flametur.kiev.ua
Open in
urlscan Pro
194.116.233.42
Public Scan
URL:
http://flametur.kiev.ua/
Submission Tags: falconsandbox
Submission: On April 18 via api from US — Scanned from DE
Submission Tags: falconsandbox
Submission: On April 18 via api from US — Scanned from DE
Summary
This website contacted 20 IPs
in 8 countries
across 16 domains to perform 71 HTTP transactions.
The main IP is 194.116.233.42, located in
Slovakia and
belongs to TRMX-AS, SK.
The main domain is flametur.kiev.ua.
This is the only time flametur.kiev.ua was scanned on urlscan.io!
This is the only time flametur.kiev.ua was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
172.217.18.2
(United States)
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
| www.googleadservices.com |
1
142.250.186.34
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
| googleads.g.doubleclick.net |
2
2a00:1450:4001:80f::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
2a00:1450:4001:803::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
142.250.185.100
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
| www.google.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 33 |
flametur.kiev.ua
1 redirects
flametur.kiev.ua |
2 MB |
| 10 |
jivosite.com
code.jivosite.com — Cisco Umbrella Rank: 39667 node-ya-2.jivosite.com — Cisco Umbrella Rank: 162744 |
322 KB |
| 6 |
meedget.ru
meedget.ru |
249 KB |
| 5 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 9028 |
3 KB |
| 4 |
otpusk.com
1 redirects
export.otpusk.com api.otpusk.com |
27 KB |
| 3 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 4154 |
60 KB |
| 3 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 |
466 B |
| 2 |
google.de
www.google.de — Cisco Umbrella Rank: 7278 |
126 B |
| 2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941 www.google.com — Cisco Umbrella Rank: 2 |
317 B |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
21 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
162 KB |
| 2 |
disqus.com
1 redirects
flametur-kiev-ua.disqus.com |
2 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
3 KB |
| 1 |
bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 277249 |
524 B |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 767 |
29 KB |
| 1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 123 |
19 KB |
| 71 | 16 |
| Domain | Requested by | |
|---|---|---|
| 33 | flametur.kiev.ua |
1 redirects
flametur.kiev.ua
|
| 9 | code.jivosite.com |
flametur.kiev.ua
code.jivosite.com |
| 6 | meedget.ru |
flametur.kiev.ua
meedget.ru |
| 5 | mc.yandex.com |
3 redirects
flametur.kiev.ua
|
| 3 | mc.yandex.ru |
1 redirects
flametur.kiev.ua
|
| 3 | export.otpusk.com |
1 redirects
flametur.kiev.ua
|
| 2 | www.google.de |
flametur.kiev.ua
|
| 2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | www.googletagmanager.com |
flametur.kiev.ua
www.google-analytics.com |
| 2 | flametur-kiev-ua.disqus.com |
1 redirects
flametur.kiev.ua
|
| 1 | node-ya-2.jivosite.com |
code.jivosite.com
|
| 1 | api.otpusk.com | |
| 1 | www.google.com |
flametur.kiev.ua
|
| 1 | region1.analytics.google.com |
www.googletagmanager.com
|
| 1 | fonts.googleapis.com |
client
|
| 1 | c.bigmir.net |
flametur.kiev.ua
|
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | code.jquery.com |
flametur.kiev.ua
|
| 1 | www.googleadservices.com |
flametur.kiev.ua
|
| 71 | 20 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| meedget.ru |
| www.bigmir.net |
| www.otpusk.com |
| www.jivo.ru |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| meedget.ru R3 |
2024-03-27 - 2024-06-25 |
3 months | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
| *.otpusk.com Sectigo RSA Domain Validation Secure Server CA |
2023-10-04 - 2024-11-03 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
| mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-12-26 - 2024-06-05 |
5 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
| *.google.de GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
| *.jivosite.com Go Daddy Secure Certificate Authority - G2 |
2023-04-05 - 2024-05-06 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://flametur.kiev.ua/
Frame ID: 4D634CDB076ACB2089D15D4DF8735B78
Requests: 73 HTTP requests in this frame
Frame:
https://code.jivosite.com/js/2b55823/omnichannelMenu.js
Frame ID: DD10AF8AFEDE30AD7DC1D2423175AD3A
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Туроператор Флейм-Тур - вылеты из Киева, горящие туры по мируPage URL History Show full URLs
-
http://flametur.kiev.ua/
HTTP 307
https://flametur.kiev.ua/ HTTP 302
http://flametur.kiev.ua/ HTTP 307
http://flametur.kiev.ua/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://meedget.ru/
Title: meedget.ru
Title: meedget.ru
Search URL Search Domain Scan URL
URL: http://www.bigmir.net/
Search URL Search Domain Scan URL
URL: https://www.otpusk.com/
Title: Отпуск.ком
Title: Отпуск.ком
Search URL Search Domain Scan URL
URL: https://www.jivo.ru/i_sa/?utm_source=flametur.kiev.ua&utm_medium=link&utm_content=label_tooltip&utm_campaign=from_widget
Title: Бизнес-мессенджер
Title: Бизнес-мессенджер
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://flametur.kiev.ua/
HTTP 307
https://flametur.kiev.ua/ HTTP 302
http://flametur.kiev.ua/ HTTP 307
http://flametur.kiev.ua/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.googleadservices.com/pagead/conversion.js HTTP 307
- https://www.googleadservices.com/pagead/conversion.js
- http://flametur-kiev-ua.disqus.com/count.js HTTP 301
- https://flametur-kiev-ua.disqus.com/count.js
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10343.WsHCw0yhiDL0uehEZAYH9suxj_IrZKBsBSHSwTbmu4U23a3UD-jZKf_W5yu299Zt.uljRQ6MN8px9vuoG9wLAoESFTYU%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10343.9oeVQz3uS_LAVUehAHIlHqcMCgSbu4he_oXu_rWUuXR0vZpufEImqaRtQ28n1gdIKwd6luLMRf89t0FdeDw3K9ODlSfja9eblORlIaGyI24-ewLUFV19CCVKLslRBkhFABDWaeI87BbyLw0wNt7qHfHW9b5qWgaeoIhINN_9apsfbWqBEGoKjUeJjBI5h5B-DYzs_yJMRC9arrGuKUAcl6fg8iBDEAyjV0ont2S3xRM%2C.rUmGkL6Gu9fg1AR1-xi_db3AAbw%2C HTTP 302
- https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10343.qosSM-O7r-zhrdBKbOw2rUUHgLQ_9YoFtNHfNXtE7LNKfFYR20XDv8bpq1yCowSiJtfytu8BRg8VZD8Av63AWlm_i8Lmmm6cVKEexu4hKJo9jko0BX706uz0j-Nb_zKTMasqYEDn5NhK7OhWCNUboNblvTKDtqmNrebj9EnAsnH2HCorsJuvT6Nf8bzE6RwjrKhJZkKK7-eHT2kV18kNCg%2C%2C.MKw921H3MqntoH2o-WtJP4Uy3x4%2C
- https://mc.yandex.com/watch/42078734?wmode=7&page-url=http%3A%2F%2Fflametur.kiev.ua%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a5rpc9tpuxktcnb7h7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A923024294964%3Ahid%3A14561259%3Az%3A120%3Ai%3A20240418110519%3Aet%3A1713431120%3Ac%3A1%3Arn%3A713077904%3Arqn%3A1%3Au%3A1713431120175099279%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1462%3Ads%3A0%2C0%2C289%2C1%2C299%2C0%2C%2C824%2C2%2C%2C%2C%2C1415%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1713431117495%3Agi%3AR0ExLjMuNzU5NjIzNzYxLjE3MTM0MzExMTk%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713431120%3At%3A%D0%A2%D1%83%D1%80%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%BE%D1%80%20%D0%A4%D0%BB%D0%B5%D0%B9%D0%BC-%D0%A2%D1%83%D1%80%20-%20%D0%B2%D1%8B%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%D0%B7%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B0%2C%20%D0%B3%D0%BE%D1%80%D1%8F%D1%89%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83&t=gdpr(14)clc(0-0-0)rqnt(1)eco(3178756)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
- https://mc.yandex.com/watch/42078734/1?wmode=7&page-url=http%3A%2F%2Fflametur.kiev.ua%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A666f337a5rpc9tpuxktcnb7h7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1310%3Acn%3A1%3Adp%3A0%3Als%3A923024294964%3Ahid%3A14561259%3Az%3A120%3Ai%3A20240418110519%3Aet%3A1713431120%3Ac%3A1%3Arn%3A713077904%3Arqn%3A1%3Au%3A1713431120175099279%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1462%3Ads%3A0%2C0%2C289%2C1%2C299%2C0%2C%2C824%2C2%2C%2C%2C%2C1415%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1713431117495%3Agi%3AR0ExLjMuNzU5NjIzNzYxLjE3MTM0MzExMTk%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1713431120%3At%3A%D0%A2%D1%83%D1%80%D0%BE%D0%BF%D0%B5%D1%80%D0%B0%D1%82%D0%BE%D1%80%20%D0%A4%D0%BB%D0%B5%D0%B9%D0%BC-%D0%A2%D1%83%D1%80%20-%20%D0%B2%D1%8B%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%D0%B7%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B0%2C%20%D0%B3%D0%BE%D1%80%D1%8F%D1%89%D0%B8%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%D0%BF%D0%BE%20%D0%BC%D0%B8%D1%80%D1%83&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%283178756%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
- https://export.otpusk.com/api/session?access_token=29c5d-aaa67-d17e6-6524a-d94dc HTTP 301
- https://api.otpusk.com/api/2.4/session?access_token=29c5d-aaa67-d17e6-6524a-d94dc
71 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
flametur.kiev.ua/ Redirect Chain
|
40 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
conversion.js
www.googleadservices.com/pagead/ Redirect Chain
|
53 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
client.min.js
meedget.ru/js/ |
114 KB 114 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
magnific-popup.css
flametur.kiev.ua/media/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
flametur.kiev.ua/media/css/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
global.css
flametur.kiev.ua/media/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-2.2.4.min.js
code.jquery.com/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.jpg
flametur.kiev.ua/files/1/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a99b3fe69493ea9c14e1fd31a09c117b_.jpeg
flametur.kiev.ua/files_small/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
42f07edf643f3810da9c0b288bb26321_.jpeg
flametur.kiev.ua/files_small/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
43fe4b8c86974332502f97ae8472ccbd_.jpeg
flametur.kiev.ua/files_small/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
86537df28fbee259b04e40dd864e03f5_.jpeg
flametur.kiev.ua/files_small/ |
48 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3a2161e765f4b05f2cfcf96f2912349a_.jpeg
flametur.kiev.ua/files_small/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fe908f7f2494bc07a2e0803c25a2eb72_.jpeg
flametur.kiev.ua/files_small/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
8665671f0ef085fa750555c8e7bc69cd_.jpeg
flametur.kiev.ua/files_small/ |
389 KB 389 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
929ae74dae9be3424d31c0a10d98da32_.jpeg
flametur.kiev.ua/files_small/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
e9b5ec77a3026e073a1242415fa71e45_.jpeg
flametur.kiev.ua/files_small/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
e45c6a91236b76ab05d674d70fdf3505_.jpeg
flametur.kiev.ua/files_small/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ajax-loader.gif
export.otpusk.com/os/ |
11 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4e89960bf4d50ac5b65ad8e4586e8e4b_width_368_height_241.jpeg
flametur.kiev.ua/files_small/ |
81 KB 81 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
581a6c470515a0794e990b5a3078ab50_width_368_height_241.jpeg
flametur.kiev.ua/files_small/ |
82 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
57239823d086ba736eef24282ca26340_width_368_height_241.jpeg
flametur.kiev.ua/files_small/ |
77 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
blank.gif
flametur.kiev.ua/ |
20 KB 20 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-small.png
flametur.kiev.ua/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widgets.js
flametur.kiev.ua/media/js/ |
157 KB 158 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
flametur.kiev.ua/media/js/ |
36 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.magnific-popup.min.js
flametur.kiev.ua/media/js/ |
20 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
flametur.kiev.ua/media/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
count.js
flametur-kiev-ua.disqus.com/ Redirect Chain
|
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1019855853/ |
43 B 61 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
watch.js
mc.yandex.ru/metrika/ |
163 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
196 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3a2161e765f4b05f2cfcf96f2912349a_.jpeg
flametur.kiev.ua/files_small/ |
18 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
blank.gif
flametur.kiev.ua/ |
20 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
c.bigmir.net/ |
269 B 524 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
slide-1.jpg
flametur.kiev.ua/images/ |
283 KB 283 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg-team-g3ivo7.jpg
flametur.kiev.ua/images/ |
233 KB 234 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery2.js
meedget.ru/js/ |
89 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
55 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
slide-2.jpg
flametur.kiev.ua/files/2/ |
186 KB 186 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.fancybox.pack.js
meedget.ru/js/ |
31 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.fancybox.css
meedget.ru/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
MeedgetInit
meedget.ru/api/ |
5 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 222 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 349 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
263 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.analytics.google.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
menu_icon2.png
meedget.ru/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync_cookie_image_finish
mc.yandex.ru/ Redirect Chain
|
43 B 582 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 618 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
mc.yandex.com/watch/42078734/ Redirect Chain
|
466 B 585 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
session
api.otpusk.com/api/2.4/ Redirect Chain
|
104 B 740 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tMxeBgWWBp
code.jivosite.com/script/widget/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tMxeBgWWBp
code.jivosite.com/script/widget/config/ |
2 KB 1 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
flametur.kiev.ua/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon-32x32.png
flametur.kiev.ua/ico/ |
2 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tMxeBgWWBp
node-ya-2.jivosite.com/widget/status/527344/ |
80 B 608 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
view
export.otpusk.com/js/ |
64 KB 15 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundle_ru_RU.js
code.jivosite.com/js/ |
1 MB 239 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widget.css
code.jivosite.com/css/2b55823/ |
146 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
omnichannelMenu.widget.css
code.jivosite.com/css/2b55823/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
omnichannelMenu.js
code.jivosite.com/js/2b55823/ Frame DD10 |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
393 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
447 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
agent_message.mp3
code.jivosite.com/sounds/ |
4 KB 4 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
notification.mp3
code.jivosite.com/sounds/ |
6 KB 6 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
outgoing_message.mp3
code.jivosite.com/sounds/ |
5 KB 5 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
slide-1.jpg
flametur.kiev.ua/files/2/ |
283 KB 283 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
103 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| loadCSS function| linkify function| loadJS function| isInt function| getParameterByName function| detectmobile function| Meedgetinit object| MyMeedget string| SESSID_ID object| dataLayer function| $ function| jQuery string| osTarget14661 string| osLang number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r function| fancybox function| _c object| google_tag_manager string| GoogleAnalyticsObject function| ga boolean| google_noFurtherRedirects function| jMeedQuery function| Cookies object| gaplugins object| gaGlobal object| gaData object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| Ya object| yaCounter42078734 function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy boolean| api_session_token string| api_error object| OShotTourVars function| osHotTourWidgetClass object| accounting object| jivo_config string| jivo_version object| jivo_api29 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| flametur.kiev.ua/ | Name: PHPSESSID Value: 460406acd84f0237c025ba435060213a |
|
| flametur.kiev.ua/ | Name: b Value: b |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .flametur.kiev.ua/ | Name: _ga Value: GA1.3.759623761.1713431119 |
|
| .flametur.kiev.ua/ | Name: _gid Value: GA1.3.436205656.1713431119 |
|
| .flametur.kiev.ua/ | Name: _gat_UA-77090930-1 Value: 1 |
|
| .yandex.ru/ | Name: yashr Value: 7449555001713431119 |
|
| mc.yandex.ru/ | Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg== |
|
| .flametur.kiev.ua/ | Name: _ga_V6JLZ3BKLK Value: GS1.3.1713431119.1.0.1713431119.60.0.0 |
|
| .flametur.kiev.ua/ | Name: _ym_uid Value: 1713431120175099279 |
|
| .flametur.kiev.ua/ | Name: _ym_d Value: 1713431120 |
|
| .mc.yandex.com/ | Name: sync_cookie_csrf Value: 3373725622fake |
|
| mc.yandex.com/ | Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg== |
|
| .yandex.com/ | Name: i Value: RCl5IayLbzXXX5tzV94dwY/tBMUXhdTEEeXz6mlUDEkg72UfZPffIdCDFU4kuqEuKTC2t7wys1L2pOQv+p9WZpff738= |
|
| .yandex.com/ | Name: yandexuid Value: 125470281713431119 |
|
| .yandex.com/ | Name: yashr Value: 3536008731713431119 |
|
| .flametur.kiev.ua/ | Name: _ym_isad Value: 2 |
|
| .mc.yandex.ru/ | Name: sync_cookie_csrf Value: 1432825359fake |
|
| .mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
| .yandex.ru/ | Name: yandexuid Value: 125470281713431119 |
|
| .yandex.ru/ | Name: yuidss Value: 125470281713431119 |
|
| .yandex.ru/ | Name: i Value: RCl5IayLbzXXX5tzV94dwY/tBMUXhdTEEeXz6mlUDEkg72UfZPffIdCDFU4kuqEuKTC2t7wys1L2pOQv+p9WZpff738= |
|
| .yandex.ru/ | Name: yp Value: 1713517520.yu.7874440871713431119 |
|
| .yandex.ru/ | Name: ymex Value: 1716023120.oyu.7874440871713431119 |
|
| mc.yandex.com/ | Name: yabs-sid Value: 2006126941713431120 |
|
| .yandex.com/ | Name: yuidss Value: 125470281713431119 |
|
| .yandex.com/ | Name: ymex Value: 1744967120.yrts.1713431120 |
|
| .yandex.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .flametur.kiev.ua/ | Name: _ym_visorc Value: w |
53 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.otpusk.com
c.bigmir.net
code.jivosite.com
code.jquery.com
export.otpusk.com
flametur-kiev-ua.disqus.com
flametur.kiev.ua
fonts.googleapis.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
meedget.ru
node-ya-2.jivosite.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.185.100
142.250.186.34
142.250.186.35
157.90.1.28
172.217.18.2
172.67.74.106
188.127.250.157
193.239.68.97
194.116.233.42
199.232.192.134
199.232.196.134
2001:4860:4802:32::36
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9a
2a02:6b8::1:119
2a04:4e42:200::649
2a13:1ec0::1037
57.128.74.65
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07c03096af972c7221b3af3d3920441999d89dbbbbe50f32435dd1e6921c11f7
0aee8af711c26c2720e124b7e4e28045e4c385b8ebb1e83611758705d6ef311b
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
13bcfa26393050b0b274b329a35a6dbc4e92f058ab9090d79872df28f91a63a2
1b683a8ea1f06b00233e562ea855ce5308d00dcd35ae7b099d1c40ccd16342b3
1bb8510e952f4fe3bbac0d8b3b54cb912effaee59f4086e7cc8e9bea7003639d
200ef4a349850a6748520ab68f21ad18635fc0b2def490d9feb44f7bd9ae1652
2112382b34fa9c78178f6a3e38d8a0f1fff0da2c86728d6b072a45c245906bcd
2210b7e6d726c9d273fbb76890845c5054bdcc03ce803fe9b153ac7dac1dd646
23d0866ac8b497441121bb36688651506e022c5301f43d306f8a43f648145666
264ea590d8d1b2aa0ae3a322886195cce4a03fe7d5dce156228affc3114b098e
2b7ce89a504845aef2b77e8d17b371637d985c0b171edaf75e165289a7b313c7
317b30d2342a3570228908126e40320801899865aedd185aa394111db043cd13
3357e5841c075f9e4a91a606af5a7570841ac341c9a1fa61bfb8788cab815999
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3779df042d1bd01bf298ad7b017483eb3d7e3d7ff7f941279dfbe2fa21133ee5
3a1587a7e1e548f4b5285c8684e05e9ee2f8f6cd73628746efbefedb3eb5a158
3abba9d93d0965ac256c88cdefc6bb8a603cf978d28b8180a8044080d30bb405
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
481fc2eb5912f0574eb945673393b8926ee81bd4cad0d0d1c1b8fb9563fabb8d
48c8a8be815c4793027c7ea61a3d6d68d6cc3a9fafbb49ebf630ed40aec01278
4be22e22e07cc409bae18d7911aa4c4bdac2f996ec70cd6371bf2a31436ceb86
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561709dcdd357e848b94051067a64beb9a57bed5a32cbf7eb663c33c9555ef9b
5bb6c359b2db3c627d29e70e28d9a7f1fa96015f0399abd3a63e7fa1a86428f3
5ec9b521ce54ff67ce894d810406d5714982a4310c705ad9ed39f5267eae3233
64d66f64bfebe7e5f40c2a18746eeb6bf256f6d2e86e85eaa2bb90cc57e3dbb1
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7beab217164158c0e7f2eaef0627d0e6a13237a474953d0e72dba17646ac7d6e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8584f018f3220f59b330a09845b78aeac1c8c9d832d50bfd85bd3083c93fb41c
915f4b4e57855848017ca03717d8d035df4460cd230db69d1e6afd1656851f25
998c8fdec15dbbc4d89cf33178505b50565327ab8cd117d037e40b4a052d363a
9e8539d165a68978fec35eaa90b65eeb910619f23bdfc8a5148e35d2ac13f042
a39ee3e3509d2c984432653372e53d2c8010e3c3c019198578beabe48a847660
af6fad35cb9ccc061fbb9520b28f6241bfea528ca0e7b0b51ff784d623f1e404
b0e130fefd2d3ed9f806a705ac0c8b24d1f4782cad4d0b7cd193e344a26e62e0
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
b2c12b25b60d0c516e62a0adf00645ecc352703bad25e8ba2b55c023f09e3e6e
b539c1206858aea0a68b829afe54a5f7014e254a94d86ad8ac0615db5fbe2603
b6056ccaefd4fcbfd4298e5d2e539d51046b995db9d233fcdf02d53b3b15a8dc
b674f31e53891298adc0a9541dfc897e4aa9818c49f6c49c3c45de336fd6b817
bf1efc6863b170396da63516c089f931e64a44891e348d5dfdf3ddfd4408914c
c0e7643d83662b88d36d1c0ff7ab7143c693dfb00090467c65a497e4b7b0e96e
c63d14317ad36e1e7c90a600106fc192840ba3fcbd76273b671805f2778b9b0b
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5
cde39fc0011693f4997fdcc36378dfd94c6ef6c76b701a2a95946e714e965474
d007241edeff687072bda44f6f46c0e6b141914b3bb179487b6ee20df730d684
d162d622c35c8a3e69e5f595cc95750645fa859a0f2d2a2a5f61e335bf6885ad
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d71909349a44cc3b309fec68cd42baabcd0c9f9f0b2b89073fced50f98c3d818
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8052ca808f70c5f9bf7d64db8c86e8d326aaa7d36449ff07e037c944148630c
ed300769631ccff3c117f0c8dbc430c362a3cd2aca8fcb63da072891ef6d7e30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f109674f7ef4f43f0ff3bb383b6d28c18b05f8bc42f42a3c4c1139b455dcb71f
f2d44c4a3cd80112be259efeffbeef84a8f970831e7279393d4660021df1bf3b
f3ef27d3e7879869c831ad964c2f90ca7321408b8a1c605cb62196b31b51921f
f5972d9aecb1ec53619300293d8b9b5267bcfe63cb0206988e7033e5786e4b4f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7959c65d24d7cd30d54d11007ee789946054e53fe5eceb37776944772e104f1
fb075db8a9259fef70556ca8d07d80f8f37519fec98aad9336f17249c3fb30bd
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43