user-gto.ru
Open in
urlscan Pro
194.58.98.46
Public Scan
Submitted URL: https://www.user-gto.ru/
Effective URL: https://user-gto.ru/
Submission: On August 14 via automatic, source certstream-suspicious — Scanned from US
Effective URL: https://user-gto.ru/
Submission: On August 14 via automatic, source certstream-suspicious — Scanned from US
Summary
This website contacted 11 IPs
in 3 countries
across 12 domains to perform 69 HTTP transactions.
The main IP is 194.58.98.46, located in
Russian Federation and
belongs to AS-REG, RU.
The main domain is user-gto.ru.
TLS certificate: Issued by R11 on August 11th 2024. Valid for: 3 months.
This is the only time user-gto.ru was scanned on urlscan.io!
TLS certificate: Issued by R11 on August 11th 2024. Valid for: 3 months.
This is the only time user-gto.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 36 | 194.58.98.46 194.58.98.46 | 197695 (AS-REG) (AS-REG) | |
| 1 | 116.202.32.31 116.202.32.31 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4006:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
| 12 | 2a00:1148:db0... 2a00:1148:db00::17 | 47764 (VK-AS) (VK-AS) | |
| 3 10 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
| 1 2 | 88.212.201.198 88.212.201.198 | 39134 (UNITEDNET) (UNITEDNET) | |
| 5 | 2607:f8b0:400... 2607:f8b0:4006:80a::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1148:db0... 2a00:1148:db00::28 | 47764 (VK-AS) (VK-AS) | |
| 2 | 87.251.82.212 87.251.82.212 | 49505 (SELECTEL) (SELECTEL) | |
| 1 | 87.251.82.213 87.251.82.213 | 49505 (SELECTEL) (SELECTEL) | |
| 69 | 11 |
36
194.58.98.46
(Russian Federation)
ASN197695 (AS-REG, RU)
PTR: kabinet-gosuslugi.ru
ASN197695 (AS-REG, RU)
PTR: kabinet-gosuslugi.ru
| www.user-gto.ru | |
| user-gto.ru |
1
116.202.32.31
(Nuremberg, Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.31.32.202.116.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.31.32.202.116.clients.your-server.de
| profit.newpushcashtop.ru |
2
87.251.82.212
(St Petersburg, Russian Federation)
ASN49505 (SELECTEL, RU)
ASN49505 (SELECTEL, RU)
| widget.info-static.ru | |
| widget.info-app5shs.ru |
1
87.251.82.213
(St Petersburg, Russian Federation)
ASN49505 (SELECTEL, RU)
ASN49505 (SELECTEL, RU)
| config.widget.info-app5shs.ru |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 36 |
user-gto.ru
1 redirects
www.user-gto.ru user-gto.ru |
1 MB |
| 12 |
mail.ru
ad.mail.ru — Cisco Umbrella Rank: 8659 |
3 KB |
| 8 |
yandex.com
2 redirects
mc.yandex.com — Cisco Umbrella Rank: 6787 |
5 KB |
| 5 |
gstatic.com
fonts.gstatic.com |
66 KB |
| 2 |
info-app5shs.ru
config.widget.info-app5shs.ru widget.info-app5shs.ru geo-db.info-app5shs.ru Failed |
180 KB |
| 2 |
yadro.ru
1 redirects
counter.yadro.ru — Cisco Umbrella Rank: 9685 |
1 KB |
| 2 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2503 |
71 KB |
| 1 |
info-static.ru
widget.info-static.ru |
3 KB |
| 1 |
mradx.net
r.mradx.net — Cisco Umbrella Rank: 20540 |
58 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
2 KB |
| 1 |
newpushcashtop.ru
profit.newpushcashtop.ru |
8 KB |
| 0 |
ce4g6j97hi.ru
Failed
ce4g6j97hi.ru Failed |
|
| 69 | 12 |
| Domain | Requested by | |
|---|---|---|
| 35 | user-gto.ru |
user-gto.ru
|
| 12 | ad.mail.ru |
user-gto.ru
r.mradx.net |
| 8 | mc.yandex.com |
2 redirects
user-gto.ru
mc.yandex.ru |
| 5 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | counter.yadro.ru |
1 redirects
user-gto.ru
|
| 2 | mc.yandex.ru |
1 redirects
user-gto.ru
|
| 1 | widget.info-app5shs.ru |
widget.info-static.ru
|
| 1 | config.widget.info-app5shs.ru |
widget.info-static.ru
|
| 1 | widget.info-static.ru |
user-gto.ru
|
| 1 | r.mradx.net |
ad.mail.ru
|
| 1 | fonts.googleapis.com |
user-gto.ru
|
| 1 | profit.newpushcashtop.ru |
user-gto.ru
|
| 1 | www.user-gto.ru | 1 redirects |
| 0 | geo-db.info-app5shs.ru Failed |
widget.info-app5shs.ru
|
| 0 | ce4g6j97hi.ru Failed |
user-gto.ru
|
| 69 | 15 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| serges.ru |
| user.gto.ru |
| www.liveinternet.ru |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| user-gto.ru R11 |
2024-08-11 - 2024-11-09 |
3 months | crt.sh |
| fylfpaskl.ru R11 |
2024-08-12 - 2024-11-10 |
3 months | crt.sh |
| upload.video.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| *.mail.ru GlobalSign ECC OV SSL CA 2018 |
2023-10-06 - 2024-11-06 |
a year | crt.sh |
| mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2024-05-23 - 2024-11-02 |
5 months | crt.sh |
| *.gstatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| *.mradx.net GlobalSign RSA OV SSL CA 2018 |
2023-08-01 - 2024-09-01 |
a year | crt.sh |
| widget.my.feedot.com R11 |
2024-06-22 - 2024-09-20 |
3 months | crt.sh |
| config.widget.my.feedot.com R11 |
2024-06-22 - 2024-09-20 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://user-gto.ru/
Frame ID: 12C8E3F9737EC87D00611F70DA06753F
Requests: 68 HTTP requests in this frame
Frame:
https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 502E694A8642110DB4525A79F185569B
Requests: 1 HTTP requests in this frame
Frame:
https://ad.mail.ru/dist/vkAuth.html
Frame ID: 36BA29EC039A3EFAEA81E3BD3576B2ED
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
ГТО личный кабинет — вход на сайт — регистрация user.gto.ruPage URL History Show full URLs
-
https://www.user-gto.ru/
HTTP 301
https://user-gto.ru/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://serges.ru/promo
Title: Волшебство музыки
Title: Волшебство музыки
Search URL Search Domain Scan URL
URL: https://user.gto.ru/user/register
Search URL Search Domain Scan URL
URL: https://www.liveinternet.ru/click
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.user-gto.ru/
HTTP 301
https://user-gto.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://counter.yadro.ru/hit?t50.5;r;s1600*1200*24;uhttps%3A//user-gto.ru/;h%u0413%u0422%u041E%20%u043B%u0438%u0447%u043D%u044B%u0439%20%u043A%u0430%u0431%u0438%u043D%u0435%u0442%20%u2014%20%u0432%u0445%u043E%u0434%20%u043D%u0430%20%u0441%u0430%u0439%u0442%20%u2014%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u044F%20user.gto.ru;0.556533809977876 HTTP 302
- https://counter.yadro.ru/hit?q;t50.5;r;s1600*1200*24;uhttps%3A//user-gto.ru/;h%u0413%u0422%u041E%20%u043B%u0438%u0447%u043D%u044B%u0439%20%u043A%u0430%u0431%u0438%u043D%u0435%u0442%20%u2014%20%u0432%u0445%u043E%u0434%20%u043D%u0430%20%u0441%u0430%u0439%u0442%20%u2014%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u044F%20user.gto.ru;0.556533809977876
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10461._4aW4CfVaZ7DcgQ5VoixN5U0pZmnfsxJKQux96GZ4MPPd0QW3bOaMr_LPvFouBJ_.dMcdJjGG_E4OuVo5qwGh8shViAw%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10461.-NoFtu_5M5aQvu_rjTLk27pOSMCbhmPhNZu9lz_pA6hsJlGvBIgMyeGTcxmpUGizt-XhTfel2KrLu5MzU-tU8gkccXFCi86yQn47hw9BaVqFD1bghkYb8EbXelI47714TLB-NMPJiWQ6dPe2Vfn8HMDQsn34ncQm5dA8psu3R0H4eyv8idHWFBiiJPTCm32_p2ajggsgUAz-G1ltE_ucYeFnAK_KbVWYqQClToWLTGA%2C.dsUAkdee2k0v6SeR29PoLJ8L6bw%2C
- https://mc.yandex.com/watch/49430977?wmode=7&page-url=https%3A%2F%2Fuser-gto.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A167715832706%3Ahid%3A39862377%3Az%3A-600%3Ai%3A20240814102108%3Aet%3A1723666868%3Ac%3A1%3Arn%3A610592320%3Arqn%3A1%3Au%3A1723666868523426997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4497%3Awv%3A2%3Ads%3A0%2C616%2C438%2C205%2C2010%2C0%2C%2C1818%2C17%2C%2C%2C%2C5492%3Aco%3A0%3Acpf%3A1%3Ans%3A1723666862467%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723666869%3At%3A%D0%93%D0%A2%D0%9E%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%E2%80%94%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20%E2%80%94%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20user.gto.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
- https://mc.yandex.com/watch/49430977/1?wmode=7&page-url=https%3A%2F%2Fuser-gto.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A167715832706%3Ahid%3A39862377%3Az%3A-600%3Ai%3A20240814102108%3Aet%3A1723666868%3Ac%3A1%3Arn%3A610592320%3Arqn%3A1%3Au%3A1723666868523426997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4497%3Awv%3A2%3Ads%3A0%2C616%2C438%2C205%2C2010%2C0%2C%2C1818%2C17%2C%2C%2C%2C5492%3Aco%3A0%3Acpf%3A1%3Ans%3A1723666862467%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723666869%3At%3A%D0%93%D0%A2%D0%9E%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%E2%80%94%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20%E2%80%94%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20user.gto.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
69 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
user-gto.ru/ Redirect Chain
|
129 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ff2f9225102818f9c226abad036f49a17262a027.js
profit.newpushcashtop.ru/2212/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.min.css
user-gto.ru/wp-includes/css/dist/block-library/ |
110 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
28 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.min.css
user-gto.ru/wp-content/themes/news-portal/assets/library/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lightslider.min.css
user-gto.ru/wp-content/themes/news-portal/assets/library/lightslider/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
user-gto.ru/wp-content/themes/news-portal/ |
58 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
np-responsive.css
user-gto.ru/wp-content/themes/news-portal/assets/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
user-gto.ru/wp-includes/js/jquery/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
user-gto.ru/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
banner.js
user-gto.ru/wp-content/plugins/blockalyzer-adblock-counter/js/ |
68 B 475 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ads-async.js
ad.mail.ru/static/ |
193 B 502 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1-sayt-gto-lichnyy-kabinet.png
user-gto.ru/wp-content/uploads/2018/06/ |
860 KB 860 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2-sayt-gto-lichnyy-kabinet.png
user-gto.ru/wp-content/uploads/2018/06/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3-sayt-gto-lichnyy-kabinet.png
user-gto.ru/wp-content/uploads/2018/06/ |
29 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4-sayt-gto-lichnyy-kabinet.png
user-gto.ru/wp-content/uploads/2018/06/ |
118 KB 118 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5-sayt-gto-lichnyy-kabinet.png
user-gto.ru/wp-content/uploads/2018/06/ |
78 KB 78 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6-sayt-gto-lichnyy-kabinet.png
user-gto.ru/wp-content/uploads/2018/06/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
7-sayt-gto-lichnyy-kabinet.png
user-gto.ru/wp-content/uploads/2018/06/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vh.png
user-gto.ru/lib/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2_300%D1%85600.jpg
user-gto.ru/wp-content/uploads/2023/10/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
banner.gif
user-gto.ru/wp-content/plugins/blockalyzer-adblock-counter/img/ads/ |
64 B 417 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
navigation.js
user-gto.ru/wp-content/themes/news-portal/assets/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.sticky.js
user-gto.ru/wp-content/themes/news-portal/assets/library/sticky/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sticky-setting.js
user-gto.ru/wp-content/themes/news-portal/assets/library/sticky/ |
302 B 587 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
skip-link-focus-fix.js
user-gto.ru/wp-content/themes/news-portal/assets/js/ |
714 B 814 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lightslider.min.js
user-gto.ru/wp-content/themes/news-portal/assets/library/lightslider/js/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
core.min.js
user-gto.ru/wp-includes/js/jquery/ui/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tabs.min.js
user-gto.ru/wp-includes/js/jquery/ui/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
np-custom-scripts.js
user-gto.ru/wp-content/themes/news-portal/assets/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
frontend.min.js
user-gto.ru/wp-content/plugins/q2w3-fixed-widget/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
c2a852b7-a785-4a72-8f58-4349e3c8f40e
https://user-gto.ru/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
ce4g6j97hi.ru/show/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
202 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hit
counter.yadro.ru/ Redirect Chain
|
140 B 626 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
menu-shadow.png
user-gto.ru/wp-content/themes/news-portal/assets/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff2
user-gto.ru/wp-content/themes/news-portal/assets/library/font-awesome/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
D4E54B.js
r.mradx.net/img/CF/ |
192 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
init.js
user-gto.ru/e13644de3da4dcd3c3f7fecc1d0e2d38/e1364/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-emoji-release.min.js
user-gto.ru/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 671 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 615 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
admin-ajax.php
user-gto.ru/wp-admin/ |
0 592 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
metrika_match.html
mc.yandex.com/metrika/ Frame 502E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
init.js
widget.info-static.ru/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
mc.yandex.com/watch/49430977/ Redirect Chain
|
483 B 979 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vkAuth.html
ad.mail.ru/dist/ Frame 36BA |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
ad.mail.ru/adq/ |
83 B 772 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
ad.mail.ru/web/adcontext/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
ad.mail.ru/adq/ |
83 B 450 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
ad.mail.ru/web/adcontext/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
ad.mail.ru/adq/ |
83 B 450 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
ad.mail.ru/web/adcontext/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
ad.mail.ru/adq/ |
83 B 450 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
ad.mail.ru/web/adcontext/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
settings.js
config.widget.info-app5shs.ru/ |
158 B 491 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
ad.mail.ru/adq/ |
83 B 450 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
ad.mail.ru/web/adcontext/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.a0d74d33.chunk.js
widget.info-app5shs.ru/js/ |
587 KB 179 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
56501437
mc.yandex.com/watch/ |
483 B 694 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
56501437
mc.yandex.com/watch/ |
43 B 87 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
/
geo-db.info-app5shs.ru/detected-cities/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
554 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
user-gto.ru/ |
1 KB 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
user-gto.ru/ |
1 KB 0 |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ce4g6j97hi.ru
- URL
- https://ce4g6j97hi.ru/show/?57418=58753&74878=51088&52390=%D0%93%D0%A2%D0%9E%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%E2%80%94%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%20%E2%80%94%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20user.gto.ru&87944
- Domain
- geo-db.info-app5shs.ru
- URL
- https://geo-db.info-app5shs.ru/detected-cities/?useIp=1&preload=1
Verdicts & Comments Add Verdict or Comment
92 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| BaGetCookie function| BaSetCookie object| _wpemojiSettings object| BaAjax function| jQuery object| MRGtag object| m5d6bd885e9dd3 function| f5d6bd885e9dd3 number| medtizer object| m5d6bd8a178be7 function| f5d6bd8a178be7 object| mtzBlocks function| lfgiTvF4PCORr89pF object| i05a70 object| q2w3_sidebar_options function| extendStatics function| __extends function| __assign function| reactive function| StaticOffsets function| DynamicOffsets string| StopWidgetClassName string| FixedWidgetClassName function| BaseWidget function| getWidgetContainer function| compatabilty_FW_v5 function| queryElements function| findWithProperty function| PositionWidget function| FixedWidget function| StickyWidget function| StopWidget function| Sidebar function| Sidebars function| onDocumentLoaded function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code function| MobileDetect boolean| ai_js_code string| _feedot function| ai_process_lists object| Ya object| yaCounter49430977 object| twemoji object| wp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| mailru_ad1723666868873 object| webpackJsonpFeedot boolean| FEEDOT_LOADED object| FEEDOT_SETTINGS function| ym object| yaCounter56501437 function| flatpickr object| __SENTRY__ object| gajus function| feedotCaptchaLoaded object| YSl0vmBABSH object| KbrdCoMxSY object| rXN4HnS4fdV object| bbELUa object| xWhnMECSUh object| O90hCM object| FEEDOT_META object| FEEDOT function| arrive function| unbindArrive function| leave function| unbindLeave26 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .yadro.ru/ | Name: FTID Value: 1clH6p1_zVur1clH6p001VjN |
|
| .yandex.ru/ | Name: i Value: VB9gYSjbWsfChYxLN0RIKMROLWAFIuqciLvvo8fHfi5z2oBJMWhxRW8KyVCH9pZq8QB7ci8eAh1Sb3v3FDmu2tSEm2M= |
|
| .yandex.ru/ | Name: yandexuid Value: 1205382981723666867 |
|
| .yandex.ru/ | Name: yashr Value: 1700509941723666867 |
|
| .yadro.ru/ | Name: VID Value: 3JPogh1C6dOr1clH6p001Vlk |
|
| .user-gto.ru/ | Name: _ym_uid Value: 1723666868523426997 |
|
| .user-gto.ru/ | Name: _ym_d Value: 1723666868 |
|
| user-gto.ru/ | Name: BaAdBlock Value: disabled |
|
| .mc.yandex.com/ | Name: sync_cookie_csrf Value: 1712743795fake |
|
| .user-gto.ru/ | Name: _ym_isad Value: 2 |
|
| .mc.yandex.ru/ | Name: sync_cookie_csrf Value: 578795275fake |
|
| .yandex.com/ | Name: yuidss Value: 1205382981723666867 |
|
| .yandex.com/ | Name: yp Value: 1723753268.yu.5159341811723666868 |
|
| .mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
| .yandex.com/ | Name: i Value: PjUWx+Fe7FTT6I+BGgzIzc8+1r5n74WPeheEF3/858kpCG6W7Fl1RnFKr4mGPwP8gj0OTLer+7Qsh/rl3wSyXwIdM/I= |
|
| .yandex.com/ | Name: yashr Value: 2698032671723666868 |
|
| mc.yandex.com/ | Name: yabs-sid Value: 432110171723666868 |
|
| .yandex.com/ | Name: yandexuid Value: 1205382981723666867 |
|
| .yandex.com/ | Name: ymex Value: 1726258868.oyu.5159341811723666868#1755202868.yrts.1723666868 |
|
| .yandex.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .mail.ru/ | Name: VID Value: 2Aj52n1cFJIQ0020sZ17aH2Q:::0-0-0-bd76a74-0-bd76a74:CAASED4l0y3aO94whLGhNNV7w70aYJvJ8kY8fiQplPLUgKMNUcWo1ERtPOaXOQ-UQaA3ZqEB18MMztDw3lyWtpuiJA8LIocJDytgEdtKljjLbPzz8gmSB2jiTekQhNKTPp7yjwc23PmXpqgW_6QnUtlOxeeX1g |
|
| .yandex.com/ | Name: bh Value: KgI/MGC1o/S1Bg== |
|
| user-gto.ru/ | Name: BaUniqueVisitor Value: a85173df0d |
|
| .vk.com/ | Name: remixlang Value: 3 |
|
| .vk.com/ | Name: remixstlid Value: 9064801103147271675_X0FE4FEdeCAZJKuImOa0uvizEY5fBdGduO8Mz8SQmD4 |
|
| .vk.com/ | Name: remixlns Value: 622388f981734ee080 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.mail.ru
ce4g6j97hi.ru
config.widget.info-app5shs.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
geo-db.info-app5shs.ru
mc.yandex.com
mc.yandex.ru
profit.newpushcashtop.ru
r.mradx.net
user-gto.ru
widget.info-app5shs.ru
widget.info-static.ru
www.user-gto.ru
ce4g6j97hi.ru
geo-db.info-app5shs.ru
116.202.32.31
194.58.98.46
2607:f8b0:4006:80a::2003
2607:f8b0:4006:81c::200a
2a00:1148:db00::17
2a00:1148:db00::28
2a02:6b8::1:119
87.251.82.212
87.251.82.213
88.212.201.198
04fad0894f9eb544ec602b504a3fa1aa5b1ec308ed6e35c45dd2e1f8c0484412
1849203e2a58a01582a99aec36e241efe2c7da02ae33741fcb663237cfbc9094
1a22936b316f4b38ed4482fb564ae2d340006043e3edb29e2b33d06c9c873f80
1d76a7c1439b5386707239518d34e50ffd434f66c185f58a1c6faf9867f73ec1
203b5367eb0c217063c8cb903a45cc64d37e28eed69e83db6e2435da916f51df
252a9c5743bbe817f26268593362d62f19b52e943711ccb48acecab5deac7b8a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ee5a6201ea7d2331185a1930ecdab64ede09bfb7d9fd2d14145beb667d51560
33dbacfb07151a2a622b23b20259b4b7b8f90cb6ee8e74507c51840698ffad13
43a24608e742c8adc12bc142cdbe6c8838100b1b507e954ab9965c8059896cf7
43b1f470361bbb4f8e948b00092e8d95edf1c4bdcee1e99c53627880a4979478
4be831c07ecf026aef3898a37ee034e55dbd35b5461dcc3701fe0101df719d9c
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
573686b2c958c4fbc7f25726f642ddb0e120971b805c8ff8cd341d98fd1c57ca
5b7f32e16b04b6d2c814c3fb4f2169605ca22760018d442fa77789db453404ee
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b
5df5fb20c8d2972433bd80d7036dead0a68766e722f5771b43645dd31161d5e9
5f64379224831ca1f833fd877854e2b1532aad9f60d642e863678fd6d14d6aea
5f86fbe6f9cda69add588670bf8a9781f83e7ed2fe7b1b07c4172fa6eb080bc9
7d479728863fff3e680af22f718bd0a7217715bb8f8e97381247b2150221af62
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
7fbce596895391f63c029c0c6fba5bb1f887dd128244b802f56470d4861e02e0
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a199dcd560d00d452354542c089877c4417e3527ae3b9801eb45ae5e2cfdf36
8a56a2a2a67746ef636112f6aa6db74a6f0e1c9ec6e3b6934fb165ab0c5989a6
8c69be794cf1f8c1ebe8a13b8ac6c5995edf21460ff6d291a17e5bf15b13b901
8ea7074984d3166a3a24aca9f266dbd23ecf0e19f028debebadf20ebba7cb67a
90eca824f05134bc97adfb7acf1bccdd37a9bf161ea021a1ca4f60370aecd402
951c7535527547a3b26979e84e5c0fa815cd25adad03ec75a87f49cbddabcf4c
960deecec99fa9f409481875149b5fc45c818119aea5bad16b1212b9e1bb8b71
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
a1ac109fb0da76a03eb39daecb548806675cda9793ad6bce4621c651746de08f
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
afa35cc266f46666daf9d60ee8d8e0ae341c8b0ac3b7821e1dd5f01d61639687
b51fc7d23744b6a1e7399b319cfe5e2f0a80ddac5ffa352628a75bbaa63d58e9
c328530ba5d0bf26098fde6754b280cac0098509a194b3f60fd555fee99b9b4a
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc0fea61dfa11909288040eeab295caf899cbf5d8ce7d07649519db384198df1
d4bf32f504ba214eef96665c9e4845c0c8ac5fd1945ab3141460ff678794dc49
d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
dd03dbd5bc6919a316c849f3f1276881f45da022abfc1c6620a0306c3e30c5a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee30de0a826081966aa58bd563d92e80a28a2af7415ad440889ddc1c0a3b5ef5
ef1bf816d64332f1219b906b2ae8bc9aa00611a783888d6837ee1afb6de623eb
f528316bdaaea23c650b93a77595119971b0b68374ea1747e61b0a36ae7e5202
f677441c0b626731f49c0e67448dc4dd085d7f017793d5d956076930e27baccf
f9f033942abc005b7f08bc9a470077fda85195d478b016a467573ef7634ab327
fc2c7fed7275d0c8a68e3a788a470e6a3242efe1b032903fe70e47007e232514
fceee152e9f741850bf9f7beb790f6bc83009bfd4a1ec8030cb63c7bf0790142
fe327b88e2af081a3049e36d9f31c8fc98bdd77faa693810aa684a2d3afcae90