ourcommonstories.com Open in urlscan Pro
139.45.197.151 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://esqfctbqf.com/
Effective URL:
https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&...
Submission: On March 21 via manual (March 21st 2022, 11:53:04 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 17 HTTP transactions. The main IP is 139.45.197.151, located in United Kingdom and belongs to RETN-AS, GB. The main domain is ourcommonstories.com.
TLS certificate: Issued by R3 on March 7th 2022. Valid for: 3 months.

This is the only time ourcommonstories.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	188.42.224.23 188.42.224.23	35415 (WEBZILLA) (WEBZILLA)
1 5	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
5	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
1	2606:4700:10:... 2606:4700:10::6816:1974	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.240 139.45.197.240	9002 (RETN-AS) (RETN-AS)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
17	8

1 188.42.224.23 (Luxembourg)

ASN35415 (WEBZILLA, NL)

esqfctbqf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.236 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

yonxatuor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unphionetor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

ourcommonstories.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)

propeller-tracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 28691	2 KB
5	ourcommonstories.com ourcommonstories.com	27 KB
3	unphionetor.com unphionetor.com — Cisco Umbrella Rank: 23627	1 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2926	69 KB
2	yonxatuor.com 1 redirects yonxatuor.com — Cisco Umbrella Rank: 459250	5 KB
1	propeller-tracking.com propeller-tracking.com — Cisco Umbrella Rank: 15408	3 KB
1	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 13234	7 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10613	491 B
1	esqfctbqf.com esqfctbqf.com	2 KB
17	9

	Domain	Requested by
5	mc.yandex.com	2 redirects ourcommonstories.com
5	ourcommonstories.com	ourcommonstories.com
3	unphionetor.com	propeller-tracking.com
2	mc.yandex.ru	1 redirects ourcommonstories.com
2	yonxatuor.com	1 redirects esqfctbqf.com
1	propeller-tracking.com	ourcommonstories.com
1	littlecdn.com	ourcommonstories.com
1	my.rtmark.net	yonxatuor.com
1	esqfctbqf.com
17	9

This site contains no links.

Subject Issuer	Validity	Valid
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
ourcommonstories.com R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
propeller-tracking.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-22` - `2022-11-06`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
unphionetor.com R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Frame ID: 45B6A5A9B44D1B9D614C91D5108F0D98
Requests: 15 HTTP requests in this frame

Frame: https://ourcommonstories.com/templates/_assets/push-skin/skin.html
Frame ID: D7CEEAAAF7CC8BFB481B84DAE850FCFB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zulassen drücken

Page URL History Show full URLs

http://esqfctbqf.com/ Page URL
http://yonxatuor.com/4/2627325 Page URL
http://yonxatuor.com/?z=2627325&syncedCookie=true HTTP 302
https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z... Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

17
Requests

76 %
HTTPS

29 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

114 kB
Transfer

324 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://esqfctbqf.com/ Page URL
http://yonxatuor.com/4/2627325 Page URL
http://yonxatuor.com/?z=2627325&syncedCookie=true HTTP 302
https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9584.M69eQsEbILCHmZ5cuW9OQtdPZPE9HRlNTJHZqNa1EDg-CwSij7DDSINAds85U6HC.C9pDxhphnt5oq0A059LnPQXOe1I%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9584.G-REzF_TQhWycd3L9Xc1ld7P8k3KaZ68GptNj4WAQ2OAPj2K5UWBBTAMAk_UV7_ADF0vltLjtI5uIl_VbYMTAw%2C%2C.J6TkrQBR4t9wBe5KEDrDRjY347E%2C

Request Chain 15

https://mc.yandex.com/watch/67238875?wmode=7&page-url=https%3A%2F%2Fourcommonstories.com%2F%3Fs%3D529922050014605891%26ssk%3D1df979ae15d9e2017dc14fbd546cfea2%26svar%3D1647906781%26z%3D2627325%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A313618653073%3Ahid%3A565502818%3Az%3A0%3Ai%3A20220321235301%3Aet%3A1647906782%3Ac%3A1%3Arn%3A487016673%3Arqn%3A1%3Au%3A1647906782679688104%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647906781603%3Ads%3A23%2C29%2C45%2C0%2C17%2C0%2C%2C25%2C1%2C%2C%2C%2C139%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647906782%3At%3AZulassen%20dr%C3%BCcken&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fourcommonstories.com%2F%3Fs%3D529922050014605891%26ssk%3D1df979ae15d9e2017dc14fbd546cfea2%26svar%3D1647906781%26z%3D2627325%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A313618653073%3Ahid%3A565502818%3Az%3A0%3Ai%3A20220321235301%3Aet%3A1647906782%3Ac%3A1%3Arn%3A487016673%3Arqn%3A1%3Au%3A1647906782679688104%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647906781603%3Ads%3A23%2C29%2C45%2C0%2C17%2C0%2C%2C25%2C1%2C%2C%2C%2C139%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647906782%3At%3AZulassen%20dr%C3%BCcken&t=gdpr%2814%29aw%281%29ti%282%29

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
esqfctbqf.com/ 7 KB
2 KB 34ms
13ms Document
text/html 188.42.224.23
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://esqfctbqf.com/
Protocol: HTTP/1.1
Server: 188.42.224.23 , Luxembourg, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ec4ada6c5eab89cfd518732165d91816917cb16c8565e800ed8437ad6ac6800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Mon, 21 Mar 2022 23:53:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK 2627325 Show response
yonxatuor.com/4/ 6 KB
4 KB 34ms
14ms Document
text/html 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://yonxatuor.com/4/2627325
Requested by: Host: esqfctbqf.com
URL: http://esqfctbqf.com/
Protocol: HTTP/1.1
Server: 139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3b4936202d9b566c6e77a888734f345b728ae6ba288a5c3e174723236b09ba94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://esqfctbqf.com/

Response headers

Server: nginx
Date: Mon, 21 Mar 2022 23:53:01 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b52496796d8067eee4071fab1a37905a
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: * *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
Timing-Allow-Origin: *
Content-Encoding: gzip

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 88ms
12ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=3a80259f588542cf98f94c61226dc188

Requested by

Host: yonxatuor.com
URL: http://yonxatuor.com/4/2627325

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://yonxatuor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:53:01 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

Primary Request / Show response
ourcommonstories.com/
Redirect Chain

http://yonxatuor.com/?z=2627325&syncedCookie=true
https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

31 KB
9 KB

96ms
45ms

Document
text/html

139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.25
Resource Hash: be1567c4e7040331f910d3f28f4096bccc75a41846915a53a7619867e0813b3b

Request headers

Upgrade-Insecure-Requests: 1
Origin: http://yonxatuor.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 21 Mar 2022 23:53:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 21 Mar 2022 23:53:01 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: c442eaae3685b1a49dde9313f8689d5d
Link: <https://ourcommonstories.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Access-Control-Allow-Origin: http://yonxatuor.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 200 inapp.min.js Show response
littlecdn.com/apps/templates/_assets/scripts/ 21 KB
7 KB 68ms
28ms Script
application/javascript 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/apps/templates/_assets/scripts/inapp.min.js
Requested by: Host: ourcommonstories.com
URL: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53ba3541ae765b293259fff16bf4599fb18295116b19d6b928e74d55f67b57a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:53:01 GMT
content-encoding: br
cf-cache-status: HIT
age: 3415
last-modified: Mon, 21 Mar 2022 17:38:12 GMT
server: cloudflare
etag: W/"6238b804-54ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
cf-ray: 6efa9aca196a021d-ZRH
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 fv.js Show response
propeller-tracking.com/ 5 KB
3 KB 58ms
13ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=71022&cb=1771796630

Requested by

Host: ourcommonstories.com
URL: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

888096aaf9d1cec8ca2b21aa93597e8668c43eb1cc250067d2c69c6b71b8ab95

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: 9e3825c00f611635060876cf9f9d1a7c
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
68 KB 148ms
69ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ourcommonstories.com
URL: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:53:01 GMT
content-encoding: br
last-modified: Mon, 21 Mar 2022 15:52:42 GMT
etag: "6238751a-10fdc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69596
expires: Tue, 22 Mar 2022 00:53:01 GMT

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 skin.html Show response
ourcommonstories.com/templates/_assets/push-skin/ Frame D7CE 3 KB
1 KB 12ms
12ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonstories.com/templates/_assets/push-skin/skin.html

Requested by

Host: ourcommonstories.com
URL: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

87ff48a9cd88a4c7f8611fbbf68b4da09401553cad4f8f23ae71cf4aef0a4a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=60
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Response headers

server: nginx
date: Mon, 21 Mar 2022 23:53:01 GMT
content-type: text/html
last-modified: Mon, 21 Mar 2022 17:38:12 GMT
vary: Accept-Encoding
etag: W/"6238b804-a84"
strict-transport-security: max-age=60
x-content-type-options: nosniff
content-encoding: gzip

POST
H2 200 / Show response
ourcommonstories.com/ 2 B
301 B 20ms
20ms XHR
application/json 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by: Host: ourcommonstories.com
URL: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.27
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:53:01 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.4.27
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 skin.css
ourcommonstories.com/templates/_assets/push-skin/ Frame D7CE 23 KB
9 KB 13ms
12ms Stylesheet
text/css 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonstories.com/templates/_assets/push-skin/skin.css
Requested by: Host: ourcommonstories.com
URL: https://ourcommonstories.com/templates/_assets/push-skin/skin.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 078f8d637ba3c9b35da7e4392c083232c392aa968c6c4c3af030e7fb9d5d6d17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/templates/_assets/push-skin/skin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:53:01 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 17:38:12 GMT
server: nginx
etag: W/"6238b804-5cf1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 skin.min.js Show response
ourcommonstories.com/templates/_assets/push-skin/ Frame D7CE 27 KB
7 KB 13ms
13ms Script
application/javascript 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonstories.com/templates/_assets/push-skin/skin.min.js
Requested by: Host: ourcommonstories.com
URL: https://ourcommonstories.com/templates/_assets/push-skin/skin.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2850867d45189af6747c0e88fcf55922006b36e447035be87adf4df1046a064d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/templates/_assets/push-skin/skin.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:53:01 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 17:38:12 GMT
server: nginx
etag: W/"6238b804-6d48"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 204 vctx Show response
unphionetor.com/ 0
496 B 168ms
124ms XHR
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unphionetor.com/vctx?t=71022

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1771796630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-trace-id: 77cae1d3d1bcd7b052f5d3d8f6e1f89e
pragma: no-cache
date: Mon, 21 Mar 2022 23:53:01 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ourcommonstories.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9584.M69eQsEbILCHmZ5cuW9OQtdPZPE9HRlNTJHZqNa1EDg-CwSij7DDSINAds85U6HC.C9pDxhphnt5oq0A059LnPQXOe1I%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9584.G-REzF_TQhWycd3L9Xc1ld7P8k3KaZ68GptNj4WAQ2OAPj2K5UWBBTAMAk_UV7_ADF0vltLjtI5uIl_VbYMTAw%2C%2C.J6TkrQBR4t9wBe5KEDrDRjY347E%2C

75 B
75 B

37ms
36ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9584.G-REzF_TQhWycd3L9Xc1ld7P8k3KaZ68GptNj4WAQ2OAPj2K5UWBBTAMAk_UV7_ADF0vltLjtI5uIl_VbYMTAw%2C%2C.J6TkrQBR4t9wBe5KEDrDRjY347E%2C

Requested by

Host: ourcommonstories.com
URL: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:53:02 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9584.G-REzF_TQhWycd3L9Xc1ld7P8k3KaZ68GptNj4WAQ2OAPj2K5UWBBTAMAk_UV7_ADF0vltLjtI5uIl_VbYMTAw%2C%2C.J6TkrQBR4t9wBe5KEDrDRjY347E%2C
date: Mon, 21 Mar 2022 23:53:02 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 100ms
36ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ourcommonstories.com
URL: https://ourcommonstories.com/?s=529922050014605891&ssk=1df979ae15d9e2017dc14fbd546cfea2&svar=1647906781&z=2627325&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 23:53:02 GMT
last-modified: Mon, 21 Mar 2022 15:52:42 GMT
etag: "6238751a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 22 Mar 2022 00:53:02 GMT

POST
H2 204 vbl
unphionetor.com/ 0
495 B 14ms
14ms Ping
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unphionetor.com/vbl?t=71022&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1771796630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-trace-id: ccdd3ebedf95447d39b12c2d3d23b5af
pragma: no-cache
date: Mon, 21 Mar 2022 23:53:01 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ourcommonstories.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/67238875/
Redirect Chain

https://mc.yandex.com/watch/67238875?wmode=7&page-url=https%3A%2F%2Fourcommonstories.com%2F%3Fs%3D529922050014605891%26ssk%3D1df979ae15d9e2017dc14fbd546cfea2%26svar%3D1647906781%26z%3D2627325%26pz%...
https://mc.yandex.com/watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fourcommonstories.com%2F%3Fs%3D529922050014605891%26ssk%3D1df979ae15d9e2017dc14fbd546cfea2%26svar%3D1647906781%26z%3D2627325%26p...

338 B
420 B

38ms
37ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fourcommonstories.com%2F%3Fs%3D529922050014605891%26ssk%3D1df979ae15d9e2017dc14fbd546cfea2%26svar%3D1647906781%26z%3D2627325%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A313618653073%3Ahid%3A565502818%3Az%3A0%3Ai%3A20220321235301%3Aet%3A1647906782%3Ac%3A1%3Arn%3A487016673%3Arqn%3A1%3Au%3A1647906782679688104%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647906781603%3Ads%3A23%2C29%2C45%2C0%2C17%2C0%2C%2C25%2C1%2C%2C%2C%2C139%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647906782%3At%3AZulassen%20dr%C3%BCcken&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

114b38c9140a8c6aea6b2c9b32e8a8145cda56ca334e1da6e80d3da620e4382b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 23:53:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 21-Mar-2022 23:53:02 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ourcommonstories.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Mon, 21-Mar-2022 23:53:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Mar 2022 23:53:02 GMT
last-modified: Mon, 21-Mar-2022 23:53:02 GMT
location: /watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fourcommonstories.com%2F%3Fs%3D529922050014605891%26ssk%3D1df979ae15d9e2017dc14fbd546cfea2%26svar%3D1647906781%26z%3D2627325%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A143%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A313618653073%3Ahid%3A565502818%3Az%3A0%3Ai%3A20220321235301%3Aet%3A1647906782%3Ac%3A1%3Arn%3A487016673%3Arqn%3A1%3Au%3A1647906782679688104%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647906781603%3Ads%3A23%2C29%2C45%2C0%2C17%2C0%2C%2C25%2C1%2C%2C%2C%2C139%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647906782%3At%3AZulassen%20dr%C3%BCcken&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ourcommonstories.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 21-Mar-2022 23:53:02 GMT

POST
H2 204 vbri
unphionetor.com/ 0
495 B 13ms
12ms Ping
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://unphionetor.com/vbri?t=71022&bid=undefined&aid=undefined&tp=2356.1000003814697

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1771796630

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ourcommonstories.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-trace-id: 86aac8f9a8338e6219a629cc8f29c6aa
pragma: no-cache
date: Mon, 21 Mar 2022 23:53:03 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ourcommonstories.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yonxatuor.com/	1970-01-20 10:30:42	Name: OAID Value: 3a80259f588542cf98f94c61226dc188
yonxatuor.com/	1970-01-20 10:30:42	Name: oaidts Value: 1647906781
my.rtmark.net/	1970-01-20 10:30:42	Name: ID Value: 3a80259f588542cf98f94c61226dc188
yonxatuor.com/	1970-01-20 01:55:11	Name: syncedCookie Value: true
ourcommonstories.com/	1970-01-20 01:45:10	Name: reverse Value: jwm-TH9JjDS7qaMmmFsRrhP5aMswGl7BCxndjEuJzkU
.ourcommonstories.com/	1970-01-20 10:30:42	Name: _ym_uid Value: 1647906782679688104
.ourcommonstories.com/	1970-01-20 10:30:42	Name: _ym_d Value: 1647906782
.mc.yandex.com/	1970-01-20 01:45:07	Name: sync_cookie_csrf Value: 83013264fake
.ourcommonstories.com/	1970-01-20 01:46:18	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 01:45:07	Name: sync_cookie_csrf Value: 809155779fake
.yandex.com/	1970-01-20 10:30:42	Name: yandexuid Value: 2500319371647906782
.yandex.com/	1970-01-20 10:30:42	Name: yuidss Value: 2500319371647906782
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1547387641647906782
.yandex.com/	1970-01-23 17:21:06	Name: i Value: 4NqJVHGfQAobCCtgJoaJlDpR5tpBf+vYQ6iP5pV2ITbSfqISwBCV2x7XkTKCddIFMoJip4gxiQ/PPDIih7wMbs4bBbo=
.yandex.com/	1970-01-20 10:30:42	Name: ymex Value: 1679442782.yrts.1647906782#1679442782.yrtsi.1647906782
.ourcommonstories.com/	1970-01-20 01:45:08	Name: _ym_visorc Value: b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9584.G-REzF_TQhWycd3L9Xc1ld7P8k3KaZ68GptNj4WAQ2OAPj2K5UWBBTAMAk_UV7_ADF0vltLjtI5uIl_VbYMTAw%2C%2C.J6TkrQBR4t9wBe5KEDrDRjY347E%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

esqfctbqf.com
littlecdn.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
ourcommonstories.com
propeller-tracking.com
unphionetor.com
yonxatuor.com
139.45.195.8
139.45.197.151
139.45.197.236
139.45.197.240
188.42.224.23
2606:4700:10::6816:1974
2a02:6b8::1:119
078f8d637ba3c9b35da7e4392c083232c392aa968c6c4c3af030e7fb9d5d6d17
114b38c9140a8c6aea6b2c9b32e8a8145cda56ca334e1da6e80d3da620e4382b
2850867d45189af6747c0e88fcf55922006b36e447035be87adf4df1046a064d
3b4936202d9b566c6e77a888734f345b728ae6ba288a5c3e174723236b09ba94
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ec4ada6c5eab89cfd518732165d91816917cb16c8565e800ed8437ad6ac6800
53ba3541ae765b293259fff16bf4599fb18295116b19d6b928e74d55f67b57a8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87ff48a9cd88a4c7f8611fbbf68b4da09401553cad4f8f23ae71cf4aef0a4a08
888096aaf9d1cec8ca2b21aa93597e8668c43eb1cc250067d2c69c6b71b8ab95
be1567c4e7040331f910d3f28f4096bccc75a41846915a53a7619867e0813b3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ourcommonstories.com Open in urlscan Pro 139.45.197.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

76 %HTTPS

29 %IPv6

9 Domains

9 Subdomains

8 IPs

4 Countries

114 kBTransfer

324 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

16 Cookies

1 Console Messages

Indicators

ourcommonstories.com Open in urlscan Pro
139.45.197.151 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

76 %
HTTPS

29 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

114 kB
Transfer

324 kB
Size

16
Cookies

17 HTTP transactions
1 data transactions