cards.metro-cc.ru
Open in
urlscan Pro
185.169.155.211
Public Scan
Submitted URL: https://www.pepper.ru/visit/threadvipf/262831
Effective URL: https://cards.metro-cc.ru/
Submission: On April 25 via manual from RU — Scanned from DE
Effective URL: https://cards.metro-cc.ru/
Submission: On April 25 via manual from RU — Scanned from DE
Summary
This website contacted 18 IPs
in 5 countries
across 21 domains to perform 63 HTTP transactions.
The main IP is 185.169.155.211, located in
Russian Federation and
belongs to AS-SERVICEPIPE, RU.
The main domain is cards.metro-cc.ru.
TLS certificate: Issued by R3 on March 25th 2022. Valid for: 3 months.
This is the only time cards.metro-cc.ru was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 25th 2022. Valid for: 3 months.
This is the only time cards.metro-cc.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
52.29.94.189
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-94-189.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-94-189.eu-central-1.compute.amazonaws.com
| visit.digidip.net |
6
52.214.228.227
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-228-227.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-228-227.eu-west-1.compute.amazonaws.com
| api.flocktory.com |
2
2a00:1450:4001:82a::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
3
2a00:1450:4001:812::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
2
87.240.190.67
(Russian Federation)
ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com
ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com
| vk.com |
2
2a03:2880:f02d:100:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
2
2a03:2880:f12d:181:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
2
217.69.133.145
(Russian Federation)
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
| top-fwz1.mail.ru |
2
35.244.223.69
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 69.223.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 69.223.244.35.bc.googleusercontent.com
| wf.frontend.weborama.fr |
1
80.64.106.147
(Moscow, Russian Federation)
ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru
ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru
| tag.rutarget.ru |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 30 |
metro-cc.ru
cards.metro-cc.ru |
650 KB |
| 6 |
flocktory.com
api.flocktory.com — Cisco Umbrella Rank: 64375 |
117 KB |
| 5 |
yandex.com
2 redirects
mc.yandex.com — Cisco Umbrella Rank: 9160 |
2 KB |
| 3 |
mail.ru
1 redirects
top-fwz1.mail.ru — Cisco Umbrella Rank: 10226 ad.mail.ru — Cisco Umbrella Rank: 10143 |
2 KB |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
20 KB |
| 2 |
weborama.fr
1 redirects
wf.frontend.weborama.fr — Cisco Umbrella Rank: 35127 |
578 B |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 102 |
500 B |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 137 |
114 KB |
| 2 |
vk.com
vk.com — Cisco Umbrella Rank: 5091 |
24 KB |
| 2 |
skypack.dev
cdn.skypack.dev — Cisco Umbrella Rank: 44712 |
16 KB |
| 2 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3434 |
70 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 58 |
80 KB |
| 2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212 |
67 KB |
| 1 |
rutarget.ru
1 redirects
tag.rutarget.ru — Cisco Umbrella Rank: 54447 |
393 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80 |
440 B |
| 1 |
gstatic.com
www.gstatic.com |
145 KB |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
968 B |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 271 |
31 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437 |
30 KB |
| 1 |
digidip.net
1 redirects
visit.digidip.net — Cisco Umbrella Rank: 803592 |
131 B |
| 1 |
pepper.ru
1 redirects
www.pepper.ru — Cisco Umbrella Rank: 656615 |
908 B |
| 63 | 21 |
| Domain | Requested by | |
|---|---|---|
| 30 | cards.metro-cc.ru |
cards.metro-cc.ru
|
| 6 | api.flocktory.com |
cards.metro-cc.ru
api.flocktory.com |
| 5 | mc.yandex.com |
2 redirects
cards.metro-cc.ru
|
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 2 | wf.frontend.weborama.fr |
1 redirects
api.flocktory.com
|
| 2 | top-fwz1.mail.ru |
1 redirects
api.flocktory.com
|
| 2 | www.facebook.com |
cards.metro-cc.ru
|
| 2 | connect.facebook.net |
cards.metro-cc.ru
connect.facebook.net |
| 2 | vk.com |
cards.metro-cc.ru
|
| 2 | cdn.skypack.dev |
cards.metro-cc.ru
|
| 2 | mc.yandex.ru |
1 redirects
cards.metro-cc.ru
|
| 2 | www.googletagmanager.com |
cards.metro-cc.ru
|
| 2 | cdnjs.cloudflare.com |
cards.metro-cc.ru
|
| 1 | ad.mail.ru |
api.flocktory.com
|
| 1 | tag.rutarget.ru | 1 redirects |
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | www.gstatic.com |
www.google.com
|
| 1 | www.google.com |
cards.metro-cc.ru
|
| 1 | ajax.googleapis.com |
cards.metro-cc.ru
|
| 1 | cdn.jsdelivr.net |
cards.metro-cc.ru
|
| 1 | visit.digidip.net | 1 redirects |
| 1 | www.pepper.ru | 1 redirects |
| 63 | 22 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.metro-cc.ru R3 |
2022-03-25 - 2022-06-23 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
| *.flocktory.com Go Daddy Secure Certificate Authority - G2 |
2021-07-16 - 2022-06-27 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| mc.yandex.ru Yandex CA |
2021-12-22 - 2022-06-03 |
5 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| *.vk.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-03-04 - 2023-04-03 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-02-01 - 2022-05-02 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
| *.mail.ru GeoTrust ECC CA 2018 |
2021-10-15 - 2022-11-15 |
a year | crt.sh |
| *.frontend.weborama.fr Go Daddy Secure Certificate Authority - G2 |
2022-02-22 - 2023-03-26 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://cards.metro-cc.ru/
Frame ID: CAEB5A74D8750977B7E9218D348C9907
Requests: 58 HTTP requests in this frame
Frame:
https://api.flocktory.com/v2/provider/provider.html
Frame ID: 7A1395F1118D7EA079B09D1455730C81
Requests: 2 HTTP requests in this frame
Frame:
https://top-fwz1.mail.ru/counter2?id=2951107;pid=2ed46ba1-a186-49aa-8b675f03c4a05777
Frame ID: F3E8A7664857515FBC7866FEFD2CBD05
Requests: 1 HTTP requests in this frame
Frame:
https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222ed46ba1-a186-49aa-8b675f03c4a05777%22%7D&d.r=1650880933802&bounce=1&random=118782030
Frame ID: 94E71A63EC22CDCD534A3705912FC14A
Requests: 1 HTTP requests in this frame
Frame:
https://ad.mail.ru/cm.gif?p=34&id=g-MUvkct09Aw
Frame ID: 371D4CE42FE2F405C6039F70198BF44E
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.pepper.ru/visit/threadvipf/262831
HTTP 302
https://visit.digidip.net/visit?pid=793&generated=shortener&url=https%3A%2F%2Fcards.metro-cc.ru%2F&ppr... HTTP 302
https://cards.metro-cc.ru/ Page URL
- https://cards.metro-cc.ru/ Page URL
Detected technologies
1C-Bitrix
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:<link[^>]+components/bitrix|(?:src|href)="/bitrix/(?:js|templates))
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
FingerprintJS
(JavaScript libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /fingerprintjs@(\d)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
reCAPTCHA
(Captchas)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /recaptcha/api\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.pepper.ru/visit/threadvipf/262831
HTTP 302
https://visit.digidip.net/visit?pid=793&generated=shortener&url=https%3A%2F%2Fcards.metro-cc.ru%2F&ppref=https%3A%2F%2Fwww.pepper.ru&ref=201723787 HTTP 302
https://cards.metro-cc.ru/ Page URL
- https://cards.metro-cc.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.pepper.ru/visit/threadvipf/262831 HTTP 302
- https://visit.digidip.net/visit?pid=793&generated=shortener&url=https%3A%2F%2Fcards.metro-cc.ru%2F&ppref=https%3A%2F%2Fwww.pepper.ru&ref=201723787 HTTP 302
- https://cards.metro-cc.ru/
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9619.cZ2-lxA5IlYh1WexHm2pbWtQ8GpZeYRcPg9FXDQzkw5xOiXUnm7AVZcsa6fbprQH.2uL4oCRqHYZbWV72j7ejnb6C5vw%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9619.8fdT9M0fAguKCydztWxOLN1Cfhl0AUU6RMFFGT8eHu_kVzX9iTxNjtAs3WXpisncZdt6D9akgvWx-_bt3i6y4Q%2C%2C.UvpsRgrKOlyB0sXoa_ZPquYHEaY%2C
- https://mc.yandex.com/watch/50830407?wmode=7&page-url=https%3A%2F%2Fcards.metro-cc.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A290%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A604928310801%3Ahid%3A185301657%3Az%3A0%3Ai%3A20220425100213%3Aet%3A1650880933%3Ac%3A1%3Arn%3A441674508%3Arqn%3A1%3Au%3A1650880933169265719%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650880932827%3Ads%3A0%2C0%2C53%2C0%2C0%2C0%2C%2C355%2C2%2C%2C%2C%2C530%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650880934%3At%3A&t=gdpr(14)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/50830407/1?wmode=7&page-url=https%3A%2F%2Fcards.metro-cc.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A290%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A604928310801%3Ahid%3A185301657%3Az%3A0%3Ai%3A20220425100213%3Aet%3A1650880933%3Ac%3A1%3Arn%3A441674508%3Arqn%3A1%3Au%3A1650880933169265719%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650880932827%3Ads%3A0%2C0%2C53%2C0%2C0%2C0%2C%2C355%2C2%2C%2C%2C%2C530%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1650880934%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
- https://top-fwz1.mail.ru/counter?id=2951107;pid=2ed46ba1-a186-49aa-8b675f03c4a05777 HTTP 302
- https://top-fwz1.mail.ru/counter2?id=2951107;pid=2ed46ba1-a186-49aa-8b675f03c4a05777
- https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222ed46ba1-a186-49aa-8b675f03c4a05777%22%7D&d.r=1650880933802 HTTP 302
- https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%222ed46ba1-a186-49aa-8b675f03c4a05777%22%7D&d.r=1650880933802&bounce=1&random=118782030
- https://tag.rutarget.ru/tag?event=sync&partner=flocktory&external_visitor_id=2ed46ba1-a186-49aa-8b675f03c4a05777 HTTP 302
- https://ad.mail.ru/cm.gif?p=34&id=g-MUvkct09Aw
63 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
cards.metro-cc.ru/ Redirect Chain
|
7 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jsrsasign-all-min.js
cdnjs.cloudflare.com/ajax/libs/jsrsasign/8.0.20/ |
257 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fp.js
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ |
114 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
cards.metro-cc.ru/ |
20 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.1.0.min.js
cards.metro-cc.ru/local/templates/metro_white/static/js/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validate.js
cards.metro-cc.ru/local/templates/metro_white/static/js/ |
47 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mask.js
cards.metro-cc.ru/local/templates/metro_white/static/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chosen.jquery.min.js
cards.metro-cc.ru/local/templates/metro_white/static/js/chosen/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.inputmask.bundle.min.js
cards.metro-cc.ru/local/templates/metro_white/static/js/ |
71 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader.js
api.flocktory.com/v2/ |
265 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
98 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kernel_main_v1.css
cards.metro-cc.ru/bitrix/cache/css/s1/metro_white/kernel_main/ |
32 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
template_abc324a90405d5ffbfa0e89b9168e4ca_v1.css
cards.metro-cc.ru/bitrix/cache/css/s1/metro_white/template_abc324a90405d5ffbfa0e89b9168e4ca/ |
1 KB 979 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core.js
cards.metro-cc.ru/bitrix/js/main/core/ |
118 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core_promise.js
cards.metro-cc.ru/bitrix/js/main/core/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
promise.js
cards.metro-cc.ru/bitrix/js/main/polyfill/promise/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loadext.js
cards.metro-cc.ru/bitrix/js/main/loadext/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
extension.js
cards.metro-cc.ru/bitrix/js/main/loadext/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core_db.js
cards.metro-cc.ru/bitrix/js/main/core/ |
20 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core_ajax.js
cards.metro-cc.ru/bitrix/js/main/core/ |
40 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json2.min.js
cards.metro-cc.ru/bitrix/js/main/json/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core_ls.js
cards.metro-cc.ru/bitrix/js/main/core/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core_fx.js
cards.metro-cc.ru/bitrix/js/main/core/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core_frame_cache.js
cards.metro-cc.ru/bitrix/js/main/core/ |
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Lato-Regular.woff2
cards.metro-cc.ru/local/templates/metro_white/static/redesign/fonts/ |
212 KB 213 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Lato-Bold.woff2
cards.metro-cc.ru/local/templates/metro_white/static/redesign/fonts/ |
212 KB 213 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.css
cards.metro-cc.ru/local/templates/metro_white/static/redesign/css/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fields.css
cards.metro-cc.ru/local/templates/metro_white/static/redesign/css/ |
304 B 704 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cleave.min.js
cdnjs.cloudflare.com/ajax/libs/cleave.js/1.6.0/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 968 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fields.js
cards.metro-cc.ru/local/templates/metro_white/static/redesign/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script2.js
cards.metro-cc.ru/local/templates/metro_white/static/redesign/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.svg
cards.metro-cc.ru/local/templates/metro_white/static/redesign/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
close_btn.svg
cards.metro-cc.ru/local/templates/metro_white/static/redesign/img/ |
305 B 799 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.min.js
cards.metro-cc.ru/local/templates/metro/static/js/ |
134 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
109 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
202 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
cards.metro-cc.ru/ |
2 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
superappkit
cdn.skypack.dev/@vkontakte/ |
932 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ |
364 KB 145 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
openapi.js
vk.com/js/api/ |
104 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
superappkit.js
cdn.skypack.dev/-/@vkontakte/superappkit@v1.46.0-Nb6CmlYcxlWtdRJIDHmO/dist=es2019,mode=imports/optimized/@vkontakte/ |
54 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
480941765749779
connect.facebook.net/signals/config/ |
308 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
provider.html
api.flocktory.com/v2/provider/ Frame 7A13 |
176 B 965 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 440 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
provider.min.js
api.flocktory.com/v2/provider/ Frame 7A13 |
38 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
rtrg
vk.com/ |
49 B 494 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
setup-api.js
api.flocktory.com/u_shaman/ |
62 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
mc.yandex.com/watch/50830407/ Redirect Chain
|
605 B 687 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ultimate.js
api.flocktory.com/underworld/tracks/ |
33 B 33 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
counter2
top-fwz1.mail.ru/ Frame F3E8 Redirect Chain
|
43 B 959 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
wf.frontend.weborama.fr/streampixel/ Frame 94E7 Redirect Chain
|
67 B 87 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm.gif
ad.mail.ru/ Frame 371D Redirect Chain
|
43 B 452 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
get-widget.js
api.flocktory.com/u_widget/ |
839 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer function| $ function| jQuery function| Inputmask function| gtag object| frameCacheVars boolean| frameRequestStart function| BX boolean| frameUpdateInvoked object| _ba function| Cleave undefined| cleave_phone function| init_cleave_phone function| isAppleSafari function| set_placeholder object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| flocktory object| Ya object| yaCounter50830407 boolean| IS_CLIENT_SIDE boolean| IS_ANDROID_WEBVIEW boolean| IS_IOS_WEBVIEW boolean| IS_WEB undefined| androidBridge undefined| iosBridge function| _bridgeSend function| _bridgeSupports boolean| IS_BRIDGE_AVAILABLE function| obj2qs object| fastXDM object| VK function| flock_jsonp_1 object| textElements function| flock_jsonp_232 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.pepper.ru/ | Name: pepper_session Value: %22Iw0Dz1aBIKXWyrWITev8erDcWrUhb8sszHAS5Cf1%22 |
|
| www.pepper.ru/ | Name: guest_user_visit Value: 1 |
|
| www.pepper.ru/ | Name: u_l Value: 0 |
|
| www.pepper.ru/ | Name: xsrf_t Value: %22ifqf3csByQO8zFD7CsdNSYVxPiWtTFal1DKW8TjS%22 |
|
| www.pepper.ru/ | Name: f_v Value: %22c6b02a00-c47e-11ec-b33a-0242ac110002%22 |
|
| cards.metro-cc.ru/ | Name: spsn Value: 1650880932528_7b2276657273696f6e223a22332e332e33222c227369676e223a226134303739353231333739386131373130393739616334333431626163386535222c22706c6174666f726d223a224c696e7578207838365f3634222c2262726f7773657273223a5b226368726f6d65225d2c2273636f7265223a302e377d |
|
| cards.metro-cc.ru/ | Name: spid Value: 1650880932528_97cbef1d1c6634db2136a8ebf8568518_mr45gjbg7ls4n0mh |
|
| cards.metro-cc.ru/ | Name: spsc Value: 1650880932528_bc14d40c51bda8bda1c97427af0b3e1d_2af0176a48d8747630869b7c18a60a73 |
|
| cards.metro-cc.ru/ | Name: PHPSESSID Value: 9l9eitbqbp4i4al43dkm23q4ti |
|
| .flocktory.com/ | Name: __flocktory-web_session2 Value: 2ed46ba1-a186-49aa-8b675f03c4a05777 |
|
| .metro-cc.ru/ | Name: _ga Value: GA1.2.206531398.1650880933 |
|
| .metro-cc.ru/ | Name: _gid Value: GA1.2.948327696.1650880933 |
|
| .metro-cc.ru/ | Name: _gat_gtag_UA_127993035_1 Value: 1 |
|
| .metro-cc.ru/ | Name: _gat_https%3A%2F%2Fcards.metro-cc.ru%2F Value: 1 |
|
| .metro-cc.ru/ | Name: _fbp Value: fb.1.1650880933340.1819163736 |
|
| .facebook.com/ | Name: fr Value: 0CqJ1Rjy5XJxtNN8S..BiZnGl...1.0.BiZnGl. |
|
| .metro-cc.ru/ | Name: _ym_uid Value: 1650880933169265719 |
|
| .metro-cc.ru/ | Name: _ym_d Value: 1650880933 |
|
| .mc.yandex.com/ | Name: sync_cookie_csrf Value: 1945200545fake |
|
| .metro-cc.ru/ | Name: _ym_isad Value: 2 |
|
| .mc.yandex.ru/ | Name: sync_cookie_csrf Value: 2755600863fake |
|
| cards.metro-cc.ru/ | Name: flocktory-uuid Value: cd16a12c-2302-43bb-9836-5b510ee3f00e-2 |
|
| .yandex.com/ | Name: yandexuid Value: 6528207861650880933 |
|
| .yandex.com/ | Name: yuidss Value: 6528207861650880933 |
|
| mc.yandex.com/ | Name: yabs-sid Value: 849122791650880933 |
|
| .yandex.com/ | Name: i Value: En0XR2ri782NT8GrmJHCuzAHLzt8aAkneG50cQGfDt483We+9HlJ9HHLiug9IFYJ0z1CsJY/ElpaDbv4Uz27QYfb1UA= |
|
| .yandex.com/ | Name: ymex Value: 1682416933.yrts.1650880933#1682416933.yrtsi.1650880933 |
|
| .vk.com/ | Name: remixlang Value: 6 |
|
| .weborama.fr/ | Name: AFFICHE_W Value: jjucb2DAPLiO36 |
|
| .mail.ru/ | Name: VID Value: 01ec7y3_j8Y900000d1EH4o9:::0-0-0-780ca66:CAASEJIjvsOYfD9oJIUm_9wbNLwaYL7707Q_2au5eHDZXpuvlx-1ZBkZblI1SsjqugtEvWWJ-q30eCecUNPPNWGuwUZVj7lWzaopa83zhyslFn2YlDwToDC4XOMdx60hlNVWmiyCglSvOxXKUtatypPxUaXPhw |
|
| .rutarget.ru/ | Name: userId Value: g-MUvkct09Aw |
|
| .rutarget.ru/ | Name: sync_71c015090a068e09460994346a52bdbb Value: g-MUvkct09Aw|1650880934059 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.mail.ru
ajax.googleapis.com
api.flocktory.com
cards.metro-cc.ru
cdn.jsdelivr.net
cdn.skypack.dev
cdnjs.cloudflare.com
connect.facebook.net
mc.yandex.com
mc.yandex.ru
stats.g.doubleclick.net
tag.rutarget.ru
top-fwz1.mail.ru
visit.digidip.net
vk.com
wf.frontend.weborama.fr
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.pepper.ru
185.169.155.211
217.69.133.145
2606:4700:20::681a:d52
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:385
2a00:1148:db00::17
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c09::9c
2a02:6b8::1:119
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.244.223.69
52.214.228.227
52.29.94.189
80.64.106.147
87.240.190.67
0182dda5a05b7c5da8f7c812b5613ddecee21f77eae825f0fe12cb4b8a33ec0c
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b8e09bfb5dc1a5eee06daf5437bed1f933ec3a17cdeb169e013c8bc913ba385
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d0466c10c8428c69ee0ea46bb152a570068202cecdc34337c48661f72dfd3e
138c90dadb564228ccf8faa8c8ceaba85780d6f8f8bb3b1a794ca7429eac71e5
17657efa688e16f17e16c23b3088e1d9ed9fd48fe560875a9abd30407733edf1
181b1a27ac6256114ae82015e7f203f5cdc69d3cd7b2f0fa1e14f113fe2f29b5
188007ad125f5274c3f4ed309def2c90127c47691b954e4240c8081866edc3c9
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
28ecdad07946397f0dc5f2235b75de9bad64173081b5886cec57c058b15dc750
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
349b7f2fb63bfbb065d3f4dbdc6f61659e80c4206428b0e1c047643a300bd4a9
3582d91f1c6baff58a0bcd2da6bac822a764c5e8d0c55e71be282add491fa35b
4e140ac04eb8d1239db1f9b341513f76254d4c916b62c39ea49040dc34b140c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5599f6ee5f613a3bc6a3d25b580d43d1043d4c24f404697f32a6d0d45bf2de66
5bd04622943b0096e574d8a33b03384fb6f5903d1b22fd9531b69ccd60e4783a
5d2efa878fb5424ad3c4272345c2385978c8d47f50b35a8f75a66cbd82629923
614680e3706423a92ffa8a8ab7d38b953b640b72896dcb323bdbe62ed92ce8f5
631dd665d698d6f57e419ac9a7de2153e0002a255a1db8dea40da318fad21260
65cc60085c4afd9a4f0aa98a624cb83f9740d4b6362285215f8c8a0d604d67c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e22394311e532d4849380b05b0e5bdd84df104eb58ce08cf2c183bf9d89c62f
75394c19cc5e65aba03a4701a8e98a8ad500e73acd186027a8b7ee95ff3995b5
75f3bd16ca645709f15708862b8523f5a5072725d1c945db54f58c343c7d21cc
7b2195aeeebb6d9585dcbbc008d73017abe6354a15205c034bc4e9452a8e5d1e
7eb194c2648de022cb8f29399b9f4409d5ec0cc5314d6e4eea175c78d1d5089a
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8f77cdbc495660ff01604595db56d705266213c8e136fb87f9acf72e1d2e42f1
96019c123ff386c5f51cff4120c1d50973af914b57cf31f1157012296e1958ec
997007cd8cb3b334365d349fce62538a687f0fea05bb26812e9a4a2d0ebd2ff7
9c5d81eb69388e0b338809d4375c9065fef7189754b62d6bbb676408d2a921fa
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4d47dd6793fe24c23ab3c34f630ce5d0f42ef12a9e19eabd2fba286296647e9
a566473e6105e014357d689bdaff15c1f0c6bded41b145322d492f743e0ea779
b2513d918c588802b513284899dda54616857a13868ef476adf4d0b7838d05c2
b35a3a65fd2597eb6f7a3b41b0a72e51c98c953036925feb0b81100dcb844fe2
b962e83abd2c54f175c05932f575f0f9d3d7b24ed846607b9b9641bec2a23342
bed5c6fd8ee0630fb8d67beac69acf26966b77ef14c3f56684f4388a7153080a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07e812d3a1e50c7c75603734f04b3421b4a5840676a557ded230f783695d24c
d0a4a7ed7bb20ce9dbe648172b6e8bacc2d6551266429f37a430f79a9e9fb063
d20b6a250b237b8632eef2a413957606742b180062cdbe42fb24fca9a747074b
d2326dac8ab1f1752a9be2b1cdd48424c5518fa6683c508fa116e6dd35ec8a74
de1cf3a7db28b578e3c4327a6170c5d62986763d72c14b91cc2233f93f273b16
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e025690b32798afc7beb464f7cf5574f85679ddeb76ff57878d196d7e25b9c4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e449351ed95032e79995f8635ecdb1b07e74611e315c3a4975a8320f5e29649b
e60a536229792e94a7dbf71474f230ae9d16254b595355e309272b54dbe487b0
ea671b92379122528c660424660a38fc4691567fa5357d7c80131a084ea2bd13
f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc
f4f0ccc2bde7bbaccdf284ca28340a883974dfc49391d173df40f71ccb05dd76
f630e5a6194755f16ecb4b1815b4dbc7934fb84db9b9cdf50bf103ad8f0038a3
fa6c29ad575680e09427825e000453abee5ad0fcd6067ab60f97dbe9f45e6b03
fd8261ad9865c83146af12a136ad40b0440530c684b7cb1b1d2150c2efd0f558
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff590aa29f4338de3d00bda2bf6649e45cb7bbea8c9c8c116611e3e181acd7b7