www.citiclub.co.in
Open in
urlscan Pro
2a01:4a0:1338:28::c38a:ff12
Public Scan
Effective URL: https://www.citiclub.co.in/
Submission: On May 28 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by DigiCert Secure Site ECC CA-1 on August 13th 2019. Valid for: a year.
This is the only time www.citiclub.co.in was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-13-232-117-99.ap-south-1.compute.amazonaws.com
citiclub.co.in |
ASN20940 (AKAMAI-ASN1, EU)
proj.s-cdn.boostkit.dev | |
web.s-cdn.boostkit.dev | |
libs.s-cdn.boostkit.dev |
ASN20940 (AKAMAI-ASN1, EU)
fplogoimages.withfloats.com | |
backgroundimages.withfloats.com |
ASN20940 (AKAMAI-ASN1, EU)
fpimages.withfloats.com | |
productimages.withfloats.com | |
bizimages.withfloats.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-19-38-125.deploy.static.akamaitechnologies.com
www.jscache.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-19-34-65.deploy.static.akamaitechnologies.com
p.travelsmarter.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
38 |
boostkit.dev
proj.s-cdn.boostkit.dev web.s-cdn.boostkit.dev libs.s-cdn.boostkit.dev |
1 MB |
11 |
withfloats.com
fplogoimages.withfloats.com backgroundimages.withfloats.com fpimages.withfloats.com productimages.withfloats.com bizimages.withfloats.com |
800 KB |
4 |
tacdn.com
static.tacdn.com |
10 KB |
4 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
98 KB |
4 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
106 KB |
3 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
3 |
gstatic.com
fonts.gstatic.com |
59 KB |
3 |
tripadvisor.com
www.tripadvisor.com |
6 KB |
2 |
facebook.net
connect.facebook.net |
62 KB |
2 |
citiclub.co.in
1 redirects
citiclub.co.in www.citiclub.co.in |
12 KB |
1 |
facebook.com
www.facebook.com |
|
1 |
travelsmarter.net
p.travelsmarter.net |
|
1 |
google.de
www.google.de |
106 B |
1 |
google.com
1 redirects
www.google.com |
181 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
150 B |
1 |
jscache.com
1 redirects
www.jscache.com |
708 B |
75 | 16 |
Domain | Requested by | |
---|---|---|
27 | proj.s-cdn.boostkit.dev |
www.citiclub.co.in
ajax.googleapis.com |
10 | web.s-cdn.boostkit.dev |
www.citiclub.co.in
|
6 | bizimages.withfloats.com |
www.citiclub.co.in
|
4 | static.tacdn.com |
www.citiclub.co.in
www.tripadvisor.com |
4 | maxcdn.bootstrapcdn.com |
www.citiclub.co.in
|
3 | www.google-analytics.com |
1 redirects
www.citiclub.co.in
|
3 | fonts.gstatic.com |
www.citiclub.co.in
|
3 | www.tripadvisor.com |
www.citiclub.co.in
www.tripadvisor.com |
2 | connect.facebook.net |
www.citiclub.co.in
connect.facebook.net |
2 | ajax.googleapis.com |
www.citiclub.co.in
|
2 | productimages.withfloats.com |
www.citiclub.co.in
|
2 | fonts.googleapis.com |
www.citiclub.co.in
|
1 | www.facebook.com |
connect.facebook.net
|
1 | p.travelsmarter.net |
www.tripadvisor.com
|
1 | www.google.de |
www.citiclub.co.in
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | libs.s-cdn.boostkit.dev |
www.citiclub.co.in
|
1 | www.jscache.com | 1 redirects |
1 | fpimages.withfloats.com |
www.citiclub.co.in
|
1 | backgroundimages.withfloats.com |
www.citiclub.co.in
|
1 | fplogoimages.withfloats.com |
www.citiclub.co.in
|
1 | www.citiclub.co.in | |
1 | citiclub.co.in | 1 redirects |
75 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.tripadvisor.com |
api.whatsapp.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
pinterest.com |
nowfloats.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2019-08-13 - 2020-08-12 |
a year | crt.sh |
boostkit.dev DigiCert SHA2 Secure Server CA |
2019-09-14 - 2020-08-19 |
a year | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
withfloats.com Let's Encrypt Authority X3 |
2020-05-26 - 2020-08-24 |
3 months | crt.sh |
static.tacdn.com GlobalSign RSA OV SSL CA 2018 |
2019-12-18 - 2021-02-12 |
a year | crt.sh |
www.tripadvisor.com DigiCert SHA2 Extended Validation Server CA |
2020-04-08 - 2021-06-02 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
www.smartertravel.com Let's Encrypt Authority X3 |
2020-04-15 - 2020-07-14 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.citiclub.co.in/
Frame ID: 4172D56E64B38C40760DD6B56B95ECFB
Requests: 73 HTTP requests in this frame
Frame:
https://p.travelsmarter.net/api/usersync/sync.html?api_key=TxLExUPOSpaM-4SJwXvYmQ&publisher_browser_id=5ff96e196b1e5b2b178b85276b67d8b168bffaf9&cb=1590648626747
Frame ID: F6B323CAECD4773B6BD58C8C221465D4
Requests: 1 HTTP requests in this frame
Frame:
https://www.facebook.com/v3.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b4ff5a3515c98%26domain%3Dwww.citiclub.co.in%26origin%3Dhttps%253A%252F%252Fwww.citiclub.co.in%252Ff19f7519cd898%26relation%3Dparent.parent&container_width=264&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fciticlubkanpur%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false
Frame ID: 9438A84E6B7091CBEFA9E1287E078C14
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://citiclub.co.in/
HTTP 302
https://www.citiclub.co.in/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
- html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
OWL Carousel (Widgets) Expand
Detected patterns
- html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
prettyPhoto (JavaScript Libraries) Expand
Detected patterns
- html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
- html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: nowfloats
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://citiclub.co.in/
HTTP 302
https://www.citiclub.co.in/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 39- https://www.jscache.com/wejs?wtype=excellent&uniq=840&locationId=12254385&lang=en_US&display_version=2 HTTP 301
- https://www.tripadvisor.com/wejs?wtype=excellent&uniq=840&locationId=12254385&lang=en_US&display_version=2
- https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2095878591&t=pageview&_s=1&dl=https%3A%2F%2Fwww.citiclub.co.in%2F&ul=en-us&de=UTF-8&dt=Citi%20Club%20Pvt.Ltd.%20%7C%20Citi%20Club%20offers%20premium%20accommodation%20to%20travellers%20in%20Kanpur.%20Citi%20Club%20was%20established%20in%201992%20an&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=414747598&gjid=1621548297&cid=272285848.1590648626&tid=UA-35051129-1&_gid=217735006.1590648626&_r=1&cd1=7&cd2=ECONOMYHOTELS&z=916022991 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35051129-1&cid=272285848.1590648626&jid=414747598&_gid=217735006.1590648626&gjid=1621548297&_v=j82&z=916022991 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35051129-1&cid=272285848.1590648626&jid=414747598&_v=j82&z=916022991 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35051129-1&cid=272285848.1590648626&jid=414747598&_v=j82&z=916022991&slf_rd=1&random=2603329029
75 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.citiclub.co.in/ Redirect Chain
|
51 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-markers.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/js/ |
471 KB 136 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/css/ |
105 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
color-gold.min.css
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive.min.css
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ |
28 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings.min.css
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layers.min.css
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/css/ |
71 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.css
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/css/ |
58 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.css
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prettyPhoto.min.css
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
32 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 736 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.min.css
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/css/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
59bb50ae19ac240b7cdb38e8.jpg
fplogoimages.withfloats.com/actual/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wa-icon.svg
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5d7bb2c199852b000123d500.jpg
backgroundimages.withfloats.com/actual/ |
297 KB 298 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
59c13d5cb454f80a7ce615ee.jpg
fpimages.withfloats.com/actual/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5aea9ae0449b020f6890f686.jpg
productimages.withfloats.com/tile/ |
59 KB 60 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
59bcbabab84e2f05d8732912.jpg
productimages.withfloats.com/tile/ |
37 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
museum-5a7eb54f387283099870321d.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
21 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jain%20temple-5a7ead6738728308a4acca47.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
229 KB 230 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nana-rao-fort-5a7eac003872830998703215.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zoo-5a7eab693872830a3830806f.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iskon-5a7eaa4b3872830aac863a6b.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j%20k%20temple-5a7ea6c03872830a3830806a.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
59 KB 60 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
z-square-mall-5a7ea585387283099870320e.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
116 KB 116 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blue%20world-5a7ea43b3872830a38308069.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
50 KB 50 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ganga%20barrage-5a7ea3033872830aac863a6a.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
green%20park%20stadium-5a7ea1f738728308a4acca42.jpg
web.s-cdn.boostkit.dev/webactions/5a250b9c387283065026aea8_placesaround/ |
137 KB 137 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no-image.png
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_nowfloats.ico
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/images/ |
21 KB 22 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5c847fc64b6db30001ac29b9.jpg
bizimages.withfloats.com/tile/ |
79 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5bb4842ea1a81b0001784f95.jpg
bizimages.withfloats.com/tile/ |
75 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5b31d09bdfeea3041ca794c0.jpg
bizimages.withfloats.com/tile/ |
84 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5b0bad32321c3803b44e8708.jpg
bizimages.withfloats.com/tile/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5aea9a4ec2b8900b30d28e7c.jpg
bizimages.withfloats.com/tile/ |
47 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5aea99ee449b020f6890f624.jpg
bizimages.withfloats.com/tile/ |
66 KB 67 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tripadvisor_logo_115x18.gif
static.tacdn.com/img2/widget/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wejs
www.tripadvisor.com/ Redirect Chain
|
253 B 829 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/ |
234 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.themepunch.tools.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/js/ |
102 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.themepunch.revolution.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/js/ |
54 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/js/ |
39 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.prettyPhoto.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/js/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revolution.extension.video.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/js/extensions/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revolution.extension.slideanims.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/js/extensions/ |
27 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revolution.extension.layeranimation.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/js/extensions/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revolution.extension.navigation.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/js/extensions/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
booking.min.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/js/ |
1 KB 937 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KitsuneApiv7.min.js
libs.s-cdn.boostkit.dev/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
percentage.png
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
online-background-.jpg
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/images/ |
37 KB 37 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ |
70 KB 70 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v20/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.gif
proj.s-cdn.boostkit.dev/5b3b2b6aec3c7704fee7ae93/v87/rs-plugin/assets/ |
0 0 |
Image
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
197 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 96 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WidgetEmbed-excellent
www.tripadvisor.com/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t4b_widget_excellent-v21590013066a.css
static.tacdn.com/css2/build/concat/ |
12 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cdswidgets_min-c-v2395114504a.js
static.tacdn.com/js3/build/concat/widget/ |
2 KB 740 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync.html
p.travelsmarter.net/api/usersync/ Frame F6B3 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent_pixel-11863-2.gif
www.tripadvisor.com/img/cdsi/partner/ |
43 B 880 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tripadvisor_lockup_horizontal_secondary_registered.svg
static.tacdn.com/img2/brand_refresh/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.php
www.facebook.com/v3.0/plugins/ Frame 9438 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
50 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| fontawesome string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| jQuery111205853373618036877 undefined| oldgs object| punchgs object| _gsScope undefined| oldgs_queue undefined| GreenSockGlobals undefined| _gsQueue boolean| pp_alreadyInitialized function| formatDateForIframe string| $rootaliasurl function| searchFunction function| reportAbuse function| redirectToBookingPage function| setCookie function| getCookie function| KitsuneSearch function| KitsuneBusinessEnquiry function| KitsuneSubscribe function| KitsuneViewCount function| KitsuneProductViewCount function| KitsuneCODRequest function| KitsuneReportAbuse boolean| doresize object| scroll_pos boolean| hashtag object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| newSS object| newJs function| checkHomePageLink function| injectexcellent7524 function| taOnLoad object| taValList number| taValIndex function| taValidate function| taAddValidator object| ta number| ii function| fname object| hasNoFollow5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
p.travelsmarter.net/ | Name: chn_uuid Value: d56e497f-8d50-493f-9bb0-29d01f66b94e |
|
p.travelsmarter.net/ | Name: sa_aud_cmp Value: |
|
.travelsmarter.net/ | Name: st_browser_id Value: acbb7080-4f21-4763-ba25-ccc403da9ccf |
|
p.travelsmarter.net/ | Name: sa_dmp_synced Value: 6_1590648630 |
|
www.citiclub.co.in/ | Name: ThemeId Value: 5b3b2b6aec3c7704fee7ae93 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
backgroundimages.withfloats.com
bizimages.withfloats.com
citiclub.co.in
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fpimages.withfloats.com
fplogoimages.withfloats.com
libs.s-cdn.boostkit.dev
maxcdn.bootstrapcdn.com
p.travelsmarter.net
productimages.withfloats.com
proj.s-cdn.boostkit.dev
static.tacdn.com
stats.g.doubleclick.net
web.s-cdn.boostkit.dev
www.citiclub.co.in
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.jscache.com
www.tripadvisor.com
13.232.117.99
192.229.182.189
2.19.34.65
2.19.38.125
2001:4de0:ac19::1:b:1a
2a00:1450:4001:802::200a
2a00:1450:4001:814::200a
2a00:1450:4001:816::2003
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2004
2a00:1450:400c:c03::9b
2a01:4a0:1338:28::c38a:ff12
2a02:26f0:eb::214:beab
2a02:26f0:eb::214:bee3
2a02:26f0:eb::214:beec
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
68.232.35.198
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
083c0b3ad3243530a617a39d7ada41698982bca57d611715e9d4f1d83b4dafbc
0f7ea4574612c5e8e28aa0f9c02c659768fd6e9401956aed6777a1bd38edfbe6
10e697104f4903a546e8812e2b55bee976beeb3ef522fc4a9dbd388c5011a279
114fbd9335343ec11c58cf77ebb4d21b6f6129e7ce278aec0fe716e5dffc897d
160d475f8ab97b00b9e7158b9bcc447b74addf38c356e716678d38542a061662
1c2171e7be7846eee4175618d5c5b265a191e4effd247a23e730c608807802e3
21cd976ab876cf9c6f9eb421407f37a46a9cad3bac0d05295630cb45b782f408
2349b13a0672f1d5f9da528f877648ab41065ab66000c41a0ddc461908cc5d85
252add03ff0df4286d400ef438b066647ca8a6854c921bdecabfd04fcf704920
2d49f5d1481dcc4db892e1c24466ab5387f462e3198a411ca94902e02b13f428
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
343739254a953e630a1df9a3111cbce1fa0eba6e3865eb6c18993f7b014bdb2c
36276c80af455de46fd07d8981499e48dbdde8c3383dd044651602deba1f9aca
38243a04e44c4314b9d1dbf4f19c81f55f3b48cc718526c36492f9e41be58278
3d1d8f34ecf1df3d28114b5454b50d8d18674dc2078c86c45a0a4735960ec4f2
3e06f19c7506213cf7d48f24ccc5a3be6038c2ee2677f80c81e10ac7ad9623a5
4e2131dda0a0f2c06976486e2d3212d451325bafcb9b8880a884262e660318a7
51209e2d65a3023e2d5775dd185015d81dea7baa92ce62e24721d6beb7b5a288
5128b3f4c4a3d3417960d2e9513210b83d52b46daf4793a82714e1d14d54d4f6
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5bf667d1c2c4789dd8ab3614ba732e4569ff4038fcddda36a8afb51edf493b4e
60b690a34c04d690ab90e0f66fed35dbf623c0a3cbef93e4b74df559404149cf
668b5e3df01f81b94d2cb707ab31f98bbe2e45c4b032f790d91bfdd48d80a296
6db88964087507a98aa259a6b9f584a11d9d11b87e6daa245dca51d31d64a972
6e8a46e64d24c79336525e430b5426ff0c3d17e7830d7e3b13b25d36cf040da6
75c750542c2127bb8c9c6736522480e52dbeac5f20b6737e09b258088a203c2a
7722eb69e500cd417ad68004ff568351d3d47faee948468c311a8dd3cf7a770d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
80bb6cd6d45f50b6d2b6a35adfe6d8aaf0cb30eba5ab3f1e479a4beda48f6279
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
8f590bb5fb0dd22a1255baf8d7edad964b82a69116402e5442ab903f536618b2
93110a121f2edce538abab8edfcde98f49a4292e2f1548319b3a1f905cef9b5f
968c07a53bc48ab38aad557b3417a225fa0f9ed2d585cb31fa0bf9cb47de00db
99a78deff4d339a69ef8ca640a6c54c19693689c01f04355892b5b7ee38fb4f6
9c1cab35f33fb7f68986afa73bab9625790ce70747e9d7abb2f89f92f6f22edf
a44b6ed032ae990e08e3c5aa86930d212adf229e69caeb44093492d8b76de28f
a4f503b381a75c06d7f63f739b91743126946c0a4de51b7516bb23aec31b8d33
aa761ee689f1b380ff165aa51cec89c2774c1b9be10e6e05206c28464f4f7a46
acebc19a42f59d4fb9e2cd940f8469c4ee1397d16cb3984c35cb38d0235a7fe6
b6e20689ac5ca844be409ef29a64f3f6e3e14c4ee78293686a61c28f9926d21b
bb7d97eb19604573681684dfe0fef40692a943c29f59d11e7ba9eb39242e4e3b
bbd55f29573c07c46d992857e4b7722aa12435544f6ad3839dd283b22948e1de
c48feaca5f6fa70585397cfbfb1ffd5a41b98ff4959d2c36d6f8b2f1f5b06de1
c7c43415021cce49cb0e0aa9f725650efe29cb97c6eb3727580b4a26d8560f01
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd
c9e747de4824c2bd929ebe2fb2d48a7507cc04dc03947ea67a92f3e71144f204
cc423fd6ae8ff12abb62b41264457a4151be7ff0ea8f4a10dfee55c2e7dd2072
cf23c9b1a1344d87cd78345155143dfd4fdb084f8f8d3541ed6001ca70f20389
cfcb592bbc2eca56a72f55b85693f142c231903615e0e9f0e7f986a3b63acbf6
d3c4ff533f79b80bbfc371b652b32717ffd908b7f98c24d46ffea0583be948e2
d88a29dc6bc426920a8ba03cf1e514736006e851df3ede235864a5f98d9271c6
de4dd09eebc7630b2e8366eb844d705b60c787698bd5b643eee8df1332cac0c7
de9a83ced607e80e2bb52a59c473052f9194ce71eeaef8cd144dd505b7735aa8
dffefcd7328c2b661486f6a55d995e11462d6340cb5baca5253c13e4de811e8d
e0ec5bdfe1860f62eab638c3da59a3532378ad0141cc411f088d3cb105b00beb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e611a4f0919c40548de7669a268428c3c4165739f542f330c5c7098af92901f8
e749f871823844feb850dacb3cba6c7ebf694d7cedcc39bf1850fa7b98deee24
ea132692052eff279b83e112d4f77f9ef37e6c88386032a2162931cf3f0e72e4
ec70f9c4c65bb4e04d2654898310b9dd592fdae412f37aa84f09b0b581d62248
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21258a77df70556511fa725bac673c611704b2d0f62332d550fd13018febed7
f2ee5ee6998b1628078c1432006dce75c2a5cabef1ae5fb6fa0d97361f4770d6
f4584cda2d8ee811fe6f449a9dc411ccb210f76414ed1d5d53ecf62438e839c0
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8
fe7df833d1096838598b857e58c8c961876e433304042ded15717bf8dcbaf2a9