on-dom2.narod.ru
193.109.247.248

Go To Rescan
Add Verdict Report

URL:
http://on-dom2.narod.ru/
Submission: On October 05 via manual (October 5th 2022, 11:42:53 am UTC) from ES — Scanned from ES

Summary HTTP 65 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 19 domains to perform 65 HTTP transactions. The main IP is 193.109.247.248, located in Moscow, Russian Federation and belongs to COMPUBYTE-AS, CY. The main domain is on-dom2.narod.ru.

This is the only time on-dom2.narod.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	193.109.247.248 193.109.247.248	204343 (COMPUBYTE-AS) (COMPUBYTE-AS)
1	87.236.16.239 87.236.16.239	198610 (BEGET-AS) (BEGET-AS)
2 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	95.217.114.240 95.217.114.240	24940 (HETZNER-AS) (HETZNER-AS)
1 2	95.168.170.7 95.168.170.7	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 4	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	81.19.89.1 81.19.89.1	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 2	195.216.243.246 195.216.243.246	57724 (DDOS-GUARD) (DDOS-GUARD)
1 2	193.109.247.250 193.109.247.250	204343 (COMPUBYTE-AS) (COMPUBYTE-AS)
1	193.109.247.247 193.109.247.247	204343 (COMPUBYTE-AS) (COMPUBYTE-AS)
5 8	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
8 14	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
3 7	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2004	15169 (GOOGLE) (GOOGLE)
65	23

11 193.109.247.248 (Moscow, Russian Federation)

ASN204343 (COMPUBYTE-AS, CY)
PTR: dev.ucoz.net

on-dom2.narod.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s206.ucoz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.239 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.ironman.beget.com

ondom2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.217.114.240 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: www.people-group.su

ads.people-group.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.168.170.7 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

code.directadvert.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.19.89.17 (Russian Federation) 1 redirects

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.1 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: top100.rambler.ru

top100-images.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.216.243.246 (Moscow, Russian Federation) 1 redirects

ASN57724 (DDOS-GUARD, RU)
PTR: s96.unet.com

www.narod.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
narod.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.109.247.250 (Moscow, Russian Federation) 1 redirects

ASN204343 (COMPUBYTE-AS, CY)
PTR: dev.ucoz.net

solnsad.narod.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.109.247.247 (Moscow, Russian Federation)

ASN204343 (COMPUBYTE-AS, CY)
PTR: dev.ucoz.net

s203.ucoz.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 31.172.81.158 (Frankfurt am Main, Germany) 5 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

rot.spotsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 88.212.202.52 (Russian Federation) 8 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.163.52.67 (Russian Federation) 3 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

db.c3.bb.a1.top.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

log.morgdm.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	yadro.ru 8 redirects counter.yadro.ru — Cisco Umbrella Rank: 5532	7 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	247 KB
11	narod.ru 2 redirects on-dom2.narod.ru www.narod.ru narod.ru — Cisco Umbrella Rank: 127895 solnsad.narod.ru	151 KB
7	mail.ru 3 redirects db.c3.bb.a1.top.mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 5365	20 KB
6	spotsniper.ru 3 redirects rot.spotsniper.ru — Cisco Umbrella Rank: 578904	5 KB
5	rambler.ru 1 redirects counter.rambler.ru — Cisco Umbrella Rank: 53376 top100-images.rambler.ru — Cisco Umbrella Rank: 423123 kraken.rambler.ru — Cisco Umbrella Rank: 17092	101 KB
5	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2147	59 KB
5	ucoz.net s206.ucoz.net s203.ucoz.net	9 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	5 KB
4	people-group.net ads.people-group.net — Cisco Umbrella Rank: 586550	137 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	2 KB
2	google.es adservice.google.es — Cisco Umbrella Rank: 58536	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	17 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 596721	1 KB
2	directadvert.ru 1 redirects code.directadvert.ru — Cisco Umbrella Rank: 45640	718 B
1	googleusercontent.com themes.googleusercontent.com — Cisco Umbrella Rank: 15463	60 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	643 B
1	morgdm.ru log.morgdm.ru — Cisco Umbrella Rank: 967144	547 B
1	ondom2.com ondom2.com	242 KB
65	19

	Domain	Requested by
14	counter.yadro.ru	8 redirects on-dom2.narod.ru
8	pagead2.googlesyndication.com	on-dom2.narod.ru pagead2.googlesyndication.com tpc.googlesyndication.com
7	on-dom2.narod.ru	on-dom2.narod.ru
6	top-fwz1.mail.ru	2 redirects on-dom2.narod.ru
6	rot.spotsniper.ru	3 redirects on-dom2.narod.ru
5	mc.yandex.ru	2 redirects on-dom2.narod.ru
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	ads.people-group.net	on-dom2.narod.ru ads.people-group.net
4	s206.ucoz.net	on-dom2.narod.ru s206.ucoz.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.es	pagead2.googlesyndication.com
2	kraken.rambler.ru	on-dom2.narod.ru
2	www.google-analytics.com	on-dom2.narod.ru
2	sync3.adsniper.ru	2 redirects
2	solnsad.narod.ru	1 redirects on-dom2.narod.ru
2	counter.rambler.ru	1 redirects on-dom2.narod.ru
2	code.directadvert.ru	1 redirects on-dom2.narod.ru
1	www.google.com	tpc.googlesyndication.com
1	themes.googleusercontent.com	s206.ucoz.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	log.morgdm.ru	on-dom2.narod.ru
1	db.c3.bb.a1.top.mail.ru	1 redirects
1	s203.ucoz.net	on-dom2.narod.ru
1	narod.ru	on-dom2.narod.ru
1	www.narod.ru	1 redirects
1	top100-images.rambler.ru	on-dom2.narod.ru
1	ondom2.com	on-dom2.narod.ru
65	28

This site contains links to these domains. Also see Links.

Domain
ondom2.com
vk.com
www.liveinternet.ru
top100.rambler.ru
top.mail.ru
www.ucoz.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-16` - `2023-05-06`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.es GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
rot.spotsniper.ru R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://on-dom2.narod.ru/
Frame ID: 0696E66C9BFEDC4A27C7A253F98B2EDC
Requests: 45 HTTP requests in this frame

Frame: http://ads.people-group.net/?hwn=MTc1MjYwJzM3JzMn&xm=1&swf=0&hrf=http%3A%2F%2Fon-dom2.narod.ru%2F&stg=1664970173.dcc1098082&s=MTYwMCUzQTAlM0ExMjAw&h=10%2F05%2F2022%2011%3A42%3A54%27%5E%271%27%5E%27&k=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81&0.9702614156870109
Frame ID: 1FEF026999C8A36DB5477E91C5A15488
Requests: 3 HTTP requests in this frame

Frame: http://on-dom2.narod.ru/?I3cIaLhlslwvflrPJkdt7T3H8%21hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o
Frame ID: C805221DE90167EB854F15F00298398D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9089562963379032&output=html&h=280&slotname=3536610601&adk=3668649003&adf=541054138&pi=t.ma~as.3536610601&w=336&lmt=1664970175&url=http%3A%2F%2Fon-dom2.narod.ru%2F&wgl=1&dt=1664970174557&bpp=15&bdt=906&idt=446&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=6615069295110&frm=20&pv=2&ga_vid=644955218.1664970175&ga_sid=1664970175&ga_hid=564742902&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=632&ady=686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774717%2C42531706%2C31062930&oid=2&pvsid=1509531897577760&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=LnPbpESYSp&p=http%3A//on-dom2.narod.ru&dtd=463
Frame ID: FC0521E2E311E9E3551A4750583D1B3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9089562963379032&output=html&h=280&slotname=3536610601&adk=2527357629&adf=3079265134&pi=t.ma~as.3536610601&w=336&lmt=1664970175&url=http%3A%2F%2Fon-dom2.narod.ru%2F&wgl=1&dt=1664970174572&bpp=2&bdt=922&idt=455&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3536610601&correlator=6615069295110&frm=20&pv=1&ga_vid=644955218.1664970175&ga_sid=1664970175&ga_hid=564742902&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=632&ady=1143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774717%2C42531706%2C31062930&oid=2&pvsid=1509531897577760&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CEe%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=15s2ce9fJo&p=http%3A//on-dom2.narod.ru&dtd=458
Frame ID: D7CE767B68E72E56C5FCA4F300A029E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 25FC46062E0B83CEA35C672AACFFADA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9089562963379032&output=html&adk=1812271804&adf=3025194257&lmt=1664970175&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fon-dom2.narod.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664970175801&bpp=2&bdt=2150&idt=2&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc5305fb81ccf322-228277c03ace00db%3AT%3D1664970175%3ART%3D1664970175%3AS%3DALNI_MbLNAUIThkfZTI1uCzpMRt_VqjrRg&prev_slotnames=3536610601%2C3536610601&nras=1&correlator=6615069295110&frm=20&pv=1&ga_vid=644955218.1664970175&ga_sid=1664970175&ga_hid=564742902&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774717%2C42531706%2C31062930&oid=2&pvsid=1509531897577760&tmod=71402656&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=20
Frame ID: 1C61F1EB671CA47EC90C6FBD1381D726
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2C85A946C23FFF1BD7F4B9B9232212F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D8CD97A73F79089728A58F573F87628
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

40 %
HTTPS

43 %
IPv6

19
Domains

28
Subdomains

23
IPs

6
Countries

1052 kB
Transfer

2651 kB
Size

30
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://ondom2.com/poslednie-novosti-doma-2-na-segodnia-slukhi-spletni.html
Title: новости и слухи

Search URL Search Domain Scan URL

URL: http://ondom2.com/
Title: ведущие

Search URL Search Domain Scan URL

URL: http://ondom2.com/players.html
Title: участники

Search URL Search Domain Scan URL

URL: http://vk.com/ondom2
Title: мы вконтакте

Search URL Search Domain Scan URL

URL: http://ondom2.com/novosti-slukhi-2018/10/5265-9%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20-zhenya-on-tebya-bet-evgeniya-feofilaktova-zagovorila-o-domashnem-nasilii.html
Title: Женя, он тебя бьёт? Феофилактова заговорила о домашнем насилии

Search URL Search Domain Scan URL

URL: http://ondom2.com/novosti-slukhi-2018/10/5265-8-posle-vyleta-alene-savkinoj-ne-ostalos-somnenij-kto-vyigraet-konkurs-chelovek-goda.html
Title: После вылета Савкиной не осталось сомнений, кто выиграет конкурс Человек Года

Search URL Search Domain Scan URL

URL: http://ondom2.com/novosti-slukhi-2018/10/5265-7-okazyvaetsya-valerij-blyumenkranc-umudrilsya-izmenit-tate-abramson-v-obshhestvennom-tualete.html
Title: Оказывается, Валера умудрился изменить Тате в общественном туалете

Search URL Search Domain Scan URL

URL: http://ondom2.com/novosti-slukhi-2018/10/5265-6-olga-veter-vpervye-pokazala-svoyu-novuyu-kvartiru.html
Title: Ольга Ветер впервые показала свою новую квартиру + видео

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://top100.rambler.ru/home?id=1751598

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=1784656

Search URL Search Domain Scan URL

URL: http://www.ucoz.ru/register?pguid=395689020

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 7

http://code.directadvert.ru/show.cgi?adp=111368&div=DIV_DA_111368 HTTP 301
https://code.directadvert.ru/show.cgi?adp=111368&div=DIV_DA_111368

Request Chain 9

http://counter.rambler.ru/top100.jcn?1751598 HTTP 307
https://counter.rambler.ru/top100.jcn?1751598

Request Chain 11

http://www.narod.ru/counter.xhtml HTTP 301
https://narod.ru/counter.xhtml

Request Chain 12

http://solnsad.narod.ru/_adse/on-dom2.js HTTP 301
https://solnsad.narod.ru/_adse/on-dom2.js

Request Chain 16

http://rot.spotsniper.ru/?src=ucfs&s_subid=trrnt HTTP 301
https://rot.spotsniper.ru/?src=ucfs&s_subid=trrnt HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi-2_WZBlIFpdbt-gNaEAoHc19zdWJpZBIFdHJybnQ* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi-2_WZBlIFpdbt-gNaEAoHc19zdWJpZBIFdHJybnSiARDZv5TiRKIR7YZEACWQyCQ3 HTTP 302
https://rot.spotsniper.ru/?src=ucfs&s_data=CAIQABi-2_WZBloQCgdzX3N1YmlkEgV0cnJudKIBENm_lOJEohHthkQAJZDIJDc* HTTP 302
https://rot.spotsniper.ru/?src=ucfs&s_data=CAIQARi-2_WZBloQCgdzX3N1YmlkEgV0cnJudKIBENm_lOJEohHthkQAJZDIJDc*

Request Chain 17

http://counter.yadro.ru/hit;preroll_total_narod?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970173900 HTTP 302
https://counter.yadro.ru/hit;preroll_total_narod?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970173900 HTTP 302
https://counter.yadro.ru/hit;preroll_total_narod?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970173900

Request Chain 18

http://counter.yadro.ru/hit;narodadst1?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227 HTTP 302
https://counter.yadro.ru/hit;narodadst1?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227 HTTP 302
https://counter.yadro.ru/hit;narodadst1?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227

Request Chain 19

http://counter.yadro.ru/hit;narod_desktop_ad?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227 HTTP 302
https://counter.yadro.ru/hit;narod_desktop_ad?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227 HTTP 302
https://counter.yadro.ru/hit;narod_desktop_ad?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227

Request Chain 20

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 23

http://counter.yadro.ru/hit?t27.6;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.2965412799037266 HTTP 307
https://counter.yadro.ru/hit?t27.6;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.2965412799037266 HTTP 302
https://counter.yadro.ru/hit?q;t27.6;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.2965412799037266

Request Chain 25

http://db.c3.bb.a1.top.mail.ru/counter?id=1784656;t=109;js=13;r=;j=false;s=1600*1200;d=24;rand=0.05235039399144559 HTTP 302
https://top-fwz1.mail.ru/counter?id=1784656;t=109;js=13;r=;j=false;s=1600*1200;d=24;rand=0.05235039399144559 HTTP 302
https://top-fwz1.mail.ru/counter2?id=1784656;t=109;js=13;r=;j=false;s=1600*1200;d=24;rand=0.05235039399144559

Request Chain 26

http://counter.yadro.ru/hit?t45.19;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.16724095214430768 HTTP 307
https://counter.yadro.ru/hit?t45.19;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.16724095214430768 HTTP 302
https://counter.yadro.ru/hit?q;t45.19;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.16724095214430768

Request Chain 30

https://mc.yandex.ru/watch/9134416?wmode=7&page-url=http%3A%2F%2Fon-dom2.narod.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1206%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1087463390973%3Ahid%3A995214028%3Az%3A0%3Ai%3A20221005114254%3Aet%3A1664970175%3Ac%3A1%3Arn%3A989152720%3Arqn%3A1%3Au%3A1664970175345524395%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A34%2C104%2C123%2C1%2C%2C0%2C%2C957%2C%2C%2C%2C%2C%3Acpf%3A1%3Antf%3A1%3Ans%3A1664970173387%3Arqnl%3A1%3Ast%3A1664970175%3At%3A%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/9134416/1?wmode=7&page-url=http%3A%2F%2Fon-dom2.narod.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1206%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1087463390973%3Ahid%3A995214028%3Az%3A0%3Ai%3A20221005114254%3Aet%3A1664970175%3Ac%3A1%3Arn%3A989152720%3Arqn%3A1%3Au%3A1664970175345524395%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A34%2C104%2C123%2C1%2C%2C0%2C%2C957%2C%2C%2C%2C%2C%3Acpf%3A1%3Antf%3A1%3Ans%3A1664970173387%3Arqnl%3A1%3Ast%3A1664970175%3At%3A%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 33

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704282048&utmhn=on-dom2.narod.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.&utmhid=564742902&utmr=-&utmp=%2F&utmht=1664970174803&utmac=UA-20408852-2&utmcc=__utma%3D30270561.644955218.1664970175.1664970175.1664970175.1%3B%2B__utmz%3D30270561.1664970175.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=608981593&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704282048&utmhn=on-dom2.narod.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.&utmhid=564742902&utmr=-&utmp=%2F&utmht=1664970174803&utmac=UA-20408852-2&utmcc=__utma%3D30270561.644955218.1664970175.1664970175.1664970175.1%3B%2B__utmz%3D30270561.1664970175.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=608981593&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 45

https://top-fwz1.mail.ru/counter?js=13;id=1784656;u=http%3A//on-dom2.narod.ru/;st=1664970174607;title=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.;s=1600*1200;vp=1600*2096;touch=0;hds=1;frame=0;flash=;sid=cbce2ec8374c8d45;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1664970175106%3A1664970175119%3A1%3Af3e53017e91e756db8ff174da52fd61d;opts=jst-ym;visible=true;_=0.6394487295855777 HTTP 302
https://top-fwz1.mail.ru/counter2?js=13;id=1784656;u=http%3A//on-dom2.narod.ru/;st=1664970174607;title=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.;s=1600*1200;vp=1600*2096;touch=0;hds=1;frame=0;flash=;sid=cbce2ec8374c8d45;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1664970175106%3A1664970175119%3A1%3Af3e53017e91e756db8ff174da52fd61d;opts=jst-ym;visible=true;_=0.6394487295855777

Request Chain 47

http://counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//on-dom2.narod.ru/;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/%3FI3cIaLhlslwvflrPJkdt7T3H8%2521hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o;1664970175223 HTTP 307
https://counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//on-dom2.narod.ru/;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/%3FI3cIaLhlslwvflrPJkdt7T3H8%2521hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o;1664970175223

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
on-dom2.narod.ru/ 19 KB
7 KB 262ms
123ms Document
text/html 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: a5d91653237a2c7d21be4b58070c4e839cc72face7bfe4ac01ebd43cec183d21

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 Oct 2022 11:42:54 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK / Show response
on-dom2.narod.ru/ 23 KB
24 KB 143ms
142ms Script
application/javascript 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://on-dom2.narod.ru/?kq%21ks3p%21dHLmAh%3BPiH5UYfaa%3BPs%5ECx%3BDqkxgzfMv%5EsbDvUuvvNZ6yxiAQRqBFTNbJ4vuMiMH5EN70x6L9EFmatr3WAdatq%3B7MSWR7QljERhb4CZ0HSBIrBQRDZ1A%21GX%3BuyqYwK1VftJxCiErXbMTBKTV%3BXrVzvkrOgJlignYNjf0VeN%3BRUeZXMVdvhtByGv62x10j%3BpPk%21CN7JCe0eCVj%3BudraRqeSAfWPKGINCTfvg5ISDEGR0UgNYdjOw0qhGn
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 10d60ef0ee6511706c948b99f789a9617b6f9e7a16bf5acda706c8a09ef95b52

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, private
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
on-dom2.narod.ru/.s/src/ 85 KB
30 KB 220ms
112ms Script
text/javascript 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://on-dom2.narod.ru/.s/src/jquery-3.3.1.min.js
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Feb 2018 13:16:03 GMT
Server: nginx
ETag: W/"5a8ace13-1538f"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=1728000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 25 Oct 2022 11:42:54 GMT

GET
H/1.1 200
OK uutils.fcg Show response
s206.ucoz.net/cgi/ 0
205 B 286ms
108ms Script
application/javascript 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s206.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.163272465135059
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK style.css
on-dom2.narod.ru/ 870 B
669 B 206ms
102ms Stylesheet
text/css 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://on-dom2.narod.ru/style.css
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: b4dac4eca5bbc793ff6a80881ad392c3f826ae0e57831e8cd479d64c1c88662e

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Apr 2013 11:38:28 GMT
Server: nginx
ETag: W/"51600934-366"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK tizer.js Show response
ondom2.com/js/ 854 KB
242 KB 366ms
145ms Script
application/x-javascript 87.236.16.239
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ondom2.com/js/tizer.js
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 87.236.16.239 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.ironman.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3a059e05beab3b75b5163be4edeec622c705cd6b300e886cdd1af83fe9208a9e

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Apr 2019 04:03:01 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"5cbd3cf5-d56a8"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Wed, 12 Oct 2022 11:42:53 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

159 KB
56 KB

348ms
116ms

Script
application/javascript

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3d2c19c70416e84216783738fae9623c624eb7049c401bd90b218f3f5646d7f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
etag: "633be002-dfc5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57285
expires: Wed, 05 Oct 2022 12:42:54 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK / Show response
ads.people-group.net/175260/37/3/ 21 KB
7 KB 197ms
93ms Script
application/x-javascript 95.217.114.240
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ads.people-group.net/175260/37/3/

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

HTTP/1.1

Server

95.217.114.240 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www.people-group.su

Software

nginx /

Resource Hash

b1ca926fff1fd02e8f482d8f34d2b7bdcdcf8975441d696633733e645a4047a3

Security Headers

Name	Value
X-Xss-Protection	0;

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:53 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Content-Type: application/x-javascript;charset=UTF-8;
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
X-XSS-Protection: 0;

GET
H2

404

show.cgi
code.directadvert.ru/
Redirect Chain

http://code.directadvert.ru/show.cgi?adp=111368&div=DIV_DA_111368
https://code.directadvert.ru/show.cgi?adp=111368&div=DIV_DA_111368

0
0

201ms
68ms

Script
text/plain

95.168.170.7
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.directadvert.ru/show.cgi?adp=111368&div=DIV_DA_111368
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: H2
Server: 95.168.170.7 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:53 GMT
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

Redirect headers

Date: Wed, 05 Oct 2022 11:42:53 GMT
Server: nginx
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://code.directadvert.ru/show.cgi?adp=111368&div=DIV_DA_111368
Access-Control-Allow-Origin: *
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 162

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 111 KB
40 KB 142ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0e2fce0db9e547d34b75c76371a769a8a876fa97ba79202e18fecf79aecb4c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4144044191703246057
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 40106
X-XSS-Protection: 0
Expires: Wed, 05 Oct 2022 11:42:53 GMT

GET
H2

200

top100.jcn Show response
counter.rambler.ru/
Redirect Chain

http://counter.rambler.ru/top100.jcn?1751598
https://counter.rambler.ru/top100.jcn?1751598

98 KB
98 KB

420ms
210ms

Script
application/javascript

81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?1751598
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: H2
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 8d8bed111529e7f56cb4ddbb5e39f5068b8a5beb39fd975fac1f783048e7faf4

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: application/octet-stream, application/javascript
date: Wed, 05 Oct 2022 11:42:54 GMT
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

Redirect headers

Date: Wed, 05 Oct 2022 11:42:53 GMT
Server: nginx/1.19.4
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Location: https://counter.rambler.ru/top100.jcn?1751598
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 171

GET
H/1.1 200
OK banner-88x31-rambler-darkblue2.gif
top100-images.rambler.ru/top100/ 950 B
1 KB 319ms
103ms Image
image/gif 81.19.89.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://top100-images.rambler.ru/top100/banner-88x31-rambler-darkblue2.gif
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 81.19.89.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: top100.rambler.ru
Software: nginx /
Resource Hash: 7627e9cb7246cb72b4e386eae36497ab07ea6df3fcfb04681d958e62ba59dbf0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Last-Modified: Wed, 02 Feb 2022 05:30:04 GMT
Server: nginx
x-amz-request-id: tx00000000000024b4eda64-00633d6bd7-f87fab-default
ETag: "78ecf9f0b85511d82f0b0d2d28b45cb1"
Content-Type: image/gif
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=40
Content-Length: 950

GET
H/1.1

404
Not Found

counter.xhtml
narod.ru/
Redirect Chain

http://www.narod.ru/counter.xhtml
https://narod.ru/counter.xhtml

0
0

410ms
109ms

Image
text/html

195.216.243.246
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://narod.ru/counter.xhtml
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 195.216.243.246 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: s96.unet.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

Location: https://narod.ru/counter.xhtml
Date: Wed, 05 Oct 2022 11:42:51 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=15
Content-Length: 178
Content-Type: text/html

GET
H/1.1

503
Service Temporarily Unavailable

on-dom2.js
solnsad.narod.ru/_adse/
Redirect Chain

http://solnsad.narod.ru/_adse/on-dom2.js
https://solnsad.narod.ru/_adse/on-dom2.js

0
0

333ms
105ms

Script
text/html

193.109.247.250
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://solnsad.narod.ru/_adse/on-dom2.js
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 193.109.247.250 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Redirect headers

Location: https://solnsad.narod.ru/_adse/on-dom2.js
Date: Wed, 05 Oct 2022 11:42:54 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=15
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK 6.gif
s203.ucoz.net/img/cp/ 217 B
543 B 216ms
105ms Image
image/gif 193.109.247.247
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s203.ucoz.net/img/cp/6.gif
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 193.109.247.247 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 4c29049d5595cd2611957d0c0862e9b2e8f9feb7fdb96ede5821c044c1365e7c

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Last-Modified: Mon, 31 Jul 2017 10:31:59 GMT
Server: nginx
ETag: "597f071f-d9"
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 217
Expires: Tue, 25 Oct 2022 11:42:54 GMT

GET
H/1.1 200
OK jquery-1.7.2.js Show response
on-dom2.narod.ru/.s/src/ 93 KB
33 KB 108ms
108ms Script
text/javascript 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://on-dom2.narod.ru/.s/src/jquery-1.7.2.js
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/?kq%21ks3p%21dHLmAh%3BPiH5UYfaa%3BPs%5ECx%3BDqkxgzfMv%5EsbDvUuvvNZ6yxiAQRqBFTNbJ4vuMiMH5EN70x6L9EFmatr3WAdatq%3B7MSWR7QljERhb4CZ0HSBIrBQRDZ1A%21GX%3BuyqYwK1VftJxCiErXbMTBKTV%3BXrVzvkrOgJlignYNjf0VeN%3BRUeZXMVdvhtByGv62x10j%3BpPk%21CN7JCe0eCVj%3BudraRqeSAfWPKGINCTfvg5ISDEGR0UgNYdjOw0qhGn
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Sep 2022 17:44:22 GMT
Server: nginx
ETag: W/"6310ef76-17278"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=1728000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 25 Oct 2022 11:42:54 GMT

GET
H/1.1 200
OK uwnd.min.js Show response
on-dom2.narod.ru/.s/src/ 205 KB
56 KB 114ms
113ms Script
text/javascript 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://on-dom2.narod.ru/.s/src/uwnd.min.js
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/?kq%21ks3p%21dHLmAh%3BPiH5UYfaa%3BPs%5ECx%3BDqkxgzfMv%5EsbDvUuvvNZ6yxiAQRqBFTNbJ4vuMiMH5EN70x6L9EFmatr3WAdatq%3B7MSWR7QljERhb4CZ0HSBIrBQRDZ1A%21GX%3BuyqYwK1VftJxCiErXbMTBKTV%3BXrVzvkrOgJlignYNjf0VeN%3BRUeZXMVdvhtByGv62x10j%3BpPk%21CN7JCe0eCVj%3BudraRqeSAfWPKGINCTfvg5ISDEGR0UgNYdjOw0qhGn
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Server: nginx
ETag: W/"626678ba-3334b"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=1728000
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 25 Oct 2022 11:42:54 GMT

GET
H/1.1

200
OK

/ Show response
rot.spotsniper.ru/
Redirect Chain

http://rot.spotsniper.ru/?src=ucfs&s_subid=trrnt
https://rot.spotsniper.ru/?src=ucfs&s_subid=trrnt
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi-2_WZBlIFpdbt-gNaEAoHc19zdWJpZBIFdHJybnQ*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi-2_WZBlIFpdbt-gNaEAoHc19zdWJpZBIFdHJybnSiARDZv5TiRKIR7YZEACWQyCQ3
https://rot.spotsniper.ru/?src=ucfs&s_data=CAIQABi-2_WZBloQCgdzX3N1YmlkEgV0cnJudKIBENm_lOJEohHthkQAJZDIJDc*
https://rot.spotsniper.ru/?src=ucfs&s_data=CAIQARi-2_WZBloQCgdzX3N1YmlkEgV0cnJudKIBENm_lOJEohHthkQAJZDIJDc*

226 B
893 B

67ms
66ms

Script
application/javascript

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://rot.spotsniper.ru/?src=ucfs&s_data=CAIQARi-2_WZBloQCgdzX3N1YmlkEgV0cnJudKIBENm_lOJEohHthkQAJZDIJDc*
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: HTTP/1.1
Server: 31.172.81.158 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: c6aeda214e2e2207e5009be0c80f58453c00cc54ebae526eec2bdafb8e3b5b10

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Wed, 05 Oct 2022 11:42:54 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 226
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Server: nginx
ETag: d9bf94e2-44a2-11ed-8644-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //rot.spotsniper.ru/?src=ucfs&s_data=CAIQARi-2_WZBloQCgdzX3N1YmlkEgV0cnJudKIBENm_lOJEohHthkQAJZDIJDc*
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

hit;preroll_total_narod
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;preroll_total_narod?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970173900
https://counter.yadro.ru/hit;preroll_total_narod?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970173900
https://counter.yadro.ru/hit;preroll_total_narod?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970173900

43 B
528 B

198ms
99ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;preroll_total_narod?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970173900

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 04 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;preroll_total_narod?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970173900
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 04 Oct 2021 21:00:00 GMT

GET
H/1.1

200
OK

hit;narodadst1
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;narodadst1?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227
https://counter.yadro.ru/hit;narodadst1?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227
https://counter.yadro.ru/hit;narodadst1?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227

43 B
528 B

143ms
97ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;narodadst1?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 04 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;narodadst1?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 04 Oct 2021 21:00:00 GMT

GET
H/1.1

200
OK

hit;narod_desktop_ad
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;narod_desktop_ad?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227
https://counter.yadro.ru/hit;narod_desktop_ad?r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227
https://counter.yadro.ru/hit;narod_desktop_ad?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227

43 B
506 B

97ms
97ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;narod_desktop_ad?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 04 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;narod_desktop_ad?q;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;1664970174227
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 04 Oct 2021 21:00:00 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

197ms
59ms

Script
text/javascript

2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Oct 2022 11:08:30 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2064
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 05 Oct 2022 13:08:30 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK / Show response
ads.people-group.net/ Frame 1FEF 14 KB
6 KB 96ms
96ms Document
text/html 95.217.114.240
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ads.people-group.net/?hwn=MTc1MjYwJzM3JzMn&xm=1&swf=0&hrf=http%3A%2F%2Fon-dom2.narod.ru%2F&stg=1664970173.dcc1098082&s=MTYwMCUzQTAlM0ExMjAw&h=10%2F05%2F2022%2011%3A42%3A54%27%5E%271%27%5E%27&k=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81&0.9702614156870109

Requested by

Host: ads.people-group.net
URL: http://ads.people-group.net/175260/37/3/

Protocol

HTTP/1.1

Server

95.217.114.240 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

www.people-group.su

Software

nginx /

Resource Hash

f495e9c849b237e7a79e2f8817b23e2211fe9c81d7381a527b31964f910b16cb

Security Headers

Name	Value
X-Xss-Protection	0;

Request headers

Referer: http://on-dom2.narod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8;
Date: Wed, 05 Oct 2022 11:42:54 GMT
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 0;

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ 349 KB
115 KB 261ms
120ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=pub-9089562963379032&plah=on-dom2.narod.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

933dc3b4a8ae6ad285c304e64ddfcd1841ea522129162ea61359f6ec18e6e506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117218
x-xss-protection: 0
server: cafe
etag: 16158124950757667831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 11:42:54 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t27.6;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.2965412799037266
https://counter.yadro.ru/hit?t27.6;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.2965412799037266
https://counter.yadro.ru/hit?q;t27.6;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.2965412799037266

572 B
1 KB

101ms
100ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t27.6;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.2965412799037266

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

c0a2035a9e1cc22772e49c963afcb80e8132e2305076dcfb2302a87416d6596b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 572
Expires: Mon, 04 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t27.6;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.2965412799037266
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 04 Oct 2021 21:00:00 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/ 43 B
487 B 153ms
106ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&v=3.10.10i&pid=1751598&tid=t1.-1.1321253509.1664970174589&rid=1664970174.591-985220538&fid=pA8AAENKs1eLqpZKAQGQpwA%3D&aduid=296f2b35-a7f1-411e-a9b2-2488af19331e&aduidsc=narod.ru&stid=1426678291_1664970174591&sn=1&sen=1&en=1&ce=1&bs=1600x1200&rf&pt=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&le=1&ct=web&url=http%3A%2F%2Fon-dom2.narod.ru%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&eid=376517459515530&meta=%7B%22is_first%22%3A1%7D&rn=1994116012
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 11:42:54 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 1kraken-prod0002.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

http://db.c3.bb.a1.top.mail.ru/counter?id=1784656;t=109;js=13;r=;j=false;s=1600*1200;d=24;rand=0.05235039399144559
https://top-fwz1.mail.ru/counter?id=1784656;t=109;js=13;r=;j=false;s=1600*1200;d=24;rand=0.05235039399144559
https://top-fwz1.mail.ru/counter2?id=1784656;t=109;js=13;r=;j=false;s=1600*1200;d=24;rand=0.05235039399144559

310 B
1 KB

112ms
112ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=1784656;t=109;js=13;r=;j=false;s=1600*1200;d=24;rand=0.05235039399144559

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f216e37cba08df6e10b66fc7e4637ddad71632a7d9f9e667cb71ef6c596ac68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 310
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Wed, 05 Oct 2022 11:42:55 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=1784656;t=109;js=13;r=;j=false;s=1600*1200;d=24;rand=0.05235039399144559
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t45.19;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.16724095214430768
https://counter.yadro.ru/hit?t45.19;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.16724095214430768
https://counter.yadro.ru/hit?q;t45.19;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.16724095214430768

43 B
347 B

98ms
98ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.19;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.16724095214430768

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 04 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t45.19;r;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/;0.16724095214430768
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 04 Oct 2021 21:00:00 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 32 KB
14 KB 293ms
118ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://top-fwz1.mail.ru/js/code.js

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

HTTP/1.1

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Tue, 13 Sep 2022 17:32:31 GMT
Server: nginx
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
ETag: W/"6320beaf-7ecc"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-CH-Lifetime: 86400
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: max-age=3600, private
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Access-Control-Allow-Headers: *
Expires: Wed, 05 Oct 2022 12:42:54 GMT

GET
H/1.1 200
OK fonts2.css
ads.people-group.net/bann/ Frame 1FEF 121 KB
92 KB 94ms
94ms Stylesheet
text/css 95.217.114.240
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.people-group.net/bann/fonts2.css
Requested by: Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTc1MjYwJzM3JzMn&xm=1&swf=0&hrf=http%3A%2F%2Fon-dom2.narod.ru%2F&stg=1664970173.dcc1098082&s=MTYwMCUzQTAlM0ExMjAw&h=10%2F05%2F2022%2011%3A42%3A54%27%5E%271%27%5E%27&k=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81&0.9702614156870109
Protocol: HTTP/1.1
Server: 95.217.114.240 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www.people-group.su
Software: nginx /
Resource Hash: 6c98f1112b2719030cce8ff7c37d67f0851b3536dd98435fce9a4fb946570be7

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://ads.people-group.net/?hwn=MTc1MjYwJzM3JzMn&xm=1&swf=0&hrf=http%3A%2F%2Fon-dom2.narod.ru%2F&stg=1664970173.dcc1098082&s=MTYwMCUzQTAlM0ExMjAw&h=10%2F05%2F2022%2011%3A42%3A54%27%5E%271%27%5E%27&k=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81&0.9702614156870109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Aug 2014 18:44:43 GMT
Server: nginx
ETag: W/"53e51a9b-1e2d2"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Wed, 05 Oct 2022 12:42:54 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ads.people-group.net/bann/ Frame 1FEF 94 KB
33 KB 183ms
93ms Script
application/javascript 95.217.114.240
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.people-group.net/bann/jquery.min.js
Requested by: Host: ads.people-group.net
URL: http://ads.people-group.net/?hwn=MTc1MjYwJzM3JzMn&xm=1&swf=0&hrf=http%3A%2F%2Fon-dom2.narod.ru%2F&stg=1664970173.dcc1098082&s=MTYwMCUzQTAlM0ExMjAw&h=10%2F05%2F2022%2011%3A42%3A54%27%5E%271%27%5E%27&k=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81&0.9702614156870109
Protocol: HTTP/1.1
Server: 95.217.114.240 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: www.people-group.su
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://ads.people-group.net/?hwn=MTc1MjYwJzM3JzMn&xm=1&swf=0&hrf=http%3A%2F%2Fon-dom2.narod.ru%2F&stg=1664970173.dcc1098082&s=MTYwMCUzQTAlM0ExMjAw&h=10%2F05%2F2022%2011%3A42%3A54%27%5E%271%27%5E%27&k=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81&0.9702614156870109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Oct 2014 12:03:32 GMT
Server: nginx
ETag: W/"54352814-1762a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Wed, 05 Oct 2022 12:42:54 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/9134416/
Redirect Chain

https://mc.yandex.ru/watch/9134416?wmode=7&page-url=http%3A%2F%2Fon-dom2.narod.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1206%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.ru/watch/9134416/1?wmode=7&page-url=http%3A%2F%2Fon-dom2.narod.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1206%3Afu%3A0%3Aen%3Autf-8%3...

420 B
501 B

120ms
119ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/9134416/1?wmode=7&page-url=http%3A%2F%2Fon-dom2.narod.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1206%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1087463390973%3Ahid%3A995214028%3Az%3A0%3Ai%3A20221005114254%3Aet%3A1664970175%3Ac%3A1%3Arn%3A989152720%3Arqn%3A1%3Au%3A1664970175345524395%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A34%2C104%2C123%2C1%2C%2C0%2C%2C957%2C%2C%2C%2C%2C%3Acpf%3A1%3Antf%3A1%3Ans%3A1664970173387%3Arqnl%3A1%3Ast%3A1664970175%3At%3A%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

616ade5815b929ac2ceef69b15120bf52683644c6ad2840d1bedf2d31490960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 11:42:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 05-Oct-2022 11:42:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://on-dom2.narod.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Wed, 05-Oct-2022 11:42:54 GMT

Redirect headers

pragma: no-cache
date: Wed, 05 Oct 2022 11:42:54 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 05-Oct-2022 11:42:54 GMT
location: /watch/9134416/1?wmode=7&page-url=http%3A%2F%2Fon-dom2.narod.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3hff9a0%3Afp%3A1206%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1087463390973%3Ahid%3A995214028%3Az%3A0%3Ai%3A20221005114254%3Aet%3A1664970175%3Ac%3A1%3Arn%3A989152720%3Arqn%3A1%3Au%3A1664970175345524395%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A34%2C104%2C123%2C1%2C%2C0%2C%2C957%2C%2C%2C%2C%2C%3Acpf%3A1%3Antf%3A1%3Ans%3A1664970173387%3Arqnl%3A1%3Ast%3A1664970175%3At%3A%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin: http://on-dom2.narod.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 05-Oct-2022 11:42:54 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 115ms
115ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:54 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
etag: "633be002-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 05 Oct 2022 12:42:54 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
487 B 102ms
102ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_name=page_view&event_type=base&project_id=1751598&request_id=1664970174.591-985220538&event_id=376517459515530&meta=%7B%22browser_size%22%3A%221600x1200%22%2C%22title%22%3A%22%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.%22%2C%22screen_size%22%3A%7B%22cr%22%3A1600%2C%22hr%22%3A1200%7D%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A0%2C%22referer%22%3A%22%22%2C%22is_first%22%3A1%7D&url=http%3A%2F%2Fon-dom2.narod.ru%2F&session_id=1426678291_1664970174591&session_number=1&session_event_number=1&tid=t1.-1.1321253509.1664970174589&adtech_uid=296f2b35-a7f1-411e-a9b2-2488af19331e&adtech_uid_scope=narod.ru&fingerprint=pA8AAENKs1eLqpZKAQGQpwA%3D&fingerprint_ip=undefined&version=3.10.10i&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1751394046
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 11:42:54 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 1kraken-prod0002.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704282048&utmhn=on-dom2.narod.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704282048&utmhn=on-dom2.narod.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0...

35 B
197 B

85ms
84ms

Image
image/gif

2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704282048&utmhn=on-dom2.narod.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.&utmhid=564742902&utmr=-&utmp=%2F&utmht=1664970174803&utmac=UA-20408852-2&utmcc=__utma%3D30270561.644955218.1664970175.1664970175.1664970175.1%3B%2B__utmz%3D30270561.1664970175.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=608981593&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 11:42:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1704282048&utmhn=on-dom2.narod.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.&utmhid=564742902&utmr=-&utmp=%2F&utmht=1664970174803&utmac=UA-20408852-2&utmcc=__utma%3D30270561.644955218.1664970175.1664970175.1664970175.1%3B%2B__utmz%3D30270561.1664970175.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=608981593&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK / Show response
on-dom2.narod.ru/ Frame C805 2 KB
1 KB 120ms
120ms Document
text/html 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://on-dom2.narod.ru/?I3cIaLhlslwvflrPJkdt7T3H8%21hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/?kq%21ks3p%21dHLmAh%3BPiH5UYfaa%3BPs%5ECx%3BDqkxgzfMv%5EsbDvUuvvNZ6yxiAQRqBFTNbJ4vuMiMH5EN70x6L9EFmatr3WAdatq%3B7MSWR7QljERhb4CZ0HSBIrBQRDZ1A%21GX%3BuyqYwK1VftJxCiErXbMTBKTV%3BXrVzvkrOgJlignYNjf0VeN%3BRUeZXMVdvhtByGv62x10j%3BpPk%21CN7JCe0eCVj%3BudraRqeSAfWPKGINCTfvg5ISDEGR0UgNYdjOw0qhGn
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 31a4cdbacc86b7908b96e1444e5aa93482d671a1e468db90d2df05bbc799eb98

Request headers

Referer: http://on-dom2.narod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: no-cache no-store private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 05 Oct 2022 11:42:55 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK /
log.morgdm.ru/ 43 B
547 B 204ms
72ms Image
image/gif 31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://log.morgdm.ru/?src=ucfs&s_act=s&s_trk=CgiRuGgUSlrG7xCSvsPLBRi-2_WZBg**&cb=0.125237660362427

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

HTTP/1.1

Server

31.172.81.172 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:55 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DEV TAI PSA PSD OUR STP COM NAV INT DEM STA PRE LOC"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1985 00:00:01 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
643 B 215ms
75ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=on-dom2.narod.ru&callback=_gfp_s_&client=ca-pub-9089562963379032

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_with_ama_fy2021.js?client=pub-9089562963379032&plah=on-dom2.narod.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54db65075712ac0b66971b3dcce842ffb875a42c27d2446511c2161073681ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.es/adsid/ 107 B
792 B 228ms
73ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.es/adsid/integrator.js?domain=on-dom2.narod.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 217ms
75ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=on-dom2.narod.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC05 603 B
215 B 231ms
89ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9089562963379032&output=html&h=280&slotname=3536610601&adk=3668649003&adf=541054138&pi=t.ma~as.3536610601&w=336&lmt=1664970175&url=http%3A%2F%2Fon-dom2.narod.ru%2F&wgl=1&dt=1664970174557&bpp=15&bdt=906&idt=446&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&correlator=6615069295110&frm=20&pv=2&ga_vid=644955218.1664970175&ga_sid=1664970175&ga_hid=564742902&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=632&ady=686&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774717%2C42531706%2C31062930&oid=2&pvsid=1509531897577760&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7Ce%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=LnPbpESYSp&p=http%3A//on-dom2.narod.ru&dtd=463

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://on-dom2.narod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 11:42:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7CE 603 B
600 B 221ms
89ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9089562963379032&output=html&h=280&slotname=3536610601&adk=2527357629&adf=3079265134&pi=t.ma~as.3536610601&w=336&lmt=1664970175&url=http%3A%2F%2Fon-dom2.narod.ru%2F&wgl=1&dt=1664970174572&bpp=2&bdt=922&idt=455&shv=r20220928&mjsv=m202209290101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3536610601&correlator=6615069295110&frm=20&pv=1&ga_vid=644955218.1664970175&ga_sid=1664970175&ga_hid=564742902&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=632&ady=1143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774717%2C42531706%2C31062930&oid=2&pvsid=1509531897577760&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7Cd%7CEe%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=15s2ce9fJo&p=http%3A//on-dom2.narod.ru&dtd=458

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://on-dom2.narod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 11:42:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK style.css
s206.ucoz.net/adv/dummy/000/css/ Frame C805 6 KB
2 KB 105ms
105ms Stylesheet
text/css 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s206.ucoz.net/adv/dummy/000/css/style.css
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/?I3cIaLhlslwvflrPJkdt7T3H8%21hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 25ed1276f20986488e24b40548f023af771181ac7862900bde43cbdaffe0d0b9

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Mar 2019 14:28:15 GMT
Server: nginx
ETag: W/"5c9a36ff-19eb"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK ucoz-logo.png
s206.ucoz.net/adv/dummy/000/img/ Frame C805 4 KB
5 KB 210ms
105ms Image
image/png 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s206.ucoz.net/adv/dummy/000/img/ucoz-logo.png
Requested by: Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/?I3cIaLhlslwvflrPJkdt7T3H8%21hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:55 GMT
Last-Modified: Tue, 26 Mar 2019 14:28:15 GMT
Server: nginx
ETag: "5c9a36ff-11e9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 4585

GET
H/1.1 200
OK / Show response
rot.spotsniper.ru/ Frame C805 597 B
2 KB 77ms
77ms Script
application/javascript 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://rot.spotsniper.ru/?src=ujs6

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/?I3cIaLhlslwvflrPJkdt7T3H8%21hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

31.172.81.158 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

fe6c4277d95e8b4fb1410b4ee3e6de5e0d5446183f7d27e86a2bf2b9f37ef832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:55 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3P: CP="NOI DEV TAI PSA PSD OUR STP COM NAV INT DEM STA PRE LOC"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 597
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1985 00:00:01 GMT

GET
H/1.1 200
OK / Show response
rot.spotsniper.ru/ Frame C805 229 B
1 KB 153ms
76ms Script
application/javascript 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://rot.spotsniper.ru/?src=ujs6&s_subid=btn

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/?I3cIaLhlslwvflrPJkdt7T3H8%21hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

31.172.81.158 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

35b767ad740f9da5f3fd457c05371981e651a970bdcc1353a9007c17e7565481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:55 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3P: CP="NOI DEV TAI PSA PSD OUR STP COM NAV INT DEM STA PRE LOC"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 229
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1985 00:00:01 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?js=13;id=1784656;u=http%3A//on-dom2.narod.ru/;st=1664970174607;title=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%...
https://top-fwz1.mail.ru/counter2?js=13;id=1784656;u=http%3A//on-dom2.narod.ru/;st=1664970174607;title=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80...

43 B
963 B

112ms
112ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?js=13;id=1784656;u=http%3A//on-dom2.narod.ru/;st=1664970174607;title=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.;s=1600*1200;vp=1600*2096;touch=0;hds=1;frame=0;flash=;sid=cbce2ec8374c8d45;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1664970175106%3A1664970175119%3A1%3Af3e53017e91e756db8ff174da52fd61d;opts=jst-ym;visible=true;_=0.6394487295855777

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Wed, 05 Oct 2022 11:42:55 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?js=13;id=1784656;u=http%3A//on-dom2.narod.ru/;st=1664970174607;title=%D0%94%D0%BE%D0%BC%202%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%BD%D0%B5%20%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BE%D0%BC%D0%B0%202%20%D0%BD%D0%B0%20%D1%82%D0%BD%D1%82%2C%20dom2%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%B4%D0%BE%D0%BC2%20%D0%B2%D1%81%D0%B5%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%2C%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D0%B5%20%D1%8D%D1%84%D0%B8%D1%80%D1%8B%20%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D1%82%D0%B8-%D1%88%D0%BE%D1%83.;s=1600*1200;vp=1600*2096;touch=0;hds=1;frame=0;flash=;sid=cbce2ec8374c8d45;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1664970175106%3A1664970175119%3A1%3Af3e53017e91e756db8ff174da52fd61d;opts=jst-ym;visible=true;_=0.6394487295855777
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK LKf8nhXsWg5ybwEGXk8UBQ.woff
themes.googleusercontent.com/static/fonts/ptsans/v5/ Frame C805 59 KB
60 KB 133ms
67ms Font
font/woff 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff

Requested by

Host: s206.ucoz.net
URL: http://s206.ucoz.net/adv/dummy/000/css/style.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://s206.ucoz.net/
Origin: http://on-dom2.narod.ru
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:22:15 GMT
X-Content-Type-Options: nosniff
Age: 526840
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 60332
X-XSS-Protection: 0
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Fri, 29 Sep 2023 09:22:15 GMT

GET
H/1.1

200
OK

hit;ucoz_topline_worldwide
counter.yadro.ru/ Frame C805
Redirect Chain

http://counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//on-dom2.narod.ru/;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/%3FI3cIaLhlslwvflrPJkdt7T3H8%2521hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwX...
https://counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//on-dom2.narod.ru/;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/%3FI3cIaLhlslwvflrPJkdt7T3H8%2521hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTw...

43 B
347 B

97ms
97ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//on-dom2.narod.ru/;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/%3FI3cIaLhlslwvflrPJkdt7T3H8%2521hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o;1664970175223

Requested by

Host: on-dom2.narod.ru
URL: http://on-dom2.narod.ru/?I3cIaLhlslwvflrPJkdt7T3H8%21hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Oct 2022 11:42:55 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 04 Oct 2021 21:00:00 GMT

Redirect headers

Location: https://counter.yadro.ru/hit;ucoz_topline_worldwide?rhttp%3A//on-dom2.narod.ru/;s1600*1200*24;uhttp%3A//on-dom2.narod.ru/%3FI3cIaLhlslwvflrPJkdt7T3H8%2521hnhTU8a8efjnrRx2mB3ju2YTqRyu1pRjpaUFZhAgSTwXlauT5LJXgCv55wWuvMwt9o;1664970175223
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK bg.gif
s206.ucoz.net/adv/dummy/000/img/ Frame C805 1 KB
1 KB 105ms
105ms Image
image/gif 193.109.247.248
COMPUBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s206.ucoz.net/adv/dummy/000/img/bg.gif
Requested by: Host: s206.ucoz.net
URL: http://s206.ucoz.net/adv/dummy/000/css/style.css
Protocol: HTTP/1.1
Server: 193.109.247.248 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS: dev.ucoz.net
Software: nginx /
Resource Hash: 16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://s206.ucoz.net/adv/dummy/000/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 11:42:56 GMT
Last-Modified: Tue, 26 Mar 2019 14:28:15 GMT
Server: nginx
ETag: "5c9a36ff-4f4"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1268

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
53 KB 235ms
101ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

044c0adca60c7613a80eef5784f4b2303ee3ae442bf4d478244e4e8853e333eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54520
x-xss-protection: 0
server: cafe
etag: 12167875137632949464
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 11:42:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 226ms
87ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

279db628638819b617fa9e9a191f83f52447b4991a058743db6ba28cddf5b4bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11262
x-xss-protection: 0

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
874 B 112ms
112ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=1784656;u=http%3A//on-dom2.narod.ru/;st=1664970174607;s=1600*1200;vp=1600*2096;touch=0;hds=1;frame=0;flash=;sid=cbce2ec8374c8d45;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1664970173387/////0/1/35/35/139//139/262/263/264/1220/1348/1351/2095/2095/;ni=9.1//4g/0/0/;lvid=1664970175106%3A1664970175485%3A2%3Af3e53017e91e756db8ff174da52fd61d;opts=jst-ym;visible=true;_=0.6215055485905994;e=RT/load;et=1664970175484

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 228ms
87ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 05 Oct 2022 11:42:55 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 25FC 10 KB
4 KB 195ms
64ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://on-dom2.narod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

age: 77792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 14:06:23 GMT
etag: 9671129459699598864
expires: Tue, 18 Oct 2022 14:06:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.es/adsid/ 107 B
122 B 206ms
74ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.es/adsid/integrator.js?domain=on-dom2.narod.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 210ms
75ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=on-dom2.narod.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 101ms
100ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fon-dom2.narod.ru%2F&tn=IFRAME&id=iFcQt8xGoc&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 11:42:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C61 0
20 B 198ms
74ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9089562963379032&output=html&adk=1812271804&adf=3025194257&lmt=1664970175&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fon-dom2.narod.ru%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664970175801&bpp=2&bdt=2150&idt=2&shv=r20220928&mjsv=m202209290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcc5305fb81ccf322-228277c03ace00db%3AT%3D1664970175%3ART%3D1664970175%3AS%3DALNI_MbLNAUIThkfZTI1uCzpMRt_VqjrRg&prev_slotnames=3536610601%2C3536610601&nras=1&correlator=6615069295110&frm=20&pv=1&ga_vid=644955218.1664970175&ga_sid=1664970175&ga_hid=564742902&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44774717%2C42531706%2C31062930&oid=2&pvsid=1509531897577760&tmod=71402656&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://on-dom2.narod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 11:42:55 GMT
expires: Wed, 05 Oct 2022 11:42:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F2C8 13 KB
5 KB 213ms
69ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://on-dom2.narod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
age: 724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 11:30:52 GMT
expires: Thu, 05 Oct 2023 11:30:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D8C 783 B
1 KB 286ms
106ms Document
text/html 2a00:1450:400d:804::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d5ef3e27b08c3b03a1484be02071088be64d1000f753d957fb6f905c3d8c90c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QjaYkMkLr-NEo9HPqo8bAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://on-dom2.narod.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-QjaYkMkLr-NEo9HPqo8bAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 11:42:56 GMT
expires: Wed, 05 Oct 2022 11:42:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame F2C8 36 KB
16 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 10:33:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D8C 0
0 104ms
102ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=1509531897577760&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F2C8 0
10 B 70ms
69ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6V0RXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 11:42:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 104ms
104ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=1509531897577760&bg=!KyilKGzNAAYQgTJdMIE7ACkAdvg8WjlaG5Ob7KlKpdqdjt1bIgj78vM3wf9IO-XPW-lyqkVVmXOLkgIAAACNUgAAAAFoAQcKAEE51MDWAVTLN3rAUzO7BBcteXtpz0lWNTO0EE8x2t8HOZYrlVFN1qZfAZKAJZ0tyXS1VKiesAKve8pMaZd9I3be8JkCm6_tTrKIbfLO60sP55wcwSfh7QqqFCpKDP59ZyBRz3pe18nPKWesnCyU9OhcSpMyr_9EDbrSrdWDwVfUr1w1o2uDIs94ATUf7T5fWFeaBAUGV_ZBAvBdbTYqOaZJauxaXVp55h725vjRyDp5r6l90Ak9U_I9OGHyRp3g4ge5GPK0rRTfACOyDqoeo08sHLfvtdW5j_xLn2d7q5bM6A93NqKh0aKw0S9UlMXrzx4hPa6gk9lGxkfAZjAPXaUAbeYwQrIhNE51CNh1FvhvATImdbMKFg_rLELOU4yq47jsnI9fpVTCCjqMRfVX-stgUNpvWGkeJSzNRi1ovh9w2sy4xKHFH0nhVTwo5QEG4gupB-56WZEZnLsiaSwoMJQaordzL4haKG-gIZRVY5ONI8lYARnloZmvxiq1W0QhJYC8ZGgpH7r5A6iY9I7pkvgI1goUoaxINlcrTbNYoukLLwa_4aIPQeatSG4UStHqpD6UETQkaX8KnfJiOZqiT4CWseNb2eCZ2NTHBNSxw0mC0wkyk_9qvjCWFGsYMJc-MG24T_WSgzpg-4mTD5lGXxejoFDhWxViiC5Hi1wBPQW5PXXPA4V9uaeARlwxk_g2fbYv32Gh2ytwTfOzyqxBYy1OlUU9ZAHgketvOkm15IgsXTvBWHy3rhwGYTWTWMR9dSX5V1dJUMUAMmlAYVPVHGa6ib4VRUkyTOBfcHPXiub5_N_x0U3o38xw_wU5HVB8mIoou-e-v1hkw_piXKLPVc7nfC1kN65AJ5PiIDzOcnPTXRJ9LVwEOc4fGxQtDfKBDB4LPpvLlGxi3vqBv2tCWHCOIPJXb3vMENRcBPodx2zvHE874yhhFgbu1tiDIFG0xewh1eOKdAtb-PmJ3BILRd0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://on-dom2.narod.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

319 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.directadvert.ru/	1970-01-20 15:15:06	Name: nid Value: X6iqB2M9bb17kGDbGVlVAg==
.rambler.ru/	1970-01-20 16:05:30	Name: ruid Value: 1CIAAL5tPWM9Cj+NAUApZQB=
.narod.ru/	1970-01-20 15:15:06	Name: adtech_uid Value: 296f2b35-a7f1-411e-a9b2-2488af19331e%3Anarod.ru
.narod.ru/	1970-01-20 15:15:06	Name: top100_id Value: t1.-1.1321253509.1664970174589
.narod.ru/	1970-01-20 16:05:30	Name: last_visit Value: 1664970174591%3A%3A1664970174591
.narod.ru/	1970-01-20 15:15:06	Name: t3_sid_NaN Value: s1.1426678291.1664970174591.1664970174596.1.1.1.1
.yadro.ru/	1970-01-20 15:14:13	Name: VID Value: 1pPmvl37sJuP1ZFMs-003AdG
.narod.ru/	1970-01-20 15:15:06	Name: _ym_uid Value: 1664970175345524395
.narod.ru/	1970-01-20 15:15:06	Name: _ym_d Value: 1664970175
.adsniper.ru/	1970-01-20 16:05:30	Name: uuid3 Value: IiRkOWJmOTRlMi00NGEyLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
.on-dom2.narod.ru/	1969-12-31 23:59:59	Name: uaoffc1 Value: 1664970174
.on-dom2.narod.ru/	1970-01-20 16:05:30	Name: __utma Value: 30270561.644955218.1664970175.1664970175.1664970175.1
.on-dom2.narod.ru/	1969-12-31 23:59:59	Name: __utmc Value: 30270561
.on-dom2.narod.ru/	1970-01-20 10:52:18	Name: __utmz Value: 30270561.1664970175.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.on-dom2.narod.ru/	1970-01-20 06:29:30	Name: __utmt Value: 1
.on-dom2.narod.ru/	1970-01-20 06:29:31	Name: __utmb Value: 30270561.1.10.1664970175
.yandex.ru/	1970-01-20 15:15:06	Name: yandexuid Value: 5792400171664970174
.yandex.ru/	1970-01-20 15:15:06	Name: yuidss Value: 5792400171664970174
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 152424261664970174
.yandex.ru/	1970-01-20 16:05:30	Name: i Value: zDHScAzhJK99aq7IPomYpaoJQVaxWi/h0GClZL2A99Gemg1brqSW3tHVNbDzgBqmaEN0ykKxAA0nyV0bcvcEEjkstVI=
.yandex.ru/	1970-01-20 15:15:06	Name: ymex Value: 1696506174.yrts.1664970174#1696506174.yrtsi.1664970174
.narod.ru/	1970-01-20 06:30:42	Name: _ym_isad Value: 2
.spotsniper.ru/	1970-01-20 16:05:30	Name: suuid3 Value: IiRkOWJmOTRlMi00NGEyLTExZWQtODY0NC0wMDI1OTBjODI0Mzc*
.narod.ru/	1970-01-20 14:29:01	Name: tmr_lvid Value: f3e53017e91e756db8ff174da52fd61d
.narod.ru/	1970-01-20 14:29:01	Name: tmr_lvidTS Value: 1664970175106
.narod.ru/	1970

on-dom2.narod.ru Open in urlscan Pro 193.109.247.248

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

65 Requests

40 %HTTPS

43 %IPv6

19 Domains

28 Subdomains

23 IPs

6 Countries

1052 kBTransfer

2651 kBSize

30 Cookies

12 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

on-dom2.narod.ru
193.109.247.248

Screenshot
Live screenshot

Full Image

65
Requests

40 %
HTTPS

43 %
IPv6

19
Domains

28
Subdomains

23
IPs

6
Countries

1052 kB
Transfer

2651 kB
Size

30
Cookies

65 HTTP transactions
0 data transactions