winintro.ru
Open in
urlscan Pro
188.40.254.211
Public Scan
Submission: On December 29 via manual from US — Scanned from DE
Summary
This is the only time winintro.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: reformal.ru
widget.reformal.ru | |
reformal.ru | |
log.reformal.ru |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net | |
adservice.google.de |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com |
ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com |
ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
googlesyndication.com
1 redirects
pagead2.googlesyndication.com tpc.googlesyndication.com |
401 KB |
11 |
gstatic.com
www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com |
273 KB |
6 |
doubleclick.net
googleads.g.doubleclick.net |
79 KB |
6 |
winintro.ru
winintro.ru |
27 KB |
5 |
yandex.com
2 redirects
mc.yandex.com |
2 KB |
5 |
google.com
cse.google.com adservice.google.com www.google.com |
2 KB |
4 |
reformal.ru
widget.reformal.ru reformal.ru log.reformal.ru |
5 KB |
3 |
google.de
adservice.google.de |
1 KB |
3 |
yandex.ru
2 redirects
mc.yandex.ru |
48 KB |
2 |
googletagservices.com
www.googletagservices.com |
74 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
googleadservices.com
partner.googleadservices.com |
644 B |
67 | 12 |
Domain | Requested by | |
---|---|---|
13 | tpc.googlesyndication.com |
1 redirects
googleads.g.doubleclick.net
pagead2.googlesyndication.com tpc.googlesyndication.com |
11 | pagead2.googlesyndication.com |
winintro.ru
pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com |
6 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net winintro.ru |
6 | winintro.ru |
winintro.ru
|
5 | mc.yandex.com |
2 redirects
winintro.ru
|
4 | encrypted-tbn1.gstatic.com |
googleads.g.doubleclick.net
|
3 | adservice.google.com |
pagead2.googlesyndication.com
|
3 | adservice.google.de |
pagead2.googlesyndication.com
|
3 | mc.yandex.ru |
2 redirects
winintro.ru
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | encrypted-tbn3.gstatic.com |
googleads.g.doubleclick.net
|
2 | www.gstatic.com |
googleads.g.doubleclick.net
|
2 | www.googletagservices.com |
googleads.g.doubleclick.net
|
2 | fonts.googleapis.com |
googleads.g.doubleclick.net
|
2 | reformal.ru |
winintro.ru
|
1 | www.google.com |
tpc.googlesyndication.com
|
1 | encrypted-tbn0.gstatic.com |
googleads.g.doubleclick.net
|
1 | partner.googleadservices.com |
pagead2.googlesyndication.com
|
1 | log.reformal.ru |
winintro.ru
|
1 | cse.google.com |
winintro.ru
|
1 | widget.reformal.ru |
winintro.ru
|
67 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
getadmx.com |
reformal.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.g.doubleclick.net GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.googleadservices.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
mc.yandex.ru Yandex CA |
2021-12-22 - 2022-06-03 |
5 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-11-29 - 2022-02-21 |
3 months | crt.sh |
This page contains 9 frames:
Primary Page:
http://winintro.ru/
Frame ID: 38664FC4D58BFBAE7DB6D26B73C84AA1
Requests: 28 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: D7286B0DA40F234DCD10A866B3E25C1A
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1748934517&adf=3025194257&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1640818495&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1640818495598&bpp=5&bdt=87&idt=87&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=7163606519048&frm=20&pv=2&ga_vid=834734790.1640818496&ga_sid=1640818496&ga_hid=403261854&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=8&ady=68&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063824&oid=2&pvsid=196856215880720&pem=231&tmod=596&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=e4q0jtPbVl&p=http%3A//winintro.ru&dtd=100
Frame ID: BC88D413FCA6573E50DA0A645C2031EA
Requests: 16 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=1573534164&lmt=1640818495&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwinintro.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1640818495828&bpp=1&bdt=317&idt=0&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D4e76a3d7674fd308-22f3fb7011cd0040%3AT%3D1640818495%3ART%3D1640818495%3AS%3DALNI_MZUVCz9KoGi8Fv_Bh4Gxh-oA3I3Tg&prev_fmts=1200x280&nras=1&correlator=7163606519048&frm=20&pv=1&ga_vid=834734790.1640818496&ga_sid=1640818496&ga_hid=403261854&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063824&oid=2&pvsid=196856215880720&pem=231&tmod=596&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=5
Frame ID: 0C7173650C0E6BEA04F98FAB3ED48B17
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: F81ECD769E3374F9DB24E6F10375D8A7
Requests: 19 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Frame ID: 1E96D2D05F1B174400D9CE2F47DA724C
Requests: 1 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Frame ID: 41189041DE2C10F62AB48297BBD2717A
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E48C5767250AA68DD95B975F392BF0A8
Requests: 2 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 8329AC5EBB64D4125CD9CBFA35BB40E6
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Русская документация для Windows Server 2008 R2 и Windows 7 (Service Pack 1)Detected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Group Policy Administrative Templates
Search URL Search Domain Scan URL
Title: Reformal.ru
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://mc.yandex.ru/metrika/watch.js HTTP 302
- https://mc.yandex.ru/metrika/watch.js
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9502.vIzC87_hA3x63YZZO1YqFISJwo-b-rVSvSdd3y7mA_TD9JX1HMf7n4N1axh1oahZ.m6ib17YEoXEWans2TnI5QdND8G4%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9502.BHupE0gBymDZW_b4a_R_cvFGeynTqjzWjEL9y7DHKdphWO-Uo_tLq76PcgZli-nTj2Wd693j0qukHitJwZE7UQ%2C%2C.P3oU3CFyAgqsB3XR0vSb9dMKkIo%2C
- https://mc.yandex.com/watch/490927?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A150%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A804816747167%3Ahid%3A883682447%3Az%3A0%3Ai%3A20211229225455%3Aet%3A1640818496%3Ac%3A1%3Arn%3A387066490%3Arqn%3A1%3Au%3A1640818496682011926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1640818495429%3Ads%3A53%2C6%2C20%2C1%2C0%2C0%2C%2C107%2C%2C%2C%2C%2C%3Adsn%3A53%2C6%2C20%2C1%2C0%2C0%2C%2C108%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640818496%3At%3A%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D1%8F%20%D0%B4%D0%BB%D1%8F%20Windows%20Server%202008%20R2%20%D0%B8%20Windows%207%20(Service%20Pack%201)&t=gdpr(14)aw(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/490927/1?wmode=7&page-url=http%3A%2F%2Fwinintro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A150%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A804816747167%3Ahid%3A883682447%3Az%3A0%3Ai%3A20211229225455%3Aet%3A1640818496%3Ac%3A1%3Arn%3A387066490%3Arqn%3A1%3Au%3A1640818496682011926%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1640818495429%3Ads%3A53%2C6%2C20%2C1%2C0%2C0%2C%2C107%2C%2C%2C%2C%2C%3Adsn%3A53%2C6%2C20%2C1%2C0%2C0%2C%2C108%2C%2C%2C%2C%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640818496%3At%3A%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%B0%D1%86%D0%B8%D1%8F%20%D0%B4%D0%BB%D1%8F%20Windows%20Server%202008%20R2%20%D0%B8%20Windows%207%20%28Service%20Pack%201%29&t=gdpr%2814%29aw%281%29ti%282%29
- https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M HTTP 301
- https://tpc.googlesyndication.com/simgad/16954104317476786032
67 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
winintro.ru/ |
39 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
helpindex.css
winintro.ru/files/ |
344 B 475 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
144 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tabn2v2.js
widget.reformal.ru/ |
15 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch.js
mc.yandex.ru/metrika/ Redirect Chain
|
134 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
90.gif
winintro.ru/files/ |
69 B 365 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cse.js
cse.google.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
headerbgmain.png
winintro.ru/files/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f_ru.gif
winintro.ru/files/ |
580 B 877 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f_en.gif
winintro.ru/files/ |
612 B 909 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ |
276 KB 100 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame D728 |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transp.gif
reformal.ru/i/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
st.php
log.reformal.ru/ |
43 B 209 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
winintro%7CaHR0cDovL3dpbmludHJvLnJ1Lw==%7C
reformal.ru/human_check/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
partner.googleadservices.com/gampad/ |
215 B 644 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
107 B 792 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
107 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame BC88 |
97 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
integrator.js
adservice.google.de/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
integrator.js
adservice.google.com/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 0C71 |
151 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 136 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/490927/ Redirect Chain
|
331 B 485 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ |
149 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame BC88 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BC88 |
1 KB 960 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame BC88 |
19 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BC88 |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC88 |
119 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BC88 |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame BC88 |
27 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame BC88 |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
downsize_200k_v1
tpc.googlesyndication.com/simgad/2373887008295219964/ Frame BC88 |
70 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame BC88 |
206 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame BC88 |
209 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
integrator.js
adservice.google.de/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
integrator.js
adservice.google.com/adsid/ |
107 B 122 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame F81E |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css
fonts.googleapis.com/ Frame F81E |
2 KB 532 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F81E |
1 KB 880 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
googleads.g.doubleclick.net/pagead/ Frame F81E |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame F81E |
19 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F81E |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F81E |
119 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame F81E |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame F81E |
27 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shopping
encrypted-tbn1.gstatic.com/ Frame F81E |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shopping
encrypted-tbn3.gstatic.com/ Frame F81E |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shopping
encrypted-tbn1.gstatic.com/ Frame F81E |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shopping
encrypted-tbn1.gstatic.com/ Frame F81E |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shopping
encrypted-tbn1.gstatic.com/ Frame F81E |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shopping
encrypted-tbn3.gstatic.com/ Frame F81E |
32 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shopping
encrypted-tbn0.gstatic.com/ Frame F81E |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
16954104317476786032
tpc.googlesyndication.com/simgad/ Frame F81E Redirect Chain
|
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame BC88 |
212 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame BC88 |
21 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame BC88 |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame F81E |
216 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
11 KB 8 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 1E96 |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 4118 |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E48C |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 8329 |
783 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame E48C |
35 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 8329 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame BC88 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame F81E |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
91 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| adsbygoogle string| reformal_wdg_w string| reformal_wdg_h string| reformal_wdg_domain number| reformal_wdg_mode string| reformal_wdg_title string| reformal_wdg_ltitle string| reformal_wdg_lfont string| reformal_wdg_lsize string| reformal_wdg_color string| reformal_wdg_bcolor string| reformal_wdg_tcolor string| reformal_wdg_align string| reformal_wdg_charset number| reformal_wdg_waction string| reformal_wdg_vcolor string| reformal_wdg_cmline string| reformal_wdg_glcolor string| reformal_wdg_tbcolor object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| ref_ud boolean| isIE6 string| dref_w string| dref_h number| dref_mode string| dref_title string| dref_ltitle string| dref_lfont string| dref_lsize string| dref_color string| dref_bcolor string| dref_tcolor string| dref_align string| dref_charset number| dref_waction string| dref_vcolor string| dref_cmline string| dref_glcolor string| dref_tbcolor string| dref_tcolor_aw4 number| dref_ext_img number| dref_ext_img_m undefined| v string| dref_ext_cms string| vlink object| MyOtziv function| r_compact function| r_utf8encode object| hc string| out_link function| MyOtzivCl string| str undefined| pageTracker function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter490927 object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.winintro.ru/ | Name: __gads Value: ID=4e76a3d7674fd308-22f3fb7011cd0040:T=1640818495:RT=1640818495:S=ALNI_MZUVCz9KoGi8Fv_Bh4Gxh-oA3I3Tg |
|
.winintro.ru/ | Name: _ym_uid Value: 1640818496682011926 |
|
.winintro.ru/ | Name: _ym_d Value: 1640818496 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 2362634949fake |
|
.winintro.ru/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 3884067499fake |
|
.yandex.com/ | Name: yandexuid Value: 4813805121640818495 |
|
.yandex.com/ | Name: yuidss Value: 4813805121640818495 |
|
mc.yandex.com/ | Name: yabs-sid Value: 1798763971640818495 |
|
.yandex.com/ | Name: i Value: aNpt8rjThiBQwHd1FYeqlvujFfFYDNfovIkZwoj4YthvcVtsUsn7gdSgwpdZIZYzpRF7+VpWJ/DrlTpZbwJeSR914As= |
|
.yandex.com/ | Name: ymex Value: 1672354495.yrts.1640818495#1672354495.yrtsi.1640818495 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUkIRaOnhksxyt1G_Rbtp1LabREVbUDCq870vj7Rn6tzAIS-lK_84MTomMeD9DU |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
cse.google.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
log.reformal.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
reformal.ru
tpc.googlesyndication.com
widget.reformal.ru
winintro.ru
www.google.com
www.googletagservices.com
www.gstatic.com
139.162.151.130
142.250.184.194
188.40.254.211
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a02:6b8::1:119
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
01905aad0386030e8845f335619e9b794a1f30343276960fab8ed56bf3d485e4
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
2a87dc466b3bf04d2af3c5444cf285b3f4e8e03a954322b01433d11b90793db6
30b4e4a6b97fbe926d46f710012b7d09740e874f9815e70a4e9405daf155a045
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
4049e17634f0df8dbd1146cf2782e410ae91fcc13678b8e3c44b324ae19cb293
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
434dff6740fcb90bfc8a40adb9b7485a20ee5be0a440799945d11e2f2153c4ad
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a8eb3554b2b95adcc12d824a96898ed63071f1064e64f17ded9b371df4aa673
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5876db64caba1b7486e5dd4cb414296ebd7a115132359acf7346df203e89baad
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62200de6653947c8d8a7873631f78c2b8a564e40378b6b9d5713186cc1edcf8b
656bf50a0a30e3a8af841d56bf254aad27e604fd60b34fa80e10d572204e80b6
7a978ae8a07a7c15bfe62d84717ef6370f234d8844c0bac509ff3e5e3132b565
7ad2d097970b4db22e21d9cd61db5d0de1a257b213c72029bbd248d950538f0f
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8cd23ec8376bd245aa627149f0670262553432dac78a0570d6fad0811df79db4
9cc77e7622e5600fd92b610370f90e14f504a8bae225112c695d9ca147ced863
a31fa6754a3ac7412833b6bde062a0e77f52b7cd31313959ca18c50b53bf92be
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
bfc38ef7584666e86afb370d40d96c1ffe01dd9f68040cb2189594f1f2a9ded1
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cf9801a06aa0dba78bf1330014e20dff6dd05d0a63cf9a0900d675eb28a8b496
d3a28b2c05fc2d5dd45cacded44785e4e16b6e52c4da8cd7065b5f22c46b6d77
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d79d89f3e5af59f18e9e7154f9439e7c175bf597457dfa3fd845c39d333d5ef7
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
df73cae3ff201b2929cde7e448f89643b3eb00c42213719bd9a1a8dc3d9f15ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e9ac8b70159bc488934f1f933e81b3a2cf8ad37c12e931d5d23cfeffc5f896e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2530ebfa7dd0eb27e3cfaf23a514aa2dc9ee553ce716036113a28a0e28aeb6b
f3e87e6819c1a049789173a1c52e62edb0051c1a0af081f4dcac6613c16a367e
ff4521424473f8522e574159736bf460768c012e26a12724c8afabef73009ef2
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914