urlscan.io logo urlscan.io
SecurityTrails logo

butsa.su Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://butsa.su/
Submission: On September 01 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 41 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is butsa.su.
TLS certificate: Issued by WE1 on August 19th 2024. Valid for: 3 months.
This is the only time butsa.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.177.94.76 39572 (ADVANCEDH...)
4 9 2a02:6b8::1:119 13238 (YANDEX)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
41 9
23    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
butsa.su
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    185.177.94.76 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-76.ah-server.com
clicktimes.bid
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
23 butsa.su
butsa.su
1 MB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
4 KB
4 gstatic.com
fonts.gstatic.com
56 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
72 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
167 KB
1 clicktimes.bid
clicktimes.bid — Cisco Umbrella Rank: 184738
317 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
0 streetuptowind.com Failed
streetuptowind.com Failed
41 9
Domain Requested by
23 butsa.su butsa.su
6 mc.yandex.com 3 redirects butsa.su
mc.yandex.ru
4 fonts.gstatic.com fonts.googleapis.com
3 mc.yandex.ru 1 redirects butsa.su
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com butsa.su
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 clicktimes.bid butsa.su
1 fonts.googleapis.com butsa.su
0 streetuptowind.com Failed butsa.su
41 10

This site contains no links.

Subject Issuer Validity Valid
butsa.su
WE1		 2024-08-19 -
2024-11-17		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
0.quicksub.bid
R11		 2024-08-01 -
2024-10-30		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://butsa.su/
Frame ID: 44E4B638913505A7D8029C10847E8D7B
Requests: 39 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: B9ED494E5264A0E790276AC4B4720755
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

butsa.su - прямые трансляции спорта - смотреть онлайн

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

41
Requests

90 %
HTTPS

75 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

1832 kB
Transfer

3134 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10479.KXTi72gdhAU8wGsAZvzIKM72ny1LoHaCGq5hoxs0gVb4YauYv_FmkM0wlHTgZDd4.efCpJ3evIgWVpykNgStLAfJUIJw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10479.dzKQrZ-WeCzVoPcn9a31zW6rwY9VunuaHcNAohCZxnnU9V9_hBa3K_2nGhIoKftnLv-YalG479vBAcPUJyzH2GDDTRT7B7xv8gDcHwfyWtkMq4_jemuAXZERrGzsCFXkGc7SiHIF6ONQDVWsYsdITq0rYuUaSpmoZE1j_aC6Fzt3e8XKbqtTNPyjAC-ENrG06CvJ5p2mPhEkM0kJ-Y6pvbjEkecrnBKR7CUmvVIjB7k%2C.FTDtZygeYo1vpeJ2UhxldpPWypM%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10479._8ZwhiOo6b39zayJL8n531IQMMR5DDBtnjkV84twFBA4484FTkzWqzqqmk_4CYj6k_CTYpJL-3DX6INU70QsO_eRkU_BQXGsEOXy_-FZ_S17C__JYzTmnMLgABNz0-3czxqehJF1WEJUTdHBEGaF2r8OazWAzPhmYKYQgC0-2t0Yn0xQ1g-TkqgYRlbuMg2SiMJ59zaRu0peSBFkF4Tn2w%2C%2C.NUyF_osD4NoBsg-1hksVw1nMd68%2C
Request Chain 38
  • https://mc.yandex.com/watch/92886482?wmode=7&page-url=https%3A%2F%2Fbutsa.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A1528020078679%3Ahid%3A856190283%3Az%3A120%3Ai%3A20240901155619%3Aet%3A1725198980%3Ac%3A1%3Arn%3A866359408%3Arqn%3A1%3Au%3A1725198980572855864%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A659%3Awv%3A2%3Ads%3A17%2C146%2C178%2C17%2C0%2C0%2C%2C499%2C2%2C%2C%2C%2C858%3Aco%3A0%3Acpf%3A1%3Ans%3A1725198978921%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725198980%3At%3Abutsa.su%20-%20%D0%BF%D1%80%D1%8F%D0%BC%D1%8B%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BB%D1%8F%D1%86%D0%B8%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20-%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
  • https://mc.yandex.com/watch/92886482/1?wmode=7&page-url=https%3A%2F%2Fbutsa.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A1528020078679%3Ahid%3A856190283%3Az%3A120%3Ai%3A20240901155619%3Aet%3A1725198980%3Ac%3A1%3Arn%3A866359408%3Arqn%3A1%3Au%3A1725198980572855864%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A659%3Awv%3A2%3Ads%3A17%2C146%2C178%2C17%2C0%2C0%2C%2C499%2C2%2C%2C%2C%2C858%3Aco%3A0%3Acpf%3A1%3Ans%3A1725198978921%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725198980%3At%3Abutsa.su%20-%20%D0%BF%D1%80%D1%8F%D0%BC%D1%8B%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BB%D1%8F%D1%86%D0%B8%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20-%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
butsa.su/ 		76 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f193b8c600e44797abd2ad2cdfb9bd3fb4cafe3c2dd76d4131fc39cd0d0c947b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bc5c3535c930ae0-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 01 Sep 2024 13:56:19 GMT
link
<https://butsa.su/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2F2IQnraGMiDf0AS756FouWC4djF1LTyER7vfazBKfAWTtYb%2FDo5KkXbWUPBeLdxFBB33qTSwTC%2Bwq0Hp2qrhuEYWaSINdLmn8fpssTYBfpE0UQF7IiOaF1n0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Cookie
style.min.css
butsa.su/wp-includes/css/dist/block-library/ 		110 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 22:10:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3093
etag
W/"66c7b768-1b723"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FrIzmSRiIOmGWKv91XFo21gH0GDlo%2FDvzUTeVKKI9NKukko8dxLn4tNrdm6ZQmDIx73zQjP9CxBmfHtNx2VKhCKaEDhn0egTNhwk61nN%2Fetyp2LO8c0s59%2BiOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8bc5c3547e730ae0-AMS
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=6.6.1
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Sep 2024 12:50:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 01 Sep 2024 13:56:19 GMT
style.min.css
butsa.su/wp-content/themes/root/css/ 		147 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-content/themes/root/css/style.min.css?ver=2.4.1
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce375e0e2a6e43457de3a61cb5d47dc98eee370dfe0bd6427c50a58d032ac54

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Aug 2024 22:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c7b76c-24cc6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5ZrEPGGhed%2FQffxD2ytEkMDCpJRrL%2BrAOEyVqv4t6VQ%2BjE2dVtuTWkEw785Nphkdq6ymAp4WfgV67%2B1RAVOX%2BMCPEJRbfM51xVV%2BFwEO5HRz%2B8Ma4KQUgSLfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8bc5c3548e750ae0-AMS
alt-svc
h3=":443"; ma=86400
js_composer.min.css
butsa.su/wp-content/plugins/js_composer/assets/css/ 		474 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Aug 2024 22:10:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3093
etag
W/"66c7b773-76891"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0A1PngyJJJ1Wcen1XoKMzgzCMy9z2ytCuX28gq15Mdc0oH%2F3xKx3sfxIvFl4oF2b4ekADQrfGOzgoqg2U%2BHXtiBkqUDQrpk3aqAnrearCtIBovPz%2B2tJOcYaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8bc5c3548e790ae0-AMS
alt-svc
h3=":443"; ma=86400
jquery.min.js
butsa.su/wp-includes/js/jquery/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Aug 2024 22:10:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c7b767-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WvvpKORvMt2FjdKjrIaHKAKQPSC%2F3%2Fkx4F1ODQ97W7vgwuWW4PlTGhUtj8EVg%2F287vwfsK2pMVsMvKhTLL7%2FJJtZ8H06%2Bg2oOo%2FmCeQZHKC5nDBVSICMrlUdDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8bc5c3548e7e0ae0-AMS
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
butsa.su/wp-includes/js/jquery/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Aug 2024 22:10:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c7b768-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtbRJoX6sMt8rOK%2Bv4yXzFiYxwPA5yirYDCprxw5J8feSq0QKtkyCNNeEr%2B%2FbSJbOWv2dabqX7CIe6CeDEspqKEj%2F7yPFpRqhJWupR%2FPeW2sTfaGUERwFQMHZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8bc5c3548e800ae0-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-230734972-3
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1347a9d1111cbcd87dd8651ed023a72243e9d437188c1440e49ecf258ffb8582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77479
x-xss-protection
0
last-modified
Sun, 01 Sep 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 01 Sep 2024 13:56:19 GMT
/
clicktimes.bid/ 		10 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://clicktimes.bid/?ce=g5rdomzxgq5ha3ddf42tonzu
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.94.76 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-94-76.ah-server.com
Software
nginx /
Resource Hash
3df65d7d6add27dd11c6f6a174f7940f193a6283948ad989f1462923cde8f229
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 01 Sep 2024 13:56:19 GMT
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
server
nginx
content-type
application/javascript; charset=UTF-8
sochi-tjumen-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/sochi-tjumen-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f97e8137ce5231edd03713769bb4d469499a5102c33a6a6696db9a1ea9b03d1

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
MISS
last-modified
Sun, 01 Sep 2024 11:58:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d456fc-1124f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27XLM91q486nuT%2B9mzEH8z3nJcjVnnqOiZ03hFKvo%2F%2BwH4jYWXqIqQFCk1Q7gmiyRsZE8JFRZMfjUe9darIcfV%2FO%2Bgvki27YQcDknZw3RMosZpgp255m%2BdF37Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c3548e840ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
70223
chernomorec-rodina-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/chernomorec-rodina-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c222a6ad1257e263bc00c3922f035abade818d3608870c5a70b840be7f8766

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
MISS
last-modified
Sun, 01 Sep 2024 11:51:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d45530-f17d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FR7L%2Bs8Yks3XiTG3Eznv17sU0oC6s0XLhW1MUpB1FjIB%2F8B3AWybAB1Xp6wqUajYz1%2F%2BLMzuRZWlFR0J6rWLkjZYLjf1Dsh6zpRNw%2Fx2O1pr%2FvCHkh3eWaLvfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c3548e860ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
61821
kamaz-neftehimik-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/kamaz-neftehimik-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bb2e3112a6ff695f1a67780b3984e5a93ff3ea87eb1b325a336585d1941edf7

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
MISS
last-modified
Sun, 01 Sep 2024 11:42:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d45315-eb19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8bRYZ8bSAkjOdFogWfyBI4MWtOYZ5RQ16I5yWauTvecnJRbNcg1nrLDN3RocSGdN3YC7Mok5YlgOrJ4VyjOSfqS7ZaB7Vzy1wGkEO4hzfUxfyTwDqzVSPb25Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c3552f6f0ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
60185
swiper.min.js
butsa.su/wp-content/themes/root/js/ 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-content/themes/root/js/swiper.min.js?ver=2.4.1
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8426aa9ce874782fcc365782b76af7f770a9ae3e48fb6dc1b46f9776ed536817

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 22 Aug 2024 22:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c7b76c-1e743"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2BNxFEANHYdf1lTrAwxRDwAAXAoD59RCUo0GvoaAgRFGx0epoRm2G5x5sITCT2PrdXvlQ9O9%2FhALqRWMZc2CXewlHs1aDTvgN7%2FryUlQp%2BZlVWIrcqaOdXsOFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8bc5c3553f780ae0-AMS
alt-svc
h3=":443"; ma=86400
lightbox.js
butsa.su/wp-content/themes/root/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-content/themes/root/js/lightbox.js?ver=2.4.1
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6689da9de439659c81141876190f91117e80885025c04d63ff41915efda4a6f2

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Aug 2024 22:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c7b76c-a9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmZpfgYLarVctwR8fuhWVfNVkG4Rg7baBv4eDKtbjOF%2BqGZ02tpN%2B5056MLYxIOsOauwKNGmkzVqXBfVA4LDbUy2ssp60vE6dXhqVuplgQ8ojTa%2FLha%2Fu3r3Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8bc5c3557fc60ae0-AMS
alt-svc
h3=":443"; ma=86400
608e06e1-2c38-4a42-88e7-d1765a4c27ce
https://butsa.su/ Frame 		0
0
scripts.min.js
butsa.su/wp-content/themes/root/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-content/themes/root/js/scripts.min.js?ver=2.4.1
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8fef484ac8a107d5c1d4592fc8dbcdd63232b32794b86d33ed9a646ba8b0abf

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Aug 2024 22:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c7b76c-1d19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1LzjqbjV5qnCauclXJNAYiu8lNDeCA4iUHIvHAHM%2FvijHsL8dNC0Iyf6eHbO%2FatpSUFwtsVpfRVPfL8KRjw5%2FOuCwxxzHmJLzVl7U4nKnVNGRvGcWTnaIkM0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8bc5c3557fc80ae0-AMS
alt-svc
h3=":443"; ma=86400
/
streetuptowind.com/services/ 		0
0
tag.js
mc.yandex.ru/metrika/ 		202 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0b3a7957052e42a025c147ed20d40754190fbf824a358e7c38b2aa5d112144cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
date
Sun, 01 Sep 2024 13:56:19 GMT
last-modified
Wed, 28 Aug 2024 08:43:08 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66cee31c-11652"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71250
expires
Sun, 01 Sep 2024 14:56:19 GMT
zolotye-butsy.png
butsa.su/wp-content/uploads/2023/11/ 		581 KB
582 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2023/11/zolotye-butsy.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c0bc70306329d8effd7dc20914a99ac63d8adfbba1dd297833e0621cac4aba

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Aug 2024 22:11:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66c7b7aa-914df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bl1ItWWHw8NmuKNZwt8ulRTdkpqHRlI8PcWjmjZ%2BoN6PXYBy%2FYb%2BAxzmnylF4D24n1aSQChKzmPeiLdT4QAvkkwiA83jelISQubTsq19fjC9s9YBNNfN6WabbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c355aff40ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
595167
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=6.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://butsa.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 17:57:33 GMT
x-content-type-options
nosniff
age
244726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9852
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 17:57:33 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=6.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://butsa.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 03:20:28 GMT
x-content-type-options
nosniff
age
124551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 03:20:28 GMT
fontawesome-webfont.woff2
butsa.su/wp-content/themes/root/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: butsa.su
URL: https://butsa.su/wp-content/themes/root/css/style.min.css?ver=2.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://butsa.su/wp-content/themes/root/css/style.min.css?ver=2.4.1
Origin
https://butsa.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Aug 2024 22:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66c7b76c-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OAgSvgg%2Bp4uqBn6iF3ZpVoKAPV%2B4iKNtHSx4dsWv1CJoNoxekuq7YkZrYn7iz60EwUQv8J2%2B3QJiJGSag%2F9a3qud969OxcJ5iUglPgXB4bgBC4eoV0pKKfqtKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c355e85b0ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
77160
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=6.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://butsa.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 22:14:45 GMT
x-content-type-options
nosniff
age
142894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 22:14:45 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=6.6.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://butsa.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 17:46:11 GMT
x-content-type-options
nosniff
age
72608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9780
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 17:46:11 GMT
sokol-shinnik-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/sokol-shinnik-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba092b55b28fb9cf05e463db45d33c0685be359ecdd2fe1165bba6447e6d9e7

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
MISS
last-modified
Sun, 01 Sep 2024 11:34:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d4514b-1002a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tlEVY%2FNU1Jqm%2BBR66qhHpu4wU3I27wagMp16IW0RrdSNvwB7uxz8izcWTwLiVLFkaNIaK%2Bw%2BZFqXlCj9bVQAoIvwzrllHCL%2Fp8RDRhgeDUgMdh1SZdk6%2BRiGig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c355d84b0ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
65578
fiorentina-monca-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/fiorentina-monca-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656fb8861b64c6b1269c52f1ec10273fb3c692204ad823593391a023a735a961

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
MISS
last-modified
Sun, 01 Sep 2024 11:13:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d44c72-a7fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jk84E1V%2B5HhYtCFnb%2BpJuxUe3vgWBeOsnFJAXSX5ZU5E0YRK5mNc4CYZ%2BfBd9MJbGXI%2FOUOzzl5RnvfTatdOmC4IiuFKtuyPlnrF6cqrHjfihnh6W5gCYKAUhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c355d84e0ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
43005
real-madrid-betis-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/real-madrid-betis-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c43335c38b8ed29375a2c7dcc8dad8218ff96b81b18a67fa0101d926b249896

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 01 Sep 2024 11:03:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d449ea-1074f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B7m7DQBQ%2ByxXDAILH6labFok3Ybkm762Lm%2Bt6Hh8ejcPx4cxXmBaQiIXSr%2BUC8HM7IbzRKcnSlGbV1LSQ2IEvFpsnh2N1apKmp7kqC6ImUEa1vZBfgLlMfVXgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c355d8500ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
67407
manchester-junajted-liverpul-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/manchester-junajted-liverpul-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e591db2028cba5c65a48c6682702c59988b51829e1d33402383583bb019ad769

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
MISS
last-modified
Sun, 01 Sep 2024 10:53:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d447b6-100c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=di2E6IvI%2BU%2BoaVW8YcdIJOo7sSzE94BykTFg92l5SfDCGdD3QvHiLmBhcAJOdp1UEYlUaTAPINhzHT0aHMwZPIVaI5jpHvb84FEnAS%2BnceQTHiDd6S3fqGy0fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c355d8550ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
65733
rostov-fakel-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/rostov-fakel-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ccd18ae8304c75d34538459d69adb74a9029c62e0238bd8441d30c66701f2e

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
MISS
last-modified
Sun, 01 Sep 2024 10:40:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d44485-119e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRydf4OmnrKyW6PocgC%2FcIKyamvG4uEAm2J47pVuN6jCfD4PMRNP%2FLDfh3tza%2Bt6ZNzVaPF1nqqO%2B5Ea2idGTrD6p9S5Ry0GRantwnNLe26BqezXEDFYXfZ45w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c355d8560ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
72163
krylja-sovetov-dinamo-mahachkala-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/krylja-sovetov-dinamo-mahachkala-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bcb07f059d353060550e1bac26a43b6e42834cda419673379f0402cb68c9c8

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
MISS
last-modified
Sun, 01 Sep 2024 10:29:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d4421a-1113d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiDqUrZnS4f9nAx%2F%2FJnjHOSMgdQhd1bo3Uq9KEc0%2BLI3Pe7cHuFAeyG7y5oyOfznkI5%2FywKjxk0urJRhDuK0nmvb932SyGC2qO1IU0S3Z5CYU23k3Gz7oHG9XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c355d8570ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
69949
orenburg-dinamo-moskva-330x140.png
butsa.su/wp-content/uploads/2024/09/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://butsa.su/wp-content/uploads/2024/09/orenburg-dinamo-moskva-330x140.png
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d5299656f6ec70bcfa56c2310261498bae1333538dc04f996a8918a65915e0e

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
cf-cache-status
MISS
last-modified
Sun, 01 Sep 2024 10:19:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d43fbd-11d6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PkslpqYXPkmHF5U49unZVTGA9ziuPPXGb1owxZ7aN1xiQl%2BeysNpQrI7%2FZLQfWDZAXTC7gR8eMnJxkyUypozALPOeCuA7f0kzuDtS%2Fo2NxZcsueVIFnn6nlpWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c355d8580ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
73069
js
www.googletagmanager.com/gtag/ 		259 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LMXVSMF1WF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230734972-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0cff2837c497b834e5ed14c6b01e899772383492d9056706aea880e4ee671413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93075
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 01 Sep 2024 13:56:19 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230734972-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 01 Sep 2024 13:20:02 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2177
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 01 Sep 2024 15:20:02 GMT
wp-emoji-release.min.js
butsa.su/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Aug 2024 22:10:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66c7b768-4926"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ppm%2Fdx3j9ugs84%2BLhdlTMz9%2BdIYIm2tf1a%2FwHip7wBh4lGvyUVDMGDSrbvz%2FFEFLI6gItiVYXJQ2cdbn%2BfU1ucVSG%2BDM0PhgHentj47HVTJHioDHsoQ4Dxh4yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
8bc5c357aab90ae0-AMS
alt-svc
h3=":443"; ma=86400
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10479.KXTi72gdhAU8wGsAZvzIKM72ny1LoHaCGq5hoxs0gVb4YauYv_FmkM0wlHTgZDd4.efCpJ3evIgWVpykNgStLAfJUIJw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10479.dzKQrZ-WeCzVoPcn9a31zW6rwY9VunuaHcNAohCZxnnU9V9_hBa3K_2nGhIoKftnLv-YalG479vBAcPUJyzH2GDDTRT7B7xv8gDcHwfyWtkMq4_jemuAXZERrGzsCFXkGc7SiHIF6O...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10479._8ZwhiOo6b39zayJL8n531IQMMR5DDBtnjkV84twFBA4484FTkzWqzqqmk_4CYj6k_CTYpJL-3DX6INU70QsO_eRkU_BQXGsEOXy_-FZ_S17C...
43 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10479._8ZwhiOo6b39zayJL8n531IQMMR5DDBtnjkV84twFBA4484FTkzWqzqqmk_4CYj6k_CTYpJL-3DX6INU70QsO_eRkU_BQXGsEOXy_-FZ_S17C__JYzTmnMLgABNz0-3czxqehJF1WEJUTdHBEGaF2r8OazWAzPhmYKYQgC0-2t0Yn0xQ1g-TkqgYRlbuMg2SiMJ59zaRu0peSBFkF4Tn2w%2C%2C.NUyF_osD4NoBsg-1hksVw1nMd68%2C
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 01 Sep 2024 13:56:20 GMT
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10479._8ZwhiOo6b39zayJL8n531IQMMR5DDBtnjkV84twFBA4484FTkzWqzqqmk_4CYj6k_CTYpJL-3DX6INU70QsO_eRkU_BQXGsEOXy_-FZ_S17C__JYzTmnMLgABNz0-3czxqehJF1WEJUTdHBEGaF2r8OazWAzPhmYKYQgC0-2t0Yn0xQ1g-TkqgYRlbuMg2SiMJ59zaRu0peSBFkF4Tn2w%2C%2C.NUyF_osD4NoBsg-1hksVw1nMd68%2C
date
Sun, 01 Sep 2024 13:56:20 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:19 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 28 Aug 2024 08:43:08 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66cee31c-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 01 Sep 2024 14:56:19 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LMXVSMF1WF&gtm=45je48s0v9114293195za200&_p=1725198979424&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1074953762.1725198980&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1725198979&sct=1&seg=0&dl=https%3A%2F%2Fbutsa.su%2F&dt=butsa.su%20-%20%D0%BF%D1%80%D1%8F%D0%BC%D1%8B%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BB%D1%8F%D1%86%D0%B8%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20-%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1028
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LMXVSMF1WF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Sep 2024 13:56:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://butsa.su
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=647905978&t=pageview&_s=1&dl=https%3A%2F%2Fbutsa.su%2F&ul=nl-nl&de=UTF-8&dt=butsa.su%20-%20%D0%BF%D1%80%D1%8F%D0%BC%D1%8B%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BB%D1%8F%D1%86%D0%B8%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20-%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2062243791&gjid=1687355249&cid=1074953762.1725198980&tid=UA-230734972-3&_gid=894245197.1725198980&_r=1&gtm=457e48s0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=280012299
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Sep 2024 13:56:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://butsa.su
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame B9ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://butsa.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Sun, 01 Sep 2024 13:56:20 GMT
etag
"66cee31c-416"
expires
Sun, 01 Sep 2024 14:56:20 GMT
last-modified
Wed, 28 Aug 2024 08:43:08 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/92886482/
Redirect Chain
  • https://mc.yandex.com/watch/92886482?wmode=7&page-url=https%3A%2F%2Fbutsa.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL...
  • https://mc.yandex.com/watch/92886482/1?wmode=7&page-url=https%3A%2F%2Fbutsa.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-...
583 B
788 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/92886482/1?wmode=7&page-url=https%3A%2F%2Fbutsa.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A1528020078679%3Ahid%3A856190283%3Az%3A120%3Ai%3A20240901155619%3Aet%3A1725198980%3Ac%3A1%3Arn%3A866359408%3Arqn%3A1%3Au%3A1725198980572855864%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A659%3Awv%3A2%3Ads%3A17%2C146%2C178%2C17%2C0%2C0%2C%2C499%2C2%2C%2C%2C%2C858%3Aco%3A0%3Acpf%3A1%3Ans%3A1725198978921%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725198980%3At%3Abutsa.su%20-%20%D0%BF%D1%80%D1%8F%D0%BC%D1%8B%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BB%D1%8F%D1%86%D0%B8%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20-%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
Requested by
Host: butsa.su
URL: https://butsa.su/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
441393d83ee3c1e9498d7790e7e21e3284621a08077fcd3b1389f8680f922d83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 01 Sep 2024 13:56:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 01-Sep-2024 13:56:20 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://butsa.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
583
x-xss-protection
1; mode=block
expires
Sun, 01-Sep-2024 13:56:20 GMT

Redirect headers

pragma
no-cache
date
Sun, 01 Sep 2024 13:56:20 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 01-Sep-2024 13:56:20 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
https://butsa.su
location
/watch/92886482/1?wmode=7&page-url=https%3A%2F%2Fbutsa.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A1528020078679%3Ahid%3A856190283%3Az%3A120%3Ai%3A20240901155619%3Aet%3A1725198980%3Ac%3A1%3Arn%3A866359408%3Arqn%3A1%3Au%3A1725198980572855864%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A659%3Awv%3A2%3Ads%3A17%2C146%2C178%2C17%2C0%2C0%2C%2C499%2C2%2C%2C%2C%2C858%3Aco%3A0%3Acpf%3A1%3Ans%3A1725198978921%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725198980%3At%3Abutsa.su%20-%20%D0%BF%D1%80%D1%8F%D0%BC%D1%8B%D0%B5%20%D1%82%D1%80%D0%B0%D0%BD%D1%81%D0%BB%D1%8F%D1%86%D0%B8%D0%B8%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0%20-%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 01-Sep-2024 13:56:20 GMT
cropped-imgbin-graphics-american-football-ball-game-football-LY7SxTrc3aX4S5XK7MwqstRvQ-32x32.jpg
butsa.su/wp-content/uploads/2022/09/ 		893 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://butsa.su/wp-content/uploads/2022/09/cropped-imgbin-graphics-american-football-ball-game-football-LY7SxTrc3aX4S5XK7MwqstRvQ-32x32.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e66150701d4593a330495ac708e6af0f0fe8707b9725058a551b2d6732affe

Request headers

Referer
https://butsa.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 13:56:20 GMT
cf-cache-status
MISS
last-modified
Thu, 22 Aug 2024 22:11:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66c7b787-37d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SC0dNlZw8KImCXNWbIm2RCXP6CpOVjwARblxrnH4dmhyIuPaE0DNISCp9bbkT3km8EjchFjL0hYrj0jo8UjXs7%2BD11RQMbZFGEz9DmQPHm9LuD7GEB3eKT0mbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bc5c35c88e10ae0-AMS
alt-svc
h3=":443"; ma=86400
content-length
893

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
butsa.su
URL
blob:https://butsa.su/608e06e1-2c38-4a42-88e7-d1765a4c27ce
Domain
streetuptowind.com
URL
https://streetuptowind.com/services/?id=155455

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| jQuery function| gtag object| dataLayer function| ym function| Swiper object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| settings_array object| wps_ajax function| GoTo function| base64_decode function| createCookie function| readCookie function| eraseCookie object| twemoji object| wp object| Ya object| yaCounter92886482 object| gaGlobal object| gaplugins object| gaData

25 Cookies

Domain/Path Name / Value
.clicktimes.bid/ Name: uuid
Value: 844fef9d-1bd5-4538-9a15-286144c53e96
.yandex.ru/ Name: yashr
Value: 8915019651725198979
.butsa.su/ Name: _ym_uid
Value: 1725198980572855864
.butsa.su/ Name: _ym_d
Value: 1725198980
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3832981248fake
.butsa.su/ Name: _ga_LMXVSMF1WF
Value: GS1.1.1725198979.1.0.1725198979.0.0.0
.yandex.com/ Name: i
Value: cj4zldKonB2cDr6uDnaNM2wzVpTDlFawN12v2iGio9uZ1dRO5PTgF180EVuo832U30gD6e9zfb51k/6T1QwPAcEV/Dg=
.yandex.com/ Name: yandexuid
Value: 327740081725198979
.yandex.com/ Name: yashr
Value: 2412539991725198979
.butsa.su/ Name: _ga
Value: GA1.2.1074953762.1725198980
.butsa.su/ Name: _gid
Value: GA1.2.894245197.1725198980
.butsa.su/ Name: _gat_gtag_UA_230734972_3
Value: 1
.butsa.su/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3799349627fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 327740081725198979
.yandex.ru/ Name: yuidss
Value: 327740081725198979
.yandex.ru/ Name: i
Value: cj4zldKonB2cDr6uDnaNM2wzVpTDlFawN12v2iGio9uZ1dRO5PTgF180EVuo832U30gD6e9zfb51k/6T1QwPAcEV/Dg=
.yandex.ru/ Name: yp
Value: 1725285380.yu.6535321151725198979
.yandex.ru/ Name: ymex
Value: 1727790980.oyu.6535321151725198979
mc.yandex.com/ Name: yabs-sid
Value: 2361061101725198980
.yandex.com/ Name: yuidss
Value: 327740081725198979
.yandex.com/ Name: ymex
Value: 1756734980.yrts.1725198980
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGCE5dG2Bg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

butsa.su
clicktimes.bid
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
region1.google-analytics.com
streetuptowind.com
www.google-analytics.com
www.googletagmanager.com
butsa.su
streetuptowind.com
185.177.94.76
188.114.96.3
2001:4860:4802:34::36
2a00:1450:4001:806::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:831::2003
2a02:6b8::1:119
03c0bc70306329d8effd7dc20914a99ac63d8adfbba1dd297833e0621cac4aba
0b3a7957052e42a025c147ed20d40754190fbf824a358e7c38b2aa5d112144cb
0cff2837c497b834e5ed14c6b01e899772383492d9056706aea880e4ee671413
1347a9d1111cbcd87dd8651ed023a72243e9d437188c1440e49ecf258ffb8582
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f97e8137ce5231edd03713769bb4d469499a5102c33a6a6696db9a1ea9b03d1
30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288
3ba092b55b28fb9cf05e463db45d33c0685be359ecdd2fe1165bba6447e6d9e7
3c43335c38b8ed29375a2c7dcc8dad8218ff96b81b18a67fa0101d926b249896
3d5299656f6ec70bcfa56c2310261498bae1333538dc04f996a8918a65915e0e
3df65d7d6add27dd11c6f6a174f7940f193a6283948ad989f1462923cde8f229
441393d83ee3c1e9498d7790e7e21e3284621a08077fcd3b1389f8680f922d83
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
656fb8861b64c6b1269c52f1ec10273fb3c692204ad823593391a023a735a961
6689da9de439659c81141876190f91117e80885025c04d63ff41915efda4a6f2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7
7bb2e3112a6ff695f1a67780b3984e5a93ff3ea87eb1b325a336585d1941edf7
8426aa9ce874782fcc365782b76af7f770a9ae3e48fb6dc1b46f9776ed536817
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
a2c222a6ad1257e263bc00c3922f035abade818d3608870c5a70b840be7f8766
a7ccd18ae8304c75d34538459d69adb74a9029c62e0238bd8441d30c66701f2e
a8fef484ac8a107d5c1d4592fc8dbcdd63232b32794b86d33ed9a646ba8b0abf
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e4e66150701d4593a330495ac708e6af0f0fe8707b9725058a551b2d6732affe
e591db2028cba5c65a48c6682702c59988b51829e1d33402383583bb019ad769
f193b8c600e44797abd2ad2cdfb9bd3fb4cafe3c2dd76d4131fc39cd0d0c947b
f1bcb07f059d353060550e1bac26a43b6e42834cda419673379f0402cb68c9c8
fce375e0e2a6e43457de3a61cb5d47dc98eee370dfe0bd6427c50a58d032ac54