Submitted URL: http://t.eflyermaker.com//ctx/p/z/w9nqwk/n/q2rrr/n/t.htm
Effective URL: https://kitrum.com/?eflyer_rand=1885391538
Submission: On March 13 via manual from BE

Summary

This website contacted 13 IPs in 6 countries across 15 domains to perform 44 HTTP transactions. The main IP is 31.41.216.78, located in Ukraine and belongs to BESTHOSTING-AS, UA. The main domain is kitrum.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 24th 2020. Valid for: 3 months.
This is the only time kitrum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
25 kitrum.com 1 redirects kitrum.com
5 www.socialintents.com kitrum.com
www.socialintents.com
3 fonts.gstatic.com kitrum.com
3 connect.facebook.net kitrum.com
connect.facebook.net
2 www.facebook.com kitrum.com
connect.facebook.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 www.goodfirms.co kitrum.com
1 goodfirms.co 1 redirects
1 widget.clutch.co kitrum.com
1 www.google.de kitrum.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 sc.lfeeder.com kitrum.com
1 fonts.googleapis.com kitrum.com
1 www.googletagmanager.com kitrum.com
1 t.eflyermaker.com 1 redirects
44 16
Subject Issuer Validity Valid
kitrum.com
Let's Encrypt Authority X3
2020-02-24 -
2020-05-24
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh
*.socialintents.com
Amazon
2020-01-17 -
2021-02-17
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-01-16 -
2020-04-15
3 months crt.sh
*.lfeeder.com
Amazon
2019-10-02 -
2020-11-02
a year crt.sh
*.google.com
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh
www.google.de
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh
*.clutch.co
Amazon
2019-10-16 -
2020-11-16
a year crt.sh
ssl426220.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-04 -
2020-05-12
6 months crt.sh

This page contains 3 frames:

Primary Page: https://kitrum.com/?eflyer_rand=1885391538
Frame ID: 0E2BF990B94522D9EAB9320EED53AE5B
Requests: 51 HTTP requests in this frame

Frame: https://widget.clutch.co/widgets/get/2?ref_domain=kitrum.com&uid=589341
Frame ID: B6780898535058BEDFC90B5402377DE2
Requests: 1 HTTP requests in this frame

Frame: https://www.goodfirms.co/widgets/get/12425/goodfirms-widget-t6/star-no-review-line
Frame ID: 7CE39F3D54983967AF4D69230850E1E3
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://t.eflyermaker.com//ctx/p/z/w9nqwk/n/q2rrr/n/t.htm HTTP 302
    http://kitrum.com/?eflyer_rand=1885391538 HTTP 301
    https://kitrum.com/?eflyer_rand=1885391538 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

16
Subdomains

13
IPs

6
Countries

1420 kB
Transfer

2876 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.eflyermaker.com//ctx/p/z/w9nqwk/n/q2rrr/n/t.htm HTTP 302
    http://kitrum.com/?eflyer_rand=1885391538 HTTP 301
    https://kitrum.com/?eflyer_rand=1885391538 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=121526112&t=pageview&_s=1&dl=https%3A%2F%2Fkitrum.com%2F%3Feflyer_rand%3D1885391538&ul=en-us&de=UTF-8&dt=KitRUM%20%E2%80%93%20Software%20Development%20And%20Outsourcing%20Company&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1479808193&gjid=545182207&cid=8722781.1584087514&tid=UA-131266556-1&_gid=934786520.1584087514&_r=1&gtm=2ou340&z=1654056829 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-131266556-1&cid=8722781.1584087514&jid=1479808193&_gid=934786520.1584087514&gjid=545182207&_v=j81&z=1654056829 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131266556-1&cid=8722781.1584087514&jid=1479808193&_v=j81&z=1654056829 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131266556-1&cid=8722781.1584087514&jid=1479808193&_v=j81&z=1654056829&slf_rd=1&random=3448173225
Request Chain 46
  • https://goodfirms.co/widgets/get/12425/goodfirms-widget-t6/star-no-review-line HTTP 301
  • https://www.goodfirms.co/widgets/get/12425/goodfirms-widget-t6/star-no-review-line

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
kitrum.com/
Redirect Chain
  • http://t.eflyermaker.com//ctx/p/z/w9nqwk/n/q2rrr/n/t.htm
  • http://kitrum.com/?eflyer_rand=1885391538
  • https://kitrum.com/?eflyer_rand=1885391538
91 KB
13 KB
Document
General
Full URL
https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx / PHP/5.6.40
Resource Hash
ffb6b7423389750466eed09e727a9d4d785e01aaaaec0a62e05323dcce2924ef

Request headers

:method
GET
:authority
kitrum.com
:scheme
https
:path
/?eflyer_rand=1885391538
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=do6h9hhvcp4j7afmt3abqp6hb3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 13 Mar 2020 08:18:33 GMT
content-type
text/html; charset=UTF-8
content-length
12982
x-powered-by
PHP/5.6.40
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
link
<https://kitrum.com/wp-json/>; rel="https://api.w.org/", <https://kitrum.com/>; rel=shortlink
vary
Accept-Encoding,User-Agent
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 13 Mar 2020 08:18:32 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
X-Powered-By
PHP/5.6.40
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=do6h9hhvcp4j7afmt3abqp6hb3; path=/
Location
https://kitrum.com/?eflyer_rand=1885391538
Vary
User-Agent
autoptimize_1549780cd5a371b85883f4b43e8cfafe.css
kitrum.com/wp-content/cache/autoptimize/css/
355 KB
62 KB
Stylesheet
General
Full URL
https://kitrum.com/wp-content/cache/autoptimize/css/autoptimize_1549780cd5a371b85883f4b43e8cfafe.css
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
a61cdd9f93da4b19ba2c99206445831456ff039af899b2cabcaa5e435900ed3b

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
content-encoding
gzip
last-modified
Fri, 13 Dec 2019 16:42:16 GMT
server
nginx
etag
W/"5df3bf68-58ba0"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1209600
expires
Fri, 27 Mar 2020 08:18:33 GMT
autoptimize_a3ec88c546e0dfef62a04508866d7f2b.css
kitrum.com/wp-content/cache/autoptimize/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://kitrum.com/wp-content/cache/autoptimize/css/autoptimize_a3ec88c546e0dfef62a04508866d7f2b.css
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
921f90b03af135d2e25e74c709326f1b53aa111672773a20dcc282c78a2d61ea

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
content-encoding
gzip
last-modified
Fri, 13 Dec 2019 16:42:16 GMT
server
nginx
etag
W/"5df3bf68-4f5d"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1209600
expires
Fri, 27 Mar 2020 08:18:33 GMT
autoptimize_single_ee35afb4a3868ba6fbc92bb2991a15af.css
kitrum.com/wp-content/cache/autoptimize/css/
152 KB
17 KB
Stylesheet
General
Full URL
https://kitrum.com/wp-content/cache/autoptimize/css/autoptimize_single_ee35afb4a3868ba6fbc92bb2991a15af.css?ver=5d921d15e748e
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
df61ef4c363fce59355732bafbb4ada6e32b6110099ffd3186100c41061a8974

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
content-encoding
gzip
last-modified
Fri, 13 Dec 2019 16:42:15 GMT
server
nginx
etag
W/"5df3bf67-25e9d"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1209600
expires
Fri, 27 Mar 2020 08:18:33 GMT
jquery.js
kitrum.com/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://kitrum.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
content-encoding
gzip
last-modified
Thu, 05 Sep 2019 09:32:15 GMT
server
nginx
etag
W/"5d70d61f-17a6a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1209600
expires
Fri, 27 Mar 2020 08:18:33 GMT
js
www.googletagmanager.com/gtag/
75 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-131266556-1
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
753114dc0f885bfa1963394d6769bd1bc89483bd635e04f5ec4c14cb6c50e37c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 08:18:34 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28540
x-xss-protection
0
last-modified
Fri, 13 Mar 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Mar 2020 08:18:34 GMT
socialintents.1.3.js
www.socialintents.com/api/
5 KB
2 KB
Script
General
Full URL
https://www.socialintents.com/api/socialintents.1.3.js
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.248.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-248-100.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
31d32857a30a401dd36459791b01a7c8de6ff8e6614994e53e6983747b8e0b4e

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 08:18:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Mar 2020 23:52:34 GMT
Server
nginx/1.16.1
ETag
W/"5274-1583884354000"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
1739
autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
kitrum.com/wp-content/cache/autoptimize/js/
430 KB
109 KB
Script
General
Full URL
https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
58ec147c675581ed01d2a0149fd56850657184b6b5319b5bd95944e5f470946b

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 11:56:31 GMT
server
nginx
etag
W/"5e43e7ef-6b8a5"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1209600
expires
Fri, 27 Mar 2020 08:18:33 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bbc1ede5c163301e776b1bd1307275e343af6a94e38e470a3530dbc78bf0959

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f07e4b5a68397fa31f1e11cb04267e6de3bda2f1a82d684163b783b2620d9fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
85aa0b7083e634ba82797f3de6fe920a8a360d1267f2ecb2f97f541ab85a8a9e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
64 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be48aa20ca2b0f5c40569e86ede656a8f35bc16eb86d471b7291bf714e9b56d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a96ef836322edb2ec2afd5058d64039ebd8cf7248ad3e6c22ddc3fb97d0a52f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5fc47005ba5949324040ab3a58173102bb52cf4243d45f78245d56b9a4275a2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
201cca51d07dad4d3a75b10ee802617404b214805dca07722082a0a52dee3221

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7eee205b689af1ea2a6ce7c7a0c06cf9fed3ed39ef6a5e6e02b5eb7f78fefce7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
entypo-fontello.woff
kitrum.com/wp-content/themes/enfold-4/config-templatebuilder/avia-template-builder/assets/fonts/
30 KB
30 KB
Font
General
Full URL
https://kitrum.com/wp-content/themes/enfold-4/config-templatebuilder/avia-template-builder/assets/fonts/entypo-fontello.woff
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee

Request headers

Referer
https://kitrum.com/wp-content/cache/autoptimize/css/autoptimize_1549780cd5a371b85883f4b43e8cfafe.css
Origin
https://kitrum.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 14 Dec 2018 01:19:54 GMT
server
nginx
etag
"5c13053a-7854"
content-type
application/font-woff
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
30804
expires
Fri, 27 Mar 2020 08:18:33 GMT
css
fonts.googleapis.com/
5 KB
784 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76c828df931848541d008f5df340db07e1fd29788cd50f9f86198c9c452fdc9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Mar 2020 08:18:34 GMT
server
ESF
date
Fri, 13 Mar 2020 08:18:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Mar 2020 08:18:34 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
bZ6Ppegtuzq5kdom5GlHO3nbCDFwCXILTZf/AQ98hH2DBCKXkQTmi93M4kw7YbagZmMlq6t3JEYw1NhJttfl5w==
x-fb-trip-id
420120009
date
Fri, 13 Mar 2020 08:18:34 GMT, Fri, 13 Mar 2020 08:18:34 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131266556-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6303
date
Fri, 13 Mar 2020 06:33:31 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Fri, 13 Mar 2020 08:33:31 GMT
logo_KitRUM_Done-300x151.png
kitrum.com/wp-content/uploads/2016/05/
21 KB
22 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2016/05/logo_KitRUM_Done-300x151.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
323ea4f1a02635654c98ffc2f964c237d57991f5d1c0f0789cb662e754341495

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 14 Dec 2018 00:57:46 GMT
server
nginx
etag
"5c13000a-5592"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
21906
expires
Fri, 27 Mar 2020 08:18:33 GMT
business-team-kitrum.jpg
kitrum.com/wp-content/uploads/2018/11/
149 KB
150 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2018/11/business-team-kitrum.jpg
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
9bc6fd4e8fc2f4f4589417384c0417c27bbf96679a5c968a9c6afb8cba6745cd

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Wed, 27 Feb 2019 11:32:43 GMT
server
nginx
etag
"5c76755b-255f2"
content-type
image/jpeg
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
153074
expires
Fri, 27 Mar 2020 08:18:33 GMT
our-dev-center.jpg
kitrum.com/wp-content/uploads/2018/11/
85 KB
85 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2018/11/our-dev-center.jpg
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
4631039bb8f59462a9c5bfd51b95f59d6d44a6062203112301400389bfad07ac

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Wed, 27 Feb 2019 11:34:39 GMT
server
nginx
etag
"5c7675cf-15449"
content-type
image/jpeg
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
87113
expires
Fri, 27 Mar 2020 08:18:33 GMT
extra-hands.jpg
kitrum.com/wp-content/uploads/2018/11/
108 KB
109 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2018/11/extra-hands.jpg
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
9b92d62950b752b05e9d93c12cac81bf662e22ba50f0516fb87321991a0eb507

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Wed, 27 Feb 2019 11:33:48 GMT
server
nginx
etag
"5c76759c-1b19f"
content-type
image/jpeg
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
111007
expires
Fri, 27 Mar 2020 08:18:33 GMT
build-team.jpg
kitrum.com/wp-content/uploads/2018/11/
70 KB
70 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2018/11/build-team.jpg
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
7cb1261cd496c7cba62f8541a7ed93c7253f910a1f577f797ab8e75df8ff1906

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Wed, 27 Feb 2019 11:35:36 GMT
server
nginx
etag
"5c767608-11835"
content-type
image/jpeg
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
71733
expires
Fri, 27 Mar 2020 08:18:33 GMT
flutter-495x400.png
kitrum.com/wp-content/uploads/2019/05/
31 KB
31 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/05/flutter-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
a3dc0cdebf58aee4a2e4dc02b2a3dc7948e756f016596b8c9271644068c67636

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 16:02:46 GMT
server
nginx
etag
"5df3b626-7a4c"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
31308
expires
Fri, 27 Mar 2020 08:18:33 GMT
dating-495x400.png
kitrum.com/wp-content/uploads/2019/05/
49 KB
49 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/05/dating-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
1f64e2a73ed778e839b497146099d220c9883b23581183571898fe35811ad3b7

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 14:52:22 GMT
server
nginx
etag
"5df3a5a6-c3fa"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
50170
expires
Fri, 27 Mar 2020 08:18:33 GMT
flutter-for-recruting-495x400.png
kitrum.com/wp-content/uploads/2019/04/
24 KB
24 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/04/flutter-for-recruting-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
8951ee7ab3b2f7f99c12a8639d4193db31d193cc4e8341676e86b4ec0dc63411

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 16:04:13 GMT
server
nginx
etag
"5df3b67d-6005"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
24581
expires
Fri, 27 Mar 2020 08:18:33 GMT
flutter-port-495x400.png
kitrum.com/wp-content/uploads/2019/04/
25 KB
25 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/04/flutter-port-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
cb731ae7f53e084a9215e3374220ae103b7467c70b22fe1ec6bbc7e7e1d0bf0e

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 16:03:29 GMT
server
nginx
etag
"5df3b651-64ea"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
25834
expires
Fri, 27 Mar 2020 08:18:33 GMT
flutter_portfolio_grid-495x400.png
kitrum.com/wp-content/uploads/2019/04/
29 KB
29 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/04/flutter_portfolio_grid-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
54ff8f848075e660804dbe6f6058db07bf15591d54af47209d98ca153a8e6126

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 15:16:54 GMT
server
nginx
etag
"5df3ab66-7280"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
29312
expires
Fri, 27 Mar 2020 08:18:33 GMT
Untitled-495x400.png
kitrum.com/wp-content/uploads/2019/04/
44 KB
45 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/04/Untitled-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
8f9f9c050939a4dbb122cafc6e2d0a2deafe2d507e0f28896567917f5132df81

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 14 Jun 2019 09:51:00 GMT
server
nginx
etag
"5d036e04-b1bb"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
45499
expires
Fri, 27 Mar 2020 08:18:33 GMT
react-495x400.png
kitrum.com/wp-content/uploads/2019/04/
56 KB
57 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/04/react-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
5caa917de25c07af553607fd75830ef4e6aea6c0cb603470eb13aba5d0d9bccb

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 14 Jun 2019 09:49:03 GMT
server
nginx
etag
"5d036d8f-e1ca"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
57802
expires
Fri, 27 Mar 2020 08:18:33 GMT
case-kitrum-495x400.png
kitrum.com/wp-content/uploads/2019/04/
62 KB
62 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/04/case-kitrum-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
98825a75ab8abf5d61f15d27af5734473e31ac6ee81ad0b9ee1bffdad9235c89

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 15:16:14 GMT
server
nginx
etag
"5df3ab3e-f6ca"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
63178
expires
Fri, 27 Mar 2020 08:18:33 GMT
python-495x400.png
kitrum.com/wp-content/uploads/2019/01/
41 KB
42 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/01/python-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
b0ea786250c9fb0c0319157126bde2fa8d5c568dd89875c1614e636d17996f70

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 15:17:46 GMT
server
nginx
etag
"5df3ab9a-a55c"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
42332
expires
Fri, 27 Mar 2020 08:18:33 GMT
Electronic-Health-495x400.png
kitrum.com/wp-content/uploads/2019/01/
37 KB
37 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/01/Electronic-Health-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
f39fa09c30b8dfd929d845782171acc97d45b1637b092139a48310052fd7a7ed

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 15:18:27 GMT
server
nginx
etag
"5df3abc3-94c4"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
38084
expires
Fri, 27 Mar 2020 08:18:33 GMT
blitz-495x400.png
kitrum.com/wp-content/uploads/2019/01/
43 KB
43 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2019/01/blitz-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
9926a9dddd3577b37568fc9bfff34445be11c55a83b90bdaffc340eaa8a4d470

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 15:19:04 GMT
server
nginx
etag
"5df3abe8-aa6d"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
43629
expires
Fri, 27 Mar 2020 08:18:33 GMT
livephoto-3d-495x400.png
kitrum.com/wp-content/uploads/2016/10/
38 KB
38 KB
Image
General
Full URL
https://kitrum.com/wp-content/uploads/2016/10/livephoto-3d-495x400.png
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.216.78 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS
server.s78.r53.com.ua
Software
nginx /
Resource Hash
97c8e7beecab7cd6270ef806713c234e79d9edb2b576fd959428de946b9d91c7

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:33 GMT
last-modified
Fri, 13 Dec 2019 15:20:28 GMT
server
nginx
etag
"5df3ac3c-9853"
content-type
image/png
status
200
cache-control
max-age=1209600
accept-ranges
bytes
content-length
38995
expires
Fri, 27 Mar 2020 08:18:33 GMT
lftracker_v1_3P1w24dnDWJ8mY5n.js
sc.lfeeder.com/
7 KB
3 KB
Script
General
Full URL
https://sc.lfeeder.com/lftracker_v1_3P1w24dnDWJ8mY5n.js
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:2400:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b7809afa3020a83501148ddb1a0accd285e05694fbe4d3e1e3020183ecb29e2

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 08:18:35 GMT
content-encoding
gzip
last-modified
Tue, 10 Mar 2020 15:53:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
UDYWrGC9tDkPrt-CI3pBUzkex9CFoZsY2fuiw561o-USDxjGjjABBQ==
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin
https://kitrum.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Feb 2020 20:33:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1511076
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Tue, 23 Feb 2021 20:33:58 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin
https://kitrum.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 23:56:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
202940
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:56:14 GMT
mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Origin
https://kitrum.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 00:40:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:48 GMT
server
sffe
age
718663
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
5608
x-xss-protection
0
expires
Fri, 05 Mar 2021 00:40:51 GMT
identity.js
connect.facebook.net/signals/plugins/
42 KB
11 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
10620
x-xss-protection
0
pragma
public
x-fb-debug
MPN5HPn3sfprEM78cw866Va3aRwpbUcRjuO8Cvqa5F17IJvqj/htIAlv0V20ssGQRStxnJ55IsgBnnS8VzUElw==
x-fb-trip-id
420120009
date
Fri, 13 Mar 2020 08:18:34 GMT, Fri, 13 Mar 2020 08:18:34 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
579399592855158
connect.facebook.net/signals/config/
447 KB
112 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/579399592855158?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b44f26e78621fb2f159e03053c9956571906a4cad9664d685d96769bc94db9ac
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Udben0UUIuHA5thdsUqLG/V9Md1iGT1CORHtM20DSWiwnxIW6yTZoF1Txxn/JJug1JY2BKgpJm6WCOhYCJMDyA==
x-fb-trip-id
420120009
date
Fri, 13 Mar 2020 08:18:34 GMT, Fri, 13 Mar 2020 08:18:34 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=121526112&t=pageview&_s=1&dl=https%3A%2F%2Fkitrum.com%2F%3Feflyer_rand%3D1885391538&ul=en-us&de=UTF-8&dt=KitRUM%20%E2%80%93%20Software%20Deve...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-131266556-1&cid=8722781.1584087514&jid=1479808193&_gid=934786520.1584087514&gjid=545182207&_v=j81&z=1654056829
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131266556-1&cid=8722781.1584087514&jid=1479808193&_v=j81&z=1654056829
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131266556-1&cid=8722781.1584087514&jid=1479808193&_v=j81&z=1654056829&slf_rd=1&random=3448173225
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131266556-1&cid=8722781.1584087514&jid=1479808193&_v=j81&z=1654056829&slf_rd=1&random=3448173225
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Mar 2020 08:18:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 13 Mar 2020 08:18:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-131266556-1&cid=8722781.1584087514&jid=1479808193&_v=j81&z=1654056829&slf_rd=1&random=3448173225
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
248 B
Image
General
Full URL
https://www.facebook.com/tr/?id=579399592855158&ev=PageView&dl=https%3A%2F%2Fkitrum.com%2F%3Feflyer_rand%3D1885391538&rl=&if=false&ts=1584087514405&sw=1600&sh=1200&v=2.9.15&r=stable&a=wordpress-5.0.8-1.8.0&ec=0&o=30&fbp=fb.1.1584087514405.688947757&it=1584087514322&coo=false&rqm=GET
Requested by
Host: kitrum.com
URL: https://kitrum.com/?eflyer_rand=1885391538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 08:18:34 GMT, Fri, 13 Mar 2020 08:18:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 13 Mar 2020 08:18:34 GMT
2
widget.clutch.co/widgets/get/ Frame B678
0
0
Document
General
Full URL
https://widget.clutch.co/widgets/get/2?ref_domain=kitrum.com&uid=589341
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:d800:8:edb:e2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash

Request headers

:method
GET
:authority
widget.clutch.co
:scheme
https
:path
/widgets/get/2?ref_domain=kitrum.com&uid=589341
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://kitrum.com/?eflyer_rand=1885391538
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://kitrum.com/?eflyer_rand=1885391538

Response headers

status
200
content-type
text/html; charset=utf-8
date
Thu, 12 Mar 2020 14:08:22 GMT
server
nginx/1.14.1
expires
Fri, 13 Mar 2020 14:08:22 GMT
cache-control
max-age=86400
content-encoding
gzip
x-cache
Hit from cloudfront
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
VL-le57veeqT3xb8jKGMNGw_7TVPPSyutt9su1QK9uN9kTvek2NR7Q==
age
65411
star-no-review-line
www.goodfirms.co/widgets/get/12425/goodfirms-widget-t6/ Frame 7CE3
Redirect Chain
  • https://goodfirms.co/widgets/get/12425/goodfirms-widget-t6/star-no-review-line
  • https://www.goodfirms.co/widgets/get/12425/goodfirms-widget-t6/star-no-review-line
0
0
Document
General
Full URL
https://www.goodfirms.co/widgets/get/12425/goodfirms-widget-t6/star-no-review-line
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:58da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.goodfirms.co
:scheme
https
:path
/widgets/get/12425/goodfirms-widget-t6/star-no-review-line
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://kitrum.com/?eflyer_rand=1885391538
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://kitrum.com/?eflyer_rand=1885391538

Response headers

status
200
date
Fri, 13 Mar 2020 08:18:35 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db6c5437715dd86d4d6cc9136d2ef38001584087515; expires=Sun, 12-Apr-20 08:18:35 GMT; path=/; domain=.goodfirms.co; HttpOnly; SameSite=Lax
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
server
cloudflare
cf-ray
57345339c9e51f35-FRA
content-encoding
br

Redirect headers

status
301
date
Fri, 13 Mar 2020 08:18:35 GMT
content-type
text/html
set-cookie
__cfduid=d31fcbbdbd2de3c1a0e1c7d076777c8c91584087514; expires=Sun, 12-Apr-20 08:18:34 GMT; path=/; domain=.goodfirms.co; HttpOnly; SameSite=Lax
location
https://www.goodfirms.co/widgets/get/12425/goodfirms-widget-t6/star-no-review-line
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
server
cloudflare
cf-ray
573453387ee91f35-FRA
/
www.facebook.com/tr/
0
52 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
Origin
https://kitrum.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryedBLyChcDD34MqFs

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://kitrum.com
date
Fri, 13 Mar 2020 08:18:34 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
jsonGV.jsp
www.socialintents.com/json/
108 B
413 B
Script
General
Full URL
https://www.socialintents.com/json/jsonGV.jsp?uid=2c9fa5636837e5f5016857128d630c1a&callback=jsonCallback&_=1584087514141
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.248.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-248-100.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
d8d4232ba36287f08c458cc42021edaae83b54f2bbd1216997afc972cfeca5dc

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 08:18:35 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
116
Content-Type
application/json;charset=UTF-8
socialintents.1.3.js
www.socialintents.com/api/chat/
8 KB
3 KB
Script
General
Full URL
https://www.socialintents.com/api/chat/socialintents.1.3.js
Requested by
Host: www.socialintents.com
URL: https://www.socialintents.com/api/socialintents.1.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.248.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-248-100.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
e187b367024b2200393caccde8e4305dd28a7a2b117ee7571c7b7a3444fe800a

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 08:18:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Mar 2020 23:52:34 GMT
Server
nginx/1.16.1
ETag
W/"8697-1583884354000"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
2353
si-include-chat.css
www.socialintents.com/assets/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.socialintents.com/assets/css/si-include-chat.css
Requested by
Host: www.socialintents.com
URL: https://www.socialintents.com/api/chat/socialintents.1.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.248.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-248-100.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
0d35f8a3f1e1b493f11452ef1f2bce1eb21a7ac9f8b9cf830934b0db130d4e64

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
Origin
https://kitrum.com
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 13 Mar 2020 08:18:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Mar 2020 23:52:34 GMT
Server
nginx/1.16.1
ETag
W/"7804-1583884354000"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Length
1693
Expires
Mon, 23 Mar 2020 08:18:36 GMT
jsonGetVarsContext.jsp
www.socialintents.com/api/chat/
479 B
477 B
Script
General
Full URL
https://www.socialintents.com/api/chat/jsonGetVarsContext.jsp?wid=2c9fa5636837e5f501685712aaa90c1d&callback=jsonCallbackchat&_=1584087514142
Requested by
Host: kitrum.com
URL: https://kitrum.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.42.248.100 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-42-248-100.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
45462c9cf9e49bc5e42afd218f5456406d22c5467669665faa78b489d825bf0e

Request headers

Referer
https://kitrum.com/?eflyer_rand=1885391538
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 08:18:36 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
287
Content-Type
text/javascript;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| google_tag_manager object| dataLayer boolean| avia_is_mobile object| mejsL10n object| _wpmejsSettings function| gtag object| avia_framework_globals function| Froogaloop function| _extends function| _typeof function| lazyLoadThumb function| lazyLoadYoutubeIframe object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| fbq function| _fbq object| ldfdr string| GoogleAnalyticsObject function| ga object| GF string| protocol string| baseUrl function| require function| iFrameResize object| CLUTCHCO object| jQuery112407650906858504134 function| Waypoint function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| onYouTubeIframeAPIReady function| $f object| wp object| lazyLoadOptions function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| waypointContextKey boolean| socialintents object| socialintents_vars2 string| company_id string| widget_type string| widget_pattern string| if_width string| if_height boolean| socialintents_chat object| socialintents_vars2_chat function| getSICScriptURL

5 Cookies

Domain/Path Name / Value
.kitrum.com/ Name: _fbp
Value: fb.1.1584087514405.688947757
.kitrum.com/ Name: _gid
Value: GA1.2.934786520.1584087514
.kitrum.com/ Name: _ga
Value: GA1.2.8722781.1584087514
.kitrum.com/ Name: _gat_gtag_UA_131266556_1
Value: 1
kitrum.com/ Name: PHPSESSID
Value: do6h9hhvcp4j7afmt3abqp6hb3

2 Console Messages

Source Level URL
Text
console-api log URL: https://kitrum.com/wp-content/cache/autoptimize/js/autoptimize_b1b16b6cee66cd1eadf0acfa9e303f8c.js(Line 3)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Call to "fbq('init', '579399592855158', []);" with parameter "user_data" has an invalid value of "[]"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
goodfirms.co
kitrum.com
sc.lfeeder.com
stats.g.doubleclick.net
t.eflyermaker.com
widget.clutch.co
www.facebook.com
www.goodfirms.co
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.socialintents.com
192.34.94.57
2600:9000:214f:2400:1f:f723:6fc0:93a1
2600:9000:214f:d800:8:edb:e2c0:93a1
2606:4700:10::6814:58da
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
31.41.216.78
52.42.248.100
0d35f8a3f1e1b493f11452ef1f2bce1eb21a7ac9f8b9cf830934b0db130d4e64
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f07e4b5a68397fa31f1e11cb04267e6de3bda2f1a82d684163b783b2620d9fe
1f64e2a73ed778e839b497146099d220c9883b23581183571898fe35811ad3b7
201cca51d07dad4d3a75b10ee802617404b214805dca07722082a0a52dee3221
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
31d32857a30a401dd36459791b01a7c8de6ff8e6614994e53e6983747b8e0b4e
323ea4f1a02635654c98ffc2f964c237d57991f5d1c0f0789cb662e754341495
45462c9cf9e49bc5e42afd218f5456406d22c5467669665faa78b489d825bf0e
4631039bb8f59462a9c5bfd51b95f59d6d44a6062203112301400389bfad07ac
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54ff8f848075e660804dbe6f6058db07bf15591d54af47209d98ca153a8e6126
58ec147c675581ed01d2a0149fd56850657184b6b5319b5bd95944e5f470946b
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5caa917de25c07af553607fd75830ef4e6aea6c0cb603470eb13aba5d0d9bccb
753114dc0f885bfa1963394d6769bd1bc89483bd635e04f5ec4c14cb6c50e37c
75e801b453bd677c68d4af036055b3036b8fc0390a76bf4661ab50e22b1137ee
76c828df931848541d008f5df340db07e1fd29788cd50f9f86198c9c452fdc9f
7b7809afa3020a83501148ddb1a0accd285e05694fbe4d3e1e3020183ecb29e2
7cb1261cd496c7cba62f8541a7ed93c7253f910a1f577f797ab8e75df8ff1906
7eee205b689af1ea2a6ce7c7a0c06cf9fed3ed39ef6a5e6e02b5eb7f78fefce7
85aa0b7083e634ba82797f3de6fe920a8a360d1267f2ecb2f97f541ab85a8a9e
8951ee7ab3b2f7f99c12a8639d4193db31d193cc4e8341676e86b4ec0dc63411
8f9f9c050939a4dbb122cafc6e2d0a2deafe2d507e0f28896567917f5132df81
921f90b03af135d2e25e74c709326f1b53aa111672773a20dcc282c78a2d61ea
97c8e7beecab7cd6270ef806713c234e79d9edb2b576fd959428de946b9d91c7
98825a75ab8abf5d61f15d27af5734473e31ac6ee81ad0b9ee1bffdad9235c89
9926a9dddd3577b37568fc9bfff34445be11c55a83b90bdaffc340eaa8a4d470
9a96ef836322edb2ec2afd5058d64039ebd8cf7248ad3e6c22ddc3fb97d0a52f
9b92d62950b752b05e9d93c12cac81bf662e22ba50f0516fb87321991a0eb507
9bbc1ede5c163301e776b1bd1307275e343af6a94e38e470a3530dbc78bf0959
9bc6fd4e8fc2f4f4589417384c0417c27bbf96679a5c968a9c6afb8cba6745cd
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
a3dc0cdebf58aee4a2e4dc02b2a3dc7948e756f016596b8c9271644068c67636
a5fc47005ba5949324040ab3a58173102bb52cf4243d45f78245d56b9a4275a2
a61cdd9f93da4b19ba2c99206445831456ff039af899b2cabcaa5e435900ed3b
b0ea786250c9fb0c0319157126bde2fa8d5c568dd89875c1614e636d17996f70
b44f26e78621fb2f159e03053c9956571906a4cad9664d685d96769bc94db9ac
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
be48aa20ca2b0f5c40569e86ede656a8f35bc16eb86d471b7291bf714e9b56d4
cb731ae7f53e084a9215e3374220ae103b7467c70b22fe1ec6bbc7e7e1d0bf0e
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d8d4232ba36287f08c458cc42021edaae83b54f2bbd1216997afc972cfeca5dc
df61ef4c363fce59355732bafbb4ada6e32b6110099ffd3186100c41061a8974
e187b367024b2200393caccde8e4305dd28a7a2b117ee7571c7b7a3444fe800a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39fa09c30b8dfd929d845782171acc97d45b1637b092139a48310052fd7a7ed
ffb6b7423389750466eed09e727a9d4d785e01aaaaec0a62e05323dcce2924ef