urlscan.io logo urlscan.io
SecurityTrails logo

obuch.info Open in urlscan Pro
176.9.102.205  Public Scan

Go To Rescan Add Verdict Report
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Submission: On July 22 via manual from BG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 26 HTTP transactions. The main IP is 176.9.102.205, located in Germany and belongs to HETZNER-AS, DE. The main domain is obuch.info.
TLS certificate: Issued by R3 on July 17th 2023. Valid for: 3 months.
This is the only time obuch.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    176.9.102.205 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.205.102.9.176.clients.your-server.de
obuch.info
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
partner.googleadservices.com
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 134
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
212 KB
9 obuch.info
obuch.info
81 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
5 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 117
www.google.com — Cisco Umbrella Rank: 3
2 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 11639
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1178
330 B
26 6
Domain Requested by
9 obuch.info obuch.info
6 pagead2.googlesyndication.com obuch.info
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 counter.yadro.ru 1 redirects obuch.info
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
26 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
vk.com
connect.ok.ru
telegram.me
pinterest.com
www.liveinternet.ru
Subject Issuer Validity Valid
hocday.com
R3		 2023-07-17 -
2023-10-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Frame ID: 07B877D9CDD2F82D32E0347D7DE525E1
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: 0A629871A9EDB3F36FB75F3F205EBEA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9447527079377332&output=html&adk=1812271804&adf=3025194257&lmt=1690024700&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fobuch.info%2Fseminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690024700280&bpp=3&bdt=234&idt=198&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4080054438901&frm=20&pv=2&ga_vid=1425955964.1690024700&ga_sid=1690024700&ga_hid=2011843381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31075954%2C31076299%2C44788442&oid=2&pvsid=4044549560588300&tmod=1811245100&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=217
Frame ID: 58A9DE7A27CA9A793566E2ABFB3F7B44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9447527079377332&output=html&h=280&slotname=1928647400&adk=2251182204&adf=2324436442&pi=t.ma~as.1928647400&w=450&fwrn=4&fwrnh=100&lmt=1690024700&rafmt=1&format=450x280&url=https%3A%2F%2Fobuch.info%2Fseminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690024700283&bpp=2&bdt=237&idt=219&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4080054438901&frm=20&pv=1&ga_vid=1425955964.1690024700&ga_sid=1690024700&ga_hid=2011843381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=134&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31075954%2C31076299%2C44788442&oid=2&pvsid=4044549560588300&tmod=1811245100&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nHIafATARy&p=https%3A//obuch.info&dtd=224
Frame ID: A5C3297A283AF0A947D9C22B97D20A96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9447527079377332&output=html&h=600&slotname=2937389009&adk=2342159088&adf=1626226477&pi=t.ma~as.2937389009&w=230&fwrn=4&fwrnh=100&lmt=1690024700&rafmt=1&format=230x600&url=https%3A%2F%2Fobuch.info%2Fseminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690024700287&bpp=1&bdt=241&idt=226&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=4080054438901&frm=20&pv=1&ga_vid=1425955964.1690024700&ga_sid=1690024700&ga_hid=2011843381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1358&ady=406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31075954%2C31076299%2C44788442&oid=2&pvsid=4044549560588300&tmod=1811245100&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=YABFEoR07u&p=https%3A//obuch.info&dtd=228
Frame ID: DE91B957069DE13275DB005689632904
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23F2F989270A2C1C08EF420502ADD5CA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2E61C6C76F4A2AA51567BC4C8F4B3078
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

(10) Антидепресанти. Ноотропни лекарства. Психостимуланти

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

26
Requests

96 %
HTTPS

71 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

300 kB
Transfer

679 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://counter.yadro.ru/hit?t14.1;r;s1600*1200*24;uhttps%3A//obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4;0.023691494087684672 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.1;r;s1600*1200*24;uhttps%3A//obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4;0.023691494087684672

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html
obuch.info/ 		64 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.102.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.102.9.176.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
fb33181335086155ef58ce29e849c7928d4ccb17d9ee0c38c56c073cad82be10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=86400
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 22 Jul 2023 11:18:19 GMT
Expires
Tue, 01 Aug 2023 11:18:19 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.25 (Debian)
Transfer-Encoding
chunked
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7af94c96955354867b187c8a75efe5b3160a5b2e04b12fcc3c346d96e63164d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 11:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50518
x-xss-protection
0
server
cafe
etag
15776489975511207204
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 22 Jul 2023 11:18:20 GMT
fb.svg
obuch.info/i/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obuch.info/i/fb.svg
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.102.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.102.9.176.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
01695ce9c3c51dac94d5930977c1caccc3a88d59ea683f8d609721392d89ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sat, 22 Jul 2023 11:18:20 GMT
Last-Modified
Thu, 10 Mar 2022 16:42:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"51d-5d9dfe4d50989"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1309
tw.svg
obuch.info/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obuch.info/i/tw.svg
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.102.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.102.9.176.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
8831a85cbfa92955f8fbfba1f6f3992bec33eb6548cf44a340859c53833c0c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sat, 22 Jul 2023 11:18:20 GMT
Last-Modified
Thu, 10 Mar 2022 16:42:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"665-5d9dfe4d576e9"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1637
vk.svg
obuch.info/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obuch.info/i/vk.svg
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.102.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.102.9.176.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
d9ebf7a189670b9df5243e242f3cbd63e32803a021bea26f78c2687ef727a016

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sat, 22 Jul 2023 11:18:20 GMT
Last-Modified
Thu, 10 Mar 2022 16:42:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"763-5d9dfe4d5b569"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1891
ok.svg
obuch.info/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obuch.info/i/ok.svg
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.102.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.102.9.176.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
f986189bae645faf67d461262caf046eaa391a9d38b3ebb6ec810ac2d3c533d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sat, 22 Jul 2023 11:18:20 GMT
Last-Modified
Thu, 10 Mar 2022 16:42:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"6a9-5d9dfe4d51929"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1705
tg.svg
obuch.info/i/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obuch.info/i/tg.svg
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.102.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.102.9.176.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
4d02aa331d5bf578a948ccd771da6edad1b8a1e8c1be6bc6d3fc641f1cf81c3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sat, 22 Jul 2023 11:18:20 GMT
Last-Modified
Thu, 10 Mar 2022 16:42:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"58d-5d9dfe4d576e9"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1421
vb.svg
obuch.info/i/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obuch.info/i/vb.svg
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.102.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.102.9.176.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
aa099df50b7bbb9b7c94dab49256ee061ffd2f539f173d82c344cfce208d1a63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sat, 22 Jul 2023 11:18:20 GMT
Last-Modified
Thu, 10 Mar 2022 16:42:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"ab6-5d9dfe4d5b569"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2742
wa.svg
obuch.info/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obuch.info/i/wa.svg
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.102.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.102.9.176.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
f706ac048259ccf6e9bf983a04957391584033a7b196a0710d6ab78f8471c952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sat, 22 Jul 2023 11:18:20 GMT
Last-Modified
Thu, 10 Mar 2022 16:42:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"7d0-5d9dfe4d5b569"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2000
pi.svg
obuch.info/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obuch.info/i/pi.svg
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.102.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.205.102.9.176.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
23267c818e3469186ad35effbda5d6fa69bdb7888cd8b3d9df550ede40bb0353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Sat, 22 Jul 2023 11:18:20 GMT
Last-Modified
Thu, 10 Mar 2022 16:42:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"679-5d9dfe4d51929"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1657
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.1;r;s1600*1200*24;uhttps%3A//obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4;0.023691494087684672
  • https://counter.yadro.ru/hit?q;t14.1;r;s1600*1200*24;uhttps%3A//obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4;0.023691494087684672
242 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t14.1;r;s1600*1200*24;uhttps%3A//obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4;0.023691494087684672
Requested by
Host: obuch.info
URL: https://obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html?page=4
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
6a917ebcda05832f0ec24e380bc2b05cff97343401276982d6b3da73d772861e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Jul 2023 11:18:20 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
242
Expires
Thu, 21 Jul 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 Jul 2023 11:18:20 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t14.1;r;s1600*1200*24;uhttps%3A//obuch.info/seminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4;0.023691494087684672
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Thu, 21 Jul 2022 21:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 		363 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9447527079377332&plah=obuch.info&bust=31076299
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fcd581ed536623171f77a75490432544d2680a94f0e25a5d888b0db4022ef3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 11:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127309
x-xss-protection
0
server
cafe
etag
7579987167168935110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 22 Jul 2023 11:18:20 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame 0A62 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obuch.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4670
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jul 2023 10:00:30 GMT
etag
12368291122986407432
expires
Sat, 05 Aug 2023 10:00:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		387 B
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=obuch.info&callback=_gfp_s_&client=ca-pub-9447527079377332
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9447527079377332&plah=obuch.info&bust=31076299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2dd44229286f11a324528bd3a11339076aa1c87c6fc6b6ec40360922240282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 11:18:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=obuch.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9447527079377332&plah=obuch.info&bust=31076299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 11:18:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 58A9 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9447527079377332&output=html&adk=1812271804&adf=3025194257&lmt=1690024700&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fobuch.info%2Fseminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690024700280&bpp=3&bdt=234&idt=198&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4080054438901&frm=20&pv=2&ga_vid=1425955964.1690024700&ga_sid=1690024700&ga_hid=2011843381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31075954%2C31076299%2C44788442&oid=2&pvsid=4044549560588300&tmod=1811245100&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=217
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9447527079377332&plah=obuch.info&bust=31076299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obuch.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jul 2023 11:18:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A5C3 		603 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9447527079377332&output=html&h=280&slotname=1928647400&adk=2251182204&adf=2324436442&pi=t.ma~as.1928647400&w=450&fwrn=4&fwrnh=100&lmt=1690024700&rafmt=1&format=450x280&url=https%3A%2F%2Fobuch.info%2Fseminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690024700283&bpp=2&bdt=237&idt=219&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4080054438901&frm=20&pv=1&ga_vid=1425955964.1690024700&ga_sid=1690024700&ga_hid=2011843381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=134&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31075954%2C31076299%2C44788442&oid=2&pvsid=4044549560588300&tmod=1811245100&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nHIafATARy&p=https%3A//obuch.info&dtd=224
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9447527079377332&plah=obuch.info&bust=31076299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obuch.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jul 2023 11:18:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DE91 		603 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9447527079377332&output=html&h=600&slotname=2937389009&adk=2342159088&adf=1626226477&pi=t.ma~as.2937389009&w=230&fwrn=4&fwrnh=100&lmt=1690024700&rafmt=1&format=230x600&url=https%3A%2F%2Fobuch.info%2Fseminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690024700287&bpp=1&bdt=241&idt=226&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=4080054438901&frm=20&pv=1&ga_vid=1425955964.1690024700&ga_sid=1690024700&ga_hid=2011843381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1358&ady=406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31075954%2C31076299%2C44788442&oid=2&pvsid=4044549560588300&tmod=1811245100&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=YABFEoR07u&p=https%3A//obuch.info&dtd=228
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9447527079377332&plah=obuch.info&bust=31076299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obuch.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jul 2023 11:18:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9447527079377332&plah=obuch.info&bust=31076299
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32798490bb3a1c24dab04e713f06cb4ba44c5e269f68ca10f6a5e0d5e5ad6f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 11:18:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11692
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9447527079377332&plah=obuch.info&bust=31076299
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 11:18:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 22 Jul 2023 11:18:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 23F2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://obuch.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7283
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jul 2023 09:16:57 GMT
expires
Sun, 21 Jul 2024 09:16:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2E61 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aaa5728cdb61ae38da26afbd050e4e355c14efc3d18e2a2ea3c8e860039ceec0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fMlNiChpqVlD8Yg0Z8PLBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://obuch.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-fMlNiChpqVlD8Yg0Z8PLBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 22 Jul 2023 11:18:20 GMT
expires
Sat, 22 Jul 2023 11:18:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
pagead2.googlesyndication.com/bg/ Frame 23F2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 19:27:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
316260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14598
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 19:27:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2E61 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=4044549560588300&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 23F2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hCHw6g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 11:18:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=4044549560588300&bg=!2dql2o7NAAZsPphkTD47ADkAdvg8Wh4WBNaCCcVATJSKE8Jw1NQEjEyXKTqw1dIDZd2m7KhdZ0SQflY0GGaIM672tnWpNO5eIJECAAAAT1IAAAAKaAEHmQLHhDq0-SBJttQJa6xeq2XgeJGH6k0hlZtBWU3TC4lc3ecxrNSBlX2Ba5qQf6waZSewC90KlATHpdlu5PMn3R_WHHfEO5UIox8xH7vadrpCepdb8XtuTnahzoGmTtN-njKF40QsZIub0TfGwn5ZgPO2oQMwnGIhRven5KKiJpiSgMOG6VK-6gGerqfYl5XtTbQJv3mX3rFIIiMcnoxEhSmSStHKdsG07SVoqYmwxP6M_9b8lcX5FgbpjiAsyQwZTNPkH6QbrljizhcUd5Zmw37jwIitpB_LuS34kAsZ9O_Ns8u_choB4xKTnHZu_9jpvPbUijuJzSMsvOL356Dru6JHq7gz9ojnSNGgPf2o0zmUrsExMV6oOHxkjkeLhj3Yc6chRPxQiFtS7bjqbITR1oXdGcu6i-bnRtuqJSnfG5E0OB0L10BDEcm7vZ1kJODGZEoQDKt6aB30OBL5fJxk_ebbkGcpicE-8rkm49V94ZQbSFDSa6_ocV7m9kS5vqMw_hv-ONCoziL0QBmO0Zi0-mM3TXQVsMZpwnADYRxIL2-pJ8kzPBGgAeOL62cBh8wEoHEncpfhPETgsqYIa0tK0jgXGi1PAKFVcBKei0rA5I4oXMQaFG2kp9FU-fwIZUou0u6Tes7GaI4OLk0427gs1V-PPHBqQmx_rOL7V0i-S8w7btZKSxCyrl42mBYTSuJgRligXIXF70a5BVEZ17AepZ3LTDlN3CzzMZzz0QABHicWbkUwMeWd3kcUCPBs4DPwDQUWL_M3yDSh2hCTq9IMhTQOqy675QzfCrg3WLWrFNMkJCe447lxCZWTh3Kbcap7MKglM-Yc0Pn8yDBsOWytWWzOjmxPrQ8zucy8Sce-5lDBT7IH4NOLUuz8HQQFmhu5r1YP-1EcyuGOdHKdijM1uMLWOpM14GfNiB5mNqyx61Yhq8LtqUg6DOLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://obuch.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ function| processGoogleToken object| googleToken object| googleIMState number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.yadro.ru/ Name: FTID
Value: 1akxhy3hra8b1akxhy001K2W
.yadro.ru/ Name: VID
Value: 1hXKS10VwBOb1akxhy001AaZ
.obuch.info/ Name: __gads
Value: ID=5564c836770771fe-2214d82435de00cc:T=1690024700:RT=1690024700:S=ALNI_MZUGdERiDV2uRIZ7lkYXtQ8bAd-UQ
.obuch.info/ Name: __gpi
Value: UID=00000d0050a83688:T=1690024700:RT=1690024700:S=ALNI_MbSjXwCHcBxtxh88dAKVv4vj7DIbA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

3 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9447527079377332&output=html&adk=1812271804&adf=3025194257&lmt=1690024700&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fobuch.info%2Fseminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690024700280&bpp=3&bdt=234&idt=198&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4080054438901&frm=20&pv=2&ga_vid=1425955964.1690024700&ga_sid=1690024700&ga_hid=2011843381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31075954%2C31076299%2C44788442&oid=2&pvsid=4044549560588300&tmod=1811245100&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=217
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9447527079377332&output=html&h=280&slotname=1928647400&adk=2251182204&adf=2324436442&pi=t.ma~as.1928647400&w=450&fwrn=4&fwrnh=100&lmt=1690024700&rafmt=1&format=450x280&url=https%3A%2F%2Fobuch.info%2Fseminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690024700283&bpp=2&bdt=237&idt=219&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4080054438901&frm=20&pv=1&ga_vid=1425955964.1690024700&ga_sid=1690024700&ga_hid=2011843381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=134&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31075954%2C31076299%2C44788442&oid=2&pvsid=4044549560588300&tmod=1811245100&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nHIafATARy&p=https%3A//obuch.info&dtd=224
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9447527079377332&output=html&h=600&slotname=2937389009&adk=2342159088&adf=1626226477&pi=t.ma~as.2937389009&w=230&fwrn=4&fwrnh=100&lmt=1690024700&rafmt=1&format=230x600&url=https%3A%2F%2Fobuch.info%2Fseminarni-testove-po-farmakologiya-1-lekarstva-proizhod-naimen.html%3Fpage%3D4&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690024700287&bpp=1&bdt=241&idt=226&shv=r20230719&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C450x280&nras=1&correlator=4080054438901&frm=20&pv=1&ga_vid=1425955964.1690024700&ga_sid=1690024700&ga_hid=2011843381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1358&ady=406&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31075954%2C31076299%2C44788442&oid=2&pvsid=4044549560588300&tmod=1811245100&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=YABFEoR07u&p=https%3A//obuch.info&dtd=228
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
counter.yadro.ru
googleads.g.doubleclick.net
obuch.info
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
176.9.102.205
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
88.212.201.198
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01695ce9c3c51dac94d5930977c1caccc3a88d59ea683f8d609721392d89ebbf
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
23267c818e3469186ad35effbda5d6fa69bdb7888cd8b3d9df550ede40bb0353
32798490bb3a1c24dab04e713f06cb4ba44c5e269f68ca10f6a5e0d5e5ad6f91
4d02aa331d5bf578a948ccd771da6edad1b8a1e8c1be6bc6d3fc641f1cf81c3e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a917ebcda05832f0ec24e380bc2b05cff97343401276982d6b3da73d772861e
8831a85cbfa92955f8fbfba1f6f3992bec33eb6548cf44a340859c53833c0c05
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
9fcd581ed536623171f77a75490432544d2680a94f0e25a5d888b0db4022ef3e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa099df50b7bbb9b7c94dab49256ee061ffd2f539f173d82c344cfce208d1a63
aaa5728cdb61ae38da26afbd050e4e355c14efc3d18e2a2ea3c8e860039ceec0
d9ebf7a189670b9df5243e242f3cbd63e32803a021bea26f78c2687ef727a016
db2dd44229286f11a324528bd3a11339076aa1c87c6fc6b6ec40360922240282
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af94c96955354867b187c8a75efe5b3160a5b2e04b12fcc3c346d96e63164d
f706ac048259ccf6e9bf983a04957391584033a7b196a0710d6ab78f8471c952
f986189bae645faf67d461262caf046eaa391a9d38b3ebb6ec810ac2d3c533d8
fb33181335086155ef58ce29e849c7928d4ccb17d9ee0c38c56c073cad82be10