urlscan.io logo urlscan.io
SecurityTrails logo

mardanshin.ru Open in urlscan Pro
2001:1bb0:e000:1e::e9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mardanshin.ru/
Effective URL: https://mardanshin.ru/
Submission: On February 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 30 HTTP transactions. The main IP is 2001:1bb0:e000:1e::e9, located in Russian Federation and belongs to RTCOMM-AS, RU. The main domain is mardanshin.ru.
TLS certificate: Issued by R3 on January 13th 2023. Valid for: 3 months.
This is the only time mardanshin.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    2001:1bb0:e000:1e::e9 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
mardanshin.ru
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
3    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
2    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
17 mardanshin.ru
mardanshin.ru
600 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9092
3 KB
3 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 9770
16 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3735
73 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
2 gstatic.com
fonts.gstatic.com
36 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
43 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
30 8
Domain Requested by
17 mardanshin.ru 1 redirects mardanshin.ru
7 mc.yandex.com 3 redirects mardanshin.ru
3 top-fwz1.mail.ru mardanshin.ru
3 mc.yandex.ru 2 redirects mardanshin.ru
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com mardanshin.ru
1 fonts.googleapis.com mardanshin.ru
30 8
Subject Issuer Validity Valid
*.mardanshin.ru
R3		 2023-01-13 -
2023-04-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-11-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mardanshin.ru/
Frame ID: 03CAD9F58FA6671741CE4F13148D02AE
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Марданшин Рафаэль Мирхатимович

Page URL History Show full URLs

  1. http://mardanshin.ru/ HTTP 302
    https://mardanshin.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

30
Requests

90 %
HTTPS

86 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

790 kB
Transfer

1394 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mardanshin.ru/ HTTP 302
    https://mardanshin.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9905.hbGk51xjI6P1MumTtwh7sz5xUwMbrIUCVCtYn_MTNef0NM9ltLur0FhIKtOTdayH.6nNaiulGaBsWjbtPZ0BoGfimvXY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9905.b6HnR_4Ve3v7tuvBCWzHGYls835RywyOEkxZO8-DDgfDlKW0zTuSTplogrb9PSojeS2tE1q5AUAfV2i6B_SyfTj3PuUmnplC1putN44pIuI%2C.QJ72XjFBqUCOj4hIpALi3Uv0-Bs%2C
Request Chain 26
  • https://mc.yandex.com/watch/67796592?wmode=7&page-url=https%3A%2F%2Fmardanshin.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A967563042889%3Ahid%3A184468560%3Az%3A0%3Ai%3A20230205091115%3Aet%3A1675588275%3Ac%3A1%3Arn%3A400012020%3Arqn%3A1%3Au%3A1675588275538900346%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C112%2C94%2C2%2C164%2C0%2C%2C661%2C2%2C%2C%2C%2C1040%3Aco%3A0%3Acpf%3A1%3Ans%3A1675588274228%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675588276%3At%3A%D0%9C%D0%B0%D1%80%D0%B4%D0%B0%D0%BD%D1%88%D0%B8%D0%BD%20%D0%A0%D0%B0%D1%84%D0%B0%D1%8D%D0%BB%D1%8C%20%D0%9C%D0%B8%D1%80%D1%85%D0%B0%D1%82%D0%B8%D0%BC%D0%BE%D0%B2%D0%B8%D1%87&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/67796592/1?wmode=7&page-url=https%3A%2F%2Fmardanshin.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A967563042889%3Ahid%3A184468560%3Az%3A0%3Ai%3A20230205091115%3Aet%3A1675588275%3Ac%3A1%3Arn%3A400012020%3Arqn%3A1%3Au%3A1675588275538900346%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C112%2C94%2C2%2C164%2C0%2C%2C661%2C2%2C%2C%2C%2C1040%3Aco%3A0%3Acpf%3A1%3Ans%3A1675588274228%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675588276%3At%3A%D0%9C%D0%B0%D1%80%D0%B4%D0%B0%D0%BD%D1%88%D0%B8%D0%BD%20%D0%A0%D0%B0%D1%84%D0%B0%D1%8D%D0%BB%D1%8C%20%D0%9C%D0%B8%D1%80%D1%85%D0%B0%D1%82%D0%B8%D0%BC%D0%BE%D0%B2%D0%B8%D1%87&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 28
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9905.p9qVCiEYZfe2EfV1qjnoUFc_PYNZ84dNEf1BaoDYXhmdRf3ACffqKtRRCrRDkb1W.0QZCM0hu7mLNKNyhJYTbJmm5Zdo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9905.FPjhQBus3g51l9ONwDe3kc1zoC4npLcNLXpe04suIjY4e82rlsYzKoiIGHKsl6yWNRJylU1Fd7HaPkH9xQmKO5vWQaF1XtpEjJPww3bUa34%2C.kjpsKu30-MiiCwWQbUTfAV_QdKI%2C

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mardanshin.ru/
Redirect Chain
  • http://mardanshin.ru/
  • https://mardanshin.ru/
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
e01ad7d9313f6982c9460982d1bf50f62dac823497a8cbe0cc198609df5f4371

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
5592
content-type
text/html
date
Sun, 05 Feb 2023 09:11:14 GMT
etag
"9a71541-4c19-5d081e1b28754"
last-modified
Thu, 11 Nov 2021 11:45:39 GMT
server
Jino.ru/mod_pizza
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Sun, 05 Feb 2023 09:11:14 GMT
Location
https://mardanshin.ru/
Server
nginx
bootstrap.min.css
mardanshin.ru/assets/bootstrap/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
ccb200f2c60844c5d34bc235a45ea7cb76b7084e5a85975f555cf5a52ccff1e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:06 GMT
server
Jino.ru/mod_pizza
etag
"75c372a-25fc1-5d081dc21e186"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
22891
bootstrap-grid.min.css
mardanshin.ru/assets/bootstrap/css/ 		50 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/bootstrap/css/bootstrap-grid.min.css
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
f75d0fed0cd4380843d322f38aa2cb0cee3d128f28d5dc4c354623f6b0ac18a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:07 GMT
server
Jino.ru/mod_pizza
etag
"75c372b-c8fc-5d081dc30c603"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6004
bootstrap-reboot.min.css
mardanshin.ru/assets/bootstrap/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/bootstrap/css/bootstrap-reboot.min.css
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
97f0549ae1b86791420890ae5c5b6ec5af448ef05a4d9f924e824c48a380ac73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:07 GMT
server
Jino.ru/mod_pizza
etag
"75c38f8-1209-5d081dc3e4ed8"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1817
style.css
mardanshin.ru/assets/dropdown/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/dropdown/css/style.css
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
180d8ca6812f97d5ef73a4fbc28c018bc1c3d9af25a174af4452b997b513a7f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:11 GMT
server
Jino.ru/mod_pizza
etag
"75c3af4-1f09-5d081dc7302fe"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1656
styles.css
mardanshin.ru/assets/socicon/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/socicon/css/styles.css
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
2821b13940d817794fbce634446678655eba83453a085a009eb456b52dfc4501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:13 GMT
server
Jino.ru/mod_pizza
etag
"75c3b69-3ca9-5d081dc8cfb68"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2995
style.css
mardanshin.ru/assets/theme/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/theme/css/style.css
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
eec2640aec372011a33af649c24a5ade1449134a041a5e6d5fcfba068cb30e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:05 GMT
server
Jino.ru/mod_pizza
etag
"72f1bc8-396e-5d081dc113fb9"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3496
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94247c8166557e966bc27a29182bc2fee46d927bb0240124836effa11ab059cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Feb 2023 09:11:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Feb 2023 09:11:14 GMT
mbr-additional.css
mardanshin.ru/assets/mobirise/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/mobirise/css/mbr-additional.css
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
a5a3e6246f5537c3c7e73e669efbc9858bd3717ee8f01676596ade08366abc3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:45:40 GMT
server
Jino.ru/mod_pizza
etag
"72f1bc3-7113-5d081e1c046d9"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4949
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-179276489-14
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e5c8c16de174b452c62fab6277e091c214054923dd0ab60a1c83efefc1aff11b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43898
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 Feb 2023 09:11:14 GMT
coat-of-arms-of-the-russian-federation.svg
mardanshin.ru/assets/images/ 		424 KB
425 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mardanshin.ru/assets/images/coat-of-arms-of-the-russian-federation.svg
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
047ad506237e5e3ade47c3b6930c8a793904aad4a1c18cb68102390fc5b3b5c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
last-modified
Thu, 11 Nov 2021 11:44:24 GMT
server
Jino.ru/mod_pizza
accept-ranges
bytes
etag
"761277e-6a05b-5d081dd4012ec"
content-length
434267
content-type
image/svg+xml
696x464.jpeg
mardanshin.ru/assets/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mardanshin.ru/assets/images/696x464.jpeg
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
fc5529b4164006d122daa49515da04f2410ed7899bc298229cd8c50e2bb8e8c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
last-modified
Thu, 11 Nov 2021 11:44:22 GMT
server
Jino.ru/mod_pizza
accept-ranges
bytes
etag
"76114f6-54b4-5d081dd1ec39b"
content-length
21684
content-type
image/jpeg
bootstrap.bundle.min.js
mardanshin.ru/assets/bootstrap/js/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
200677bd63ea5e6b08b0cc23a9f615ae71ae2957037ede57f128b8ecfe45d7cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:08 GMT
server
Jino.ru/mod_pizza
etag
"75c1db2-1336b-5d081dc4d42f5"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
22426
smooth-scroll.js
mardanshin.ru/assets/smoothscroll/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/smoothscroll/smooth-scroll.js
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
ed87d4dcc8364407804ffe0cfd3656782060cbe49aea04a83f3e5eb709ee4e5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:09 GMT
server
Jino.ru/mod_pizza
etag
"75c3af1-1d7c-5d081dc5804db"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3226
index.js
mardanshin.ru/assets/ytplayer/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/ytplayer/index.js
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
144cf9d03d60a281573cf1afb84ad11d4a538a5b6fa8c14796335de6c3aea9d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:10 GMT
server
Jino.ru/mod_pizza
etag
"72f015a-529e-5d081dc670c80"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4927
navbar-dropdown.js
mardanshin.ru/assets/dropdown/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/dropdown/js/navbar-dropdown.js
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
e0bf432b47c423968e18a38784412a020c3c87412d4809dab51d198344255bee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:44:12 GMT
server
Jino.ru/mod_pizza
etag
"75c3af7-b44-5d081dc7f208b"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1095
script.js
mardanshin.ru/assets/theme/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/theme/js/script.js
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
328426af9d63bd21894c1cf85b03ec87d774a1ef45e4f4347dbe4e1605f484b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 11:45:41 GMT
server
Jino.ru/mod_pizza
etag
"72f1bc6-774b-5d081e1cfcf66"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
9138
tag.js
mc.yandex.ru/metrika/ 		211 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 15:40:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63c93a4b-11ffd"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73725
expires
Sun, 05 Feb 2023 10:11:15 GMT
code.js
top-fwz1.mail.ru/js/ 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 11 Jan 2023 13:29:54 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"63beb9d2-85cc"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 05 Feb 2023 10:11:15 GMT
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mardanshin.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 08:10:51 GMT
x-content-type-options
nosniff
age
90024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26304
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:29:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 08:10:51 GMT
92zatBhPNqw73oDd4iYl.woff2
fonts.gstatic.com/s/jost/v14/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oDd4iYl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6312fa45e35f9fb6bbbb1c29f6c1aa63326ed5f6f15c6b9e2460668be7409b83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mardanshin.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 11:08:44 GMT
x-content-type-options
nosniff
age
79351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10104
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:35:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 11:08:44 GMT
socicon.woff2
mardanshin.ru/assets/socicon/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mardanshin.ru/assets/socicon/fonts/socicon.woff2
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/assets/socicon/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1bb0:e000:1e::e9 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
94fae899ed5ee7921bcb75c216e51d306f46a194accf7e6c8e696c20f2bfb9f8

Request headers

Referer
https://mardanshin.ru/assets/socicon/css/styles.css
Origin
https://mardanshin.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:14 GMT
last-modified
Thu, 11 Nov 2021 11:44:19 GMT
server
Jino.ru/mod_pizza
accept-ranges
bytes
etag
"75c3b72-fc00-5d081dcf1df74"
content-length
64512
content-type
text/html
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-179276489-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 Feb 2023 08:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
985
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 05 Feb 2023 10:54:50 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1881695768&t=pageview&_s=1&dl=https%3A%2F%2Fmardanshin.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B0%D1%80%D0%B4%D0%B0%D0%BD%D1%88%D0%B8%D0%BD%20%D0%A0%D0%B0%D1%84%D0%B0%D1%8D%D0%BB%D1%8C%20%D0%9C%D0%B8%D1%80%D1%85%D0%B0%D1%82%D0%B8%D0%BC%D0%BE%D0%B2%D0%B8%D1%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=283011561&gjid=1751145232&cid=1726567129.1675588275&tid=UA-179276489-14&_gid=448176841.1675588275&_r=1&_slc=1&gtm=457e3210&z=1128718695
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mardanshin.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 09:11:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mardanshin.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
counter
top-fwz1.mail.ru/ 		43 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3193905;u=https%3A//mardanshin.ru/;st=1675588275268;title=%D0%9C%D0%B0%D1%80%D0%B4%D0%B0%D0%BD%D1%88%D0%B8%D0%BD%20%D0%A0%D0%B0%D1%84%D0%B0%D1%8D%D0%BB%D1%8C%20%D0%9C%D0%B8%D1%80%D1%85%D0%B0%D1%82%D0%B8%D0%BC%D0%BE%D0%B2%D0%B8%D1%87;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=ef0c6e0156017b84;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1675588275306%3A1675588275328%3A1%3A55cd533a437a1a227cbf483ec3dca8c7;opts=dl%2Cjst-gtag-ga;visible=true;_=0.09985432633784064
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:15 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9905.hbGk51xjI6P1MumTtwh7sz5xUwMbrIUCVCtYn_MTNef0NM9ltLur0FhIKtOTdayH.6nNaiulGaBsWjbtPZ0BoGfimvXY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9905.b6HnR_4Ve3v7tuvBCWzHGYls835RywyOEkxZO8-DDgfDlKW0zTuSTplogrb9PSojeS2tE1q5AUAfV2i6B_SyfTj3PuUmnplC1putN44pIuI%2C.QJ72XjFBqUCOj4hIpALi3Uv0-Bs%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9905.b6HnR_4Ve3v7tuvBCWzHGYls835RywyOEkxZO8-DDgfDlKW0zTuSTplogrb9PSojeS2tE1q5AUAfV2i6B_SyfTj3PuUmnplC1putN44pIuI%2C.QJ72XjFBqUCOj4hIpALi3Uv0-Bs%2C
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:15 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9905.b6HnR_4Ve3v7tuvBCWzHGYls835RywyOEkxZO8-DDgfDlKW0zTuSTplogrb9PSojeS2tE1q5AUAfV2i6B_SyfTj3PuUmnplC1putN44pIuI%2C.QJ72XjFBqUCOj4hIpALi3Uv0-Bs%2C
date
Sun, 05 Feb 2023 09:11:15 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mardanshin.ru
URL: https://mardanshin.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:15 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 15:40:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63c93a4b-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 05 Feb 2023 10:11:15 GMT
1
mc.yandex.com/watch/67796592/
Redirect Chain
  • https://mc.yandex.com/watch/67796592?wmode=7&page-url=https%3A%2F%2Fmardanshin.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av...
  • https://mc.yandex.com/watch/67796592/1?wmode=7&page-url=https%3A%2F%2Fmardanshin.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3...
435 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/67796592/1?wmode=7&page-url=https%3A%2F%2Fmardanshin.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A967563042889%3Ahid%3A184468560%3Az%3A0%3Ai%3A20230205091115%3Aet%3A1675588275%3Ac%3A1%3Arn%3A400012020%3Arqn%3A1%3Au%3A1675588275538900346%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C112%2C94%2C2%2C164%2C0%2C%2C661%2C2%2C%2C%2C%2C1040%3Aco%3A0%3Acpf%3A1%3Ans%3A1675588274228%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675588276%3At%3A%D0%9C%D0%B0%D1%80%D0%B4%D0%B0%D0%BD%D1%88%D0%B8%D0%BD%20%D0%A0%D0%B0%D1%84%D0%B0%D1%8D%D0%BB%D1%8C%20%D0%9C%D0%B8%D1%80%D1%85%D0%B0%D1%82%D0%B8%D0%BC%D0%BE%D0%B2%D0%B8%D1%87&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
95a940bde5a3bda1794e5536ec358effcb86184bd7d6db99e1e98377149196eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Feb 2023 09:11:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 05-Feb-2023 09:11:15 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mardanshin.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Sun, 05-Feb-2023 09:11:15 GMT

Redirect headers

pragma
no-cache
date
Sun, 05 Feb 2023 09:11:15 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 05-Feb-2023 09:11:15 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/67796592/1?wmode=7&page-url=https%3A%2F%2Fmardanshin.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgykhrjvgldb09nr%3Afp%3A835%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A967563042889%3Ahid%3A184468560%3Az%3A0%3Ai%3A20230205091115%3Aet%3A1675588275%3Ac%3A1%3Arn%3A400012020%3Arqn%3A1%3Au%3A1675588275538900346%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A7%2C112%2C94%2C2%2C164%2C0%2C%2C661%2C2%2C%2C%2C%2C1040%3Aco%3A0%3Acpf%3A1%3Ans%3A1675588274228%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675588276%3At%3A%D0%9C%D0%B0%D1%80%D0%B4%D0%B0%D0%BD%D1%88%D0%B8%D0%BD%20%D0%A0%D0%B0%D1%84%D0%B0%D1%8D%D0%BB%D1%8C%20%D0%9C%D0%B8%D1%80%D1%85%D0%B0%D1%82%D0%B8%D0%BC%D0%BE%D0%B2%D0%B8%D1%87&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://mardanshin.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 05-Feb-2023 09:11:15 GMT
tracker
top-fwz1.mail.ru/ 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3193905;u=https%3A//mardanshin.ru/;st=1675588275268;title=%D0%9C%D0%B0%D1%80%D0%B4%D0%B0%D0%BD%D1%88%D0%B8%D0%BD%20%D0%A0%D0%B0%D1%84%D0%B0%D1%8D%D0%BB%D1%8C%20%D0%9C%D0%B8%D1%80%D1%85%D0%B0%D1%82%D0%B8%D0%BC%D0%BE%D0%B2%D0%B8%D1%87;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=ef0c6e0156017b84;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1675588274228/////164/164/171/171/283/224/283/377/379/549/1040/1040/1042/1401/1401/;ni=10//4g/0/0/;lvid=1675588275306%3A1675588275633%3A2%3A55cd533a437a1a227cbf483ec3dca8c7;opts=dl%2Cjst-gtag-ga;visible=true;_=0.2664172855005247;e=RT/load;et=1675588275630
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:15 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9905.p9qVCiEYZfe2EfV1qjnoUFc_PYNZ84dNEf1BaoDYXhmdRf3ACffqKtRRCrRDkb1W.0QZCM0hu7mLNKNyhJYTbJmm5Zdo%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9905.FPjhQBus3g51l9ONwDe3kc1zoC4npLcNLXpe04suIjY4e82rlsYzKoiIGHKsl6yWNRJylU1Fd7HaPkH9xQmKO5vWQaF1XtpEjJPww3bUa34%2C.kjpsKu30-MiiCwWQbU...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9905.FPjhQBus3g51l9ONwDe3kc1zoC4npLcNLXpe04suIjY4e82rlsYzKoiIGHKsl6yWNRJylU1Fd7HaPkH9xQmKO5vWQaF1XtpEjJPww3bUa34%2C.kjpsKu30-MiiCwWQbUTfAV_QdKI%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mardanshin.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 09:11:15 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9905.FPjhQBus3g51l9ONwDe3kc1zoC4npLcNLXpe04suIjY4e82rlsYzKoiIGHKsl6yWNRJylU1Fd7HaPkH9xQmKO5vWQaF1XtpEjJPww3bUa34%2C.kjpsKu30-MiiCwWQbUTfAV_QdKI%2C
date
Sun, 05 Feb 2023 09:11:15 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| ym function| gtag object| dataLayer object| _tmr number| uidEvent object| bootstrap function| SmoothScroll object| $jscomp function| EventEmitter function| loadScript string| YOUTUBE_IFRAME_API_SRC object| YOUTUBE_STATES object| YOUTUBE_ERROR object| loadIframeAPICallbacks function| C_$hudson$workspace$Mobirise_Windows_release_web$Release$release$win_ia32_unpacked$resources$_app_asar$web$app$themes$mobirise5$plugins$ytplayer$index$classdecl$var0 function| YouTubePlayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| smartresize boolean| initSwitchArrowPlugin object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter67796592

17 Cookies

Domain/Path Name / Value
.mardanshin.ru/ Name: _ga
Value: GA1.2.1726567129.1675588275
.mardanshin.ru/ Name: _gid
Value: GA1.2.448176841.1675588275
.mardanshin.ru/ Name: _gat_gtag_UA_179276489_14
Value: 1
.mardanshin.ru/ Name: tmr_lvid
Value: 55cd533a437a1a227cbf483ec3dca8c7
.mardanshin.ru/ Name: tmr_lvidTS
Value: 1675588275306
.mardanshin.ru/ Name: _ym_uid
Value: 1675588275538900346
.mardanshin.ru/ Name: _ym_d
Value: 1675588275
.mardanshin.ru/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1358264275fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 943845602fake
.mail.ru/ Name: VID
Value: 1v9NeI0ZbnIF00000o1aP4IF:::0-0-0-8f9cb73:CAASEPLZhg_kKa_H9PGMhWWDENAaYGd4M7vM6VVgqN-iLH2J7i7PwPAQIVe-9WY0E6L0PVXyBfUQrhe3jSbDNSsGeCNRqFcp0DoM5tMCrJHot8G0verl7wZmVd1jGOK9u5z8rhS0LXE6Nh50DIZOYl-uPmlCjA
mc.yandex.com/ Name: yabs-sid
Value: 2467183961675588275
.yandex.com/ Name: i
Value: 2rZrQ9U0Wux9pMX9tyEdSxfrVUgZQQRSqWjRElUkFqAP2J+Zg5dLdgQjEI4CbO9KMxV4b6YzXiF6nKgQAEA4GbH8OLE=
.yandex.com/ Name: yandexuid
Value: 3227476111675588275
.yandex.com/ Name: yuidss
Value: 3227476111675588275
.yandex.com/ Name: ymex
Value: 1707124275.yc.1675588275#1707124275.yrts.1675588275#1707124275.yrtsi.1675588275
mardanshin.ru/ Name: tmr_detect
Value: 0%7C1675588277612

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mardanshin.ru
mc.yandex.com
mc.yandex.ru
top-fwz1.mail.ru
www.google-analytics.com
www.googletagmanager.com
2001:1bb0:e000:1e::e9
2a00:1450:4001:801::200a
2a00:1450:4001:82b::200e
2a00:1450:400d:806::2003
2a00:1450:400d:808::2008
2a02:6b8::1:119
95.163.52.67
047ad506237e5e3ade47c3b6930c8a793904aad4a1c18cb68102390fc5b3b5c9
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
144cf9d03d60a281573cf1afb84ad11d4a538a5b6fa8c14796335de6c3aea9d6
180d8ca6812f97d5ef73a4fbc28c018bc1c3d9af25a174af4452b997b513a7f5
200677bd63ea5e6b08b0cc23a9f615ae71ae2957037ede57f128b8ecfe45d7cf
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2821b13940d817794fbce634446678655eba83453a085a009eb456b52dfc4501
328426af9d63bd21894c1cf85b03ec87d774a1ef45e4f4347dbe4e1605f484b7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6312fa45e35f9fb6bbbb1c29f6c1aa63326ed5f6f15c6b9e2460668be7409b83
6f4f281400418fc288c5765dc650f12506aa3190183b137d5e129ca3c6038e6a
86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769
94247c8166557e966bc27a29182bc2fee46d927bb0240124836effa11ab059cd
94fae899ed5ee7921bcb75c216e51d306f46a194accf7e6c8e696c20f2bfb9f8
95a940bde5a3bda1794e5536ec358effcb86184bd7d6db99e1e98377149196eb
97f0549ae1b86791420890ae5c5b6ec5af448ef05a4d9f924e824c48a380ac73
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a5a3e6246f5537c3c7e73e669efbc9858bd3717ee8f01676596ade08366abc3c
ccb200f2c60844c5d34bc235a45ea7cb76b7084e5a85975f555cf5a52ccff1e4
e01ad7d9313f6982c9460982d1bf50f62dac823497a8cbe0cc198609df5f4371
e0bf432b47c423968e18a38784412a020c3c87412d4809dab51d198344255bee
e5c8c16de174b452c62fab6277e091c214054923dd0ab60a1c83efefc1aff11b
ed87d4dcc8364407804ffe0cfd3656782060cbe49aea04a83f3e5eb709ee4e5f
eec2640aec372011a33af649c24a5ade1449134a041a5e6d5fcfba068cb30e5d
f75d0fed0cd4380843d322f38aa2cb0cee3d128f28d5dc4c354623f6b0ac18a3
fc5529b4164006d122daa49515da04f2410ed7899bc298229cd8c50e2bb8e8c6