www.domofond.ru
Open in
urlscan Pro
146.158.52.9
Public Scan
Submitted URL: http://www.domofond.ru/
Effective URL: https://www.domofond.ru/?domofond
Submission: On November 23 via manual from US — Scanned from DE
Effective URL: https://www.domofond.ru/?domofond
Submission: On November 23 via manual from US — Scanned from DE
Summary
This website contacted 49 IPs
in 9 countries
across 35 domains to perform 80 HTTP transactions.
The main IP is 146.158.52.9, located in
Czech Republic and
belongs to AVITO, RU.
The main domain is www.domofond.ru.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 25th 2022. Valid for: a year.
This is the only time www.domofond.ru was scanned on urlscan.io!
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 25th 2022. Valid for: a year.
This is the only time www.domofond.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
2
2a00:1450:4001:809::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
2a00:1450:4001:80b::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
4
146.158.48.128
(Czech Republic)
ASN44546 (ALFATELECOM, CZ)
ASN44546 (ALFATELECOM, CZ)
| st12.domofond.ru | |
| st01.domofond.ru | |
| st06.domofond.ru | |
| st17.domofond.ru |
4
146.158.48.208
(Czech Republic)
ASN44546 (ALFATELECOM, CZ)
ASN44546 (ALFATELECOM, CZ)
| st84.domofond.ru | |
| st94.domofond.ru | |
| st81.domofond.ru | |
| st93.domofond.ru |
2
138.201.14.3
(Landshut, Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.3.14.201.138.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.3.14.201.138.clients.your-server.de
| tracking.retailrocket.net |
1
2a00:1450:4001:808::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagservices.com |
2
2a00:1450:4001:806::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| securepubads.g.doubleclick.net |
5
2a00:1450:4001:827::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
1
2a00:1450:4001:830::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| 8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com |
1
18.192.2.142
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-2-142.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-2-142.eu-central-1.compute.amazonaws.com
| x.bidswitch.net |
1
142.250.186.34
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
| cm.g.doubleclick.net |
2
185.89.210.180
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
| ib.adnxs.com |
2
52.212.100.153
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-100-153.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-100-153.eu-west-1.compute.amazonaws.com
| ad.360yield.com |
1
104.79.88.129
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-129.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-129.deploy.static.akamaitechnologies.com
| contextual.media.net |
1
69.173.144.139
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| pixel.rubiconproject.com |
1
3.123.115.183
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-115-183.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-115-183.eu-central-1.compute.amazonaws.com
| match.sharethrough.com |
1
104.111.242.245
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
| criteo-sync.teads.tv |
1
76.223.111.18
(United States)
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
| eb2.3lift.com |
2
3.126.56.137
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
| ups.analytics.yahoo.com |
2
176.34.205.255
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-205-255.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-205-255.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
34.117.157.22
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
| matching.ivitrack.com |
1
3.74.101.32
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-101-32.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-101-32.eu-central-1.compute.amazonaws.com
| exchange.mediavine.com |
1
2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| criteo-partners.tremorhub.com |
1
72.247.157.213
(Düsseldorf, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a72-247-157-213.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a72-247-157-213.deploy.static.akamaitechnologies.com
| ad.yieldlab.net |
1
34.252.59.114
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-59-114.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-59-114.eu-west-1.compute.amazonaws.com
| sync-criteo.ads.yieldmo.com |
3
2a00:1450:4001:80f::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
1
54.72.57.83
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-57-83.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-57-83.eu-west-1.compute.amazonaws.com
| beacon.krxd.net |
1
3.18.206.73
(Columbus, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-206-73.us-east-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-206-73.us-east-2.compute.amazonaws.com
| s.thebrighttag.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 27 |
domofond.ru
1 redirects
www.domofond.ru st12.domofond.ru st01.domofond.ru st84.domofond.ru st46.domofond.ru api.domofond.ru st21.domofond.ru st94.domofond.ru st81.domofond.ru st06.domofond.ru st76.domofond.ru st48.domofond.ru st17.domofond.ru st33.domofond.ru st93.domofond.ru st67.domofond.ru |
1 MB |
| 10 |
criteo.com
5 redirects
gum.criteo.com — Cisco Umbrella Rank: 381 mug.criteo.com — Cisco Umbrella Rank: 2612 sslwidget.criteo.com — Cisco Umbrella Rank: 1499 widget.eu.criteo.com — Cisco Umbrella Rank: 18001 dis.criteo.com — Cisco Umbrella Rank: 639 |
13 KB |
| 9 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 147 |
42 KB |
| 4 |
doubleclick.net
1 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 94 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 191 cm.g.doubleclick.net — Cisco Umbrella Rank: 207 |
132 KB |
| 4 |
retailrocket.net
cdn.retailrocket.net — Cisco Umbrella Rank: 62658 tracking.retailrocket.net — Cisco Umbrella Rank: 64038 |
71 KB |
| 2 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 189 |
2 KB |
| 2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 288 |
508 B |
| 2 |
360yield.com
1 redirects
ad.360yield.com — Cisco Umbrella Rank: 624 |
851 B |
| 2 |
casalemedia.com
1 redirects
r.casalemedia.com — Cisco Umbrella Rank: 1257 |
2 KB |
| 2 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 208 |
2 KB |
| 2 |
google.com
adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2 |
2 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 40 |
20 KB |
| 1 |
thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1748 |
268 B |
| 1 |
krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 539 |
338 B |
| 1 |
yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1640 |
220 B |
| 1 |
yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3769 |
522 B |
| 1 |
tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 1656 |
183 B |
| 1 |
mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1199 |
884 B |
| 1 |
ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2265 |
274 B |
| 1 |
id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 492 |
1 KB |
| 1 |
omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 745 |
235 B |
| 1 |
adform.net
cm.adform.net — Cisco Umbrella Rank: 1380 |
163 B |
| 1 |
3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 344 |
140 B |
| 1 |
teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1637 |
172 B |
| 1 |
taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1106 |
99 B |
| 1 |
smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 562 |
163 B |
| 1 |
sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 502 |
35 B |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 314 |
239 B |
| 1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 670 |
145 B |
| 1 |
media.net
contextual.media.net — Cisco Umbrella Rank: 537 |
784 B |
| 1 |
bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 293 |
72 B |
| 1 |
google.de
adservice.google.de — Cisco Umbrella Rank: 7898 |
792 B |
| 1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 178 |
27 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 67 |
49 KB |
| 1 |
criteo.net
static.criteo.net — Cisco Umbrella Rank: 601 |
14 KB |
| 80 | 35 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| vk.com |
| www.odnoklassniki.ru |
| www.youtube.com |
| zen.yandex.ru |
| itunes.apple.com |
| play.google.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.domofond.ru Thawte TLS RSA CA G1 |
2022-01-25 - 2023-01-28 |
a year | crt.sh |
| *.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-11-08 - 2023-02-04 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.retailrocket.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2022-05-27 - 2023-05-31 |
a year | crt.sh |
| *.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-10-31 - 2023-01-26 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.google.de GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2022-04-05 - 2023-05-04 |
a year | crt.sh |
| *.media.net DigiCert SHA2 Secure Server CA |
2022-02-20 - 2023-02-22 |
a year | crt.sh |
| *.outbrain.com Thawte RSA CA 2018 |
2022-11-06 - 2023-11-28 |
a year | crt.sh |
| *.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-04-04 |
a year | crt.sh |
| *.sharethrough.com Amazon |
2022-07-14 - 2023-08-12 |
a year | crt.sh |
| *.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-01-25 - 2023-01-25 |
a year | crt.sh |
| *.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2021-11-28 - 2022-12-29 |
a year | crt.sh |
| teads.tv R3 |
2022-10-27 - 2023-01-25 |
3 months | crt.sh |
| *.3lift.com Amazon |
2022-05-13 - 2023-06-11 |
a year | crt.sh |
| *.adform.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-18 - 2023-06-16 |
a year | crt.sh |
| omnitagjs.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-21 - 2023-07-21 |
a year | crt.sh |
| *.id5-sync.com R3 |
2022-11-09 - 2023-02-07 |
3 months | crt.sh |
| itm.ivitrack.com R3 |
2022-10-06 - 2023-01-04 |
3 months | crt.sh |
| exchange.mediavine.com Amazon |
2022-07-06 - 2023-08-04 |
a year | crt.sh |
| *.tremorhub.com Amazon |
2022-03-24 - 2023-04-22 |
a year | crt.sh |
| *.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-16 - 2023-11-15 |
a year | crt.sh |
| *.ads.yieldmo.com Amazon |
2022-06-02 - 2023-07-01 |
a year | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.domofond.ru/?domofond
Frame ID: 199626C05EA4BB2758AA62194A5EFDAE
Requests: 50 HTTP requests in this frame
Frame:
https://gum.criteo.com/syncframe?topUrl=www.domofond.ru&origin=onetag
Frame ID: A3DD4560AFC6CF891BFC0A0EB10528C4
Requests: 2 HTTP requests in this frame
Frame:
https://8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FF8246516A194C3A8ECAFAAC10A9276A
Requests: 1 HTTP requests in this frame
Frame:
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-kTtQ18X2z6aLJepwSeODEhq8tBXml5tIYqYg9Q&expires=30
Frame ID: ECB443EF98FE44ABC7134F051136FD97
Requests: 25 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5387FC027A1AA7E459F524858132BD44
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 02966BA5A37962F1B5BDA9A0FA309C2D
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Продажа и аренда недвижимости : Domofond.ruPage URL History Show full URLs
-
http://www.domofond.ru/
HTTP 302
https://www.domofond.ru/?domofond Page URL
Detected technologies
React
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+data-react
Criteo
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //static\.criteo\.net/js/ld/ld\.js
DoubleClick for Publishers (DFP)
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://vk.com/domofond
Search URL Search Domain Scan URL
URL: https://www.odnoklassniki.ru/group/52146032279725
Search URL Search Domain Scan URL
URL: https://www.youtube.com/user/Domofondru
Search URL Search Domain Scan URL
URL: https://zen.yandex.ru/domofond.ru
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/us/app/domofond.ru/id911374744?ls=1&mt=8
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=ru.domofond.app
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.domofond.ru/
HTTP 302
https://www.domofond.ru/?domofond Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://gum.criteo.com/sid/json?origin=onetag&domain=domofond.ru&sn=ChromeSyncframe&so=0&topUrl=www.domofond.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
- https://mug.criteo.com/sid?cpp=RDTmXHxPUmtyN0hpMzlkZFdmSVRyOG5lNHMzbytWUm1kc2pML1IrelZrd2M4OUp4WWVuQ01VTDZKaHc5NkJ3WE9LRUltQStRNGJDVHcwd0pXOXBGZ0F6MWtXTTRZbTQzQStTYkhrUTRBNklWUGNpTVVoQ3ZJREJ0aG0xcGhVNDRhUTM1SEtmQmtBMGp5VjJMYW5lZXdSTitVaWhqRXdqMjdLdnhhY0RQT2tUWjFiYzdibVBKMytNUkxSd2k2dTN1RkRZdU8yR09Dazh1MXpzeGY5ZEhEejUrQk01THRSaVJIYS95d2JTQkdNcjJFVmhySkVURFdOZlJMODRWTmRQNFB1N3RDdUpOcGg2RzJnb2pEUE0wZlZSenZrQT09fA&cppv=2
- https://sslwidget.criteo.com/event?a=30476&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JMa0pMd3Eyd2VDMVV4V2NjSlM2VGFlSFZ5SUZYWGtidXdwR3NzZHlJNng1UWxuYndHTUZoaEtVQUU1U3lBTUtIcWxyc3puJTJCNlNVNEElMkZ2b29xYklYOXV6RFJBRGpIJTJGOVFNZTZ5dW5wdm9HWjRJcU5tbWQlMkZVVlElM0QlM0Q&tld=domofond.ru&fu=https%253A%252F%252Fwww.domofond.ru%252F%253Fdomofond&dtycbr=4293 HTTP 302
- https://widget.eu.criteo.com/event?a=30476&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JMa0pMd3Eyd2VDMVV4V2NjSlM2VGFlSFZ5SUZYWGtidXdwR3NzZHlJNng1UWxuYndHTUZoaEtVQUU1U3lBTUtIcWxyc3puJTJCNlNVNEElMkZ2b29xYklYOXV6RFJBRGpIJTJGOVFNZTZ5dW5wdm9HWjRJcU5tbWQlMkZVVlElM0QlM0Q&tld=domofond.ru&fu=https%253A%252F%252Fwww.domofond.ru%252F%253Fdomofond&dtycbr=4293
- https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-u3d-jcX2z6aLJepwSeODEhq8tBVEotzrluuhXA&google_cm&google_hm=ay11M2QtamNYMno2YUxKZXB3U2VPREVocTh0QlZFb3R6cmx1dWhYQQ HTTP 302
- https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-u3d-jcX2z6aLJepwSeODEhq8tBVEotzrluuhXA&google_gid=CAESEMAW2CC4VVWUhDCmS2BoQrQ&google_cver=1&google_ula=913071,0
- https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
- https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8816548972910309475
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XB9DlcX2z6aLJepwSeODEhq8tBVYgolxBh99sA HTTP 302
- https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XB9DlcX2z6aLJepwSeODEhq8tBVYgolxBh99sA&C=1
- https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-sLUSaMX2z6aLJepwSeODEhq8tBWpI_oEeUF3Ew HTTP 302
- https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-sLUSaMX2z6aLJepwSeODEhq8tBWpI_oEeUF3Ew
- https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Q5SRA8X2z6aLJepwSeODEhq8tBVnasB54BWdkw HTTP 302
- https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Q5SRA8X2z6aLJepwSeODEhq8tBVnasB54BWdkw&verify=true
- https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
- https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vLJ6peJYIF68Bkj6aSm67akY8ly4rqr- HTTP 302
- https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vLJ6peJYIF68Bkj6aSm67akY8ly4rqr-
- https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
- https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WnlqYuKIHQCvaRrxQ7QW5N1UKK1WTveb
- https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
- https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Y7Ytx9kjibnhnnKAv4JD_BEJaLHxQ4Ch
80 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.domofond.ru/ Redirect Chain
|
173 KB 44 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ld.js
static.criteo.net/js/ld/ |
42 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.desktop.a7d7f591b219a45e652e.css
www.domofond.ru/build/ |
115 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.desktop.eb93242d7af49e102bce.css
www.domofond.ru/build/ |
301 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendor.desktop.e06fce3c4a52085d35ca.js
www.domofond.ru/build/ |
208 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui.desktop.a7d7f591b219a45e652e.js
www.domofond.ru/build/ |
330 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
129 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.6WFCIba24Yn2QkRK92qnC2XcR4jygIeJNIFH.j3W_RsJuA8L6fuYwDv9w6FKBkpAuV7wDuzd7I8EOcPw
st12.domofond.ru/image/1/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.OHeDYLa2MJ83A5VcNgk9U52elp4zwVaf9cCW.ljAPfBGKxRvVa3p3hBZgzDUi9NTtN0uGW0ZaYVtkKDM
st01.domofond.ru/image/1/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.yQPmJLa2wetSR2QoUy-XJOLaZ-pWhafrkIRn.3-OpgS1-aiWLlLdV1aFRDDRYlXl727JYeaueLbVjoVQ
st84.domofond.ru/image/1/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.e8k1kLa2cyGB89bigP9Hpw1t1SCFMRUhQzDV.zF-nf3F6Nm517D1qAbzceeU4xhENYxGrQdKMTgtAvCk
st46.domofond.ru/image/1/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rub.png
www.domofond.ru/static/images/gid/main/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
reports.png
www.domofond.ru/static/images/gid/main/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
documents.png
www.domofond.ru/static/images/gid/main/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.desktop.eb93242d7af49e102bce.js
www.domofond.ru/build/ |
2 MB 555 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tracking.js
cdn.retailrocket.net/content/javascript/ |
69 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
home_banner.jpg
www.domofond.ru/static/images/ |
263 KB 262 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
syncframe
gum.criteo.com/ Frame A3DD |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
620 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sid
mug.criteo.com/ Frame A3DD Redirect Chain
|
433 B 653 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5a097b2cc7d010afd4bfba6d
tracking.retailrocket.net/1.0/event/initialize/ |
74 B 451 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
78 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
rpc
api.domofond.ru/ |
62 KB 14 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
rpc
api.domofond.ru/ |
77 B 731 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.gL-v87axvlcbsCjcHOrft9AmLlYdRipU.jM-ffyb6szh3RBEaMQm4XUUo0CiuNWupwEkGnLsVe7Q
st21.domofond.ru/image/1/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.4-cxSbax3Q-FCkuEghbF5E6cTQ6D_EkM.8-TNdk7-Hgqhf0Kwf2_1bRqPbv-RPxbzU_ilqA7ZEyY
st94.domofond.ru/image/1/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.WAkfvraxZuGr_fBqrJcQfh5v9uCtC_Li.R4ubFjC3mFu7fOVboQ9V-vdCq7rLZs3p64l5m-ybihY
st81.domofond.ru/image/1/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.RztRCraxedPlSe9Y4h0_PhXb6dLjv-3Q.eLjo_UTfSxNqTlZ3l7oVJp6s3nkNDTNpl-YNyKM_eVw
st06.domofond.ru/image/1/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.cbHImLaxT1l829nSe-NZtNpJ31h6Ldta.MROtmgdAUz9y19H1hX3wlZ-sg-jxO3dcLoAbSP7WAzw
st76.domofond.ru/image/1/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.oXsekLaxn5Oq0wkYrcv-YGFFD5KsJQuQ.r_08TwQQ3VtV5AC_udkneI8PczuRbmTcvCqb_Nwjce0
st48.domofond.ru/image/1/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.3J5JE7ax4nb9UHT9-jLy3E7Dcnf7pnZ1.iUnQeq2itq6enWTnz9z5isFa5fXWIWy1cG_kRAKo6gk
st17.domofond.ru/image/1/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.7JJJE7ax0nr9UETx-lLO0E7DQnv7pkZ5.eXPyzzwFYXv_X627KoF8bYANcOYCNrbqklXH7cUsXwE
st33.domofond.ru/image/1/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.kI_iuraxrmdW-TjsUYOPgZ1vPmZQDzpk.EKToEsJ44e6H_3MG9Nm5Euab1HJRcavkSEQ-0IHIEVo
st93.domofond.ru/image/1/ |
24 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.VjW43LaxaN0Mn_5WC-k2Z7wM-NwKafze.Z3iW1Tgfudv9zpSLgbM_Zva2z5ptH_8m2TaEKeK44og
st67.domofond.ru/image/1/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 439 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
event
widget.eu.criteo.com/ Redirect Chain
|
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5a097b2cc7d010afd4bfba6d
tracking.retailrocket.net/1.0/event/pageView/ |
2 B 265 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5a097b2cc7d010afd4bfba6d
cdn.retailrocket.net/api/1.0/PushPartnerSettings/ |
78 B 594 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ |
381 KB 130 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
88 B 704 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 442 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ads
securepubads.g.doubleclick.net/gampad/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ads
securepubads.g.doubleclick.net/gampad/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
container.html
8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FF82 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
14 KB 11 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
x.bidswitch.net/ Frame ECB4 |
0 72 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame ECB4 Redirect Chain
|
43 B 371 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame ECB4 Redirect Chain
|
43 B 370 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
rum
r.casalemedia.com/ Frame ECB4 Redirect Chain
|
43 B 871 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
match
ad.360yield.com/ul_cb/ Frame ECB4 Redirect Chain
|
43 B 446 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cksync.php
contextual.media.net/ Frame ECB4 |
45 B 784 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Frame ECB4 |
0 145 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame ECB4 |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v1
match.sharethrough.com/sync/ Frame ECB4 |
0 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
rtb-csync.smartadserver.com/redir/ Frame ECB4 |
43 B 163 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame ECB4 |
0 99 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
um
criteo-sync.teads.tv/ Frame ECB4 |
23 B 172 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xuid
eb2.3lift.com/ Frame ECB4 |
37 B 140 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
ups.analytics.yahoo.com/ups/58301/ Frame ECB4 Redirect Chain
|
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel
cm.adform.net/ Frame ECB4 |
43 B 163 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
visitor.omnitagjs.com/visitor/ Frame ECB4 |
49 B 235 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demconf.jpg
dpm.demdex.net/ Frame ECB4 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9.gif
id5-sync.com/s/966/ Frame ECB4 |
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
matching.ivitrack.com/ Frame ECB4 |
42 B 274 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
push
exchange.mediavine.com/usersync/ Frame ECB4 |
0 884 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
criteo-partners.tremorhub.com/ Frame ECB4 |
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
m
ad.yieldlab.net/ Frame ECB4 |
0 522 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
sync-criteo.ads.yieldmo.com/ Frame ECB4 |
43 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
usermatch.gif
beacon.krxd.net/ Frame ECB4 Redirect Chain
|
0 338 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5387 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 0296 |
783 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cs
s.thebrighttag.com/ Frame ECB4 Redirect Chain
|
35 B 268 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 5387 |
36 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 0296 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 5387 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- securepubads.g.doubleclick.net
- URL
- https://securepubads.g.doubleclick.net/gampad/ads?pvsid=160958688875784&correlator=4137299420461971&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=7870%2CDF%2CMain%2CRoot%2CSearch%2Cdesktop_superbanner_top&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=964x250%7C970x90%7C728x90&ifi=1&adks=746316736&sfv=1-0-40&prev_scp=platformDF%3Ddesktop%26cityIdDf%3D3584%26regionIdDf%3Dnull%26propertyType%3Dapartment%26parType%3Dapartment%26itemType%3Dsale%26isDevelopment%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1669231361325&lmt=1669231361&dlt=1669231360143&idt=1149&adxs=318&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&frm=20&vis=1&psz=1600x2802&msz=1600x0&fws=0&ohw=0&ga_vid=179398499.1669231360&ga_sid=1669231361&ga_hid=316776277&ga_fc=true
- Domain
- securepubads.g.doubleclick.net
- URL
- https://securepubads.g.doubleclick.net/gampad/ads?pvsid=160958688875784&correlator=4137299420461971&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=7870%2CDF%2CMain%2CRoot%2CSearch%2Cmain_button&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=150x50&ifi=2&adks=3863473930&sfv=1-0-40&prev_scp=platformDF%3Ddesktop%26cityIdDf%3D3584%26regionIdDf%3Dnull%26propertyType%3Dapartment%26parType%3Dapartment%26itemType%3Dsale%26isDevelopment%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1669231361331&lmt=1669231361&dlt=1669231360143&idt=1149&adxs=1450&adys=5&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&frm=20&vis=1&psz=1600x60&msz=150x50&fws=0&ohw=0&ga_vid=179398499.1669231360&ga_sid=1669231361&ga_hid=316776277&ga_fc=true
Verdicts & Comments Add Verdict or Comment
39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| dataLayer object| criteo_q function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __INITIAL_DATA__ string| __IMAGESURL__ string| rrPartnerId object| rrApi object| rrApiOnReady object| webpackJsonp object| google_tag_manager object| retailrocket object| rrLibrary undefined| errorModel undefined| request object| rcApi object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_image_requests object| GoogleGcLKhOms40 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .domofond.ru/ | Name: dfuid Value: 0049996d-be67-45ff-99dd-98a437d62720 |
|
| .domofond.ru/ | Name: _ga Value: GA1.2.179398499.1669231360 |
|
| .domofond.ru/ | Name: _gid Value: GA1.2.852330988.1669231360 |
|
| .criteo.com/ | Name: uid Value: d8798e72-2b3a-4246-9b8b-98c76f53da76 |
|
| .domofond.ru/ | Name: rr-testCookie Value: testvalue |
|
| .domofond.ru/ | Name: rrpvid Value: 504322450027362 |
|
| .domofond.ru/ | Name: _gat Value: 1 |
|
| .domofond.ru/ | Name: cto_bundle Value: Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JMa0pMd3Eyd2VDMVV4V2NjSlM2VGFlSFZ5SUZYWGtidXdwR3NzZHlJNng1UWxuYndHTUZoaEtVQUU1U3lBTUtIcWxyc3puJTJCNlNVNEElMkZ2b29xYklYOXV6RFJBRGpIJTJGOVFNZTZ5dW5wdm9HWjRJcU5tbWQlMkZVVlElM0QlM0Q |
|
| .retailrocket.net/ | Name: rcuid Value: 637e7301fc7824bd0ba83d0a |
|
| .domofond.ru/ | Name: rcuid Value: 637e7301fc7824bd0ba83d0a |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUkZyuLP6Yj_OBDzQEKapxqzi-JOqDaskjhdf6I8bAZtULuZ8ZJ1i1IF7nL2Xe0 |
|
| .adnxs.com/ | Name: uuid2 Value: 8816548972910309475 |
|
| .casalemedia.com/ | Name: CMID Value: Y35zAqLoP-.5l5s6JcUsjgAA |
|
| .casalemedia.com/ | Name: CMPS Value: 1138 |
|
| .casalemedia.com/ | Name: CMPRO Value: 1138 |
|
| .media.net/ | Name: visitor-id Value: 3122329627575485000V10 |
|
| .media.net/ | Name: data-c-ts Value: 1669231362 |
|
| .media.net/ | Name: data-c Value: k-CtReM8X2z6aLJepwSeODEhq8tBVX6TlakhPxaw~~3 |
|
| .360yield.com/ | Name: tuuid Value: 2229cab3-1e6f-4133-b213-11296b99c3df |
|
| .360yield.com/ | Name: tuuid_lu Value: 1669231362 |
|
| .360yield.com/ | Name: um Value: !38,eqfMrEs.-r5kA9xFmCVuvtKVS2DiIpIQgzEj0D7Qlj.j-xL8defUy7pADCwI5pLyebuY4b5A,1677007362 |
|
| .360yield.com/ | Name: umeh Value: !38,0,1731439362,-1 |
|
| .demdex.net/ | Name: demdex Value: 46697114976847338204138215056115376134 |
|
| .casalemedia.com/ | Name: CMTS Value: 2219 |
|
| .dpm.demdex.net/ | Name: dpm Value: 46697114976847338204138215056115376134 |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBAJzfmMCEEGfHd83rQAvylKjyKRxcRwFEgEBAQHEf2OIYwAAAAAA_eMAAA&S=AQAAAjKTO5mVUNv1eBPMabNfV50 |
|
| .id5-sync.com/ | Name: cf Value: |
|
| .id5-sync.com/ | Name: cip Value: |
|
| .id5-sync.com/ | Name: cnac Value: |
|
| .id5-sync.com/ | Name: car Value: |
|
| .id5-sync.com/ | Name: gdpr Value: |
|
| .id5-sync.com/ | Name: callback Value: |
|
| .analytics.yahoo.com/ | Name: IDSYNC Value: 18zh~28gj |
|
| exchange.mediavine.com/ | Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2233cbf6a0-6b64-11ed-94de-f97458f09563%22%2C%22version%22%3A%22eu-v1%22%7D |
|
| exchange.mediavine.com/ | Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2233cbf6a0-6b64-11ed-94de-f97458f09563%22%2C%22version%22%3A%22eu-v1%22%7D |
|
| exchange.mediavine.com/ | Name: am_tokens Value: %7B%22mv_uuid%22%3A%2233cbf6a0-6b64-11ed-94de-f97458f09563%22%2C%22version%22%3A%22eu-v1%22%7D |
|
| exchange.mediavine.com/ | Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2233cbf6a0-6b64-11ed-94de-f97458f09563%22%2C%22version%22%3A%22eu-v1%22%7D |
|
| exchange.mediavine.com/ | Name: criteo Value: %7B%22id%22%3A%22k-9PUHd8X2z6aLJepwSeODEhq8tBWZafmxMlt_Sg%22%2C%22version%22%3A%22criteo%22%7D |
|
| .yieldlab.net/ | Name: id Value: f10cba82-326e-4aa4-9ffe-807ae9f1ae9d |
|
| .krxd.net/ | Name: _kuid_ Value: PN3BwWVH |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.de
api.domofond.ru
beacon.krxd.net
cdn.retailrocket.net
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
securepubads.g.doubleclick.net
sslwidget.criteo.com
st01.domofond.ru
st06.domofond.ru
st12.domofond.ru
st17.domofond.ru
st21.domofond.ru
st33.domofond.ru
st46.domofond.ru
st48.domofond.ru
st67.domofond.ru
st76.domofond.ru
st81.domofond.ru
st84.domofond.ru
st93.domofond.ru
st94.domofond.ru
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tpc.googlesyndication.com
tracking.retailrocket.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.eu.criteo.com
www.domofond.ru
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
securepubads.g.doubleclick.net
104.111.242.245
104.79.88.129
138.201.14.3
141.226.228.48
142.250.186.34
146.158.48.128
146.158.48.148
146.158.48.208
146.158.48.7
146.158.48.9
146.158.52.9
146.158.54.148
146.158.54.168
146.158.54.188
162.19.138.118
163.171.128.148
172.64.154.237
176.34.205.255
178.250.2.146
178.250.2.151
18.192.2.142
182.161.74.16
185.255.84.152
185.86.139.115
185.89.210.180
2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a02:2638:1::13
2a02:2638:1::3
3.123.115.183
3.126.56.137
3.18.206.73
3.74.101.32
34.117.157.22
34.252.59.114
37.157.4.25
52.212.100.153
54.72.57.83
69.173.144.139
70.42.32.159
72.247.157.213
76.223.111.18
071c00fcc888eda82100ec82b489faadd1fc96e4bcefd7d6dd817947322d88ae
079fa011e93ea6f1a6115bc6c09f4a10590532a331f9aa331e0a9fbd1831fca5
0c13c9f30d030c0250da9d89517f4d66afa51ae3cdf9b2184a25d96e167ef90b
0f267dc923e34c1cb38e5d35f049f9755a02b6dd76a2a0e2db068abcc11f1794
1a347aec50c1f3fcdbbf28f26166d23c52ac3e7818521eb5492082fda2d4ebd0
1d8236c8c7eb44ab4e1a414bb61f63af0568c023c2117dc8d07a0949f3d0e3b9
27aa83819f29eaa1837456a877686bcaa56ef548f3b9eab4ab3a8e142396d401
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34c5cc0a6f805e515af1d674aaed4eab56d83a2d597b0468c4f65dc53ba17c34
3f11cfe32a0c4b323fc92d24ecbf4d1d29efb11f0ffe6d8ad2fd6f11e6583a6e
3f8ee094d6325a6ab3838224055dddd7ca129ae059568922afc1ee80aa5a1255
40df67df4e6b0f692c04047842520977aba8fec4f425d94da5915a2080574b13
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b68bef6c9dbb1d0ebea39e6a160b6b35a50f96bcda34904c9ec7d2b56896e53
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516c44bf8da8e2daae38155c951d637e56f9455313d0f71120881c9297ff5b88
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602cd1eaaaf369fb995b07a067109f745b9d6b3b178c64190d63a52114cc633
5c0eb5a128fde5001b950224dc74aaaa3ca90f5c42e4f5fa11015da2e66ba8ca
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c6dbf2ac080248eac108b6d4cb199e65e10c30cd095dfe87b10e223f378d1eb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9bed24084bd7041d0ec41ee4984f14495e3fd306d585b77d73ff2bc44e66c84c
9d143f8ef2ce6de1c2d1304f144ebc4d1e8a924851dcbbc59a82269885e51eec
9d6d297069f0c1bb1165f52fa52da19b84997686dd44d4360d7885642eaae008
9fc56ff8f93b0be6e94e26e0a283328869828f93ba3ca886cd66b3b8a8ec2600
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a54aa6b96c35e424d0917cac8c71889d46d9a77bb1e1412cf51423294f617537
a787e40546a26b0c8e75af6ebcea7b697cb8995eb17a8934da9cd5c1d828811a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb977f2f99c21f6f09b324d821400d8d9916577f2f860b5cd51709179561e15
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2872717f6b3dd6614f3ea134c787ca3bfee8b67c275da97c15af662d000e48a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7af873e25665ff42dcfe12392bad38939a07cc6cc5eac14cabdcaa3b912d1b5
b8ca5d059ede0dbf28e6eb6922b6365b0d10426effb2e493a3a1c0e27225f283
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
b9a05746fd8873c51fd711d39b869214930c7d4d3951c81e1b0c372f5a619009
ba8fcb7703c90fc1cec3ec6a2bb3e2b4ade3f69cfb42a0df6e8091b03e877a77
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c24e6cc3be7abd60db0f0bf8e299f60681d990e0daed8a3bacc966adafc9fe22
c78e1a4bf98b6c6a85104739131c66936598473eee0ac619f0a42c164df0ab0a
c83688caf222cba0e49c41567834d20f87c145e2546f187ff5126082e6fff6c2
ca1e51b137335d9bc710460b95c93e78a282fcfe7fbab4670b92665c1f5bd9a7
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4bed5c5c9ccd56214a7c78747044195268b203f4160f132a6605c119a5796bc
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
da0aff4248e503812c4439af7ed830a5c552c024533726b4c77bed976001912e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e169fee8ebafda850dbdd65445f16858f3be57fbbcd7a2ea8c15f1a6da1d3d
f18a115222437b352fb0df4a11761f7ca09b43eaf732818e5ab17f84d755d648
f43fe00e5712727d272f78c5926d1da7432b675565a29d18d253121dffde0923
f95adccf0663425023b8af4f4c5716c46f987c0b6439582ae2d5c839ac4b9998