Submitted URL: http://www.edu-news.website/
Effective URL: http://edu-news.website/for-fb/index.php
Submission: On February 17 via api from US

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 51 HTTP transactions. The main IP is 94.23.149.233, located in Netherlands and belongs to OVH, FR. The main domain is edu-news.website.
This is the only time edu-news.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 94.23.149.233 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.24.14.31 13335 (CLOUDFLAR...)
5 217.69.139.33 47764 (MAILRU-AS...)
4 185.212.8.10 62071 (DATAHOST-AS)
1 37.209.240.8 58045 (SPORTS-AS)
5 5.254.23.81 3223 (VOXILITY)
1 5.254.23.209 3223 (VOXILITY)
2 2a00:1450:400... 15169 (GOOGLE)
2 5.254.23.76 3223 (VOXILITY)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
51 14
Domain Requested by
17 edu-news.website www.edu-news.website
edu-news.website
5 fonts.gstatic.com edu-news.website
5 retina.news.mail.ru edu-news.website
4 noi.md edu-news.website
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 pagead2.googlesyndication.com edu-news.website
pagead2.googlesyndication.com
2 phototass1.cdnvideo.ru edu-news.website
2 phototass3.cdnvideo.ru edu-news.website
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 s11.stc.all.kpcdn.net edu-news.website
1 s10.stc.all.kpcdn.net edu-news.website
1 phototass4.cdnvideo.ru edu-news.website
1 phototass2.cdnvideo.ru edu-news.website
1 s5o.ru edu-news.website
1 www.capital.ro edu-news.website
1 fonts.googleapis.com edu-news.website
1 www.edu-news.website
51 19

This site contains links to these domains. Also see Links.

Domain
add-news-ro.info
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
ssl390493.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-20 -
2020-05-28
6 months crt.sh
news.mail.ru
GeoTrust RSA CA 2018
2019-12-09 -
2021-12-08
2 years crt.sh
noi.md
Let's Encrypt Authority X3
2020-01-09 -
2020-04-08
3 months crt.sh
s5o.ru
Let's Encrypt Authority X3
2020-01-31 -
2020-04-30
3 months crt.sh
*.cdnvideo.ru
Go Daddy Secure Certificate Authority - G2
2018-06-13 -
2020-06-26
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
kpcdn.net
Let's Encrypt Authority X3
2019-12-09 -
2020-03-08
3 months crt.sh
*.google.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh

This page contains 4 frames:

Primary Page: http://edu-news.website/for-fb/index.php
Frame ID: DE49412BA89EB865D65215950E002FD0
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html
Frame ID: DD0FD4A579A2DD0B32D73E66CF238A10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7530693347425879&output=html&h=250&slotname=3637846230&adk=3641993700&adf=560640749&w=250&lmt=1581954063&psa=0&guci=1.2.0.0.2.2.0.0&format=250x250&url=http%3A%2F%2Fedu-news.website%2Ffor-fb%2Findex.php&flash=0&wgl=1&adsid=NT&dt=1581954063921&bpp=14&bdt=163&fdt=60&idt=61&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2401437206669&frm=20&pv=2&ga_vid=216005834.1581954064&ga_sid=1581954064&ga_hid=96749434&ga_fc=0&iag=0&icsg=43775&dssz=10&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1018&ady=774&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C44714237&oid=3&pvsid=3985760781444785&ref=http%3A%2F%2Fwww.edu-news.website%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ho66M8stg5&p=http%3A//edu-news.website&dtd=73
Frame ID: B49C98C69A9701BA29C24A679599514C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7530693347425879&output=html&adk=1812271804&adf=3025194257&lmt=1581954064&plat=1%3A1081352%2C2%3A1081352%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fedu-news.website%2Ffor-fb%2Findex.php&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1581954063958&bpp=5&bdt=201&fdt=62&idt=62&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=2401437206669&frm=20&pv=1&ga_vid=216005834.1581954064&ga_sid=1581954064&ga_hid=96749434&ga_fc=0&iag=0&icsg=174847&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C44714237&oid=3&pvsid=3985760781444785&ref=http%3A%2F%2Fwww.edu-news.website%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=67
Frame ID: 8C73CF139D746A86B671D90FB51F62B1
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.edu-news.website/ Page URL
  2. http://edu-news.website/for-fb/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

51
Requests

65 %
HTTPS

43 %
IPv6

14
Domains

19
Subdomains

14
IPs

5
Countries

2915 kB
Transfer

3624 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.edu-news.website/ Page URL
  2. http://edu-news.website/for-fb/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.edu-news.website/
111 B
445 B
Document
General
Full URL
http://www.edu-news.website/
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx / PHP/5.4.45
Resource Hash
fe9941a037b85cbb15f26d2e3c83bab9774d2f6a1566908da22bae04267dbce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.edu-news.website
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Server
nginx
Date
Mon, 17 Feb 2020 15:41:03 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.45
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Server-Powered-By
Engintron
Content-Encoding
gzip
Primary Request index.php
edu-news.website/for-fb/
17 KB
5 KB
Document
General
Full URL
http://edu-news.website/for-fb/index.php
Requested by
Host: www.edu-news.website
URL: http://www.edu-news.website/
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx / PHP/5.4.45
Resource Hash
a02f04214916e774ed321a583497348029c3888f723534d305f1478dfbc4e499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
edu-news.website
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.edu-news.website/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Referer
http://www.edu-news.website/

Response headers

Server
nginx
Date
Mon, 17 Feb 2020 15:41:03 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.45
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Server-Powered-By
Engintron
Content-Encoding
gzip
css
fonts.googleapis.com/
4 KB
655 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Encode+Sans+Expanded:400,600,700
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63b01e44fee4c8786d09cfd1b0a2c42199c3bcb9e35d0c0b9d9fd053b53dd79d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
access-control-allow-origin
*
date
Mon, 17 Feb 2020 15:41:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
cache-control
private, max-age=86400
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 17 Feb 2020 15:41:03 GMT
bootstrap.css
edu-news.website/for-fb/plugin-frameworks/
187 KB
23 KB
Stylesheet
General
Full URL
http://edu-news.website/for-fb/plugin-frameworks/bootstrap.css
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
7c367ac076e6a1bef61fd77aa2adcfebf1771dcfb01c18dd8ba153b14bef423b

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Nov 2019 11:02:39 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 18 Mar 2020 15:41:03 GMT
ionicons.css
edu-news.website/for-fb/fonts/
56 KB
9 KB
Stylesheet
General
Full URL
http://edu-news.website/for-fb/fonts/ionicons.css
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
41ef5db80a664d92136696ff00ec290c52fae419baeb8c655d7ef8f63e85a62c

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Nov 2019 11:01:44 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 18 Mar 2020 15:41:03 GMT
styles.css
edu-news.website/for-fb/common/
74 KB
11 KB
Stylesheet
General
Full URL
http://edu-news.website/for-fb/common/styles.css
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
5963d81cb6d05dd738bdadfd1a1b9c6113625c8716d0640d86d47a5116995a86

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Nov 2019 11:01:41 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 18 Mar 2020 15:41:03 GMT
logoebanaia.jpg
edu-news.website/for-fb/
43 KB
43 KB
Image
General
Full URL
http://edu-news.website/for-fb/logoebanaia.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
d37e9d0a4129a7c14d99ed0240de67dbd4fc89c2bebfcb729a6f10b1dd1fab98

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Last-Modified
Fri, 29 Nov 2019 11:01:30 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44099
Expires
Fri, 17 Apr 2020 15:41:03 GMT
alegeri-vot-465x215.jpg
www.capital.ro/wp-content/uploads/cache/2016-12/
25 KB
26 KB
Image
General
Full URL
https://www.capital.ro/wp-content/uploads/cache/2016-12/alegeri-vot-465x215.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.14.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1177739822b0fde7c07f371b3f4f2e5aa1a8488bf84fec6d637625887f49d5cc
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 28 Mar 2019 23:26:50 GMT
server
cloudflare
etag
"5c9d583a-647b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=315360000
accept-ranges
bytes
cf-ray
5668dd02f8a5e654-LHR
content-length
25723
expires
Thu, 14 Feb 2030 15:41:03 GMT
image37779760_7316afc887037b5d99c4d370b5bcf4a7.jpg
retina.news.mail.ru/pic/55/6b/
82 KB
83 KB
Image
General
Full URL
https://retina.news.mail.ru/pic/55/6b/image37779760_7316afc887037b5d99c4d370b5bcf4a7.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.33 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
news.mail.ru
Software
nginx/1.16.1 /
Resource Hash
4102dd5ae3b9c732ee03338901cc8e2fb953f4605035bda16c11f83b93f3887c

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
last-modified
Thu, 05 Sep 2019 13:15:50 GMT
server
nginx/1.16.1
access-control-allow-origin
https://news.mail.ru
etag
"5d710a86-149c6"
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
84422
expires
Tue, 18 Feb 2020 15:41:03 GMT
383344.jpg
noi.md/uploads/newsthumbs/760_500/
125 KB
126 KB
Image
General
Full URL
https://noi.md/uploads/newsthumbs/760_500/383344.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.8.10 Chisinau, Moldova, ASN62071 (DATAHOST-AS, MD),
Reverse DNS
Software
nginx /
Resource Hash
eb2e2012c185ca001001141e49fcb54a8427cb3b78def70972c7d70a742d5ec1

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 15:41:04 GMT
Last-Modified
Mon, 12 Aug 2019 13:08:51 GMT
Server
nginx
ETag
"5d5164e3-1f57b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1814400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128379
Expires
Mon, 09 Mar 2020 15:41:04 GMT
383256.jpg
noi.md/uploads/newsthumbs/760_500/
71 KB
71 KB
Image
General
Full URL
https://noi.md/uploads/newsthumbs/760_500/383256.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.8.10 Chisinau, Moldova, ASN62071 (DATAHOST-AS, MD),
Reverse DNS
Software
nginx /
Resource Hash
c49e2f7391607a9440484141d9d7290103885145d1f9f283950b45f1e642095d

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 15:41:04 GMT
Last-Modified
Mon, 12 Aug 2019 08:21:49 GMT
Server
nginx
ETag
"5d51219d-11bfc"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1814400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72700
Expires
Mon, 09 Mar 2020 15:41:04 GMT
383239.jpg
noi.md/uploads/newsthumbs/760_500/
132 KB
133 KB
Image
General
Full URL
https://noi.md/uploads/newsthumbs/760_500/383239.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.8.10 Chisinau, Moldova, ASN62071 (DATAHOST-AS, MD),
Reverse DNS
Software
nginx /
Resource Hash
f888c9beb96243334cc6a98eac58d45fc0e31b380cfbe708b0856d506e15fb43

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 15:41:04 GMT
Last-Modified
Mon, 12 Aug 2019 07:56:37 GMT
Server
nginx
ETag
"5d511bb5-210a4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1814400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
135332
Expires
Mon, 09 Mar 2020 15:41:04 GMT
383250.jpg
noi.md/uploads/newsthumbs/760_500/
176 KB
176 KB
Image
General
Full URL
https://noi.md/uploads/newsthumbs/760_500/383250.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.212.8.10 Chisinau, Moldova, ASN62071 (DATAHOST-AS, MD),
Reverse DNS
Software
nginx /
Resource Hash
eec6702029d4b8636992c76ed244fc62e2cccb74d2e3cae860bfa1201c524507

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 15:41:04 GMT
Last-Modified
Mon, 12 Aug 2019 08:05:47 GMT
Server
nginx
ETag
"5d511ddb-2bfa8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1814400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
180136
Expires
Mon, 09 Mar 2020 15:41:04 GMT
rue5a0624e6f8.jpg
s5o.ru/storage/simple/ru/edt/85/dc/bc/1a/
76 KB
77 KB
Image
General
Full URL
https://s5o.ru/storage/simple/ru/edt/85/dc/bc/1a/rue5a0624e6f8.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.209.240.8 , Russian Federation, ASN58045 (SPORTS-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e8c21c22ffeac1dbb0222c6fe9cbf79f532f8094f438375882b93010ea60c1fa

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
last-modified
Wed, 31 Jul 2019 10:52:08 GMT
server
nginx
etag
"5d4172d8-13116"
content-type
image/jpeg
status
200
cache-control
max-age=86400, public, must-revalidate
accept-ranges
bytes
content-length
78102
expires
Tue, 18 Feb 2020 11:52:19 GMT
image38231653_6ea0d06832d4eafe9d2fa70e243aff2d.jpg
retina.news.mail.ru/pic/25/6b/
84 KB
84 KB
Image
General
Full URL
https://retina.news.mail.ru/pic/25/6b/image38231653_6ea0d06832d4eafe9d2fa70e243aff2d.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.33 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
news.mail.ru
Software
nginx/1.16.1 /
Resource Hash
378a2b00e02bddd5e579ad6cb5edddfb41479a5d9bd7bafe320d05e429df0ccd

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
last-modified
Thu, 05 Sep 2019 12:50:29 GMT
server
nginx/1.16.1
access-control-allow-origin
https://news.mail.ru
etag
"5d710495-1503b"
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
86075
expires
Tue, 18 Feb 2020 15:41:03 GMT
image38033388_c0f45fc1d5c7d1d6e1929d71cd252e16.jpg
retina.news.mail.ru/pic/b3/38/
70 KB
70 KB
Image
General
Full URL
https://retina.news.mail.ru/pic/b3/38/image38033388_c0f45fc1d5c7d1d6e1929d71cd252e16.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.33 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
news.mail.ru
Software
nginx/1.16.1 /
Resource Hash
60ced3fe6366ad3ae2f6282b7a84ae27a7344ce51f66f5450c86b0772dc409ab

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
last-modified
Wed, 04 Sep 2019 21:50:02 GMT
server
nginx/1.16.1
access-control-allow-origin
https://news.mail.ru
etag
"5d70318a-117db"
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
71643
expires
Tue, 18 Feb 2020 15:41:03 GMT
image37987881_0b39491d411c256a204b3ed246fc204a.jpg
retina.news.mail.ru/pic/44/1d/
88 KB
88 KB
Image
General
Full URL
https://retina.news.mail.ru/pic/44/1d/image37987881_0b39491d411c256a204b3ed246fc204a.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.33 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
news.mail.ru
Software
nginx/1.16.1 /
Resource Hash
ed080aea699f430b709548f27732400a5a23eacd839f7781b8f9b0dd61c9d787

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
last-modified
Tue, 03 Sep 2019 17:49:21 GMT
server
nginx/1.16.1
access-control-allow-origin
https://news.mail.ru
etag
"5d6ea7a1-16039"
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
90169
expires
Tue, 18 Feb 2020 15:41:03 GMT
image37954833_3e434f00aa07b80d8bd4df3bc54ff180.jpg
retina.news.mail.ru/pic/34/f4/
89 KB
89 KB
Image
General
Full URL
https://retina.news.mail.ru/pic/34/f4/image37954833_3e434f00aa07b80d8bd4df3bc54ff180.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.69.139.33 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
news.mail.ru
Software
nginx/1.16.1 /
Resource Hash
72d9177e1391af7570fa2a77e5ceccebe2e4d99b94dbfec89ed8709949d064a4

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
last-modified
Wed, 04 Sep 2019 16:53:53 GMT
server
nginx/1.16.1
access-control-allow-origin
https://news.mail.ru
etag
"5d6fec21-1631a"
content-type
image/jpeg
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
90906
expires
Tue, 18 Feb 2020 15:41:03 GMT
5124896.jpg
phototass3.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/
109 KB
110 KB
Image
General
Full URL
https://phototass3.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/5124896.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.81 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
7180d537df34eac8d38187cda95937c6aae0eb4ab7b52e85c4811e4ddeb608dd

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

status
200
date
Mon, 17 Feb 2020 15:41:04 GMT
cache-control
max-age=31536000
expires
Fri, 18 Dec 2020 15:51:47 GMT
server
nginx
content-type
image/jpeg
5124939.png
phototass2.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/
129 KB
129 KB
Image
General
Full URL
https://phototass2.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/5124939.png
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.81 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
38eb535e6387bb7018def687c03b36d7f8c06a9ac2d25a48ca3b6417d44bf6db

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

status
200
date
Mon, 17 Feb 2020 15:41:03 GMT
cache-control
max-age=31536000
expires
Fri, 18 Dec 2020 14:35:07 GMT
server
nginx
content-type
image/png
5124941.jpg
phototass1.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/
59 KB
59 KB
Image
General
Full URL
https://phototass1.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/5124941.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.81 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
41d17dd8a3babd5553cdacc8b8c0ae2ab58e217e6099b9a3f4ad07141604d278

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

status
200
date
Mon, 17 Feb 2020 15:41:03 GMT
cache-control
max-age=31536000
expires
Wed, 21 Oct 2020 16:28:04 GMT
server
nginx
content-type
image/jpeg
5124353.jpg
phototass1.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/
61 KB
61 KB
Image
General
Full URL
https://phototass1.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/5124353.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.81 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
49c02ad8e2e463f3b2b339c29459ab5687c883028c6512719b4e67b18416ed89

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

status
200
date
Mon, 17 Feb 2020 15:41:03 GMT
cache-control
max-age=31536000
expires
Wed, 21 Oct 2020 17:22:31 GMT
server
nginx
content-type
image/jpeg
5124709.jpg
phototass4.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/
91 KB
91 KB
Image
General
Full URL
https://phototass4.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/5124709.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.209 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
7804f0e1c069502c4590603270128f28dc6f0cd182781722af26e7cdeabdf319

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

status
200
date
Mon, 17 Feb 2020 15:41:03 GMT
cache-control
max-age=31536000
expires
Thu, 17 Dec 2020 07:15:08 GMT
server
nginx
content-type
image/jpeg
5124387.jpg
phototass3.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/
63 KB
63 KB
Image
General
Full URL
https://phototass3.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20190812/5124387.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.81 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
9e88ab41c0b39f906840454104103e693e262bd4a39d5612dd6c51608618231c

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

status
200
date
Mon, 17 Feb 2020 15:41:04 GMT
cache-control
max-age=31536000
expires
Fri, 18 Dec 2020 15:51:47 GMT
server
nginx
content-type
image/jpeg
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
107 KB
38 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3a76ad6e89656f037893887498a78ec5245a3d5a81c7bff3872aa30543a0686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38681
x-xss-protection
0
server
cafe
etag
15857264934409653620
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Feb 2020 15:41:03 GMT
inx960x640.jpg
s10.stc.all.kpcdn.net/share/i/12/11006034/
104 KB
105 KB
Image
General
Full URL
https://s10.stc.all.kpcdn.net/share/i/12/11006034/inx960x640.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.76 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
5488ba4d116763b6b774d43e2a7f519b7a2fab0306fc5c2645eeae99715f5b24

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:41:04 GMT
last-modified
Sat, 03 Aug 2019 08:32:10 -0000
server
nginx
access-control-allow-origin
*
etag
"fed267671a55e86b8b86b241a35c20d8"
content-type
image/webp
status
200
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
106680
expires
Tue, 18 Feb 2020 12:21:46 -0000
inx960x640.jpg
s11.stc.all.kpcdn.net/share/i/12/11016055/
72 KB
72 KB
Image
General
Full URL
https://s11.stc.all.kpcdn.net/share/i/12/11016055/inx960x640.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.76 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
bfd7042b383740e3ee40b564a9a05114fae3c24e481f8b891b12d3a40c93711a

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 15:41:04 GMT
last-modified
Sun, 11 Aug 2019 17:08:10 -0000
server
nginx
access-control-allow-origin
*
etag
"f8610d3122885180b5ebec63ee92ee9e"
content-type
image/webp
status
200
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
73494
expires
Tue, 18 Feb 2020 05:15:00 -0000
map.png
edu-news.website/for-fb/images/
140 KB
141 KB
Image
General
Full URL
http://edu-news.website/for-fb/images/map.png
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
03aad0d095199980753a405f706d7404a7ef3f439182ea09e13a1891bf2ad9ff

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Last-Modified
Fri, 29 Nov 2019 11:02:14 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143809
Expires
Fri, 17 Apr 2020 15:41:03 GMT
jquery-3.2.1.min.js
edu-news.website/for-fb/plugin-frameworks/
85 KB
30 KB
Script
General
Full URL
http://edu-news.website/for-fb/plugin-frameworks/jquery-3.2.1.min.js
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Nov 2019 11:02:41 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 18 Mar 2020 15:41:03 GMT
tether.min.js
edu-news.website/for-fb/plugin-frameworks/
24 KB
8 KB
Script
General
Full URL
http://edu-news.website/for-fb/plugin-frameworks/tether.min.js
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
7354b4bd3b6d15ee20094eb2e50ae6f8466aa138671e02f57680da978660f611

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Nov 2019 11:02:42 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 18 Mar 2020 15:41:03 GMT
bootstrap.js
edu-news.website/for-fb/plugin-frameworks/
97 KB
17 KB
Script
General
Full URL
http://edu-news.website/for-fb/plugin-frameworks/bootstrap.js
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
3bcd01f7e93c9000f22df7d2b451106674f1014f7566bc866d478ac313b4b773

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Nov 2019 11:02:36 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 18 Mar 2020 15:41:03 GMT
scripts.js
edu-news.website/for-fb/common/
5 KB
2 KB
Script
General
Full URL
http://edu-news.website/for-fb/common/scripts.js
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
dc50ab36a43fc86125008c9b1c5b57d4eb820bb386831c77c8a1e7768dc7da4a

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Nov 2019 11:01:40 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 18 Mar 2020 15:41:03 GMT
slider-1-1200x900.jpg
edu-news.website/for-fb/images/
182 KB
182 KB
Image
General
Full URL
http://edu-news.website/for-fb/images/slider-1-1200x900.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
544ab9c2727afbee6dcd9655e450eb2a1de68bc5bd0e07424ce8bc1b4935326b

Request headers

Referer
http://edu-news.website/for-fb/common/styles.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Last-Modified
Fri, 29 Nov 2019 11:02:22 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
186059
Expires
Fri, 17 Apr 2020 15:41:03 GMT
slider-2-450x600.jpg
edu-news.website/for-fb/images/
81 KB
81 KB
Image
General
Full URL
http://edu-news.website/for-fb/images/slider-2-450x600.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
be577d80972333a91efd505aa4a6cc1a9b3e4a4dd28b617afe85ca40785e001c

Request headers

Referer
http://edu-news.website/for-fb/common/styles.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Last-Modified
Fri, 29 Nov 2019 11:02:23 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82623
Expires
Fri, 17 Apr 2020 15:41:03 GMT
slider-3-450x600.jpg
edu-news.website/for-fb/images/
58 KB
58 KB
Image
General
Full URL
http://edu-news.website/for-fb/images/slider-3-450x600.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
e366a576d0560409c738bd5a1682614140c13c422edb6ed5efe69b0091524d7d

Request headers

Referer
http://edu-news.website/for-fb/common/styles.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Last-Modified
Fri, 29 Nov 2019 11:02:24 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59310
Expires
Fri, 17 Apr 2020 15:41:03 GMT
slider-4-450x600.jpg
edu-news.website/for-fb/images/
59 KB
59 KB
Image
General
Full URL
http://edu-news.website/for-fb/images/slider-4-450x600.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
24c47784474d35805c4cd5a38f88e2466f67162322e65db0cca8fa2f55607cf1

Request headers

Referer
http://edu-news.website/for-fb/common/styles.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Last-Modified
Fri, 29 Nov 2019 11:02:26 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60118
Expires
Fri, 17 Apr 2020 15:41:03 GMT
slider-5-450x600.jpg
edu-news.website/for-fb/images/
46 KB
46 KB
Image
General
Full URL
http://edu-news.website/for-fb/images/slider-5-450x600.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
2e508a17f0d74485b0a0ff2b91c3cd12b581ba455c0d39d43a52d3e5e337fa81

Request headers

Referer
http://edu-news.website/for-fb/common/styles.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Last-Modified
Fri, 29 Nov 2019 11:02:27 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46984
Expires
Fri, 17 Apr 2020 15:41:03 GMT
slider-6-450x600.jpg
edu-news.website/for-fb/images/
50 KB
51 KB
Image
General
Full URL
http://edu-news.website/for-fb/images/slider-6-450x600.jpg
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
2cb74c1a38c2ed552e8b9e592973c9e3a7f6fc70cdf4bd3ea1be1beef0c75fc9

Request headers

Referer
http://edu-news.website/for-fb/common/styles.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Last-Modified
Fri, 29 Nov 2019 11:02:28 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51486
Expires
Fri, 17 Apr 2020 15:41:03 GMT
c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpL6DRNPVo0.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/encodesansexpanded/v4/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpL6DRNPVo0.woff2
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af3de8dda62eae6a9f826016afba4f3778be7b5a525f4d09126403d25e7e1b4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Encode+Sans+Expanded:400,600,700
Origin
http://edu-news.website
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

date
Fri, 31 Jan 2020 22:46:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:44:22 GMT
server
sffe
age
1443287
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
20320
x-xss-protection
0
expires
Sat, 30 Jan 2021 22:46:16 GMT
ionicons.ttf
edu-news.website/for-fb/fonts/
184 KB
184 KB
Font
General
Full URL
http://edu-news.website/for-fb/fonts/ionicons.ttf?v=2.0.0
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
HTTP/1.1
Server
94.23.149.233 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
cpsfur.iphoster.net
Software
nginx /
Resource Hash
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Origin
http://edu-news.website
Referer
http://edu-news.website/for-fb/fonts/ionicons.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 15:41:03 GMT
Last-Modified
Fri, 29 Nov 2019 11:01:58 GMT
Server
nginx
Content-Type
font/ttf
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
188508
Expires
Fri, 17 Apr 2020 15:41:03 GMT
c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKeDBNPVo0.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/encodesansexpanded/v4/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKeDBNPVo0.woff2
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
305ca5ac6bd35aa91233977bc2d5617d65db1cb06c0868a26d624b6ed655cca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Encode+Sans+Expanded:400,600,700
Origin
http://edu-news.website
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

date
Tue, 04 Feb 2020 17:39:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:42:13 GMT
server
sffe
age
1116097
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
20004
x-xss-protection
0
expires
Wed, 03 Feb 2021 17:39:26 GMT
c4m_1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpolKQY.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/encodesansexpanded/v4/c4m_1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpolKQY.woff2
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
052128a6794e043b3ac066ca1173fdc7dbf46d8b41ce35b4f88776d3402b6424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Encode+Sans+Expanded:400,600,700
Origin
http://edu-news.website
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

date
Fri, 31 Jan 2020 21:50:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:41:09 GMT
server
sffe
age
1446615
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
19884
x-xss-protection
0
expires
Sat, 30 Jan 2021 21:50:48 GMT
c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKeDBNBVo0iPw.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/encodesansexpanded/v4/c4mw1mF4GcnstG_Jh1QH6ac4hNLeNyeYUpKeDBNBVo0iPw.woff2
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dcc326ad01cc78167dc62081557bfda14ff4592b4cfa9292577eb613095f42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Encode+Sans+Expanded:400,600,700
Origin
http://edu-news.website
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

date
Fri, 31 Jan 2020 02:13:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:41:55 GMT
server
sffe
age
1517232
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
18028
x-xss-protection
0
expires
Sat, 30 Jan 2021 02:13:51 GMT
c4m_1mF4GcnstG_Jh1QH6ac4hNLeNyeYUporKQZwdw.woff2
fonts.gstatic.com/s/encodesansexpanded/v4/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/encodesansexpanded/v4/c4m_1mF4GcnstG_Jh1QH6ac4hNLeNyeYUporKQZwdw.woff2
Requested by
Host: edu-news.website
URL: http://edu-news.website/for-fb/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77f5113cf47a3d9170f5d877ac1b885e165cfa10b9a539971a3056895490761a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Encode+Sans+Expanded:400,600,700
Origin
http://edu-news.website
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0

Response headers

date
Sat, 01 Feb 2020 04:06:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:41:03 GMT
server
sffe
age
1424061
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
18288
x-xss-protection
0
expires
Sun, 31 Jan 2021 04:06:42 GMT
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=edu-news.website
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=edu-news.website
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/
252 KB
91 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2940fd5410266278b49250a1b2afdc5be955676657dc1f9f0b5c20dcf902aba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
93263
x-xss-protection
0
server
cafe
etag
5596272101604601780
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 17 Feb 2020 15:41:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/ Frame DD0F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200212/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://edu-news.website/for-fb/index.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
iframe
Referer
http://edu-news.website/for-fb/index.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 13 Feb 2020 01:43:32 GMT
expires
Thu, 27 Feb 2020 01:43:32 GMT
content-type
text/html; charset=UTF-8
etag
17772678075199185246
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4496
x-xss-protection
0
cache-control
public, max-age=1209600
age
395851
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame B49C
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7530693347425879&output=html&h=250&slotname=3637846230&adk=3641993700&adf=560640749&w=250&lmt=1581954063&psa=0&guci=1.2.0.0.2.2.0.0&format=250x250&url=http%3A%2F%2Fedu-news.website%2Ffor-fb%2Findex.php&flash=0&wgl=1&adsid=NT&dt=1581954063921&bpp=14&bdt=163&fdt=60&idt=61&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2401437206669&frm=20&pv=2&ga_vid=216005834.1581954064&ga_sid=1581954064&ga_hid=96749434&ga_fc=0&iag=0&icsg=43775&dssz=10&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1018&ady=774&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C44714237&oid=3&pvsid=3985760781444785&ref=http%3A%2F%2Fwww.edu-news.website%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ho66M8stg5&p=http%3A//edu-news.website&dtd=73
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7530693347425879&output=html&h=250&slotname=3637846230&adk=3641993700&adf=560640749&w=250&lmt=1581954063&psa=0&guci=1.2.0.0.2.2.0.0&format=250x250&url=http%3A%2F%2Fedu-news.website%2Ffor-fb%2Findex.php&flash=0&wgl=1&adsid=NT&dt=1581954063921&bpp=14&bdt=163&fdt=60&idt=61&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=2401437206669&frm=20&pv=2&ga_vid=216005834.1581954064&ga_sid=1581954064&ga_hid=96749434&ga_fc=0&iag=0&icsg=43775&dssz=10&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1018&ady=774&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C44714237&oid=3&pvsid=3985760781444785&ref=http%3A%2F%2Fwww.edu-news.website%2F&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ho66M8stg5&p=http%3A//edu-news.website&dtd=73
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://edu-news.website/for-fb/index.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
iframe
Referer
http://edu-news.website/for-fb/index.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 17 Feb 2020 15:41:04 GMT
server
cafe
content-length
23884
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 17-Feb-2020 15:56:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Mon, 17 Feb 2020 15:41:04 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://edu-news.website/for-fb/index.php
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 15:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1581337310261798"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27884
x-xss-protection
0
expires
Mon, 17 Feb 2020 15:41:04 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8C73
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7530693347425879&output=html&adk=1812271804&adf=3025194257&lmt=1581954064&plat=1%3A1081352%2C2%3A1081352%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fedu-news.website%2Ffor-fb%2Findex.php&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1581954063958&bpp=5&bdt=201&fdt=62&idt=62&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=2401437206669&frm=20&pv=1&ga_vid=216005834.1581954064&ga_sid=1581954064&ga_hid=96749434&ga_fc=0&iag=0&icsg=174847&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C44714237&oid=3&pvsid=3985760781444785&ref=http%3A%2F%2Fwww.edu-news.website%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=67
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7530693347425879&output=html&adk=1812271804&adf=3025194257&lmt=1581954064&plat=1%3A1081352%2C2%3A1081352%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fedu-news.website%2Ffor-fb%2Findex.php&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1581954063958&bpp=5&bdt=201&fdt=62&idt=62&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=250x250&nras=1&correlator=2401437206669&frm=20&pv=1&ga_vid=216005834.1581954064&ga_sid=1581954064&ga_hid=96749434&ga_fc=0&iag=0&icsg=174847&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304%2C44714237&oid=3&pvsid=3985760781444785&ref=http%3A%2F%2Fwww.edu-news.website%2F&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=1&uci=a!1&fsb=1&dtd=67
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://edu-news.website/for-fb/index.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Sec-Fetch-Dest
iframe
Referer
http://edu-news.website/for-fb/index.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 17 Feb 2020 15:41:04 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 17-Feb-2020 15:56:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Mon, 17 Feb 2020 15:41:04 GMT
cache-control
private

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| adsbygoogle function| $ function| jQuery function| Tether object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| dropdownMenu function| isExists function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnFoRJGa87MEZImG5lEGkVeAzZJpJGOOqa0Csq6qbyJPFEE7XxLrzWNvQ9D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
edu-news.website
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
noi.md
pagead2.googlesyndication.com
phototass1.cdnvideo.ru
phototass2.cdnvideo.ru
phototass3.cdnvideo.ru
phototass4.cdnvideo.ru
retina.news.mail.ru
s10.stc.all.kpcdn.net
s11.stc.all.kpcdn.net
s5o.ru
www.capital.ro
www.edu-news.website
www.googletagservices.com
104.24.14.31
185.212.8.10
217.69.139.33
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2003
2a00:1450:4001:817::2002
37.209.240.8
5.254.23.209
5.254.23.76
5.254.23.81
94.23.149.233
03aad0d095199980753a405f706d7404a7ef3f439182ea09e13a1891bf2ad9ff
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
052128a6794e043b3ac066ca1173fdc7dbf46d8b41ce35b4f88776d3402b6424
0dcc326ad01cc78167dc62081557bfda14ff4592b4cfa9292577eb613095f42f
1177739822b0fde7c07f371b3f4f2e5aa1a8488bf84fec6d637625887f49d5cc
24c47784474d35805c4cd5a38f88e2466f67162322e65db0cca8fa2f55607cf1
2940fd5410266278b49250a1b2afdc5be955676657dc1f9f0b5c20dcf902aba0
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2cb74c1a38c2ed552e8b9e592973c9e3a7f6fc70cdf4bd3ea1be1beef0c75fc9
2e508a17f0d74485b0a0ff2b91c3cd12b581ba455c0d39d43a52d3e5e337fa81
305ca5ac6bd35aa91233977bc2d5617d65db1cb06c0868a26d624b6ed655cca2
378a2b00e02bddd5e579ad6cb5edddfb41479a5d9bd7bafe320d05e429df0ccd
38eb535e6387bb7018def687c03b36d7f8c06a9ac2d25a48ca3b6417d44bf6db
3bcd01f7e93c9000f22df7d2b451106674f1014f7566bc866d478ac313b4b773
4102dd5ae3b9c732ee03338901cc8e2fb953f4605035bda16c11f83b93f3887c
41d17dd8a3babd5553cdacc8b8c0ae2ab58e217e6099b9a3f4ad07141604d278
41ef5db80a664d92136696ff00ec290c52fae419baeb8c655d7ef8f63e85a62c
49c02ad8e2e463f3b2b339c29459ab5687c883028c6512719b4e67b18416ed89
544ab9c2727afbee6dcd9655e450eb2a1de68bc5bd0e07424ce8bc1b4935326b
5488ba4d116763b6b774d43e2a7f519b7a2fab0306fc5c2645eeae99715f5b24
5963d81cb6d05dd738bdadfd1a1b9c6113625c8716d0640d86d47a5116995a86
60ced3fe6366ad3ae2f6282b7a84ae27a7344ce51f66f5450c86b0772dc409ab
63b01e44fee4c8786d09cfd1b0a2c42199c3bcb9e35d0c0b9d9fd053b53dd79d
7180d537df34eac8d38187cda95937c6aae0eb4ab7b52e85c4811e4ddeb608dd
72d9177e1391af7570fa2a77e5ceccebe2e4d99b94dbfec89ed8709949d064a4
7354b4bd3b6d15ee20094eb2e50ae6f8466aa138671e02f57680da978660f611
77f5113cf47a3d9170f5d877ac1b885e165cfa10b9a539971a3056895490761a
7804f0e1c069502c4590603270128f28dc6f0cd182781722af26e7cdeabdf319
7c367ac076e6a1bef61fd77aa2adcfebf1771dcfb01c18dd8ba153b14bef423b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
9e88ab41c0b39f906840454104103e693e262bd4a39d5612dd6c51608618231c
a02f04214916e774ed321a583497348029c3888f723534d305f1478dfbc4e499
af3de8dda62eae6a9f826016afba4f3778be7b5a525f4d09126403d25e7e1b4e
b3a76ad6e89656f037893887498a78ec5245a3d5a81c7bff3872aa30543a0686
be577d80972333a91efd505aa4a6cc1a9b3e4a4dd28b617afe85ca40785e001c
bfd7042b383740e3ee40b564a9a05114fae3c24e481f8b891b12d3a40c93711a
c49e2f7391607a9440484141d9d7290103885145d1f9f283950b45f1e642095d
d37e9d0a4129a7c14d99ed0240de67dbd4fc89c2bebfcb729a6f10b1dd1fab98
dc50ab36a43fc86125008c9b1c5b57d4eb820bb386831c77c8a1e7768dc7da4a
e366a576d0560409c738bd5a1682614140c13c422edb6ed5efe69b0091524d7d
e8c21c22ffeac1dbb0222c6fe9cbf79f532f8094f438375882b93010ea60c1fa
eb2e2012c185ca001001141e49fcb54a8427cb3b78def70972c7d70a742d5ec1
ed080aea699f430b709548f27732400a5a23eacd839f7781b8f9b0dd61c9d787
eec6702029d4b8636992c76ed244fc62e2cccb74d2e3cae860bfa1201c524507
f888c9beb96243334cc6a98eac58d45fc0e31b380cfbe708b0856d506e15fb43
fe9941a037b85cbb15f26d2e3c83bab9774d2f6a1566908da22bae04267dbce6