andrei1.ru
Open in
urlscan Pro
37.140.192.110
Public Scan
Submission: On July 25 via api from KR
Summary
This is the only time andrei1.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN197695 (AS-REG, RU)
PTR: server65.hosting.reg.ru
andrei1.ru |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde333-2.fornex.org
ad.admitad.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
andrei1.ru
andrei1.ru |
150 KB |
8 |
google.com
apis.google.com www.google.com accounts.google.com |
134 KB |
7 |
travelpayouts.com
www.travelpayouts.com |
181 KB |
5 |
gstatic.com
fonts.gstatic.com ssl.gstatic.com |
39 KB |
5 |
avsplow.com
1 redirects
avsplow.com st.avsplow.com |
16 KB |
3 |
yadro.ru
2 redirects
counter.yadro.ru |
2 KB |
2 |
facebook.net
connect.facebook.net |
70 KB |
2 |
yandex.ru
1 redirects
www.yandex.ru |
2 KB |
2 |
ukrnames.com
1 redirects
www.ukrnames.com |
8 KB |
2 |
autodirection.ru
autodirection.ru |
2 KB |
1 |
facebook.com
www.facebook.com |
|
1 |
admitad-connect.com
cdn.admitad-connect.com |
16 KB |
1 |
admitad.com
1 redirects
ad.admitad.com |
173 B |
1 |
ddos-guard.net
ddos-guard.net |
3 KB |
0 |
takru.com
Failed
z1120.takru.com Failed |
|
68 | 15 |
Domain | Requested by | |
---|---|---|
33 | andrei1.ru |
andrei1.ru
|
7 | www.travelpayouts.com |
andrei1.ru
www.travelpayouts.com |
6 | apis.google.com |
andrei1.ru
apis.google.com accounts.google.com |
4 | fonts.gstatic.com |
www.travelpayouts.com
|
4 | avsplow.com |
1 redirects
andrei1.ru
st.avsplow.com |
3 | counter.yadro.ru |
2 redirects
andrei1.ru
|
2 | connect.facebook.net |
andrei1.ru
connect.facebook.net |
2 | www.yandex.ru |
1 redirects
andrei1.ru
|
2 | www.ukrnames.com |
1 redirects
andrei1.ru
|
2 | autodirection.ru |
andrei1.ru
|
1 | ssl.gstatic.com |
accounts.google.com
|
1 | accounts.google.com |
apis.google.com
|
1 | www.google.com |
apis.google.com
|
1 | www.facebook.com |
connect.facebook.net
|
1 | cdn.admitad-connect.com |
andrei1.ru
|
1 | ad.admitad.com | 1 redirects |
1 | st.avsplow.com |
www.travelpayouts.com
|
1 | ddos-guard.net |
andrei1.ru
|
0 | z1120.takru.com Failed |
andrei1.ru
|
68 | 19 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ddos-guard.net Sectigo RSA Domain Validation Secure Server CA |
2021-06-30 - 2022-07-31 |
a year | crt.sh |
*.ukrnames.com Sectigo RSA Domain Validation Secure Server CA |
2021-06-01 - 2022-07-01 |
a year | crt.sh |
yandex.ru Yandex CA |
2021-03-18 - 2021-09-16 |
6 months | crt.sh |
*.travelpayouts.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-02 - 2022-02-07 |
2 years | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-09-02 - 2021-09-02 |
a year | crt.sh |
*.apis.google.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
counter.yadro.ru R3 |
2021-05-29 - 2021-08-27 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-05-26 - 2021-08-24 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
accounts.google.com GTS CA 1O1 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
http://andrei1.ru/
Frame ID: 45074E762BCEC9A0D64E77B16F958177
Requests: 71 HTTP requests in this frame
Frame:
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&annotation=inline&width=300&hl=ru&origin=http%3A%2F%2Fandrei1.ru&url=http%3A%2F%2Fandrei1.ru%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Frame ID: 6EC1D61129359B57FC72ED27619EF7A6
Requests: 2 HTTP requests in this frame
Frame:
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fandrei1.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Frame ID: 046C9ED2BA1B101E70EDA5FEFE8346D9
Requests: 4 HTTP requests in this frame
Screenshot
Detected technologies
vBulletin (Message Boards) ExpandDetected patterns
- meta generator /vBulletin ?([\d.]+)?/i
PHP (Programming Languages) Expand
Detected patterns
- meta generator /vBulletin ?([\d.]+)?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Plus (Widgets) Expand
Detected patterns
- script /apis\.google\.com\/js\/[a-z]*\.js/i
YUI (JavaScript Libraries) Expand
Detected patterns
- script /(?:\/yui\/|yui\.yahooapis\.com)/i
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Домашняя страница
Search URL Search Domain Scan URL
Title: Домашняя страница
Search URL Search Domain Scan URL
Title: Домашняя страница
Search URL Search Domain Scan URL
Title: Домашняя страница
Search URL Search Domain Scan URL
Title: Домашняя страница
Search URL Search Domain Scan URL
Title: Домашняя страница
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: vBulletin®
Search URL Search Domain Scan URL
Title: zCarot
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 29- http://www.ukrnames.com/banners/banner_468x60_01_01.gif HTTP 301
- https://www.ukrnames.com/banners/banner_468x60_01_01.gif
- http://www.yandex.ru/cycounter?andrei1.ru HTTP 302
- https://www.yandex.ru/cycounter?andrei1.ru
- http://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22f53572c0fad5ab67b3bbad96c1a98b24%22%2C%22trace_id%22%3A%22Zzd8f20abd3ca64d529623ba2-123594%22%2C%22promo_id%22%3A%224238%22%7D%7D%5D%7D HTTP 302
- http://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22f53572c0fad5ab67b3bbad96c1a98b24%22,%22trace_id%22:%22Zzd8f20abd3ca64d529623ba2-123594%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
- https://ad.admitad.com/shuffle/4f11421405/?inject_to=admitad_shuffle72806028 HTTP 302
- https://cdn.admitad-connect.com/public/default/banners/2010/03/04/9631515f7fdfe88e44dccb6575ba17bd.jpg
- http://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//andrei1.ru/;0.883322504989922 HTTP 302
- https://counter.yadro.ru/hit?t52.6;r;s1600*1200*24;uhttp%3A//andrei1.ru/;0.883322504989922 HTTP 302
- https://counter.yadro.ru/hit?q;t52.6;r;s1600*1200*24;uhttp%3A//andrei1.ru/;0.883322504989922
- http://connect.facebook.net/ru_RU/sdk.js HTTP 307
- https://connect.facebook.net/ru_RU/sdk.js
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
andrei1.ru/ |
80 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vbulletin-core.js
andrei1.ru/clientscript/ |
51 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.php
andrei1.ru/ |
83 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vbulletin_read_marker.js
andrei1.ru/clientscript/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.php
andrei1.ru/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.php
andrei1.ru/ |
1 KB 858 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vbulletin4_logo.png
andrei1.ru/images/misc/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vbulletin_md5.js
andrei1.ru/clientscript/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook_login.gif
andrei1.ru/images/misc/ |
1016 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ddos-protection-long.png
ddos-guard.net/images/logos/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search.png
andrei1.ru/images/buttons/ |
211 B 512 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navbit-home.png
andrei1.ru/images/misc/ |
241 B 542 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hscript.jpg
andrei1.ru/foto/ |
45 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forum_old_lock-48.png
andrei1.ru/images/statusicon/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f53572c0fad5ab67b3bbad96c1a98b24.js
www.travelpayouts.com/widgets/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lastpost-right.png
andrei1.ru/images/buttons/ |
224 B 525 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
in.php
z1120.takru.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yuiloader-dom-event.js
andrei1.ru/clientscript/yui/yuiloader-dom-event/ |
60 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
connection-min.js
andrei1.ru/clientscript/yui/connection/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stroka01.png
autodirection.ru/wp-content/uploads/2012/11/ |
813 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stroka02.png
autodirection.ru/wp-content/uploads/2012/11/ |
714 B 947 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
users_online.png
andrei1.ru/images/misc/ |
678 B 980 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
birthday.png
andrei1.ru/images/misc/ |
623 B 925 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forum_stats.png
andrei1.ru/images/misc/ |
488 B 790 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
legend.png
andrei1.ru/images/misc/ |
404 B 706 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forum_new-16.png
andrei1.ru/images/statusicon/ |
492 B 794 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forum_old-16.png
andrei1.ru/images/statusicon/ |
504 B 806 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forum_lock-16.png
andrei1.ru/images/statusicon/ |
575 B 877 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
category-16.png
andrei1.ru/images/statusicon/ |
638 B 940 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
forum_link-16.png
andrei1.ru/images/statusicon/ |
572 B 874 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner_468x60_01_01.gif
www.ukrnames.com/banners/ Redirect Chain
|
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cycounter
www.yandex.ru/ Redirect Chain
|
942 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cron.php
andrei1.ru/ |
43 B 209 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vbulletin_facebook.js
andrei1.ru/clientscript/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gradient-grey-down.png
andrei1.ru/images/gradients/ |
182 B 483 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
newbtn_middle.png
andrei1.ru/images/buttons/ |
95 B 395 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
selected-tab-gradient-with-top-alpha.png
andrei1.ru/images/gradients/ |
212 B 513 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow.png
andrei1.ru/images/misc/ |
116 B 417 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grey-up.png
andrei1.ru/images/gradients/ |
95 B 395 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
www.travelpayouts.com/mewtwo/ |
169 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f53572c0fad5ab67b3bbad96c1a98b24.js
www.travelpayouts.com/widgets_static/ |
318 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f53572c0fad5ab67b3bbad96c1a98b24.js
www.travelpayouts.com/widgets_static/ |
319 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
j.gif
avsplow.com/a/ Redirect Chain
|
43 B 519 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sp.js
st.avsplow.com/19.18.9/ |
42 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
whereami
www.travelpayouts.com/ |
141 B 394 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logos.css
www.travelpayouts.com/mewtwo/ |
116 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v13/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
611 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
381 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
129 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
180 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MTP_ySUJH_bn48VBG8sNShdwxCXfZpKo5kWAx_74bHs.woff2
fonts.gstatic.com/s/opensans/v13/ |
6 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RjgO7rYTmqiVp7vzi-Q5UYX0hVgzZQUfRDuZrPvH3D8.woff2
fonts.gstatic.com/s/opensans/v13/ |
6 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MTP_ySUJH_bn48VBG8sNShampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v13/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
503 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
635 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
261 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
704 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
as_white.png
www.travelpayouts.com/powered_by/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
j
avsplow.com/a/ |
2 B 457 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
j
avsplow.com/a/ |
2 B 457 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9631515f7fdfe88e44dccb6575ba17bd.jpg
cdn.admitad-connect.com/public/default/banners/2010/03/04/ Redirect Chain
|
16 KB 16 KB |
Script
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plusone.js
apis.google.com/js/ |
54 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hit
counter.yadro.ru/ Redirect Chain
|
377 B 863 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/ru_RU/ Redirect Chain
|
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gradient-greytowhite.png
andrei1.ru/images/gradients/ |
98 B 398 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
sdk.js
connect.facebook.net/ru_RU/ |
232 KB 68 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ |
149 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ |
96 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 6EC1 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 6EC1 |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postmessageRelay
accounts.google.com/o/oauth2/ Frame 046C |
566 B 882 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2038943760-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 046C |
10 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
rpc:shindig_random.js
apis.google.com/js/ Frame 046C |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame 046C |
50 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- z1120.takru.com
- URL
- http://z1120.takru.com/in.php?id=1125083
Verdicts & Comments Add Verdict or Comment
210 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| yuipath string| yuicombopath boolean| remoteyui string| SESSIONURL string| SECURITYTOKEN string| IMGDIR_MISC string| IMGDIR_BUTTON number| vb_disable_ajax string| SIMPLEVERSION string| BBURL boolean| LOGGEDIN string| THIS_SCRIPT string| RELPATH object| PATHS string| AJAXBASEURL object| YAHOO undefined| names object| vbphrase object| vB_Editor boolean| ignorequotechars number| pagenavcounter boolean| is_regexp boolean| AJAX_Compatible object| viewport_info number| vB_Default_Timeout string| userAgent boolean| is_opera boolean| is_saf boolean| is_webtv boolean| is_ie boolean| is_ie4 boolean| is_ie7 boolean| is_ie6 boolean| is_ps3 boolean| is_moz boolean| is_kon boolean| is_ns boolean| is_ns4 boolean| is_mac string| pointer_cursor function| fetch_object function| fetch_tags function| crc32 function| fetch_tag_count function| do_an_e function| e_by_gum function| validatemessage function| stripcode function| truncate_to_word function| vB_PHP_Emulator function| vB_AJAX_Handler function| is_ajax_compatible function| vBulletin_AJAX_Error_Handler function| vB_Hidden_Form function| vB_Select_Overlay_Handler function| openWindow function| getBaseUrl function| js_open_help function| attachments function| who function| imwindow function| SendMSNMessage function| AddMSNContact function| detect_caps_lock function| log_out function| set_cookie function| set_subcookie function| fetch_subcookie function| delete_cookie function| fetch_cookie function| js_toggle_all function| js_select_all function| js_check_all function| js_check_all_option function| checkall function| checkall_option function| resize_textarea function| region_intersects function| fetch_viewport_info function| clear_viewport_info function| center_element function| fetch_all_stylesheets function| highlight_login_box function| toggle_collapse function| vBpagenav function| vbmenu_register function| string_to_node function| set_unselectable function| fetch_sessionhash function| previousSibling function| nextSibling function| construct_phrase function| switch_id function| child_img_alt_2_title function| img_alt_2_title function| do_securitytoken_replacement function| handle_securitytoken_response function| handle_securitytoken_error number| securitytoken_timeout number| securitytoken_errors function| fetch_ajax_url function| replace_securitytoken function| Comment_Init function| vBulletin_init function| vBulletin_Framework object| PHP object| vBulletin function| handle_dismiss_notice_error function| handle_dismiss_notice_ajax function| dismiss_notice function| page_jump function| loadVbCss object| vB_XHTML_Ready function| init_breadcrumb function| register_inlinemod function| register_inlinemod_checkboxes function| InlineModCollection function| InlineModControl function| init_searchboxes function| init_popupmenus function| PopupFactory function| PopupMenu function| init_collapsers function| vBCollapseFactory function| vBCollapse function| apply_collapses function| PostBit_Init function| init_restrain function| vBRestrain object| vB_ReadMarker function| vB_AJAX_ReadMarker function| mark_forum_read function| init_forum_readmarker_icon function| init_forum_readmarker_system function| vB_AJAX_ForumReadMarker function| mark_forum_and_threads_read number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 function| str_to_ent function| trim function| md5hash function| navbar_username_focus function| navbar_username_blur function| navbar_password_hint function| navbar_password object| TP_PERF_METRICS object| mewtwo boolean| mewtwoFormsInitialized boolean| mewtwoFormsStylesLoaded object| GSN function| mamka object| mewtwoForms function| ResizeSensor object| TP_POWERED_BY_DATA string| subID string| injectTo string| subid_block object| ___gcfg function| vB_Facebook function| loadFacebookAPI function| fbAsyncInit string| cookie_name number| cookie_length number| cookie_begin object| FB object| gapi object| ___jsl object| ___gu object| vBfb object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.google.com/ | Name: NID Value: 219=kkH6Txr8ZZlxj53fuCb3TC3AMMAl35ybtruOuWrtR04S0vhu0ZZjokHKELWkpiSnph1bYipParzS-ZbN0Hdg0aB_Y8R3dbiYzPGckzCtaEerb1GqfiJRhuXuSRiSKCSwGmLFRxZoTiO6H-VvRWYLw8pyMJzrdDuw2-tOTr6hIeU |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
ad.admitad.com
andrei1.ru
apis.google.com
autodirection.ru
avsplow.com
cdn.admitad-connect.com
connect.facebook.net
counter.yadro.ru
ddos-guard.net
fonts.gstatic.com
ssl.gstatic.com
st.avsplow.com
www.facebook.com
www.google.com
www.travelpayouts.com
www.ukrnames.com
www.yandex.ru
z1120.takru.com
z1120.takru.com
109.94.209.53
172.255.224.36
185.26.99.58
186.2.163.99
188.42.198.44
195.123.6.10
2606:4700:20::681a:4af
2606:4700:20::681a:677
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:808::200d
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a02:6b8:a::a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
37.140.192.110
88.212.201.198
0241512023dd49e6173d626909e0ad05bfe27880ceb520314716414ed7076bf8
08eb8fe3386435b28e9ed65b968acf7011f5ec46f76272e53de8bc99f97a8e19
0be7e0b11f684827e3b7d40e0d80fc8b7acfb76d4d49d2c92c43090f34c1e277
1157556a79b9b9ed1f42f16a1b72326d21a57cf5efcef8c4d3b54264d2d4b94c
15a95ef0cf34ea2751d85f0e50bc72df8330994296fa454ce4a4289f5b06f8f6
1a951de32e0a6cb55c60362646a3fdcf1252c252c8b6e6d36b8bd6c55b4f191b
216a5680d82feb26f8b030a9a84c81f2648ff27aadc77dd360ceeab664f2839a
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28add160ac626b83c6f7ce827f0c0cb8bf6f7914b140c0bd242f59d545ba3d77
2f1ffc47d9961707bd65e28df3de9ab492cfea4f9afa373e6f1b85b89f0a32b2
307521e881ee43dcf6a9f1f7d4cada47f8e279c7aa752c69489706e65d3adc50
38aff8c93f5985435d23a8fcdd558972eb2b6de616a8fd42f4551f96b0ac83bf
417e156e282af4b7d146d16b8fc9505255de2d8d085d40e37afe5089b8fe9b77
495e63c4f1981718699549569dfc5403860bd6932957b44142c359312f33fdb4
4caa591772834bd4d94a6f8340c09aac29a20feb044134bf13e368a5457b63b7
577531aa6d543e84e0fb30a24563d72f46ccbfe3c78a6fcd462a503e2708a4ff
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
5cf35d6276f52c1d89ab1e69d9b3289e4ecb646e9429de4e6562f45134fddd12
5dacf50513f743fb18061f70d9cd96d16ee3ef785271d75063640070cf4e149f
5fbe0c6f6112b7150e88546836a58cafa701d3658485a84d6edce90df2d2b5be
6796e430c14ff23d2a9fae3a378b82c3bb49bd99c77c28b5be6c01f2675f6e12
6d748d4cc01600579e103eb27cbf7a78cd7d6da2d1413f04221e5ecf8d4745f0
6e4ed9f4271f22c3bb4405155731f16c131e71d4c752060017496c0bbd2d5c85
7277c68f0fdd084822a05a7fbf0be4a8889c3f5d1afc40085406403706b113b8
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
75fc384c8b2f47fcbdc7291162c2e8a3879a67a82e2b3db3067684ff852206ce
7821af474aa928dbf032a1989000c9ded519a5cb2fd1e095d115627c212d7149
7aba1186b73911d9422fbdef504b34963dc896c16c53daacb94c06d304b3653c
7cf091bc99ccb372dc2513256f454eecaf1a2607a8f1a8e195283f9e55117c30
7e73755edf992263cf15e5a28b8619bcb995fea21a4706004b100ea90f22b7eb
82bda936766a73cb432c6262b61be487afb67032f7237b555890f323ee4f090e
8c25471d91ff24bafb086f4ed5287abbe1fa57d67e9dff723ef64019ad46a67e
8f90ca8086e3a8827af8a77f407a2a9533d6c507b22c369f8741b6b83133db66
953af01affd97621869fdb141a98da9fd0e2a1417ae0e3f27c0c3cd49032f5af
95b36dfcfb36dee40265facb2dd14029b18df6f10c1413d7046f4af67534b78d
9648446cf73c35ef331ed5fc53fb53b06f5cdb11af3d7b64f5d54ae24758b449
9690fbba251e2486d4de6241d68d3945eb644f575b4e9bd3a84bd42e139f8fb9
979d41745a8c01326616249fb13fee7e08f457496933aeb008bd6f49bbb23b87
9bf68fb58071cbd6a4e89dd114be1630fef2d40aa61ced761b4e7344a4f842f9
a409c3b0ade0fb3fff86dcfc2d87dabb6baa996e6977b82ee9d87b6bef8d6076
a58cffc197b177e8683ae1d8aed28cb95f9b143c964fd33fd9d06a88537f6eb1
a7dcd3ed9efa31cc8f378e71beff602b4f56ccdda1a2e1ac628d9243712ddb0e
a9afcfd025cb85224127570db404b5559c26bb95aa8f0adec156750807a84264
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
accdd04682eadc3b93e20ef724cb8efae153f42465f91fb0341a2fb7f95e1525
b7eb4c066d9e132ed24b23950fa1fb9c1e403faac94a2e3e38408ba51d54bb5f
c1287adfc1c6761dcb4221e342113981bfcf6067e0f65adbf417674f5e83da4d
c22b83b631a5293a1acd2dd2e6e8d19f254d46990b5e2115d572fc24a6a2c461
c85826f4126be1fbe84f09341f1c93e26c763854b672fc220374e3699e29390c
ca1d007a9012812fd1db6a7ec3aaf0300e9237f943ace3f5f38cb972cc435ba5
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb1b0f21808971d807a09b2dfee6b4caf98ba0e72ff30f174d7dbd8e060a6293
cd67ee7ca8d8e8492d61c34033243e78d6f478551aaba5ee30367cc47c53f4e0
d197d86dd0257b43f6ec34f257b68f1ba315caa3e01874e5176d4028bb1ae4bf
d4df352899ee8b2758cc3d0de5cc2dea922d170c9cd6768930aed32a4df0b346
d64da5d3718b469d45f74bdf968bd557eed1d6c9c86df1814a1f492835a609b7
d960be83bbe3a3f674a200862b0d835a58d56a4b9cff2cbbdf6ac2360590ef00
d99dccc4af2dcb8e3b64249fb88549b5f0368708eec4b4c0acadc177b3ddce75
daa15324da98ae971f5e45cf7f9966acb39cc6880a44011154895b0770d3471f
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
ded3de6711e90ee906834dbd64ff18636b3f1a2463825e13f2fa0600417bfe2f
e345df69bc7e03c6fb150a526675c88e4bed7136aa3b1eb21f68f1a6a4204d23
e360f61a958df18009f398ac821dd55a2a3afc3e90e25b01d0e0df2c50f340d2
e6bb914a60890b63e904defe37b2cf8f3e589de0812d1398a03895b406f6a97c
eca5ac86fcc7f61309f8631b9467fc5229d1e31992faffd5a7aac0376a34ca5a
f16e1cb28067e3d13d953e07794d6b724aa73a2965e68ea7373259c1b8ec5dbf
f6390c8d956a7f64e65782ade728dd1c30881b91d6c155e8b00930277fd74bef
f695dfccbe824aa44a80587ab07cee8a27aa687279001af812ccf466033212f6
fb0768b04af92d670757d4b1289d6745e27b474e4fb15eff5306d9e57226d9b2
fb432059c9bdd74aaef1675d94feb129da167ad53f758ac3400325fac387cf8a
fc82df2f8041f07089f9f1de17bde75873054929b9b291768798401c210a7cd5
fd338f829b37a85daaccdfd14453413263221708c477ff625bd998a16c7482f8
fddcb1ff62db7f66616da794e034489b0fcf2c00cf800a8a24ab5bdfb67d47aa