obama.ru
Open in
urlscan Pro
2606:4700:3033::ac43:8bc9
Public Scan
Effective URL: https://obama.ru/
Submission: On February 10 via api from RU — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on December 20th 2023. Valid for: 3 months.
This is the only time obama.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3037::6815:8a6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
49 | 2606:4700:303... 2606:4700:3033::ac43:8bc9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
2 8 | 185.39.80.168 185.39.80.168 | 200015 (LIVETEX) (LIVETEX) | |
2 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
4 11 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
11 | 2606:4700:20:... 2606:4700:20::ac43:4a03 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:3965 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 185.39.80.145 185.39.80.145 | () () | |
2 | 185.39.80.144 185.39.80.144 | 200015 (LIVETEX) (LIVETEX) | |
2 | 185.39.80.146 185.39.80.146 | 200015 (LIVETEX) (LIVETEX) | |
86 | 11 |
ASN200015 (LIVETEX, RU)
cs15.livetex.ru | |
balancer-cloud.livetex.ru | |
widgets-3-omni-iframe.livetex.ru |
ASN13335 (CLOUDFLARENET, US)
widgets-3-omni-iframe.livetex.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
50 |
obama.ru
1 redirects
obama.ru |
331 KB |
15 |
livetex.ru
2 redirects
cs15.livetex.ru — Cisco Umbrella Rank: 330937 balancer-cloud.livetex.ru — Cisco Umbrella Rank: 275803 widgets-3-omni-iframe.livetex.ru — Cisco Umbrella Rank: 331296 io4-production-3-ltx241.livetex.ru vnds-production-3-i1.livetex.ru — Cisco Umbrella Rank: 486306 wapi-03.livetex.ru — Cisco Umbrella Rank: 377968 |
39 KB |
11 |
livetex.me
widgets-3-omni-iframe.livetex.me — Cisco Umbrella Rank: 308493 |
471 KB |
8 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 8796 |
4 KB |
3 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 4118 |
72 KB |
2 |
gstatic.com
fonts.gstatic.com |
59 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 782 |
7 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
86 | 8 |
Domain | Requested by | |
---|---|---|
50 | obama.ru |
1 redirects
obama.ru
|
11 | widgets-3-omni-iframe.livetex.me |
balancer-cloud.livetex.ru
widgets-3-omni-iframe.livetex.me static.cloudflareinsights.com |
8 | mc.yandex.com |
3 redirects
obama.ru
mc.yandex.ru |
5 | balancer-cloud.livetex.ru |
2 redirects
balancer-cloud.livetex.ru
widgets-3-omni-iframe.livetex.me |
3 | io4-production-3-ltx241.livetex.ru |
widgets-3-omni-iframe.livetex.me
|
3 | mc.yandex.ru |
1 redirects
obama.ru
|
2 | wapi-03.livetex.ru |
widgets-3-omni-iframe.livetex.me
|
2 | vnds-production-3-i1.livetex.ru |
widgets-3-omni-iframe.livetex.me
|
2 | widgets-3-omni-iframe.livetex.ru |
obama.ru
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | static.cloudflareinsights.com |
widgets-3-omni-iframe.livetex.me
|
1 | cs15.livetex.ru |
obama.ru
|
1 | fonts.googleapis.com |
obama.ru
|
86 | 13 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
obama.ru GTS CA 1P5 |
2023-12-20 - 2024-03-19 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.livetex.ru GlobalSign GCC R3 DV TLS CA 2020 |
2023-05-31 - 2024-07-01 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-12-26 - 2024-06-05 |
5 months | crt.sh |
livetex.me GTS CA 1P5 |
2024-01-16 - 2024-04-15 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://obama.ru/
Frame ID: 9624DB8F5C7F455FB5522956B4CFF0AA
Requests: 69 HTTP requests in this frame
Frame:
https://mc.yandex.com/metrika/metrika_match.html
Frame ID: D5D91AB0BBDDC4CD67B1825A39534852
Requests: 1 HTTP requests in this frame
Frame:
https://widgets-3-omni-iframe.livetex.me/js/iframe.html?host-page-origin=https://obama.ru
Frame ID: 19CF01027C86AC062E49EBEFAE799C21
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Обменный пункт электронных валютPage URL History Show full URLs
-
http://obama.ru/
HTTP 301
https://obama.ru/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: LiveTex
Search URL Search Domain Scan URL
Title: LiveTex
Search URL Search Domain Scan URL
Title: LiveTex
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://obama.ru/
HTTP 301
https://obama.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 53- https://balancer-cloud.livetex.ru/get-client/?site_id=176968&version=23.29.1876-0a5aa07&target=settings_path&rnd=v47ir6ygck7 HTTP 302
- https://widgets-3-omni-iframe.livetex.ru/js/widgetsSettings.json
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10275.lF5eghTO9n015wEpFqSFx8fyPQyxNAmqnoLENQKlT6ppDPYqTHUuj0iwXtG6pDyJ.tCHnWhkZ8MPmv7yVKbPcsPclEDU%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10275.fW0H8fLWUlAgwyyH8kMm3qnL3xbfngBkjSS2LDdAV1OEhqUnlC-8gXRvLkWFFrlyI5kvwBt1WoemAQgG58phmwvkYPSZ48xWsr-fGKP3dkAw7YZd_qUgOdQshBbFvecEwd8fHfHe-y1KiOua-Fe1DAqnu_kZpAqt8osH6n7_RWLqAME_580Pn-4BNz_9xeIdfYSm2Hbu_44i87CW4X8q7NyyO6e4WFrj7BA0sWSrKRc%2C.1EwFWBavZiMrU80QGiDDTIPvuzY%2C HTTP 302
- https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10275.8h57JDlprK_GUi2LG0YEHGvKf4nxWaIGfjxdOahOuh1Gq46MO277prYc6piej1c14fJuUgn3119MiGLbgmJ0Usp5PnWrJXqeZKNIGOZuOOj4L_vUHjaVIHwOSFEX2UsB1r7I9GvJX4De2VD4AH0ZW7AoUU57QaW2qqdVwU8XZNY4IFxZpfR__BZlqZ8-lXxFagYzpRDUdLEvzltI5rXdDQ%2C%2C.cfSfbJc2mZjZZWwT3ONoNz3sbLI%2C
- https://balancer-cloud.livetex.ru/get-client/?site_id=176968&version=23.29.1876-0a5aa07&target=path&rnd=wpcza2rsy4b HTTP 302
- https://widgets-3-omni-iframe.livetex.ru/js/app3.js
- https://mc.yandex.com/watch/75798868?wmode=7&page-url=https%3A%2F%2Fobama.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A464433741825%3Ahid%3A655951372%3Az%3A60%3Ai%3A20240210071352%3Aet%3A1707545632%3Ac%3A1%3Arn%3A868505739%3Arqn%3A1%3Au%3A1707545632867539979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C86%2C163%2C1%2C113%2C0%2C%2C262%2C0%2C%2C%2C%2C627%3Aco%3A0%3Acpf%3A1%3Ans%3A1707545631240%3Afp%3A623%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707545633%3At%3A%D0%9E%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D1%83%D0%BD%D0%BA%D1%82%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
- https://mc.yandex.com/watch/75798868/1?wmode=7&page-url=https%3A%2F%2Fobama.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ad7x9vdjtlsnebtmoc6xy5om3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1240%3Acn%3A1%3Adp%3A0%3Als%3A464433741825%3Ahid%3A655951372%3Az%3A60%3Ai%3A20240210071352%3Aet%3A1707545632%3Ac%3A1%3Arn%3A868505739%3Arqn%3A1%3Au%3A1707545632867539979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C86%2C163%2C1%2C113%2C0%2C%2C262%2C0%2C%2C%2C%2C627%3Aco%3A0%3Acpf%3A1%3Ans%3A1707545631240%3Afp%3A623%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1707545633%3At%3A%D0%9E%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BF%D1%83%D0%BD%D0%BA%D1%82%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
86 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
obama.ru/ Redirect Chain
|
41 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
obama.ru/wp-content/themes/newexchanger/ |
149 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
obama.ru/wp-includes/css/dist/block-library/ |
87 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-ui/ |
248 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-forms/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-cook/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-clipboard/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-window/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-changeinput/ |
769 B 649 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yaMetrika.js
obama.ru/wp-content/plugins/premiumbox/moduls/seo/js/ |
2 KB 939 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-select/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-table/ |
2 KB 890 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-checkbox/ |
923 B 677 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.js
obama.ru/wp-content/themes/newexchanger/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.min.js
obama.ru/wp-content/plugins/premiumbox/premium/js/jquery-timer/ |
1 KB 854 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
premium_script.js
obama.ru/ |
24 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ru_RU.png
obama.ru/wp-content/plugins/premiumbox/flags/ |
147 B 449 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en_US.png
obama.ru/wp-content/plugins/premiumbox/flags/ |
377 B 742 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.gif
obama.ru/wp-content/uploads/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4.jpg
obama.ru/wp-content/uploads/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
kursexpert.png
obama.ru/wp-content/uploads/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
88x312.png
obama.ru/wp-content/uploads/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
glazok.gif
obama.ru/wp-content/uploads/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b88x31.png
obama.ru/wp-content/uploads/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
88x31-4.gif
obama.ru/wp-content/uploads/ |
73 KB 73 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
88x31.gif
obama.ru/wp-content/uploads/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
file.png
obama.ru/wp-content/uploads/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
okchanger.png
obama.ru/wp-content/uploads/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BM88X31.gif
obama.ru/wp-content/uploads/ |
24 KB 25 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v-blue-on-white-ru.png
obama.ru/wp-content/uploads/ |
805 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
88-31-1.jpg
obama.ru/wp-content/uploads/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vk-ico.png
obama.ru/wp-content/themes/newexchanger/images/ |
644 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ins-ico.png
obama.ru/wp-content/themes/newexchanger/images/ |
568 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tm-ico.png
obama.ru/wp-content/themes/newexchanger/images/ |
689 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
QbwI3yJi.png
obama.ru/wp-content/pn_uploads/captcha/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
JNlmBMd7.png
obama.ru/wp-content/pn_uploads/captcha/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
obama.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
cs15.livetex.ru/js/ |
1 KB 957 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
w_close.png
obama.ru/wp-content/themes/newexchanger/images/ |
178 B 641 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
warning.png
obama.ru/wp-content/themes/newexchanger/images/ |
366 B 827 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
l_arr.png
obama.ru/wp-content/themes/newexchanger/images/ |
155 B 619 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1.png
obama.ru/wp-content/themes/newexchanger/adv_images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.png
obama.ru/wp-content/themes/newexchanger/adv_images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3.png
obama.ru/wp-content/themes/newexchanger/adv_images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4.png
obama.ru/wp-content/themes/newexchanger/adv_images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5.png
obama.ru/wp-content/themes/newexchanger/adv_images/ |
992 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6.png
obama.ru/wp-content/themes/newexchanger/adv_images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XRXV3I6Li01BKofIMeaBXso.woff2
fonts.gstatic.com/s/nunito/v26/ |
20 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
204 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
telegram.png
obama.ru/wp-content/themes/newexchanger/images/ |
325 B 781 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email.png
obama.ru/wp-content/themes/newexchanger/images/ |
244 B 708 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widgetsSettings.json
widgets-3-omni-iframe.livetex.ru/js/ Redirect Chain
|
1020 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_finish
mc.yandex.ru/ Redirect Chain
|
43 B 579 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app3.js
widgets-3-omni-iframe.livetex.ru/js/ Redirect Chain
|
140 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/75798868/ Redirect Chain
|
447 B 539 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrika_match.html
mc.yandex.com/metrika/ Frame D5D9 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H2 |
iframe.html
widgets-3-omni-iframe.livetex.me/js/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.html
widgets-3-omni-iframe.livetex.me/js/ Frame 19CF |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui.24.5.3015-496641c.js
widgets-3-omni-iframe.livetex.me/js/ |
1 MB 262 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
balancer-cloud.livetex.ru/services/ |
1 KB 607 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.9c89cd.js
widgets-3-omni-iframe.livetex.me/js/ Frame 19CF |
494 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
services.3a8e7a.js
widgets-3-omni-iframe.livetex.me/js/ Frame 19CF |
355 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame 19CF |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
176968.js
widgets-3-omni-iframe.livetex.me/js/settings/v3/ Frame 19CF |
6 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
widgets-3-omni-iframe.livetex.me/cdn-cgi/ Frame 19CF |
0 194 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
176968.css
widgets-3-omni-iframe.livetex.me/css/widgets/ Frame 19CF |
268 KB 33 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
balancer-cloud.livetex.ru/get-server/ Frame 19CF |
165 B 443 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
auth
io4-production-3-ltx241.livetex.ru/visitor/ Frame 19CF |
552 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
balancer-cloud.livetex.ru/services/ Frame 19CF |
1 KB 625 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1707545634225
io4-production-3-ltx241.livetex.ru/poll/0/ Frame 19CF |
102 B 434 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
visitor-notification-delivery-service-app-production-3-i1.thrift-http
vnds-production-3-i1.livetex.ru/ Frame 19CF |
110 B 428 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
1707545634306
io4-production-3-ltx241.livetex.ru/poll/12if67/ Frame 19CF |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
visitor-notification-delivery-service-app-production-3-i1.thrift-http
vnds-production-3-i1.livetex.ru/ Frame 19CF |
38 B 355 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
widgets-api-service2-app-production-3-i1.thrift-http
wapi-03.livetex.ru/ Frame 19CF |
41 B 358 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
visitor-notification-delivery-service-app-production-3-i1.thrift-http
vnds-production-3-i1.livetex.ru/ Frame 19CF |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
widgets-api-service2-app-production-3-i1.thrift-http
wapi-03.livetex.ru/ Frame 19CF |
45 B 362 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
add-page
io4-production-3-ltx241.livetex.ru/site/ Frame 19CF |
261 B 593 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_bg.png
widgets-3-omni-iframe.livetex.me/images/ |
547 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.ttf
widgets-3-omni-iframe.livetex.me/fonts/ |
7 KB 7 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preloader.gif
widgets-3-omni-iframe.livetex.me/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
855 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
882 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
75798868
mc.yandex.com/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
75798868
mc.yandex.com/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- io4-production-3-ltx241.livetex.ru
- URL
- https://io4-production-3-ltx241.livetex.ru/poll/12if67/1707545634306?__fallback__&=&_m=GET&_c=njr_4_callback&_t=jsonp&_rnd=q6jx6995igs&_h[lt-origin]=account%3A292861%3Asite%3A176968&_h[cookie]=1x80e4s%3Dio%3Aio-4-ltx241-livetex-ru%3Asession%3A121ldr9x9kvap610d7k3xr
- Domain
- vnds-production-3-i1.livetex.ru
- URL
- https://vnds-production-3-i1.livetex.ru/visitor-notification-delivery-service-app-production-3-i1.thrift-http
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery object| Cookies function| ClipboardJS boolean| liveTex number| liveTexID boolean| liveTex_object function| ym string| LTX_VERSION object| LiveTex object| Ya object| yaCounter75798868 function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
obama.ru/ | Name: PHPSESSID Value: 6d8d5d772cbfbe60a85bf156d88326a3 |
|
obama.ru/ | Name: premium_session_id Value: cQsZyqOuhOnXskHMlEJIkQ5JsYmH98gWJkCnNHzdcY0PBUsgrxo2uMATpWjmZvXt |
|
obama.ru/ | Name: merch_locale Value: ru_RU |
|
.obama.ru/ | Name: _ym_uid Value: 1707545632867539979 |
|
.obama.ru/ | Name: _ym_d Value: 1707545632 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 628952880fake |
|
.yandex.com/ | Name: i Value: 4YMaIwcLLe61W0mlAisDgKimfrvIgXgWtr9tA/uuhnBp5U3suoyrUHSSIvGCOqr/JREWcknvfDqahX0jx1z4rlJf9eE= |
|
.yandex.com/ | Name: yandexuid Value: 4422691911707545632 |
|
.obama.ru/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 1325148136fake |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
.yandex.ru/ | Name: yandexuid Value: 4422691911707545632 |
|
.yandex.ru/ | Name: yuidss Value: 4422691911707545632 |
|
.yandex.ru/ | Name: i Value: 4YMaIwcLLe61W0mlAisDgKimfrvIgXgWtr9tA/uuhnBp5U3suoyrUHSSIvGCOqr/JREWcknvfDqahX0jx1z4rlJf9eE= |
|
.yandex.ru/ | Name: yp Value: 1707632032.yu.23680341707545632 |
|
.yandex.ru/ | Name: ymex Value: 1710137632.oyu.23680341707545632 |
|
mc.yandex.com/ | Name: yabs-sid Value: 1127804901707545632 |
|
.yandex.com/ | Name: yuidss Value: 4422691911707545632 |
|
.yandex.com/ | Name: ymex Value: 1739081632.yrts.1707545632 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
|
.obama.ru/ | Name: _ym_visorc Value: w |
57 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
balancer-cloud.livetex.ru
cs15.livetex.ru
fonts.googleapis.com
fonts.gstatic.com
io4-production-3-ltx241.livetex.ru
mc.yandex.com
mc.yandex.ru
obama.ru
static.cloudflareinsights.com
vnds-production-3-i1.livetex.ru
wapi-03.livetex.ru
widgets-3-omni-iframe.livetex.me
widgets-3-omni-iframe.livetex.ru
io4-production-3-ltx241.livetex.ru
vnds-production-3-i1.livetex.ru
185.39.80.144
185.39.80.145
185.39.80.146
185.39.80.168
2606:4700:20::ac43:4a03
2606:4700:3033::ac43:8bc9
2606:4700:3037::6815:8a6
2606:4700::6810:3965
2a00:1450:4001:809::2003
2a00:1450:4001:830::200a
2a02:6b8::1:119
0058db906b97ce9aca80ef3826606e329e334c6ea24750c60c228bdfeed7d03e
03d37d9fcc596443e6c580f03d6adaeaf35124db180081216e55ce7a17c235b3
0d0860bef476f89d3269feb451088b803bbf3d2a6d2fbe70ab176a1b0e85e8e8
0e3908c20d6c618a1243effe632260a128e03565f58c4b4857fba18acd4fe97c
1414a404b9ec3783d962c4b8b1249b618f7d7c41bf70ba140a7222dfae63940c
1a03e13793bc8ad3f85467e8b07320ae8133f2880ade690a1827d28f112c7ee1
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1a89cf0feea8fb11408764410083734078b6a34967913b2a72431fc4fc85929a
1dcb72155edae8fec6f6fa0f8c6d6a5ae62f6c02f4cbe6cb10befe676409f6e8
1f6882c6adebf60b39fdb469342ecf11c4168260c5988afbfa2b3c4b46dcaa02
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2724a7cf84901a951c6e855eacf7f9f95c0b9f3174d58826320dbb49e3a67a7a
27a27b500784ebdd0f5efced2781118c902d04c57e928cb45230e8b675f7ce10
27e9042e0cd29ac1e29332d3a88a1aa1bc84fb912ac5b14ced66d8f5e6890938
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2b049eac6cd1f5d5a9b6ffed2857a3668a80a42044383bae1db3b98118033eb0
304d1b34b3865d76b5698cf6912ece8bf90dbad09b460d69261bb46a8e54a2d6
33368768ba09c6b8958d3473d52b9bf78a433c6a31be1bc5fdf11bbfd09c1426
33a80d66be03961581aa560ec27ecf35a160fb4db00bc241b63bb3c3722a0fa3
35ff0f81d24ed4b9de54b410c9a92dd0ecf71039a4c0e209e3e03deb55d8ab23
36c0ca3a6e8aad71c55c88f9096f768e4a96b2aada0a51528898b53201d2ed1b
385397724121f91cc918b14344c31b99cf5c8c926c6a79ba80c1fe6548626b9e
387fafff9b8e1959b69b6589faaf28ef910c9fe0838188901c209e64b397c083
389ae451d64bd33aa97ff3f82fb85a7ae7d53f367df376d41eface19d18918d1
3ba169d279f4b076da209c5f1e3a6b6f7b80887d6d474f0621f396b8207ae11e
3eb99284b6c7855f170667de67997c268a9231f7112d480b25edb67342b073eb
430dd9cba1217f2979f097727b9e6681ebb3ba766a0b120f3113ba8d70f64f20
44c2f056fa5200f64512060d214c5c5721797589a0a1295010ce09d36f5689ac
456e6a2efaef55249ffe3b5bfe3930ec915c417a4be9e441ebab9b28eadc683c
482625f9d55feac9a3187b21e5a8ac098bdfaa328a094f7b4dd2d24ba59056e8
4af5559b76736275f267afa0ac773044dad90bb8467ed57e1648dc174adae80b
4b63ee6ef6ddca0e8a4814e88b7433f93b1ec9d108a6c6aaa5ed3df2bdee16bf
4ba293b5885449d0413c68fa1322d3b6d853195d5e1e21d0be0d7fda247a7a5b
4da2e18b693f1952e4d41d0e5b09957f5e8951ee0dde5be14bfb12e7b237fec8
5371ac33491521076c763ecb84c929a3d6b92ff5ed50a7dad05605d1884bde84
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57e3a9a75d65f8a7d77dd800a5649ee840349425873d7f42590aadfcc08a977c
5d291c92e9acf0f3fa0f63089883cb9a9aa034ba4481ba02a19390f7ce6703dd
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
67efea367418257aaa5cd14e446ef9b6d48231fef881ac1a5b9f39732911e918
6c713e5a5b5852097da52362cbaf767b9c3acc61e0b7299b9c1d5d612a46b31f
732da78ff87d8238cd9b9234ff45e31a575606f50863eee406f2694f806d588f
7611c747d1392709fcf80bbba085a53235b4fd9ed88cedcb465b4260af40d1ca
76baf7ddc2473c482726d7265054924ed50794d89cf2a16496f5b950286b8958
7ad835ac511055508f980a9b3ac215dc991045e9f6570b1a7f021fb8108afbf3
7d5b3020fb294bed0a4b573aa29efb16d675aecb19493735b172fb9787db6307
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
830cdcafc43a897f13f8ac0d64eed0c69ad16c0194d0a921464ffa6d30812e03
838816c7962f32a0aefcdf4851df505398b7548ef7cfb6b38e0b3826797fdbd3
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
922ffba34476a0624ffe08e75535143837a5e7b7cf713e08979fbfcbe9e7fea2
935818f3735be98f1421f9d4d4a0d527fe7c5951621eace6234b32c49ded7db9
998045e9d5430162bf0fdf8af6bbffd1227854f7156010c9fc614655a5bb6cc3
9b45b7eebebec8911d3d3d4b1092f1c49f082730932a043ed34b0bd7cf6e29e6
9bcce1fabcb0866c448eb56e1e6de5aad3296f632397efdbeb03f82d7667c9ab
9d4050ea709bb28a0f3a6b01528958bdb8e9375aa2fdcc3e111821531125a7fb
9dc90bb810f130c5c33344d957f0963c89c775c960fde06f9d19224127b5c466
9e9a8ccc85865773a526ca5740535eab73cc1fee4c908586f0c148a3ba614c9a
9eab8675704c7bfe59d604f2fcf133e1b112b0c77399588c35b80c431f1b53b1
a6314efbb855692c733ef594806f4b4e35e887f3d798a439a7939bb333692b31
a8cb1a292789f28237522e7564bbe347e5eb9c76bec1f8e9d7a414ca4cff86ec
bfdaa4c74df2ee8a1a4cfa3b69b4f0fd8bc5a10f2d1628883821bf47abfdcd2a
c6b1af985845f0c6f10523e40a5d11428f698ebfe7d7155dc3147cf19c5eac74
c8afb6da31a3f0a85050f43d8c0e356d44959caaa651ad0bb86f9ff17c9f87a2
cad236273764b8a7bf2be33d025415805f3a0ccbfda1d41e985daad4fa1ed595
cb593b60e2abb251cb9e7a4a678971fd5e137ee080f6a7d3fdb3552f1edc59bf
cbe81df686e614f73e5adabe17ca73c8ebed8b96a0097aa1c514107d4032d4a5
ccb768e4a5a4a134cf70832c2ee4c1f753e4591b073b4f9ddec981eba7e0d52b
d371ea37a4f57e91a35a0f6a51f7e72891e7d4b7df583cdcc8be63e08c8d6f41
d543e342c00db0b97f2c4197b72009ae869e02c3296e9cb80b28eed40fa89bbe
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7c7607f51bb67466c5126b6da900b17dc4284151d63f3b4752331ae8fc27d90
df8b813734ebb9a36cbb442c5dbdd8cba10b6b8a6a6be7318e53765e2cbfd937
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52b8549c70714efb951dda92712efe86ce1fda271ba7e63450d69c71cfef796
e77adbec0e2e37864bb68841f7170b5902c1166f59b9173a34cd100f479f4dc1
ede72891df73b88dc3c49bd6b38de62fb496d58c927c6dc6953f2a56640d3213
f2a1b8d81d0c8cb8f69b1ce1f3ad8ee2a795f5d9befa267b9fd54892c76c91b5
f70c92ce1b3559fe12cfbc69b9a419db9852d723e6e9003b1351cf60c27fd2ce
f7af4db553d7bd32059bc4ab3c01655690c20312d6131dc7ebdaa527b4852fdf
fbd7101494251cc148d058aabe91fa59e51a6a24e5c4958f7c7e504575246001
ff2a1982c35951f94420fc682939b822b469fd7f173c3875df006641076980ae