winintro.ru
Open in
urlscan Pro
188.40.254.211
Public Scan
URL:
http://winintro.ru/
Submission Tags: falconsandbox
Submission: On January 18 via api from US — Scanned from DE
Submission Tags: falconsandbox
Submission: On January 18 via api from US — Scanned from DE
Summary
This website contacted 24 IPs
in 4 countries
across 16 domains to perform 89 HTTP transactions.
The main IP is 188.40.254.211, located in
Germany and
belongs to HETZNER-AS, DE.
The main domain is winintro.ru.
This is the only time winintro.ru was scanned on urlscan.io!
This is the only time winintro.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
15
2a00:1450:4001:812::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| pagead2.googlesyndication.com |
4
139.162.151.130
(Frankfurt am Main, Germany)
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: reformal.ru
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: reformal.ru
| widget.reformal.ru | |
| reformal.ru | |
| log.reformal.ru |
8
2a00:1450:4001:80e::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net | |
| adservice.google.de |
1
142.250.186.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
| partner.googleadservices.com |
12
2a00:1450:4001:82a::2001
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| tpc.googlesyndication.com |
1
2a00:1450:4001:801::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagservices.com |
5
142.250.185.162
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
| cm.g.doubleclick.net | |
| www.googletagservices.com |
5
2.18.234.21
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
| dsum-sec.casalemedia.com |
3
185.33.220.244
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| ib.adnxs.com |
2
44.235.179.16
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-179-16.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-179-16.us-west-2.compute.amazonaws.com
| fw.adsafeprotected.com |
2
142.250.186.98
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
| googleads4.g.doubleclick.net |
2
2600:9000:2127:5600:8:48e:53c0:93a1
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| static.adsafeprotected.com |
8
52.43.241.68
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-241-68.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-241-68.us-west-2.compute.amazonaws.com
| dt.adsafeprotected.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 27 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124 |
399 KB |
| 13 |
doubleclick.net
3 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274 |
88 KB |
| 12 |
adsafeprotected.com
1 redirects
fw.adsafeprotected.com — Cisco Umbrella Rank: 711 static.adsafeprotected.com — Cisco Umbrella Rank: 533 dt.adsafeprotected.com — Cisco Umbrella Rank: 484 |
95 KB |
| 11 |
2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255 |
149 KB |
| 6 |
winintro.ru
winintro.ru |
27 KB |
| 5 |
casalemedia.com
3 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590 |
4 KB |
| 5 |
yandex.com
2 redirects
mc.yandex.com — Cisco Umbrella Rank: 25627 |
2 KB |
| 4 |
google.com
cse.google.com — Cisco Umbrella Rank: 2788 adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13 |
2 KB |
| 4 |
reformal.ru
widget.reformal.ru reformal.ru — Cisco Umbrella Rank: 491484 log.reformal.ru — Cisco Umbrella Rank: 801612 |
5 KB |
| 3 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
55 KB |
| 3 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 241 |
3 KB |
| 3 |
yandex.ru
2 redirects
mc.yandex.ru — Cisco Umbrella Rank: 2853 |
49 KB |
| 2 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165 |
75 KB |
| 2 |
google.de
adservice.google.de — Cisco Umbrella Rank: 8028 |
914 B |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
1 KB |
| 1 |
googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777 |
644 B |
| 89 | 16 |
| Domain | Requested by | |
|---|---|---|
| 15 | pagead2.googlesyndication.com |
winintro.ru
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com |
| 12 | tpc.googlesyndication.com |
winintro.ru
googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com |
| 11 | s0.2mdn.net |
winintro.ru
s0.2mdn.net googleads.g.doubleclick.net |
| 8 | dt.adsafeprotected.com |
googleads.g.doubleclick.net
|
| 7 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
winintro.ru googleads.g.doubleclick.net |
| 6 | winintro.ru |
winintro.ru
|
| 5 | dsum-sec.casalemedia.com |
3 redirects
googleads.g.doubleclick.net
|
| 5 | mc.yandex.com |
2 redirects
winintro.ru
|
| 4 | cm.g.doubleclick.net |
3 redirects
googleads.g.doubleclick.net
|
| 3 | ib.adnxs.com |
2 redirects
googleads.g.doubleclick.net
|
| 3 | mc.yandex.ru |
2 redirects
winintro.ru
|
| 2 | static.adsafeprotected.com |
googleads.g.doubleclick.net
|
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | googleads4.g.doubleclick.net |
winintro.ru
|
| 2 | fw.adsafeprotected.com |
1 redirects
winintro.ru
|
| 2 | www.googletagservices.com |
winintro.ru
googleads.g.doubleclick.net |
| 2 | adservice.google.com |
pagead2.googlesyndication.com
|
| 2 | adservice.google.de |
pagead2.googlesyndication.com
|
| 2 | reformal.ru |
winintro.ru
|
| 1 | www.google.com |
tpc.googlesyndication.com
|
| 1 | www.gstatic.com |
googleads.g.doubleclick.net
|
| 1 | fonts.googleapis.com |
googleads.g.doubleclick.net
|
| 1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
| 1 | log.reformal.ru |
winintro.ru
|
| 1 | cse.google.com |
winintro.ru
|
| 1 | widget.reformal.ru |
winintro.ru
|
| 89 | 26 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| getadmx.com |
| reformal.ru |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.g.doubleclick.net GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
| *.googleadservices.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
| *.google.de GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
| mc.yandex.ru Yandex CA |
2021-12-22 - 2022-06-03 |
5 months | crt.sh |
| tpc.googlesyndication.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
| fw.adsafeprotected.com Amazon |
2021-08-11 - 2022-09-09 |
a year | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
| static.adsafeprotected.com Amazon |
2021-09-05 - 2022-10-04 |
a year | crt.sh |
| dt.adsafeprotected.com Amazon |
2021-11-19 - 2022-12-18 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
This page contains 13 frames:
Primary Page:
http://winintro.ru/
Frame ID: 1BDE4F17FF90C57D18F5FF1440FBAD22
Requests: 26 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: 2DE34C359E2BF901A68D1BAAE2A79DCF
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642543124&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642543124539&bpp=4&bdt=92&idt=92&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&correlator=2030677312050&frm=20&pv=2&ga_vid=1102456657.1642543125&ga_sid=1642543125&ga_hid=804366327&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064037%2C31064124%2C44756088&oid=2&pvsid=1492579838495754&pem=982&tmod=749&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=DWuW6N5v1J&p=http%3A//winintro.ru&dtd=105
Frame ID: CFC92FDAA461A965C7C3EFF90AD8ACE2
Requests: 16 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=1573534164&lmt=1642543124&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwinintro.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1642543124552&bpp=1&bdt=105&idt=98&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=2030677312050&frm=20&pv=1&ga_vid=1102456657.1642543125&ga_sid=1642543125&ga_hid=804366327&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064037%2C31064124%2C44756088&oid=2&pvsid=1492579838495754&pem=982&tmod=749&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=106
Frame ID: D57225B58AA7C84F0705AB867DA1FF88
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Frame ID: F48BD00A972CC142867F172441BEAE3C
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIYseW_vAEwAQ&v=APEucNX4URlJizGFE10_QbC0OgYEZweMNqWSNVdYkaAm9tvH2mV8q4kZsE79HOFZSsJy3uncanrwyGAonP46-xaSUaJdjBDa0A6_l1_gRemw-mUsUD5X8MUMPG9guVgm4PtJ6Y6v96i5zR07CBXdx_Md6WoSkRZr-4rFBpnD5GxSt5wNVwCgFoY
Frame ID: BC4B9D741A16383A99E85AAF6AE7AF75
Requests: 5 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D89BVG8d0E5bK2kVFXD4oR58P9rc3qQxQDiOwjmJKXLqcRU4kXCp7NGzlIZeMEh-VZH1NyEKEVHo1RJGpGvDaNehFVNH8MHwNSWNDfbjxaH-rKpRRJDEROe94l-b4SgUHa_SZhmgNndHxuqct-7Q70r7zK3w&dbm_d=AKAmf-BqLK-Z91b6RiOAaMcuz0T0O2IeO8wpz0tP0amAEmkBvXdHxnEhHkq8Ve2TopXHLURGUT4PxI3L5FlXanTzSAeNYyCCNhaVGlY7NKw9GNWwKcGbd3Xfda4PH_2QvaTbHApm3mUqJ-2GC4QG3Hh-XiH5bzt9s-FwibkxnQI44ENhRX-RYVC9R4hFPk0tl2wSSy5wLigaymMOIT40PsDKnUzyxlc-AKkPg4UXcvR5l40gp8AB8Ol6Dawyxfmt0llIBMoZDUr0FrAPENLR0zBD7ZY0KS1iDHpALRAV0kWgQxn3pPGk3UP4eCi4GHpW1GvBVf9ba8zIZoQCJrpKKeQuNio1V9v02JUCazu4oc2cY78oDT1E-uz2sV4YKiVNSGuFKyNMH4LG8JeE6BSZLRi-RpNdP7ajZt376vq_Zh7xGLBuhvIU-ithrNHEQvLwcIyQPps4wTbuYYVtchNeGd3o8zA4rt8y45ZPUUb3VlCDKEQNki8a7gldvev6tNHIvW6K4kly7sjhBVZv3h8eNN7Y9_kN6-leNkhjZPWMbTvtJyHx3yksu9kfp0g6cOi9CJ_pqw1n3gaaCBWmBrbziBw32mljASSEt_NbGyC3rklRHa3nLrwryD3s8pdPH2loJeVkE3rMDUJtxKFZlj2xUjUQ9kq84MaiPmF0Ix7TCS5lpS4M3Yp-ZCKyiZ4vIxesZYlEvv_v-WFwrsFkewB0lckDfhHTEW075G2zGlLdjMNzDwYi5KsMMeltIi1XKNXsr1GimE2My5QNbeFktkcUtug70d49103GbleZZUjiIIlYXkwJBkACs-2xW41x5Y8YIw4DVQJxnOYm2vI_r9OxgGs-RpUZwbGYh-IfxCnESbabRqf0V-MfixPi5uiUOSA7dZ0zPEQuNilSy_5GJNOaveR3XpWIgZoq4CACVIepY3AM-4z6guh1LKPpoRV2UnjEC8AQEkIQB7N73Gnv9DOVy2DRfIXEiatRcRASKFjXXEDY7z0JF0QnOXXfYkH9hs_NA1PdBJFqrF39V_amDrC2dNdLe6pD7hokO9-a9bxUWHIK8hRuP-Ohe-bzggSve6RB39y0LcXTtVUbcdkClRqEPFAwLo_qtIQcqQhwvykA3fEVipNTRwj9SXo7UC4X_rdshQCCoA19ypJV4vG5mYekXP7WS2In1S-Jypckx6tVC5k2m1jR15ZcKirmIIRzWblTAEV_A1h3GomlEFZrWyoe1iBtFCJXWeV4rSuCJVSac5PIVJoIKTU-H6i07i9B0RjulpS36ikevOU-pHPfi5IYwwUx-LXZWpJx0-WrIsKHjpLGfBOTTxnPeCjNv73eT6U5knl7g1tFZxlNFu_JjTN2M9pbbUWMzbU-X5Tx-V0kfmCHo__9l7SaSbg5C7M0zmoRjvmk3_VzFP53pku8YgFjmdpabvQE1yhtuqNR2QJ7mOZ4EVTCPhphiuvS_AqSlXqX5_UhwavJo1Oe_0nYwDS2qt-haXnfz2avwSg9tiQ3Sk4VCgXe9vofIpARa_jJ4LFnA59M1DSyrmiyJMcQUTUm1cLkrGHpXWt-wZrLRQDQ6Zuyt9R-QSN_-MOjL2RttofFM_TUTP8dN3o-8ZXR3k9RhuFC3hIxCqeCt7VXqs5iKyHxBfogwi5JxcpXqmIL6Yy7WUkgANhRwd_MvTky6C7s1qtC6tZjLKDr_FGF6H_LSwHnZVkCas76FvlwOWDtVPcrTu9opgPINzXbYhcozL5zHMF96p4U3jAZ4lUqu8QUXCVrC7ggtMvVUk6fwCzhd-S-FkIXBf88Kq3kKKYcvQa9luD1F0JSfzSmmj78AtMbcDwEWswvE-POOVJ9vmJxoTQUOx35kDwKwrdkWlaYnnG6zgXk56k7MurAT7oI4TehLZsBeE823J5Illu7krfqfxATPOCvTqeGRbnbIhOTVnxmr9XSCE7v0KWfxwSZdpmHIQNCGdsXEFk9gyZkuNB0YYpnPRFYZKfJNTItkpq3S0Bjk14jilokZlgvHouS0MObhYaiQH6FosKBv137urIA1v_VWtIYoKP2ZOHYGWPo8Kk3E5dTzSRSwzWn6c1CSyrhiXpF-KxB79rJul0cZfb926U6i27gOc3vK-qxqhfljxrCglPlLO8rbWZsAxTDwtqHQ-45c34WqybRgzK1EB9lhsB5rG_rlZAfCZOkOn42SHzx96UNIkpR_mewaQitytyjDvXCYac6iQgh68tjUVjwloGRKdp3gHzNt2kAX1CbOMvqt1Q0AuAuRdLM822fiXy-9-anEuQoxfmntSWJEBrBIErcGLEMhdtXrpDkyyYkI2jA7aUw8z73hOkNPpfkdU916JW5C_STZRv73AlXfzrSDLyuRbdlgimXGevMD7OHI0ziFzkWWKof8iikpu2x-E1SWcvX2-q7Kvh32ukuxU_j3Y3HboAog_ACtvHEdVoLEGueO997NajRWD_pTJtn_xcKaeuPdEQxv5gr7g_9l1NY4tNdEBZK-pPusZD_i_vdaIIfRFvfIElUX9GwJ5YyoCgfA6gbOtezsCXFFCAY0LDTe6s_N5qJ8dgiEhO6i2Au8fYH50tFG83lXV_uyv0ROGRQwpbDqmVRfaKcsuGUzfhPe-tq-B9WGXkJOsDJwfDolkruf2YI81NaSTkj7yZHBGTh8nzdP7P3DIMqZ77mQJQIpedOWSWiNnFZnJ3NMYYzrrpxV0vWQ5KWwt9VWDKxWZl4q9Xk7liWi8nVdlZjk-cvGVPsB9suXCCHYmCVM9L0z85Xn-afjq3MHDZQuz-zuHVEMcOgtlA3kR83n_ME9VReZDx1B6N60hM94v1IjLoxVswKI29jp7jsBVg1mo0DcsP1x7q1d2s73p85cFM2SyXwkinAu7zEqvYeu2QbNZxUlV7JuKz1k14kVPa2aMFDfoCJ6oxjmLk-rFj7DXsz01jYNDlZ4glC84zxE4lT&cid=CAASBORoSs8&rfl=2%2Chttp%253A%252F%252Fwinintro.ru%252F%240
Frame ID: 9CCB6A99FD8ED1CE2E4AFF4FA448D16A
Requests: 23 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2BF4FD2EACFE9466A6004578A8C8A654
Requests: 3 HTTP requests in this frame
Frame:
https://s0.2mdn.net/sadbundle/9532080418646430223/728x90/index.html
Frame ID: 0CCDEC8797EBE8A5DC5E3F90FB36B751
Requests: 10 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: 63F9B1D9250C1CB265CA1FCD1A660A66
Requests: 1 HTTP requests in this frame
Frame:
https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E40663BC1B2D035882AFEA1412827A11
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D4EC065C04B6E5BC9DED5E3709D4069
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D83E074FC750004A2AECD49C2082DE4
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Русская документация для Windows Server 2008 R2 и Windows 7 (Service Pack 1)Detected technologies
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
DoubleClick Campaign Manager (DCM)
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- 2mdn\.net
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googlesyndication\.com/
- 2mdn\.net
Yandex.Metrika
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: http://getadmx.com/
Title: Group Policy Administrative Templates
Title: Group Policy Administrative Templates
Search URL Search Domain Scan URL
URL: http://reformal.ru/
Title: Reformal.ru
Title: Reformal.ru
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://mc.yandex.ru/metrika/watch.js HTTP 302
- https://mc.yandex.ru/metrika/watch.js
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9522.gYX4cBOmdZneKZB9hcpKnQ0VHbL7FpJkuljGGeLvZm1wDJcSuzVdYdf5qRiccPZN.dJRTjDNcksLYHJTrLg4zpuX-EGI%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9522.U2a8N0aw6P3976OsdUwE33bcO4t2rtpNAJW9S0amuIabG1BOfT3BqPgJItIGTW0oujAJdWU-805Pmm4gLTUh-g%2C%2C.zPfDUvtMRwvC8uBe9REp53gQVAM%2C
- https://mc.yandex.com/watch/490927?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8dbz2s7jvc361e07zz%3Afp%3A121%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1200441046741%3Ahid%3A988054003%3Az%3A0%3Ai%3A20220118215844%3Aet%3A1642543125%3Ac%3A1%3Arn%3A786050076%3Arqn%3A1%3Au%3A1642543125590218811%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1642543124393%3Ads%3A26%2C10%2C15%2C1%2C0%2C0%2C%2C75%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1642543125%3At%3A%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D1%8F%20%D0%B4%D0%BB%D1%8F%20Windows%20Server%202008%20R2%20%D0%B8%20Windows%207%20(Service%20Pack%201)&t=gdpr(14)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/490927/1?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8dbz2s7jvc361e07zz%3Afp%3A121%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1200441046741%3Ahid%3A988054003%3Az%3A0%3Ai%3A20220118215844%3Aet%3A1642543125%3Ac%3A1%3Arn%3A786050076%3Arqn%3A1%3Au%3A1642543125590218811%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1642543124393%3Ads%3A26%2C10%2C15%2C1%2C0%2C0%2C%2C75%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1642543125%3At%3A%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D1%8F%20%D0%B4%D0%BB%D1%8F%20Windows%20Server%202008%20R2%20%D0%B8%20Windows%207%20%28Service%20Pack%201%29&t=gdpr%2814%29aw%281%29ti%282%29
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoLQJKi9pWj1LzZVg162IM&google_cver=1 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoLQJKi9pWj1LzZVg162IM&google_cver=1&C=1
- https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
- https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yec4FX7IDSp65.CvCJoHFgAA HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEJ2bdCVF6vamfxVrXWY0WM&google_cver=1&google_hm=2
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
- https://ib.adnxs.com/setuid?entity=101&code=CAESEORfTz6kPpBApf6kmMksNj8&google_cver=1
- https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI1ODExNjE1NjUyNjYzMTkxNA%3D%3D
- https://fw.adsafeprotected.com/rfw/st/892152/58815466/4.js?ias_dspID=3&ias_campId=25576184&ias_pubId=pub-2339592383170032&ias_chanId=1&ias_placementId=15518839114&bidurl=http://winintro.ru/&ias_dealId=&adContainerId=brand_safety_FTjnYerRCtGe7_UP76G3kA8&cbFunctionName=goog_wrapCb_FTjnYerRCtGe7_UP76G3kA8&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwinintro.ru&adsafe_type=g&adsafe_url=http%3A%2F%2Fwinintro.ru%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220112%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20220112%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-2339592383170032%26fa%3D1%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26xpc%3D6PxVzJ9EDL%26p%3Dhttp%253A%2F%2Fwinintro.ru&adsafe_type=b&adsafe_jsinfo=,id:7bf98282-3392-f6ef-fc6c-75acb81530e4,c:1GKWhp,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-84c47844c5-6g7kd,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:4,fm:sUUnz3g+11%7C121%7C13%7C141*.892152-58815466%7C1411%7C1412%7C1413,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:17,oid:ced3686a-78a9-11ec-81b6-f6e7f7f5ac0a,v:19.8.280,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
- https://static.adsafeprotected.com/4.js
89 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
winintro.ru/ |
39 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
helpindex.css
winintro.ru/files/ |
344 B 475 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tabn2v2.js
widget.reformal.ru/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
watch.js
mc.yandex.ru/metrika/ Redirect Chain
|
135 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
90.gif
winintro.ru/files/ |
69 B 365 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cse.js
cse.google.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
headerbgmain.png
winintro.ru/files/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
f_ru.gif
winintro.ru/files/ |
580 B 877 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
f_en.gif
winintro.ru/files/ |
612 B 909 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
transp.gif
reformal.ru/i/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
st.php
log.reformal.ru/ |
43 B 209 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
winintro%7CaHR0cDovL3dpbmludHJvLnJ1Lw==%7C
reformal.ru/human_check/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/ |
284 KB 103 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame 2DE3 |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
215 B 644 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame CFC9 |
97 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame D572 |
38 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 135 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1
mc.yandex.com/watch/490927/ Redirect Chain
|
331 B 413 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/ |
149 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
integrator.js
adservice.google.de/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
integrator.js
adservice.google.com/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/ Frame F48B |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
googleads.g.doubleclick.net/xbbe/ Frame BC4B |
624 B 300 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ad
googleads.g.doubleclick.net/dbm/ Frame 9CCB |
81 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 9CCB |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9CCB |
121 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 9CCB |
15 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CCB |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame BC4B Redirect Chain
|
43 B 1014 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame BC4B Redirect Chain
|
43 B 894 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
setuid
ib.adnxs.com/ Frame BC4B Redirect Chain
|
43 B 1004 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Frame BC4B Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
skeleton.js
fw.adsafeprotected.com/rjss/st/892152/58815466/ Frame 9CCB |
231 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 9CCB |
106 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/elements/html/ Frame 9CCB |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 9CCB |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9CCB |
41 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 9CCB |
217 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2BF4 |
22 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
index.html
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
view
googleads4.g.doubleclick.net/pcs/ Frame 9CCB |
0 571 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 2BF4 |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
anim.min.js
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
polyfill.js
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
img1.jpg
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ Frame CFC9 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame CFC9 |
1 KB 875 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame CFC9 |
19 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame CFC9 |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CFC9 |
121 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame CFC9 |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b08052bb948632636d2eb594b39baf17.js
www.gstatic.com/mysidia/ Frame CFC9 |
27 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame CFC9 |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
downsize_200k_v1
tpc.googlesyndication.com/simgad/11742992477935751085/ Frame CFC9 |
72 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame CFC9 |
206 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame CFC9 |
209 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cta.png
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
877 B 904 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
titillium-web-v10-latin-700.woff
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
15 KB 15 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
titillium-web-v10-latin-regular.woff
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
16 KB 16 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame CFC9 |
215 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame CFC9 |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame CFC9 |
21 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
img2.jpg
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
img3.jpg
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cta-fx.png
s0.2mdn.net/sadbundle/9532080418646430223/728x90/ Frame 0CCD |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
view
googleads4.g.doubleclick.net/pcs/ Frame 9CCB |
0 23 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BF4 |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 63F9 |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4.js
static.adsafeprotected.com/ Frame 9CCB Redirect Chain
|
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sca.17.5.12.js
static.adsafeprotected.com/ Frame E406 |
80 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame 9CCB |
43 B 216 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame 9CCB |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame 9CCB |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame 9CCB |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 9CCB |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame CFC9 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
11 KB 9 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame 9CCB |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D4E |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 4D83 |
783 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
pagead2.googlesyndication.com/bg/ Frame 6D4E |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 4D83 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 6D4E |
0 9 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame 9CCB |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame 9CCB |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dt
dt.adsafeprotected.com/ Frame 9CCB |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
91 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| adsbygoogle string| reformal_wdg_w string| reformal_wdg_h string| reformal_wdg_domain number| reformal_wdg_mode string| reformal_wdg_title string| reformal_wdg_ltitle string| reformal_wdg_lfont string| reformal_wdg_lsize string| reformal_wdg_color string| reformal_wdg_bcolor string| reformal_wdg_tcolor string| reformal_wdg_align string| reformal_wdg_charset number| reformal_wdg_waction string| reformal_wdg_vcolor string| reformal_wdg_cmline string| reformal_wdg_glcolor string| reformal_wdg_tbcolor function| ref_ud boolean| isIE6 string| dref_w string| dref_h number| dref_mode string| dref_title string| dref_ltitle string| dref_lfont string| dref_lsize string| dref_color string| dref_bcolor string| dref_tcolor string| dref_align string| dref_charset number| dref_waction string| dref_vcolor string| dref_cmline string| dref_glcolor string| dref_tbcolor string| dref_tcolor_aw4 number| dref_ext_img number| dref_ext_img_m undefined| v string| dref_ext_cms string| vlink object| MyOtziv function| r_compact function| r_utf8encode object| hc string| out_link function| MyOtzivCl string| str undefined| pageTracker object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter490927 object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .winintro.ru/ | Name: __gads Value: ID=29086186e5dcc3b2-22f65e4023cd00d1:T=1642543124:RT=1642543124:S=ALNI_MY5G-cjXAmAD63D17d9g3NKlo83aA |
|
| .winintro.ru/ | Name: _ym_uid Value: 1642543125590218811 |
|
| .winintro.ru/ | Name: _ym_d Value: 1642543125 |
|
| .mc.yandex.com/ | Name: sync_cookie_csrf Value: 3768928339fake |
|
| .winintro.ru/ | Name: _ym_isad Value: 2 |
|
| .mc.yandex.ru/ | Name: sync_cookie_csrf Value: 2715373094fake |
|
| .yandex.com/ | Name: yandexuid Value: 197381101642543124 |
|
| .yandex.com/ | Name: yuidss Value: 197381101642543124 |
|
| mc.yandex.com/ | Name: yabs-sid Value: 2677806121642543124 |
|
| .yandex.com/ | Name: i Value: jJLEQuS2UhpznfvEmaQ54gyIVbvr7uiuQEKaqUse8lm3vp548a2yYSGarrgFhkm4PDTRKu7wAGkaj/n9h0AEhJkGKNE= |
|
| .yandex.com/ | Name: ymex Value: 1674079124.yrts.1642543124#1674079124.yrtsi.1642543124 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUkVd-GjjJbkK_LDOHnsxbiK6aH4sE7Jq_YAH1Dq_7l1sRD6L8vUhoFGBo7MMw0 |
|
| .adnxs.com/ | Name: uuid2 Value: 2258116156526631914 |
|
| .casalemedia.com/ | Name: CMPS Value: 5191 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVQd=V@l!]tbPl1M>e)ZlrFUfJ+tGXxom>l0HXAf!(bTDLsMAf%wiK0THCOyz4OJ<JU<*bpRz*qF1`*b_hb*1aI- |
|
| .casalemedia.com/ | Name: CMST Value: Yec4FWHnOBUA |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .casalemedia.com/ | Name: CMID Value: Yec4FX7IDSp65.CvCJoHGgAA |
|
| .casalemedia.com/ | Name: CMPRO Value: 1126 |
|
| .casalemedia.com/ | Name: CMRUM3 Value: 2d61e738152760CAESEEJ2bdCVF6vamfxVrXWY0WM |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cse.google.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
log.reformal.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
reformal.ru
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
widget.reformal.ru
winintro.ru
www.google.com
www.googletagservices.com
www.gstatic.com
139.162.151.130
142.250.185.162
142.250.186.130
142.250.186.98
185.33.220.244
188.40.254.211
2.18.234.21
2600:9000:2127:5600:8:48e:53c0:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::200e
2a02:6b8::1:119
44.235.179.16
52.43.241.68
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
06387be2d2a249d28fda44d12260dc2a8f1a25b4ec4baac34502fde8ae07c87d
0b809c553a1626ad6910a4528480d48ec998ed3afa9f82ee296920267122e2a7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11c54a8e83547d7ec3af9960ab4c4b50af1ea2f4bab7f356a6a9a8d3f251c459
122d19cd89c827d8e896ab4df810925f27b0a1ddbcf2a4c73f59d9b243549aee
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c917c270f5dc66e9808570d28edf878d4a00a27e84956a4b806398e5f4e920c
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24df7a696804f97e1b85a1370e6a2089c5f162a7156f255c0729b71916e8d6f8
26151afd8109f8c613b2b70500fae27d1ff371b280f7eab5e227996e46b9b926
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a87dc466b3bf04d2af3c5444cf285b3f4e8e03a954322b01433d11b90793db6
2a8a61c0ae283ffa3409ca9ab2319283568f49e2f58be536699b087741639f5d
3294f614f2fa337b2a60e98beb925d8b49705f4919624896719e7a494badeb3d
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3dfb9f81c40c5f314af44dcc9150bc5fd882362886bd6fb01071276d00275dda
41a19d96fde3b62300f9f41f049f8881fcb4180a422f06f1ef6eeeb615995eff
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
4a8eb3554b2b95adcc12d824a96898ed63071f1064e64f17ded9b371df4aa673
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59634d2853fa1300f9d99b9d1550fcfd09366ba7ae58776b291af9e67dedaa7f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62200de6653947c8d8a7873631f78c2b8a564e40378b6b9d5713186cc1edcf8b
6b3e9889888e0f5c10a356cd1e5b0c6cecfac495314a9ea05eb2744e718795cd
6ea8a3237b651b9a0b96d133c71c0ddcb8d696cb9474c680af4e3effeb7b8f00
7519d12d67db3463413134ba73de870dfa1899b0d933a1ce7c47c9a0fbc5f265
75f34b00de0af755057fe4057154c6e4fb1f4cbafbbb8383fc48ad452472d0c4
77e773643d244128c52ab5535c162c467b2378bef47a784567d2de56fdd4a9e1
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
86297c2f055f491d40c32be608db8f179c45806bb49b05750919852629e1ef9b
8cd23ec8376bd245aa627149f0670262553432dac78a0570d6fad0811df79db4
8d91d6727627a6b0c5540c941852e963f30c79ffd9f6779fbb3456036679e152
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a43f1770b29491ce75b2b31fc89160be563726e06117498693299e2e1334b489
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae32776aae5fbba5f5e09afbc3f01e948cb97a1434924ebfbf25e8f2661d1625
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
bed259afe883dd2b6d2bde9afcd43d492b92656e159de3f043f61b05e4fd713e
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d93dcbfa68020b4988db45230a47d97b4ece90bb404733829f66224851ca6b9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57f9a36a8a088093bbc02c50adaaa50ce878dd4f13add72892e6b28b4756fc3
e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6
ec3a0c5812ef51a22634969bf8af4c91de725bce75537ff261b9563d1c6a2297
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3feb1d3c9a720750b41b2fbe4dde115af9c232cb69a26aede9c49f58396deb
f2530ebfa7dd0eb27e3cfaf23a514aa2dc9ee553ce716036113a28a0e28aeb6b
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4