urlscan.io logo urlscan.io
SecurityTrails logo

obhavo.uz Open in urlscan Pro
94.130.57.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ob-havo.uz/
Effective URL: http://obhavo.uz/
Submission: On December 07 via manual from RU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 26 HTTP transactions. The main IP is 94.130.57.204, located in Ukraine and belongs to HETZNER-AS, DE. The main domain is obhavo.uz.
This is the only time obhavo.uz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 94.130.57.204 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
6 81.95.237.122 12365 (SARKOR-AS...)
2 6 2a02:6b8::1:119 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
26 9
10    94.130.57.204 (Ukraine)

ASN24940 (HETZNER-AS, DE)
PTR: static.204.57.130.94.clients.your-server.de
ob-havo.uz
obhavo.uz
1    2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
6    81.95.237.122 (Uzbekistan)

ASN12365 (SARKOR-AS Sarkor Telecom - Uztelecom, Upstream, UZ)
oa.afishamedia.uz
6    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    172.217.23.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:400c:c0c::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
9 obhavo.uz obhavo.uz
6 mc.yandex.ru 2 redirects obhavo.uz
6 oa.afishamedia.uz obhavo.uz
oa.afishamedia.uz
2 www.google-analytics.com obhavo.uz
1 stats.g.doubleclick.net obhavo.uz
1 securepubads.g.doubleclick.net www.googletagservices.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com obhavo.uz
1 ob-havo.uz 1 redirects
26 10

This site contains links to these domains. Also see Links.

Domain
pogoda.uz
oa.afishamedia.uz
t.me
www.spot.uz
weather.com
Subject Issuer Validity Valid
*.g.doubleclick.net
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2018-10-03 -
2019-10-03		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-11-07 -
2019-01-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://obhavo.uz/
Frame ID: CE4FCEDE4FFE6AF71D7C8EA7EF381C74
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ob-havo.uz/ HTTP 301
    http://obhavo.uz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • env /^SWFObject$/i

Page Statistics

26
Requests

42 %
HTTPS

67 %
IPv6

9
Domains

10
Subdomains

9
IPs

5
Countries

358 kB
Transfer

616 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ob-havo.uz/ HTTP 301
    http://obhavo.uz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://mc.yandex.ru/metrika/watch.js HTTP 301
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 11
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 15
  • http://www.google-analytics.com/collect?v=1&_v=j72&a=1170060845&t=pageview&_s=1&dl=http%3A%2F%2Fobhavo.uz%2F&ul=en-us&de=UTF-8&dt=Toshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1577563762&gjid=1162371487&cid=328959899.1544168321&tid=UA-79095-17&_gid=582267417.1544168321&cd1=uz&z=31495204 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j72&a=1170060845&t=pageview&_s=1&dl=http%3A%2F%2Fobhavo.uz%2F&ul=en-us&de=UTF-8&dt=Toshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1577563762&gjid=1162371487&cid=328959899.1544168321&tid=UA-79095-17&_gid=582267417.1544168321&cd1=uz&z=31495204
Request Chain 17
  • https://mc.yandex.ru/watch/153419?wmode=7&page-url=http%3A%2F%2Fobhavo.uz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1544168319987%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181207073840%3Aet%3A1544168321%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A204407160%3Ahid%3A1038784958%3Ads%3A129%2C2%2C181%2C1%2C136%2C0%2C0%2C54%2C%2C%2C%2C%2C%3Afp%3A524%3Agdpr%3A14%3Av%3A1352%3Ast%3A1544168321%3Au%3A1544168321973812493%3At%3AToshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz HTTP 302
  • https://mc.yandex.ru/watch/153419/1?wmode=7&page-url=http%3A%2F%2Fobhavo.uz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1544168319987%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181207073840%3Aet%3A1544168321%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A204407160%3Ahid%3A1038784958%3Ads%3A129%2C2%2C181%2C1%2C136%2C0%2C0%2C54%2C%2C%2C%2C%2C%3Afp%3A524%3Agdpr%3A14%3Av%3A1352%3Ast%3A1544168321%3Au%3A1544168321973812493%3At%3AToshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
obhavo.uz/
Redirect Chain
  • http://ob-havo.uz/
  • http://obhavo.uz/
19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://obhavo.uz/
Protocol
HTTP/1.1
Server
94.130.57.204 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.57.130.94.clients.your-server.de
Software
nginx /
Resource Hash
f905ba2191af4c9ef903f6890f604de3aaa5b26dd52c46324d5eed43aee42be2

Request headers

Host
obhavo.uz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Fri, 07 Dec 2018 07:38:40 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
3381
Connection
keep-alive
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D; expires=Fri, 07-Dec-2018 09:38:40 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D; expires=Fri, 07-Dec-2018 09:38:40 GMT; Max-Age=7200; path=/; HttpOnly
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 07 Dec 2018 07:38:40 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
http://obhavo.uz/
main.css
obhavo.uz/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://obhavo.uz/css/main.css?r3
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Server
94.130.57.204 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.57.130.94.clients.your-server.de
Software
nginx /
Resource Hash
ee4e87d4ca3db8faaf0284f874db416c8b0fb097f251be2d106670d12232f00e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
obhavo.uz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://obhavo.uz/
Cookie
XSRF-TOKEN=eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D; laravel_session=eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Wed, 21 Nov 2018 13:23:21 GMT
Server
nginx
ETag
"5bf55c49-168a"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5770
gpt.js
www.googletagservices.com/tag/js/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
6055f5b2a6acc067f499fbbd1748398904724f60f1ccaf2e33cf4f7f03a4eae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 07 Dec 2018 07:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"13 / 863 of 1000 / last-modified: 1544143691"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9730
x-xss-protection
1; mode=block
expires
Fri, 07 Dec 2018 07:38:40 GMT
asyncjs.php
oa.afishamedia.uz/www/delivery/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://oa.afishamedia.uz/www/delivery/asyncjs.php
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Server
81.95.237.122 , Uzbekistan, ASN12365 (SARKOR-AS Sarkor Telecom - Uztelecom, Upstream, UZ),
Reverse DNS
Software
nginx /
Resource Hash
95311dd932eb2b51ecd5aab61ab9472a29fa210f9b71cf6c391d8ec1431405a0

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Server
nginx
ETag
313f29a3ccd29d238fbd00f0220544f3
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Expire
Fri, 07 Dec 2018 08:38:40 GMT
pogoda-logo-uz.png
obhavo.uz/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://obhavo.uz/images/pogoda-logo-uz.png
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Server
94.130.57.204 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.57.130.94.clients.your-server.de
Software
nginx /
Resource Hash
91d9cacd8d8230b71fe7c7db9f7d05a9b742fecbd2fa15f0a0d8ebcea8b64bee

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
obhavo.uz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://obhavo.uz/
Cookie
XSRF-TOKEN=eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D; laravel_session=eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Mon, 24 Jul 2017 12:01:13 GMT
Server
nginx
ETag
"5975e189-1384"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4996
cloudy.png
obhavo.uz/images/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://obhavo.uz/images/icons/cloudy.png
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Server
94.130.57.204 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.57.130.94.clients.your-server.de
Software
nginx /
Resource Hash
c5c0f0fa0d8be54bd8b036a7453b5cdcd267572b7cf58f2a8d8f9e18b9b55c02

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
obhavo.uz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://obhavo.uz/
Cookie
XSRF-TOKEN=eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D; laravel_session=eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Mon, 24 Jul 2017 12:01:13 GMT
Server
nginx
ETag
"5975e189-18b2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6322
icon-telegram.png
obhavo.uz/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://obhavo.uz/images/icon-telegram.png
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Server
94.130.57.204 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.57.130.94.clients.your-server.de
Software
nginx /
Resource Hash
106535a5f4c56fe8771535b2dc8d84027f4f15a51ccd60251dd5c7185d73bcae

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
obhavo.uz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://obhavo.uz/
Cookie
XSRF-TOKEN=eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D; laravel_session=eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Mon, 24 Jul 2017 12:01:13 GMT
Server
nginx
ETag
"5975e189-c58"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3160
partlycloudy.png
obhavo.uz/images/icons/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://obhavo.uz/images/icons/partlycloudy.png
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Server
94.130.57.204 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.57.130.94.clients.your-server.de
Software
nginx /
Resource Hash
506f9e56c4b31deff0461825b972534803cc5db0c1072048d8571705a9f7dd46

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
obhavo.uz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://obhavo.uz/
Cookie
XSRF-TOKEN=eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D; laravel_session=eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Mon, 24 Jul 2017 12:01:13 GMT
Server
nginx
ETag
"5975e189-1eef"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7919
chancerain.png
obhavo.uz/images/icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://obhavo.uz/images/icons/chancerain.png
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Server
94.130.57.204 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.57.130.94.clients.your-server.de
Software
nginx /
Resource Hash
e57244b506bee1036b893c2e6f5136d9bc67f35315c277b990a1b3e3fb697a27

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
obhavo.uz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://obhavo.uz/
Cookie
XSRF-TOKEN=eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D; laravel_session=eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Mon, 24 Jul 2017 12:01:13 GMT
Server
nginx
ETag
"5975e189-18df"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6367
clear.png
obhavo.uz/images/icons/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://obhavo.uz/images/icons/clear.png
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Server
94.130.57.204 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.57.130.94.clients.your-server.de
Software
nginx /
Resource Hash
4eedb363df9903af42fae4f082307518c0a7c17fef12ff8188206ccacac31877

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
obhavo.uz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://obhavo.uz/
Cookie
XSRF-TOKEN=eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D; laravel_session=eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Mon, 24 Jul 2017 12:01:13 GMT
Server
nginx
ETag
"5975e189-249d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9373
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
128 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
6f3a55d5c1001e539372a3e762c92dea1326fb0f7f509be41e79c52ad4960c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Dec 2018 12:38:33 GMT
Server
nginx/1.12.2
ETag
"5c07c6c9-ad96"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
44438
Expires
Fri, 07 Dec 2018 08:38:40 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Date
Fri, 07 Dec 2018 07:38:40 GMT
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
185
Content-Type
text/html
lang-sprite.png
obhavo.uz/images/ 		1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://obhavo.uz/images/lang-sprite.png
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Server
94.130.57.204 , Ukraine, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.57.130.94.clients.your-server.de
Software
nginx /
Resource Hash
ae7a213026acaea1a1d4c231d616b5a0acff1948dc7d8b98563251883296be61

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
obhavo.uz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://obhavo.uz/css/main.css?r3
Cookie
XSRF-TOKEN=eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D; laravel_session=eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://obhavo.uz/css/main.css?r3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Mon, 24 Jul 2017 12:01:13 GMT
Server
nginx
ETag
"5975e189-3f4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1012
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
1294
date
Fri, 07 Dec 2018 07:17:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Fri, 07 Dec 2018 09:17:06 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=obhavo.uz
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Dec 2018 07:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=obhavo.uz
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 07 Dec 2018 07:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_277.js
securepubads.g.doubleclick.net/gpt/ 		184 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
9bf3fa92a53ecd66eacbc93b745d721ca9d03bce4c371e43d7022721e038f0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 07 Dec 2018 07:38:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Dec 2018 15:29:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
63903
x-xss-protection
1; mode=block
expires
Fri, 07 Dec 2018 07:38:40 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j72&a=1170060845&t=pageview&_s=1&dl=http%3A%2F%2Fobhavo.uz%2F&ul=en-us&de=UTF-8&dt=Toshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz&sd=24-bit&sr=1600x1...
  • https://www.google-analytics.com/collect?v=1&_v=j72&a=1170060845&t=pageview&_s=1&dl=http%3A%2F%2Fobhavo.uz%2F&ul=en-us&de=UTF-8&dt=Toshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz&sd=24-bit&sr=1600x...
35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j72&a=1170060845&t=pageview&_s=1&dl=http%3A%2F%2Fobhavo.uz%2F&ul=en-us&de=UTF-8&dt=Toshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1577563762&gjid=1162371487&cid=328959899.1544168321&tid=UA-79095-17&_gid=582267417.1544168321&cd1=uz&z=31495204
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Nov 2018 19:39:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
820740
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j72&a=1170060845&t=pageview&_s=1&dl=http%3A%2F%2Fobhavo.uz%2F&ul=en-us&de=UTF-8&dt=Toshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1577563762&gjid=1162371487&cid=328959899.1544168321&tid=UA-79095-17&_gid=582267417.1544168321&cd1=uz&z=31495204
Non-Authoritative-Reason
HSTS
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j72&tid=UA-79095-17&cid=328959899.1544168321&jid=1577563762&gjid=1162371487&_gid=582267417.1544168321&_u=YGBAgEAB~&z=72211529
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c0c::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 07 Dec 2018 07:38:40 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/153419/
Redirect Chain
  • https://mc.yandex.ru/watch/153419?wmode=7&page-url=http%3A%2F%2Fobhavo.uz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1544168319987%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A...
  • https://mc.yandex.ru/watch/153419/1?wmode=7&page-url=http%3A%2F%2Fobhavo.uz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1544168319987%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/153419/1?wmode=7&page-url=http%3A%2F%2Fobhavo.uz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1544168319987%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181207073840%3Aet%3A1544168321%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A204407160%3Ahid%3A1038784958%3Ads%3A129%2C2%2C181%2C1%2C136%2C0%2C0%2C54%2C%2C%2C%2C%2C%3Afp%3A524%3Agdpr%3A14%3Av%3A1352%3Ast%3A1544168321%3Au%3A1544168321973812493%3At%3AToshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Fri, 07-Dec-2018 07:38:40 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://obhavo.uz
Strict-Transport-Security
max-age=31536000
Location
/watch/153419/1?wmode=7&page-url=http%3A%2F%2Fobhavo.uz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1544168319987%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181207073840%3Aet%3A1544168321%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A204407160%3Ahid%3A1038784958%3Ads%3A129%2C2%2C181%2C1%2C136%2C0%2C0%2C54%2C%2C%2C%2C%2C%3Afp%3A524%3Agdpr%3A14%3Av%3A1352%3Ast%3A1544168321%3Au%3A1544168321973812493%3At%3AToshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 07-Dec-2018 07:38:40 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Fri, 07-Dec-2018 07:38:40 GMT
Server
nginx/1.12.2
Access-Control-Allow-Origin
http://obhavo.uz
Strict-Transport-Security
max-age=31536000
Location
/watch/153419/1?wmode=7&page-url=http%3A%2F%2Fobhavo.uz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1544168319987%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181207073840%3Aet%3A1544168321%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A204407160%3Ahid%3A1038784958%3Ads%3A129%2C2%2C181%2C1%2C136%2C0%2C0%2C54%2C%2C%2C%2C%2C%3Afp%3A524%3Agdpr%3A14%3Av%3A1352%3Ast%3A1544168321%3Au%3A1544168321973812493%3At%3AToshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 07-Dec-2018 07:38:40 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.12.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Fri, 07 Dec 2018 08:38:40 GMT
1
mc.yandex.ru/watch/153419/ 		133 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/153419/1?wmode=7&page-url=http%3A%2F%2Fobhavo.uz%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1544168319987%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181207073840%3Aet%3A1544168321%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A204407160%3Ahid%3A1038784958%3Ads%3A129%2C2%2C181%2C1%2C136%2C0%2C0%2C54%2C%2C%2C%2C%2C%3Afp%3A524%3Agdpr%3A14%3Av%3A1352%3Ast%3A1544168321%3Au%3A1544168321973812493%3At%3AToshkent%20shahridagi%20ob-havo%20-%20Obhavo.uz
Requested by
Host: obhavo.uz
URL: http://obhavo.uz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
567f8797b7e4a770a6180b9dd5165681251bd34494a3840f2b21a76c7e0f73e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://obhavo.uz/
Origin
http://obhavo.uz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 07 Dec 2018 07:38:40 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 07-Dec-2018 07:38:40 GMT
Server
nginx/1.12.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://obhavo.uz
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Fri, 07-Dec-2018 07:38:40 GMT
asyncspc.php
oa.afishamedia.uz/www/delivery/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://oa.afishamedia.uz/www/delivery/asyncspc.php?zones=66%7C65&prefix=revive-0-&loc=http%3A%2F%2Fobhavo.uz%2F
Requested by
Host: oa.afishamedia.uz
URL: http://oa.afishamedia.uz/www/delivery/asyncjs.php
Protocol
HTTP/1.1
Server
81.95.237.122 , Uzbekistan, ASN12365 (SARKOR-AS Sarkor Telecom - Uztelecom, Upstream, UZ),
Reverse DNS
Software
nginx /
Resource Hash
db48873abc306194e2501955b1c74f2ec53a00575bccf5a60995af68d4238cff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://obhavo.uz/
Origin
http://obhavo.uz

Response headers

Pragma
no-cache
Date
Fri, 07 Dec 2018 07:38:40 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://obhavo.uz
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1453
Expires
0
25df7ae4b90f19082e2097954dcb470a.jpg
oa.afishamedia.uz/www/images/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oa.afishamedia.uz/www/images/25df7ae4b90f19082e2097954dcb470a.jpg
Protocol
HTTP/1.1
Server
81.95.237.122 , Uzbekistan, ASN12365 (SARKOR-AS Sarkor Telecom - Uztelecom, Upstream, UZ),
Reverse DNS
Software
nginx /
Resource Hash
9242436764c03f29da731f62d54def114da67d93f8d3b24bad47d2bedbce39fa

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Sat, 25 Aug 2018 06:50:03 GMT
Server
nginx
ETag
"5b80fc1b-23ae7"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
146151
lg.php
oa.afishamedia.uz/www/delivery/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oa.afishamedia.uz/www/delivery/lg.php?bannerid=3544&campaignid=1451&zoneid=66&loc=http%3A%2F%2Fobhavo.uz%2F&cb=7c7e98942a
Protocol
HTTP/1.1
Server
81.95.237.122 , Uzbekistan, ASN12365 (SARKOR-AS Sarkor Telecom - Uztelecom, Upstream, UZ),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 Dec 2018 07:38:40 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
6764374abb0f5bfd7023625eea0a04ee.png
oa.afishamedia.uz/www/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oa.afishamedia.uz/www/images/6764374abb0f5bfd7023625eea0a04ee.png
Protocol
HTTP/1.1
Server
81.95.237.122 , Uzbekistan, ASN12365 (SARKOR-AS Sarkor Telecom - Uztelecom, Upstream, UZ),
Reverse DNS
Software
nginx /
Resource Hash
16371ac514c136e86dcdd07b1f588a9b79d2a83e4b8a991c5e6f076c0e43c916

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Dec 2018 07:38:40 GMT
Last-Modified
Thu, 18 Oct 2018 09:54:29 GMT
Server
nginx
ETag
"5bc85855-41bc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16828
lg.php
oa.afishamedia.uz/www/delivery/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://oa.afishamedia.uz/www/delivery/lg.php?bannerid=3728&campaignid=1634&zoneid=65&loc=http%3A%2F%2Fobhavo.uz%2F&cb=3fe47279ce
Protocol
HTTP/1.1
Server
81.95.237.122 , Uzbekistan, ASN12365 (SARKOR-AS Sarkor Telecom - Uztelecom, Upstream, UZ),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://obhavo.uz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 07 Dec 2018 07:38:40 GMT
Server
nginx
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| googletag string| GoogleAnalyticsObject function| ga object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter153419 object| GPT_jstiming object| google_reactive_ads_global_state undefined| google_measure_js_timing object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync

8 Cookies

Domain/Path Name / Value
obhavo.uz/ Name: XSRF-TOKEN
Value: eyJpdiI6IkUwODNCVHFUU3d0T3pabUU0M0RhTEE9PSIsInZhbHVlIjoicWliZmZNKzRURzBINisrSWg1dUNmTzJWYXMyQ2pjekk3K1dvWmI4NGx4ZHI0MFBCVjFwZFJCYXA0V2wyM25NeThVSzcweHBCTWRZczBXK2lRem12RkE9PSIsIm1hYyI6Ijc5MTc5N2Q1MTEzY2QxMThjOTJjYjI5MmM0MjVkMGY4ZTA5YTMwMjhiODY3ZmFmNjc1YjEwMzhlMTgzYWM1ZDYifQ%3D%3D
.obhavo.uz/ Name: _ga
Value: GA1.2.328959899.1544168321
.obhavo.uz/ Name: _gat
Value: 1
.obhavo.uz/ Name: _ym_isad
Value: 2
.obhavo.uz/ Name: _ym_d
Value: 1544168321
.obhavo.uz/ Name: _ym_uid
Value: 1544168321973812493
.obhavo.uz/ Name: _gid
Value: GA1.2.582267417.1544168321
obhavo.uz/ Name: laravel_session
Value: eyJpdiI6Im1BSUV1dFwvck56SDlkZWlkUElJcCt3PT0iLCJ2YWx1ZSI6IklzYUw1RTdoRFluMjNyTXNZVVZjZGcrNWxkekdObk9VSkRtbk9mZkw4Q0FuUGdrbWNHVXBpVnY3c0tVNzNOTDV4Tlczd1BlODdGMnNlNVpobmVqYWt3PT0iLCJtYWMiOiJkOWRiODMyYzA3ZWE4MDdlODc4NzkxMDJjOWNiNDAzZDE4N2ZlN2EzZDVmMWE1YzNjMTk1MDIwYWI0OGVkMzdiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
mc.yandex.ru
oa.afishamedia.uz
ob-havo.uz
obhavo.uz
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.google-analytics.com
www.googletagservices.com
172.217.23.162
2a00:1450:4001:817::2002
2a00:1450:4001:81f::200e
2a00:1450:4001:824::2002
2a00:1450:4001:825::2002
2a00:1450:400c:c0c::9c
2a02:6b8::1:119
81.95.237.122
94.130.57.204
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
106535a5f4c56fe8771535b2dc8d84027f4f15a51ccd60251dd5c7185d73bcae
16371ac514c136e86dcdd07b1f588a9b79d2a83e4b8a991c5e6f076c0e43c916
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eedb363df9903af42fae4f082307518c0a7c17fef12ff8188206ccacac31877
506f9e56c4b31deff0461825b972534803cc5db0c1072048d8571705a9f7dd46
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
567f8797b7e4a770a6180b9dd5165681251bd34494a3840f2b21a76c7e0f73e3
6055f5b2a6acc067f499fbbd1748398904724f60f1ccaf2e33cf4f7f03a4eae7
6f3a55d5c1001e539372a3e762c92dea1326fb0f7f509be41e79c52ad4960c6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91d9cacd8d8230b71fe7c7db9f7d05a9b742fecbd2fa15f0a0d8ebcea8b64bee
9242436764c03f29da731f62d54def114da67d93f8d3b24bad47d2bedbce39fa
95311dd932eb2b51ecd5aab61ab9472a29fa210f9b71cf6c391d8ec1431405a0
9bf3fa92a53ecd66eacbc93b745d721ca9d03bce4c371e43d7022721e038f0d3
ae7a213026acaea1a1d4c231d616b5a0acff1948dc7d8b98563251883296be61
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
c5c0f0fa0d8be54bd8b036a7453b5cdcd267572b7cf58f2a8d8f9e18b9b55c02
db48873abc306194e2501955b1c74f2ec53a00575bccf5a60995af68d4238cff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57244b506bee1036b893c2e6f5136d9bc67f35315c277b990a1b3e3fb697a27
ee4e87d4ca3db8faaf0284f874db416c8b0fb097f251be2d106670d12232f00e
f905ba2191af4c9ef903f6890f604de3aaa5b26dd52c46324d5eed43aee42be2