urlscan.io logo urlscan.io
SecurityTrails logo

stage.youthempowered.ru Open in urlscan Pro
185.22.60.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://stage.youthempowered.ru/
Effective URL: https://stage.youthempowered.ru/login
Submission Tags: phishingrod
Submission: On December 12 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 26 HTTP transactions. The main IP is 185.22.60.56, located in Russian Federation and belongs to MNGTNET, RU. The main domain is stage.youthempowered.ru.
TLS certificate: Issued by R3 on December 12th 2023. Valid for: 3 months.
This is the only time stage.youthempowered.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    185.22.60.56 (Russian Federation)

ASN199274 (MNGTNET, RU)
PTR: 185-22-60-56.flops.ru
stage.youthempowered.ru
3    2a11:27c0::93 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)
cdn.direct.i-dgtl.ru
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a02:6b8::1:119 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 youthempowered.ru
stage.youthempowered.ru
2 MB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8902
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
22 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4182
71 KB
3 i-dgtl.ru
cdn.direct.i-dgtl.ru
75 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
142 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
351 B
26 9
Domain Requested by
10 stage.youthempowered.ru 1 redirects stage.youthempowered.ru
5 mc.yandex.com 3 redirects stage.youthempowered.ru
3 mc.yandex.ru 1 redirects stage.youthempowered.ru
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 cdn.direct.i-dgtl.ru stage.youthempowered.ru
cdn.direct.i-dgtl.ru
2 connect.facebook.net stage.youthempowered.ru
connect.facebook.net
2 www.googletagmanager.com stage.youthempowered.ru
www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.facebook.com stage.youthempowered.ru
1 stats.g.doubleclick.net www.google-analytics.com
26 10

This site contains links to these domains. Also see Links.

Domain
youthempowered.ru
Subject Issuer Validity Valid
stage.youthempowered.ru
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh
cdn.direct.i-dgtl.ru
R3		 2023-10-29 -
2024-01-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-20 -
2023-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://stage.youthempowered.ru/login
Frame ID: 367AC6798513EE1C43297295A760253D
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Youth Empowered – Твой путь к успеху!

Page URL History Show full URLs

  1. https://stage.youthempowered.ru/ HTTP 302
    https://stage.youthempowered.ru/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

26
Requests

92 %
HTTPS

89 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

2805 kB
Transfer

3592 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://stage.youthempowered.ru/ HTTP 302
    https://stage.youthempowered.ru/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10214.7v1jMFfHKfZM3qGpTftpVBbBHnGmWnV6QPDiTMxy8p_0KXnCscmPn9EZSs8s0ofM.BgZgTdt3zNGkvh5yDrkqu66p0uU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10214.G8zG-SCgyKeptI3GdULRkiwzu5ZuqAzvWxPCHl0pgo3SipSK9rbvxGAKJsawEM_nfzCw9WsKmxIyqzq8xkhhedl1usscj1cDQgdZr-vjkNODAHdKax5doG2gHAX7FHJFki0EXvfmOXApEwBwADKhKlu9KOTVoz1kbksA4jGEH5DQ1QyTEUgMnJD4ZW4uTlm-4Vt_-vXFUODn5hHK-bt6V5dYDcHoHGU1buYyAcI8xVQ%2C.3sYKk25WhkIXPSz7HXddWEeDHg8%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10214.PY2eylR5JvDivIXpzIH07ivGSSAdpKMWfzq1mdwEJiL91IzliqHpB9k7jtoLAC0PBA3IT-vLUmnDJ5QTCwP598mB0cIa_Q6wyZvdcFU4TXRVrTlt8BnQWiuFPH6SHE94EiAD9Q-1g8auEZZQQ5k2t9babwd9zI_PwthhdOdqolm_iG963yBInFherph_FGVSTPKNUqCyT2We_SBAbG_Nlg%2C%2C.S44_9LTrlFAi03LBBa0ZsPQAk54%2C
Request Chain 24
  • https://mc.yandex.com/watch/52704364?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1439%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1507768496185%3Ahid%3A549003692%3Az%3A60%3Ai%3A20231212034141%3Aet%3A1702348901%3Ac%3A1%3Arn%3A238294573%3Arqn%3A1%3Au%3A1702348901820249486%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C58%2C1%2C533%2C533%2C1%2C813%2C0%2C%2C%2C%2C1405%3Aco%3A0%3Acpf%3A1%3Ans%3A1702348899564%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702348902%3At%3AYouth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/52704364/1?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1439%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1507768496185%3Ahid%3A549003692%3Az%3A60%3Ai%3A20231212034141%3Aet%3A1702348901%3Ac%3A1%3Arn%3A238294573%3Arqn%3A1%3Au%3A1702348901820249486%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C58%2C1%2C533%2C533%2C1%2C813%2C0%2C%2C%2C%2C1405%3Aco%3A0%3Acpf%3A1%3Ans%3A1702348899564%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702348902%3At%3AYouth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
stage.youthempowered.ru/
Redirect Chain
  • https://stage.youthempowered.ru/
  • https://stage.youthempowered.ru/login
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 + Phusion Passenger(R) 6.0.13 / Phusion Passenger(R) 6.0.13
Resource Hash
a4f445d9ab6ff6cb989ebd2bc15b3cb00d3dd6c2854deecb5e0aab58fc8f300d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 02:41:40 GMT
ETag
W/"a4f445d9ab6ff6cb989ebd2bc15b3cb0"
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0 + Phusion Passenger(R) 6.0.13
Status
200 OK
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Phusion Passenger(R) 6.0.13
X-Request-Id
162362e1-624e-4d2f-bf67-4e1d80360253
X-Runtime
0.007574
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Dec 2023 02:41:40 GMT
Location
https://stage.youthempowered.ru/login
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0 + Phusion Passenger(R) 6.0.13
Status
302 Found
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Phusion Passenger(R) 6.0.13
X-Request-Id
74c24898-42fa-4932-8dbc-c3231ced00fa
X-Runtime
0.002898
X-XSS-Protection
1; mode=block
application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
stage.youthempowered.ru/assets/learning/ 		325 KB
325 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c822eff42c7f97fc250aaf9134474a5e736d8ea30c90c406b5b8090766d71987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 02:41:40 GMT
Last-Modified
Sun, 13 Aug 2023 18:37:05 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64d922d1-51300"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
332544
application-ce5e1b835a009fda0a14.js
stage.youthempowered.ru/packs/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/packs/js/application-ce5e1b835a009fda0a14.js
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
98c7ef1f5656290e017fd14e68ec12bc04551bec6e3a2df7ecf5d5d797734d19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 02:41:40 GMT
Last-Modified
Sun, 03 Dec 2023 12:03:56 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"656c6eac-149d2e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1350958
VerifyWidget.css
cdn.direct.i-dgtl.ru/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.direct.i-dgtl.ru/VerifyWidget.css
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
1c24f5c44a50f2e6cb1568fc0f7ddea94d7ad620e2a17a8b79305907cbf92a47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:41:40 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2023 17:13:20 GMT
server
nginx
x-amz-meta-s3cmd-attrs
atime:1701779112/ctime:1701779126/gid:0/gname:root/md5:9c149cb2116182272426e0cea566f846/mode:33188/mtime:1701779112/uid:0/uname:root
x-amz-request-id
1ffddef8682b96fa
etag
W/"9c149cb2116182272426e0cea566f846"
x-cached-since
2023-12-11T20:54:53+00:00
content-type
text/css
access-control-allow-origin
*
cache
STALE
x-node
m9p-up-gc71
VerifyWidget.umd.min.js
cdn.direct.i-dgtl.ru/ 		183 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.direct.i-dgtl.ru/VerifyWidget.umd.min.js
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
726cfe7dc49ab11344ce6dfabf3dccd56127708626bf281263fd07a59d75237c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:41:40 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2023 17:13:20 GMT
server
nginx
x-amz-meta-s3cmd-attrs
atime:1701779112/ctime:1701779126/gid:0/gname:root/md5:5312e5093f9f62e7f46dc61f31ac665a/mode:33188/mtime:1701779112/uid:0/uname:root
x-amz-request-id
5264e38cd6a5c2b9
etag
W/"5312e5093f9f62e7f46dc61f31ac665a"
x-cached-since
2023-12-11T20:54:53+00:00
content-type
application/javascript
access-control-allow-origin
*
cache
STALE
x-node
m9p-up-gc30
logo.svg
stage.youthempowered.ru/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.youthempowered.ru/images/logo.svg
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9f630f7f7867f0c53283801947211ac1fd655ce8676559c50009143a27ce888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 02:41:40 GMT
Last-Modified
Sun, 03 Dec 2023 11:58:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"656c6d73-5b15"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23317
register.png
stage.youthempowered.ru/images/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.youthempowered.ru/images/register.png
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
af04b3138a0239cff270124c55692fb884d33d6df7bad54c4c0645b2ddda3e3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 02:41:40 GMT
Last-Modified
Sun, 03 Dec 2023 11:58:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"656c6d73-3cc11"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
248849
verify-widget-fonts.css
cdn.direct.i-dgtl.ru/2fa-widget/static/ 		686 B
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.direct.i-dgtl.ru/2fa-widget/static/verify-widget-fonts.css
Requested by
Host: cdn.direct.i-dgtl.ru
URL: https://cdn.direct.i-dgtl.ru/VerifyWidget.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
f0ac7fbf5bad79b63ee2a15a61a36e053df1a0ab3a735326680c233de8499a66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.direct.i-dgtl.ru/VerifyWidget.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:41:40 GMT
content-encoding
gzip
last-modified
Tue, 20 Jun 2023 17:18:51 GMT
server
nginx
x-amz-meta-s3cmd-attrs
atime:1687281427/ctime:1687281426/gid:20/gname:staff/md5:8b6e21d4a08ade3632ee03222b340bbe/mode:33188/mtime:1687281426/uid:501/uname:s.platitsin
x-amz-request-id
fb6012d0f6bb8a1d
etag
W/"8b6e21d4a08ade3632ee03222b340bbe"
x-cached-since
2023-12-11T22:14:39+00:00
content-type
text/css
access-control-allow-origin
*
cache
STALE
x-node
m9p-up-gc59
gtm.js
www.googletagmanager.com/ 		156 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MV9MVGC
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
09b14ce83868625f10e20d64096117cd5fd737af9f18594d5b597e441d6db76d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:41:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58648
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 02:41:41 GMT
oval.svg
stage.youthempowered.ru/images/ 		612 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.youthempowered.ru/images/oval.svg
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
576034a52ce02a24155931839fbde48072d8aab9d69ff672d51acef53a81796a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 02:41:40 GMT
Last-Modified
Sun, 03 Dec 2023 11:58:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"656c6d73-264"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
612
Raleway-Bold.ttf
stage.youthempowered.ru/fonts/ 		170 KB
170 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/fonts/Raleway-Bold.ttf
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4509d37c427b544b0372f1042d47d880ef2f07f0ff8cfd6a54e69d2e168c606e

Request headers

Referer
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Origin
https://stage.youthempowered.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 02:41:41 GMT
Last-Modified
Sun, 03 Dec 2023 11:58:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"656c6d73-2a6bc"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
173756
Raleway-SemiBold.ttf
stage.youthempowered.ru/fonts/ 		160 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/fonts/Raleway-SemiBold.ttf
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
84247578b1a00a6fd6ddfdddb28015d8f7c13587d2582cc828263abc57c2d5f2

Request headers

Referer
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Origin
https://stage.youthempowered.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 02:41:40 GMT
Last-Modified
Sun, 03 Dec 2023 11:58:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"656c6d73-27eb0"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
163504
Raleway-Medium.ttf
stage.youthempowered.ru/fonts/ 		160 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/fonts/Raleway-Medium.ttf
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1d89cac568caf6c13d9a2f1733e1842490f8f33d341f68a33cf9f1614b1b1932

Request headers

Referer
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Origin
https://stage.youthempowered.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 02:41:41 GMT
Last-Modified
Sun, 03 Dec 2023 11:58:43 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"656c6d73-27eac"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
163500
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV9MVGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 02:17:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1439
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 04:17:42 GMT
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
579ff09d0cfe834581eb571dc5c49e854639c28af3c199857914d7cea9ba732b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:41:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 08 Dec 2023 08:26:31 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6572d337-1139b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70555
expires
Tue, 12 Dec 2023 03:41:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 12 Dec 2023 02:41:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
PzwpIAYWk42bruPp5tW0muE8SuJDkMiUdWZaQDqtas8spkGa77EaWx//og5RJ5H77WDksl0e80ZMkj756JnfbQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
424196042576148
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/424196042576148?v=2.9.138&r=stable&domain=stage.youthempowered.ru
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
52ef6fd379ae6609d7e8233adc1338ecef5119a30e23fe7d059b13b2ccaabff0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 12 Dec 2023 02:41:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
il6iiC4XeJ+kUSTptzt49tXSMO97fAaCmpXLm3QsMYWBNkcBcRfKIW7YTzoow0tDPbd7Zwo3aPZDcg+zOfBPbA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
3267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 12 Dec 2023 02:47:14 GMT
collect
www.google-analytics.com/j/ 		16 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1450945048&t=pageview&_s=1&dl=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&ul=en-us&de=UTF-8&dt=Youth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAACAEO~&jid=1240930789&gjid=1797783017&cid=958715110.1702348901&tid=UA-10318504-37&_gid=1662230467.1702348901&_r=1&_slc=1&gtm=45He3bt0n81MV9MVGCv811256802&cd2=1702348901070.sh30gwwg&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=958715110.1702348901&z=1507225781
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f5bb0edb86e5c3dd2873c2c0ac0c0523e9ef397bd3e48586ec513efd0e70c2a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://stage.youthempowered.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 02:41:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10318504-37&cid=958715110.1702348901&jid=1240930789&gjid=1797783017&_gid=1662230467.1702348901&_u=aGBAAEAiAAAAACAEO~&z=687009812
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stage.youthempowered.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 12 Dec 2023 02:41:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		242 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CDN98FTLPN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb1c3a56e25a78d3d7a2b44be0bb975e608fe541d68902e306e242e558b66629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:41:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85865
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 02:41:41 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=424196042576148&ev=PageView&dl=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&rl=&if=false&ts=1702348901264&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702348901262.2066017018&cs_est=true&ler=empty&it=1702348901140&coo=false&rqm=GET
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 12 Dec 2023 02:41:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CDN98FTLPN&gtm=45je3bt0v9135641895&_p=1702348900960&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=958715110.1702348901&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&dt=Youth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83!&sid=1702348901&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=1702348901070.sh30gwwg&ep.ua_dimension_1=958715110.1702348901&tfd=1738
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CDN98FTLPN&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 02:41:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10214.7v1jMFfHKfZM3qGpTftpVBbBHnGmWnV6QPDiTMxy8p_0KXnCscmPn9EZSs8s0ofM.BgZgTdt3zNGkvh5yDrkqu66p0uU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10214.G8zG-SCgyKeptI3GdULRkiwzu5ZuqAzvWxPCHl0pgo3SipSK9rbvxGAKJsawEM_nfzCw9WsKmxIyqzq8xkhhedl1usscj1cDQgdZr-vjkNODAHdKax5doG2gHAX7FHJFki0EXvfmOX...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10214.PY2eylR5JvDivIXpzIH07ivGSSAdpKMWfzq1mdwEJiL91IzliqHpB9k7jtoLAC0PBA3IT-vLUmnDJ5QTCwP598mB0cIa_Q6wyZvdcFU4TXRVr...
43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10214.PY2eylR5JvDivIXpzIH07ivGSSAdpKMWfzq1mdwEJiL91IzliqHpB9k7jtoLAC0PBA3IT-vLUmnDJ5QTCwP598mB0cIa_Q6wyZvdcFU4TXRVrTlt8BnQWiuFPH6SHE94EiAD9Q-1g8auEZZQQ5k2t9babwd9zI_PwthhdOdqolm_iG963yBInFherph_FGVSTPKNUqCyT2We_SBAbG_Nlg%2C%2C.S44_9LTrlFAi03LBBa0ZsPQAk54%2C
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:41:41 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10214.PY2eylR5JvDivIXpzIH07ivGSSAdpKMWfzq1mdwEJiL91IzliqHpB9k7jtoLAC0PBA3IT-vLUmnDJ5QTCwP598mB0cIa_Q6wyZvdcFU4TXRVrTlt8BnQWiuFPH6SHE94EiAD9Q-1g8auEZZQQ5k2t9babwd9zI_PwthhdOdqolm_iG963yBInFherph_FGVSTPKNUqCyT2We_SBAbG_Nlg%2C%2C.S44_9LTrlFAi03LBBa0ZsPQAk54%2C
date
Tue, 12 Dec 2023 02:41:41 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:41:41 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 08 Dec 2023 08:26:31 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6572d337-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 12 Dec 2023 03:41:41 GMT
1
mc.yandex.com/watch/52704364/
Redirect Chain
  • https://mc.yandex.com/watch/52704364?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1439%3Afu%...
  • https://mc.yandex.com/watch/52704364/1?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1439%3Af...
446 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/52704364/1?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1439%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1507768496185%3Ahid%3A549003692%3Az%3A60%3Ai%3A20231212034141%3Aet%3A1702348901%3Ac%3A1%3Arn%3A238294573%3Arqn%3A1%3Au%3A1702348901820249486%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C58%2C1%2C533%2C533%2C1%2C813%2C0%2C%2C%2C%2C1405%3Aco%3A0%3Acpf%3A1%3Ans%3A1702348899564%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702348902%3At%3AYouth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
eb3ee0e4f0f9412071815a3a15076416906b155a3387f99ad18b1db0bcfa4d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 02:41:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 12-Dec-2023 02:41:41 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
446
x-xss-protection
1; mode=block
expires
Tue, 12-Dec-2023 02:41:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 02:41:41 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 12-Dec-2023 02:41:41 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/52704364/1?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Atuwae7cfavzq29du94ga6zf%3Afp%3A1439%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1180%3Acn%3A1%3Adp%3A0%3Als%3A1507768496185%3Ahid%3A549003692%3Az%3A60%3Ai%3A20231212034141%3Aet%3A1702348901%3Ac%3A1%3Arn%3A238294573%3Arqn%3A1%3Au%3A1702348901820249486%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C58%2C1%2C533%2C533%2C1%2C813%2C0%2C%2C%2C%2C1405%3Aco%3A0%3Acpf%3A1%3Ans%3A1702348899564%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702348902%3At%3AYouth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 12-Dec-2023 02:41:41 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| Color function| Chart object| jsSocials function| IMask boolean| _rails_loaded function| $ function| clearImmediate function| setImmediate object| VerifyWidget object| gon object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| ym function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter52704364

23 Cookies

Domain/Path Name / Value
stage.youthempowered.ru/ Name: _youthempowered_ru_session
Value: fJGENRD2lHabjxqxs1u7%2BK7VkuWl4%2BBUW2dfGCki62ssTqmjuxajlRfBh75cXLA9QoO3rP4ubMbUqa9ojqKjsxJOHTMZkMuhTXWvt%2BjoLkavqP6A8xd9Z2j9H5mUrJJhqwRvjy%2FYM38C3M2kCRrkABhpmecHMhm2%2BKN5OFnuFk6dBJ476DSQP5vATeVGzgeO2wF%2BjgPkvFJMoXom%2FXiIBeCla82Qir%2Fe%2BL8JjrWP%2F66CFxzS%2BlXI%2BDe5tum7YGf4ei0bgkvi71KFiWHalt%2FgaPoFSXYWAHUA5wwRM5TNApgnBQ%3D%3D--tPihs6YcN4kZS5HN--oZBJp%2FJ%2BI2XC6sbc73HJ4g%3D%3D
.youthempowered.ru/ Name: auto
Value: GA1.2.958715110.1702348901
.youthempowered.ru/ Name: auto_gid
Value: GA1.2.1662230467.1702348901
.youthempowered.ru/ Name: _gat_UA-10318504-37
Value: 1
.youthempowered.ru/ Name: _fbp
Value: fb.1.1702348901262.2066017018
.youthempowered.ru/ Name: auto_ga_CDN98FTLPN
Value: GS1.2.1702348901.1.0.1702348901.0.0.0
.youthempowered.ru/ Name: _ym_uid
Value: 1702348901820249486
.youthempowered.ru/ Name: _ym_d
Value: 1702348901
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 634463052fake
.yandex.com/ Name: i
Value: Fas4pew9y9KqiNsDfmSXBnUQa/kZ2gQktyQpMzIKCeqWIAmpp9WIDsQgyuwnxtMRA6czp9OZxWfMgJeeOd7tlIlXYXI=
.yandex.com/ Name: yandexuid
Value: 1848611381702348901
.youthempowered.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 637221053fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 1848611381702348901
.yandex.ru/ Name: yuidss
Value: 1848611381702348901
.yandex.ru/ Name: i
Value: Fas4pew9y9KqiNsDfmSXBnUQa/kZ2gQktyQpMzIKCeqWIAmpp9WIDsQgyuwnxtMRA6czp9OZxWfMgJeeOd7tlIlXYXI=
.yandex.ru/ Name: yp
Value: 1702435301.yu.8004672841702348901
.yandex.ru/ Name: ymex
Value: 1704940901.oyu.8004672841702348901
mc.yandex.com/ Name: yabs-sid
Value: 869330241702348901
.yandex.com/ Name: yuidss
Value: 1848611381702348901
.yandex.com/ Name: ymex
Value: 1733884901.yrts.1702348901
.yandex.com/ Name: bh
Value: KgI/MA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.direct.i-dgtl.ru
connect.facebook.net
mc.yandex.com
mc.yandex.ru
region1.google-analytics.com
stage.youthempowered.ru
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
185.22.60.56
2001:4860:4802:32::178
2001:4860:4802:32::36
2a00:1450:4001:80f::2008
2a00:1450:400c:c00::9c
2a02:6b8::1:119
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a11:27c0::93
09b14ce83868625f10e20d64096117cd5fd737af9f18594d5b597e441d6db76d
1c24f5c44a50f2e6cb1568fc0f7ddea94d7ad620e2a17a8b79305907cbf92a47
1d89cac568caf6c13d9a2f1733e1842490f8f33d341f68a33cf9f1614b1b1932
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4509d37c427b544b0372f1042d47d880ef2f07f0ff8cfd6a54e69d2e168c606e
52ef6fd379ae6609d7e8233adc1338ecef5119a30e23fe7d059b13b2ccaabff0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
576034a52ce02a24155931839fbde48072d8aab9d69ff672d51acef53a81796a
579ff09d0cfe834581eb571dc5c49e854639c28af3c199857914d7cea9ba732b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726cfe7dc49ab11344ce6dfabf3dccd56127708626bf281263fd07a59d75237c
84247578b1a00a6fd6ddfdddb28015d8f7c13587d2582cc828263abc57c2d5f2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98c7ef1f5656290e017fd14e68ec12bc04551bec6e3a2df7ecf5d5d797734d19
a4f445d9ab6ff6cb989ebd2bc15b3cb00d3dd6c2854deecb5e0aab58fc8f300d
af04b3138a0239cff270124c55692fb884d33d6df7bad54c4c0645b2ddda3e3c
bb1c3a56e25a78d3d7a2b44be0bb975e608fe541d68902e306e242e558b66629
c822eff42c7f97fc250aaf9134474a5e736d8ea30c90c406b5b8090766d71987
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f630f7f7867f0c53283801947211ac1fd655ce8676559c50009143a27ce888
eb3ee0e4f0f9412071815a3a15076416906b155a3387f99ad18b1db0bcfa4d16
f0ac7fbf5bad79b63ee2a15a61a36e053df1a0ab3a735326680c233de8499a66
f5bb0edb86e5c3dd2873c2c0ac0c0523e9ef397bd3e48586ec513efd0e70c2a6