/s/overpass/v2/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/overpass/v2/qFdA35WCmI96Ajtm81keds7N4hoiiVI6.woff2
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/jquery.min.js
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
9cc4baf9d0914805ba07fa6c451026e04d3a5c755c2ea21dacec80c3b6fd67bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Overpass:300,400,700
Origin
http://easy-winning.pl

Response headers

date
Mon, 12 Feb 2018 16:00:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 21:51:06 GMT
server
sffe
age
1507189
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
12092
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 16:00:23 GMT
qFdA35WCmI96Ajtm81kOcc7N4hoiiVI6.woff2
fonts.gstatic.com/s/overpass/v2/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/overpass/v2/qFdA35WCmI96Ajtm81kOcc7N4hoiiVI6.woff2
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/jquery.min.js
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
84b86187601afbd8febcf00bb4d3bb7520125f5624074d0a33520e842826f433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Overpass:300,400,700
Origin
http://easy-winning.pl

Response headers

date
Mon, 12 Feb 2018 15:24:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 21:51:26 GMT
server
sffe
age
1509324
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
11920
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 15:24:48 GMT
/
t.dtscout.com/i/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Feasy-winning.pl%2Fpri%2F&j=
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Server
69.4.231.30 Providence, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
no-rdns.ord02.hostingservicesinc.net
Software
/
Resource Hash
d61e1341d875f882c145a9cb49e0b310353eae4275fd8d49db445e25952b37e5

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
X-Z
I
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
X-ip
148.251.45.254
Connection
close
Expires
Fri, 02 Mar 2018 02:40:11 GMT
/
whos.amung.us/pingjs/ 		29 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=x6d99ua5col&t=Voittaa%20500%20Euron%20Prisma-Lahjakortin!&c=d&y=&a=0&r=21
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Server
67.202.94.94 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
4f0f302973c16c7af4af360ba4f8434724623090311398581248e9196cf05507

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
tc.js
cdn.tynt.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: http://waust.at/d.js
Protocol
HTTP/1.1
Server
104.16.88.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a9bb21f01e36c5282c9a084c2a915150c15289eb34a94e74f87ecd34021d81

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 23 Jan 2018 16:30:28 GMT
Server
cloudflare
ETag
W/"5a676324-3ddc"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3f507f4d82e564cf-FRA
Expires
Mon, 05 Mar 2018 02:40:12 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
p
ic.tynt.com/b/ 		35 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!x6d99ua5col&lm=0&ts=1519958412421&dn=TC&iso=0&t=Voittaa%20500%20Euron%20Prisma-Lahjakortin!
Requested by
Host: easy-winning.pl
URL: http://easy-winning.pl/pri/
Protocol
HTTP/1.1
Server
208.100.17.190 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip190.208-100-17.static.steadfastdns.net
Software
nginx/1.10.3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Last-Modified
Fri, 16 Apr 2010 15:38:20 GMT
Server
nginx/1.10.3
ETag
"4bc8846c-23"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cache-Control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
35
Expires
"Sat, 26 Jul 1997 05:00:00 GMT"
v2
de.tynt.com/deb/ 		889 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://de.tynt.com/deb/v2?id=w!x6d99ua5col&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol
HTTP/1.1
Server
208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
772c54f0182f38c0811e61234466fd7caf8b029f7b2738cdf91e2787833200a0

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
Content-Type
application/javascript
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Content-Length
889
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=1789354434089853730
95 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=1789354434089853730
Protocol
HTTP/1.1
Server
54.72.152.28 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-72-152-28.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Mar 2018 02:40:12 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Fri, 02 Mar 2018 02:40:12 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 02 Mar 2018 02:40:14 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid
65c515e1-b998-4704-bc4d-810697d4f712
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=1789354434089853730
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlqYuYwNYARu6kMcAg%3D%3D
  • http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlqYuYwNYARu6kMcAg%3D%3D&redirect=1
43 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlqYuYwNYARu6kMcAg%3D%3D&redirect=1
Protocol
HTTP/1.1
Server
52.6.188.109 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-6-188-109.compute-1.amazonaws.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length
43
Content-Type
image/gif; charset=ISO-8859-1

Redirect headers

Location
http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMKlqYuYwNYARu6kMcAg%3D%3D&redirect=1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1
Content-Length
0
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
match
ps.eyeota.net/
Redirect Chain
  • http://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&random=1519958412859
  • http://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&random=1519958412859
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&bid=gdo9o51&newuser=1
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc=
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESELBtbuBJxSEDsWJgLSouGKI&google_cver=1
70 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESELBtbuBJxSEDsWJgLSouGKI&google_cver=1
Protocol
HTTP/1.1
Server
35.156.247.14 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-247-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 02 Mar 2018 02:40:12 GMT
Server
HTTP server (unknown)
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESELBtbuBJxSEDsWJgLSouGKI&google_cver=1
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Content-Length
310
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
load77.exelator.com/
Redirect Chain
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKlqYuYwNYARu6kMcAg%3D%3D&random=1519958412859
  • http://loadus.exelator.com/load/?j=0&p=409&g=600&buid2=CmUMKlqYuYwNYARu6kMcAg%3D%3D&random=1519958412859&xl8blockcheck=1
  • http://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm&google_sc
  • http://cm.g.doubleclick.net/pixel?google_nid=exelate&google_cm=&google_sc=&google_tc=
  • http://loadm.exelator.com/load/?p=204&g=001&bi=&j=0&google_gid=CAESED8dZU4pUu8uDI9FIcuK53Y&google_cver=1
  • http://load77.exelator.com/pixel.gif
43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://load77.exelator.com/pixel.gif
Protocol
HTTP/1.1
Server
195.181.174.25 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://easy-winning.pl/pri/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 02 Mar 2018 02:40:13 GMT
Last-Modified
Wed, 25 Oct 2017 17:03:56 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
"59f0c3fc-2b"
X-Cache
HIT
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Edge-IP
195.181.174.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
377373
Content-Length
43

Redirect headers

Date
Fri, 02 Mar 2018 02:40:12 GMT
Server
nginx/1.12.2
X-Powered-By
Undertow/1
P3P
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Location
http://load77.exelator.com/pixel.gif
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| showNotification function| startCheck function| toggleDiv function| startTimer object| _wau string| wau_w_col string| wau_w_siz object| WAU_ren function| WAU_dynamic function| WAU_r_d function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_cps function| docReady object| a object| cv object| x string| x1 string| x2 object| Tynt object| _33Across

8 Cookies

Domain/Path Name / Value
.dtscout.com/ Name: df
Value: 1519958412
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: l
Value: RQTnHlqYuYyIKEZaJYi/Ag==
.dtscout.com/ Name: ah
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: ey
Value: 1
.dtscout.com/ Name: b
Value: 1
.dtscout.com/ Name: pi
Value: 1

1 Console Messages

Source Level URL
Text
console-api log URL: http://easy-winning.pl/pri/script2.js(Line 38)
Message:
timeout

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tynt.com
cm.g.doubleclick.net
de.tynt.com
easy-winning.pl
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
ps.eyeota.net
s.cpx.to
t.dtscout.com
waust.at
whos.amung.us
104.16.88.26
136.144.49.28
146.185.16.146
172.217.18.170
185.33.223.80
195.181.174.25
208.100.17.186
208.100.17.190
216.58.207.66
216.58.207.67
35.156.247.14
52.6.188.109
54.72.152.28
67.202.94.94
69.4.231.30
94.130.51.151
0df62fafb41ecced0e8ce6ce5dc97185948a0e2d67306c9e4cc45f4c8b5dbd99
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
34c4b09208b5b6d4f91a5e8cf070070d39ccbc20d35218768f5ae45f9b2c29b1
3871e9fb4684bb3a05b99fc823effba13eb1c252a08947fd9dc387045d1b0d6c
4f0f302973c16c7af4af360ba4f8434724623090311398581248e9196cf05507
54b20aa6868edebf457acc06f2bebcfd5005672db1c81da8c0d6692c9dc763fa
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
735b2453af77e0da4ae2ec067585817678a2b36c14426679c53f859dda4b732f
772c54f0182f38c0811e61234466fd7caf8b029f7b2738cdf91e2787833200a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b86187601afbd8febcf00bb4d3bb7520125f5624074d0a33520e842826f433
89a9bb21f01e36c5282c9a084c2a915150c15289eb34a94e74f87ecd34021d81
9cc4baf9d0914805ba07fa6c451026e04d3a5c755c2ea21dacec80c3b6fd67bb
ac16ec369b3218329b91428569997f4b9deb3820412331c4f0c6732db63c7081
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c1651420324b5d7d4c508349f1e30c525296c84bd42e3525e40e3888361b9d43
cbd7e3958eec849f55f0965ee5fc0a9750b7174e4e0e70a9f8b441aa3d9c40a8
d61e1341d875f882c145a9cb49e0b310353eae4275fd8d49db445e25952b37e5
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98