weinews.ru
Open in
urlscan Pro
5.101.152.59
Public Scan
Submitted URL: http://www.weinews.ru/
Effective URL: http://weinews.ru/
Submission: On November 23 via automatic, source urlhaus
Effective URL: http://weinews.ru/
Submission: On November 23 via automatic, source urlhaus
Summary
This website contacted 18 IPs
in 4 countries
across 13 domains to perform 71 HTTP transactions.
The main IP is 5.101.152.59, located in
Saint Petersburg, Russian Federation and
belongs to BEGET-AS, RU.
The main domain is weinews.ru.
This is the only time weinews.ru was scanned on urlscan.io!
This is the only time weinews.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
29
5.101.152.59
(Saint Petersburg, Russian Federation)
ASN198610 (BEGET-AS, RU)
PTR: m2.loki.beget.com
ASN198610 (BEGET-AS, RU)
PTR: m2.loki.beget.com
| www.weinews.ru | |
| weinews.ru |
5
185.124.191.121
(Russian Federation)
ASN203703 (GWG-AS, RU)
ASN203703 (GWG-AS, RU)
| node.market-place.su | |
| request.market-place.su | |
| api.market-place.su | |
| widget.market-place.su |
2
46.4.4.30
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.30.4.4.46.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.30.4.4.46.clients.your-server.de
| block.s2blosh.com |
1
2606:4700:30::681c:87
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| me.lavaflavour.com |
3
93.95.100.117
(Moscow, Russian Federation)
ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
| news.gnezdo.ru |
4
176.99.0.104
(Russian Federation)
ASN197695 (AS-REG, RU)
PTR: xenon2.stch.ru
ASN197695 (AS-REG, RU)
PTR: xenon2.stch.ru
| code.directadvert.ru | |
| st.directadvert.ru |
1
91.192.148.14
(Russian Federation)
ASN42481 (BEGUN-AS, RU)
PTR: ssp.rambler.ru
ASN42481 (BEGUN-AS, RU)
PTR: ssp.rambler.ru
| profile.ssp.rambler.ru |
1
93.95.99.151
(Moscow, Russian Federation)
ASN48347 (MTW-AS, RU)
PTR: mail3.itech-group.ru
ASN48347 (MTW-AS, RU)
PTR: mail3.itech-group.ru
| zn2.gnezdo.ru |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 29 |
weinews.ru
1 redirects
www.weinews.ru weinews.ru |
829 KB |
| 14 |
gstatic.com
fonts.gstatic.com |
121 KB |
| 8 |
directadvert.ru
code.directadvert.ru st.directadvert.ru cdn.directadvert.ru |
39 KB |
| 6 |
gnezdo.ru
news.gnezdo.ru fcgi.gnezdo.ru zn2.gnezdo.ru |
18 KB |
| 5 |
market-place.su
node.market-place.su request.market-place.su api.market-place.su widget.market-place.su |
57 KB |
| 4 |
yadro.ru
2 redirects
counter.yadro.ru |
3 KB |
| 2 |
s2blosh.com
1 redirects
block.s2blosh.com |
664 B |
| 2 |
google-analytics.com
www.google-analytics.com |
17 KB |
| 1 |
rambler.ru
profile.ssp.rambler.ru |
908 B |
| 1 |
lavaflavour.com
me.lavaflavour.com |
|
| 1 |
gravatar.com
0.gravatar.com |
2 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com |
32 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
2 KB |
| 71 | 13 |
| Domain | Requested by | |
|---|---|---|
| 28 | weinews.ru |
weinews.ru
|
| 14 | fonts.gstatic.com |
weinews.ru
|
| 4 | cdn.directadvert.ru |
weinews.ru
|
| 4 | counter.yadro.ru |
2 redirects
weinews.ru
|
| 3 | news.gnezdo.ru |
weinews.ru
|
| 2 | st.directadvert.ru |
code.directadvert.ru
weinews.ru |
| 2 | fcgi.gnezdo.ru |
news.gnezdo.ru
weinews.ru |
| 2 | code.directadvert.ru |
weinews.ru
code.directadvert.ru |
| 2 | block.s2blosh.com |
1 redirects
weinews.ru
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
weinews.ru |
| 2 | node.market-place.su |
weinews.ru
node.market-place.su |
| 1 | zn2.gnezdo.ru |
weinews.ru
|
| 1 | widget.market-place.su |
node.market-place.su
|
| 1 | profile.ssp.rambler.ru |
weinews.ru
|
| 1 | api.market-place.su |
weinews.ru
|
| 1 | request.market-place.su |
node.market-place.su
|
| 1 | me.lavaflavour.com |
weinews.ru
|
| 1 | 0.gravatar.com |
weinews.ru
|
| 1 | www.googletagmanager.com |
weinews.ru
|
| 1 | fonts.googleapis.com |
weinews.ru
|
| 1 | www.weinews.ru | 1 redirects |
| 71 | 21 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| code.directadvert.ru |
| www.directadvert.ru |
| news.gnezdo.ru |
| www.liveinternet.ru |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.google-analytics.com Google Internet Authority G3 |
2018-10-30 - 2019-01-22 |
3 months | crt.sh |
| block.s1venus.com Let's Encrypt Authority X3 |
2018-10-15 - 2019-01-13 |
3 months | crt.sh |
| gnezdo.news Let's Encrypt Authority X3 |
2018-09-25 - 2018-12-24 |
3 months | crt.sh |
| request.market-place.su Let's Encrypt Authority X3 |
2018-10-31 - 2019-01-29 |
3 months | crt.sh |
| api.market-place.su Let's Encrypt Authority X3 |
2018-10-31 - 2019-01-29 |
3 months | crt.sh |
| fcgi.2xclick.ru Let's Encrypt Authority X3 |
2018-11-04 - 2019-02-02 |
3 months | crt.sh |
| *.ssp.rambler.ru RapidSSL RSA CA 2018 |
2018-07-19 - 2019-04-02 |
8 months | crt.sh |
| widget.market-place.su Let's Encrypt Authority X3 |
2018-10-31 - 2019-01-29 |
3 months | crt.sh |
| zn2.gnezdo.ru Let's Encrypt Authority X3 |
2018-10-12 - 2019-01-10 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://weinews.ru/
Frame ID: BF0D063A1DE616FAE2EB64469CDEABE6
Requests: 70 HTTP requests in this frame
Frame:
https://widget.market-place.su/compiled/widget_2324.html?index=f9549722-5f4a-43b6-8b54-8dd21223c999&hash=myteaser&cnt=3&l1=https%3A%2F%2Fservicer.marketgid.com%2F649510%3Ftoken%3D934aa744ddd698007264175eea784542&wid=2324
Frame ID: D13377FC8132136E9D323CF7D28D44C8
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.weinews.ru/
HTTP 301
http://weinews.ru/ Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
- script /\/wp-includes\//i
- meta generator /WordPress( [\d.]+)?/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
- script /\/wp-includes\//i
- meta generator /WordPress( [\d.]+)?/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^google_tag_manager$/i
Twitter Emoji (Twemoji) (Miscellaneous) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^twemoji$/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
URL: http://code.directadvert.ru/click/?x=DapjSPCg5_sAYhdGcsf0hVUeo5bIlvCe7TJXiKynoP3RCBIlo61K9U66naLCOJxynsuj-K4X3gbCCjf_8BX5sHpK0R2TMdPgnHowfKL31_Lj67zfl6J6_MuoyQBlL3lQ_0kK2o02cH_O2ijGMMv-jsBTJCGug8gTVqCZtHv9e0WtPDBavJ919TP-2gjMgDJR7txaM3DFNN-CoVS4TX0GU-Twx_85CwMVVgi7KlkYm_iTWUbn-On16iuFBaLmTebjTBYFdpGhK2atC-M0mfNpnLANFcu_zNkL97040SW380CsoILsR8Miuw57tms-KmYUzwk9LSehNy1-g9P_vsqd2kERw_i7-vfmIH80PrMaXxsgu0x0c4JexzvZkkRlzsje
Title: Отставка Лаврова: Кремль экстренно объяснил, что произошло
Title: Отставка Лаврова: Кремль экстренно объяснил, что произошло
Search URL Search Domain Scan URL
URL: http://code.directadvert.ru/click/?x=3SdWcQswe2Yk4cIsIOiXtAvu5dio3BRRaWPzqJtpbe4i_1-r3JyqSY8CfwSm1dvrCGjooVa3tIzoXutzx2oCFLst-KVO7-kYNeNEkwTQPBjbmNaK5zFqB3xhgpGg3hgHhu07HkGDGysNer-yQDG4wYA_cWDrm3c7dUZ0lsMgD-An0EGRTCTpiCSCGhUCW7KDpRj145DDAkRZl6Q-JhAD4Hph3yQq52baWdJ5k1Qz4BhHV87nFu0NCFp4FzE6O7kLxkWoZe5oegRwDWOMOJp8z-OUk0gGKG8BwzDl0Fp1o1WtkZ31hIby_FeyGB0qKveGPHmAloIz6MgBzcb0v14KniPr9VPXcN9htRypjN-252vCJHVRtik3nWG1b41oOWjy
Title: Киркоров представил свою красавицу-жену! Не поверите, ей оказалась...
Title: Киркоров представил свою красавицу-жену! Не поверите, ей оказалась...
Search URL Search Domain Scan URL
URL: http://code.directadvert.ru/click/?x=7KpqaqqscMJQ23JUSoqWZ9tCZVgJ5hkgAM9uh6VNcE8ossyE9TAIt92Kmh2qknNKI7Y2qlS5GIbZZj_VcyLpqGFW2wYTfxR7s3_AcL4s9BzlWy1dp1OoVi4v5quM0k4NkrtN6pf7F-e7oPvWjyP5AuJU-6by4WqKSws5hPmpfypQ47tQd5UrL6OB86jMlR07DkDBR4uFv-isNyw5UVdhoP6fxvCZSisuJb2-PhbrPaAELFzhC5esgDFGGFmi4gpuAkUFcFPTEKOpYfVPIz-7z9gVKJ0Bh6aAugTA4d2H9Odsb9x48Lt5sgdCuoj0zhPEUEGHMXpmXgLPIS25Ehgj-mlVpBWRBmp3kDD3y9Kd80YpsgHyTyitYE5ZkGZIiicg
Title: Бермудский треугольник "отпустил" судно через 90 лет! Вот что нашли внутри
Title: Бермудский треугольник "отпустил" судно через 90 лет! Вот что нашли внутри
Search URL Search Domain Scan URL
URL: http://code.directadvert.ru/click/?x=ksNgWHaPcdpr67Ac3YvZlj3yxMkEAztDJg0c1z_fT9FRlnk0wso8U41drnQQVlu-YepFWGaQyfuA_EvGMRVeQaWcsoNP1yrNobl8jgInWgdXjp7AgZXUWyzPO4Os43G1vDbGWM_596KE_H-UOnuezDxtA-pU4MTgSgyBl7qvmRbrKa4XkLa_-cOsbmBbh6Kweu_2aihLoCn1C_9T6g0R4U3hgHqbSypMr8LhiyeXyF47vMMY4x1guxY5Rtw5pFmhbtSjSyLsxu9WfG0gg5PQCDFrsEEGJSo8CVDS8NUoJTZ64ZrOkuBpFEIl-gnn17pXcrKAVqjq7cbbFyw4CAgPWhKxTmDy6WqHPy66kM53J1MjKMCtuUp7qVmogvmhy2Mf
Title: В это невозможно было бы поверить, если бы не фото!
Title: В это невозможно было бы поверить, если бы не фото!
Search URL Search Domain Scan URL
URL: http://www.directadvert.ru/text/landingpartners?ref=331865&source=widget_ref_da&medium=adp&campaign=adp_user&ad=adp_2153636
Search URL Search Domain Scan URL
URL: https://news.gnezdo.ru/t/17525/724766/?token=96712962403997713114170348260&fc=PfNybAQAUmNjdHIgLmZfYmxpbmQB
Search URL Search Domain Scan URL
URL: https://news.gnezdo.ru/t/17525/714575/?token=87512962403996713114170348260&fc=PfNybAQAUmNjdHIgG2ZfYmxpbmQB
Search URL Search Domain Scan URL
URL: https://news.gnezdo.ru/t/17525/680730/?token=33772962403992713114170348332&fc=PfNybAQAUmNjdHIgMGVtYXNrYw0=
Search URL Search Domain Scan URL
URL: http://news.gnezdo.ru/p/17525/13392/?token=59302962403996013114170348248
Title: Добавить новость
Title: Добавить новость
Search URL Search Domain Scan URL
URL: http://www.liveinternet.ru/click
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.weinews.ru/
HTTP 301
http://weinews.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 48- http://block.s2blosh.com/rotator-v2/155705.js HTTP 301
- https://block.s2blosh.com/rotator-v2/155705.js
- http://counter.yadro.ru/hit?t13.6;r;s1600*1200*24;uhttp%3A//weinews.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043C%u0438%u0440%u0430.%20%u041C%u0438%u0440%u043E%u0432%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20WeiNews.ru;0.3172877905131093 HTTP 302
- http://counter.yadro.ru/hit?q;t13.6;r;s1600*1200*24;uhttp%3A//weinews.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043C%u0438%u0440%u0430.%20%u041C%u0438%u0440%u043E%u0432%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20WeiNews.ru;0.3172877905131093
- http://counter.yadro.ru/hit;All_da_nnn_dn_realty?r;s1600*1200*24;uhttp%3A//weinews.ru/;0.26527275403018846 HTTP 302
- http://counter.yadro.ru/hit;All_da_nnn_dn_realty?q;r;s1600*1200*24;uhttp%3A//weinews.ru/;0.26527275403018846
71 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
/
weinews.ru/ Redirect Chain
|
173 KB 174 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css
fonts.googleapis.com/ |
30 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_composer.min.css
weinews.ru/wp-content/plugins/js_composer/assets/css/ |
451 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
weinews.ru/wp-content/themes/Newspaper-PURCHASHED/ |
1 MB 113 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
demo_style.css
weinews.ru/wp-content/themes/Newspaper-PURCHASHED/includes/demos/college/ |
413 B 601 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
weinews.ru/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
weinews.ru/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
0.gravatar.com/avatar/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-emoji-release.min.js
weinews.ru/wp-includes/js/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-header.png
weinews.ru/wp-content/uploads/2018/10/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
95294973-741x486.jpg
weinews.ru/wp-content/uploads/2018/10/ |
41 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1432383-30644531-2560-1440-324x160.jpg
weinews.ru/wp-content/uploads/2018/10/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
35cbca009f74df2abfb01f023e6092b2-324x160.jpg
weinews.ru/wp-content/uploads/2018/10/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1533141503-73153917-324x160.jpg
weinews.ru/wp-content/uploads/2018/10/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9b9e1aa86f5785bd91d02ae459f03efa.jpg
weinews.ru/wp-content/uploads/2018/10/ |
64 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
e77e1c5e5e4077a165c3d7b0402e1a77-324x160.jpg
weinews.ru/wp-content/uploads/2018/09/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
93c95b5b1f3951f2d77fb0262b89826a-324x160.jpg
weinews.ru/wp-content/uploads/2018/09/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5e6e8af3cc1787bf13212c6b7f34721c-324x160.jpg
weinews.ru/wp-content/uploads/2018/09/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
35cbca009f74df2abfb01f023e6092b2-324x235.jpg
weinews.ru/wp-content/uploads/2018/10/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1432383-30644531-2560-1440-324x235.jpg
weinews.ru/wp-content/uploads/2018/10/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
95294973-324x235.jpg
weinews.ru/wp-content/uploads/2018/10/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
e77e1c5e5e4077a165c3d7b0402e1a77-324x235.jpg
weinews.ru/wp-content/uploads/2018/09/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9b9e1aa86f5785bd91d02ae459f03efa-324x235.jpg
weinews.ru/wp-content/uploads/2018/10/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
api.js
node.market-place.su/div/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1533141503-73153917-324x235.jpg
weinews.ru/wp-content/uploads/2018/10/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tagdiv_theme.min.js
weinews.ru/wp-content/themes/Newspaper-PURCHASHED/js/ |
201 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
comment-reply.min.js
weinews.ru/wp-includes/js/ |
1 KB 993 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-embed.min.js
weinews.ru/wp-includes/js/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_composer_front.min.js
weinews.ru/wp-content/plugins/js_composer/assets/js/dist/ |
19 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
121 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
9.jpg
weinews.ru/wp-content/uploads/2018/09/ |
90 KB 90 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
newspaper.woff
weinews.ru/wp-content/themes/Newspaper-PURCHASHED/images/icons/ |
15 KB 15 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v15/ |
6 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v15/ |
5 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v18/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v18/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v18/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v18/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UNirkOVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v15/ |
5 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mpwidget.js
node.market-place.su/div/build/ |
50 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
155705.js
block.s2blosh.com/rotator-v2/ Redirect Chain
|
10 B 446 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rq.jsp
me.lavaflavour.com/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
block_a.js
news.gnezdo.ru/show/17525/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2153636.js
code.directadvert.ru/data/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hit
counter.yadro.ru/ Redirect Chain
|
801 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dev
request.market-place.su/ |
181 B 725 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
geo-str-2.png
api.market-place.su/stest/img/ Frame D133 |
0 401 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
tzr.fcgi
fcgi.gnezdo.ru/cgi-bin/ |
1 KB 865 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
fcgi.gnezdo.ru/e/ |
43 B 116 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
info.min.js
st.directadvert.ru/news/js/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2153636.js
code.directadvert.ru/data/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hit;All_da_nnn_dn_realty
counter.yadro.ru/ Redirect Chain
|
43 B 411 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync2.204
profile.ssp.rambler.ru/ |
0 908 B |
Image
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5343961.jpg
cdn.directadvert.ru/cdn/images/100x100/61/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5157349.jpg
cdn.directadvert.ru/cdn/images/100x100/49/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5378783.jpg
cdn.directadvert.ru/cdn/images/100x100/83/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
5061397.jpg
cdn.directadvert.ru/cdn/images/100x100/97/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.svg
st.directadvert.ru/directadvert/img/widgets/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widget_2324.html
widget.market-place.su/compiled/ Frame D133 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
724766_6f7ff6c9fe.jpg
news.gnezdo.ru/img/110x110/766/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
714575_0e00c78d67.jpg
news.gnezdo.ru/img/110x110/575/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
680730_ff8ad959a0.jpg
zn2.gnezdo.ru/img/110x110/730/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
184 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache string| tds_login_sing_in_widget object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| gtag object| dataLayer object| google_tag_manager object| block_td_uid_6_5bf7bce2dc705 string| GoogleAnalyticsObject function| ga object| jQuery11240868064565141665 object| block_td_uid_11_5bf7bce2de41a object| tmpObj string| currentBlockObjSignature number| myOpenRaquestNumber number| myOpenRaquestRegister object| venus155705 object| loaded_blocks_directadvert object| s function| f object| block_td_uid_18_5bf7bce2e8575 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n function| $f object| addComment function| vc_js function| getSizeName function| loadScript function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox string| screen_size function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| makeBridge function| mp_bridge_listener boolean| MpBridgeListenerAttached function| MpWidgetContainer function| MPWidgetLibDispatcher object| MpFrameBridges function| MPWidgetBackRef string| ref_param object| gnezdoVP_17525 function| getBaseDomain17525 string| BDom17525 string| Guid17525 function| gnezdo_ru_tizer17525 function| vp_init_17525 function| afterLoad_17525 function| gnezdoGetData_17525 number| gnezdo_check_tracker function| gnezdo_news function| gnezdo_news_event object| newScript number| __da_info_loaded number| __da_widget_count number| __da_widget_loaded object| events_arr object| e_arr object| events_log function| __da_info function| __da_info_over object| __da_info_params4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .weinews.ru/ | Name: _gat_gtag_UA_127307739_1 Value: 1 |
|
| .weinews.ru/ | Name: _gid Value: GA1.2.262331708.1542962404 |
|
| .weinews.ru/ | Name: _ga Value: GA1.2.1454105417.1542962404 |
|
| weinews.ru/ | Name: PHPSESSID Value: 8e416fc816074c6b24787b72aca37177 |
28 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.gravatar.com
api.market-place.su
block.s2blosh.com
cdn.directadvert.ru
code.directadvert.ru
counter.yadro.ru
fcgi.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
me.lavaflavour.com
news.gnezdo.ru
node.market-place.su
profile.ssp.rambler.ru
request.market-place.su
st.directadvert.ru
weinews.ru
widget.market-place.su
www.google-analytics.com
www.googletagmanager.com
www.weinews.ru
zn2.gnezdo.ru
176.99.0.104
185.124.191.121
185.148.37.80
195.161.16.136
2606:4700:30::681c:87
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81a::200a
2a00:1450:4001:81a::200e
2a04:fa87:fffe::c000:4902
46.4.4.30
5.101.152.59
88.212.201.205
88.212.201.207
91.192.148.14
93.95.100.117
93.95.99.151
1299c1b9173bb604d2b97e428a4924b6ed073516e8f54662ed46c29387e984be
12bd50f115d45b56f0f22f8a40bbd4aedeecab627e11060f49b5ab539d996e50
14725fd365f27ba8d509ce9c56bf4580039e377dff97b70637b1091035bc6894
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
24e793523610ab99a856d9daff096496e59a1986cb84ddb501375e8a0e6a7423
28504f61681add4d48a92f363f60c085bc462909114cf8bb6e2fa873e3ccd46a
2b486f118ef6aa172cdf3900617200d35cb55d2d5315ba621379611740a000c9
2cdc7482af3176d3c41e97a312dcf7e679a5b3b49b32c5ad4642c5b30e1b6017
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31a5f1e388365282b6a00a413835adc26be875db85cf3485b11f4fabccbcfc84
349c9eaeb1ddfca43b899f7479defefa32bb049c49f25c9ccaa6432cf0ffab95
3942e03acae0e61df9692c49c1f2d3c20aae84861d48ee41f13c071f9d3173b8
41720926981ffb6dc229f06fc0bbf0f43e45ba032d126726ebee481c2a6559e2
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a6210c561be1a166c09e474640ade5f2f254702987d2d8fc1623aa83accab90
4c387ca240b10fca8800d54ef5a9bfc4e7318bb6b68a68331b5c980d9f93181f
4d7d01132973c55ed816922a6efbb5bc3d757628fdb69bab2226189bae344b2a
503c1285c67c8ad7ccfb18ce0c1f2e13e2b44bfcd0dc0b6994de8afaaab67ba2
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
6082aa2f5aab855120cd58f560f58975579097c484d23cc7854977a529f91bc4
64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f
737d7e70c48505d4a1500f4f5dcf097f7be50740acf894fc2bb23f45bd84bde0
7384256fa358aa01b7d9821352d51ddb9bd366ebc0d318f76c12c5e4c21540a9
74f08a5b16db96fd23eeca2c2e6c354d08a95b3360aa2bb6ea0890517bb10469
773571bac1834743667ef1007add6866a955bf1c9bd98a3ea725a42cf9e51957
78b01a2762f51bc926c3499816a498460002241980446614dab35d1823a026c3
797ee535497f163148398ef986e4bb959cff483a457c6afee5127e4ebfd60aa5
7f57f4213198de5de1859fa600b88c0de8e7a619c6178dc2fa60d47e5db8ddc9
7fd3f5cd30725d8100dd5d2e5c570b69e5677fa4f0ff644bcf3e4f7cb42f8e00
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8362d631d4739578d27511e0e17f84c516cea6885ec04ac2f3ed6ea8b67744aa
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8b1b113cf51bb929772692a4ec096e7636861285a511c1df2fcb641f88668060
90e1c31411f1d2d1bdf67942867ad9dee63d3e47e99853b3b4ea9474f5c3550b
91795e472792cae289414b4faf6f0fc57d21efc470839cf35087f8b4a3116a4d
931cf29a3be4b23c39208b55212629d6f65218f457e3cd611adabffb23821542
990b8bb1d9c71f1a17016c1b132d64028ef4dd3e54c6f513f27bb160c793ee34
9df707eeadcd7648693fdd8f381656c64b19c3a6b53b9bd0011a4b8a38a34675
a2d837e2ec554a9c157090db2baf30cbdee301cd01b9d876903cd107fd36a7cb
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a726c8af799c4c310efca2a7fe577ac08ea2ffa7af4cba1198892e61a9ae1a6d
a99b46129bc762f5eb7cbd2e142077ffd053883da3d364ddd65ea57f596f4e7a
b51182de5d3e0e5cfa0a4ed9552dc82be393d7f7a08330f6299e08cdb2665f7f
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b729a847f717fac6d49d41bce006e4aae31aa27974070caf6ee8de29b1fa2e1d
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
bf3fd5760176d67bfd5fbdefc9cfa17babd0df1dd0a5d4e3c21c5784ad75be9c
c7ce58fc9da6243f99e777650724af3cc71fd88710fa918ec4a394888b64b860
cdd769a0559050352077870800d6e5c8889614f270b2a5c67823d3a656575262
cf0556c722e34dd2a5fd461dd98a51d4b55c942ccd03e7ba307ea6fa5e3e9d3d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
dc7375f568ea439c4f544ac6488b963a8d57d6cd65b0a8a551230d330e55483f
dc91018158eebadb83fa33268b864251f6b9972f604f27ea3066b8a9dd289abc
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e201d31fe07bfbba450149be7d90547b1e64a8a255a7d7f6187f38dbcb4f1ef9
e2bfdac341caa0a1f44cfa71d10d66e3b81fc7bdfb3ff4274922208431683c01
e37bf0c2bb659b6eeb906b2481bf6ebc223dd2304a803c9a465f86aac58ace63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf37d9c9f4b280f841c2e1d073d0caa72ce96c2c1567405f665b5f9f4a72deb
ed810154c2a2bafb5b8c93ebc51a45e7a9f7f727153a64d413184ae04a4cc048
f4146bb3429eff8f360947b409b91e2a5061748b38ab1dead6ee18e64b8e020b
f441c824a2cca7fc53de525487927478b8a25a888a0d89c4009ffd629f803df2
f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
ff099241aab30034b641871095d946669f5eebbd89988f4277c59399a28b151a