urlscan.io logo urlscan.io
SecurityTrails logo

www.cismea.narod.ru Open in urlscan Pro
193.109.247.223  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.cismea.narod.ru/
Submission: On October 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 33 HTTP transactions. The main IP is 193.109.247.223, located in Moscow, Russian Federation and belongs to COMPUBYTE-AS, CY. The main domain is www.cismea.narod.ru.
This is the only time www.cismea.narod.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 193.109.247.223 204343 (COMPUBYTE-AS)
1 185.134.203.99 203444 (MAPMAKERS...)
11 78.46.253.46 24940 (HETZNER-AS)
8 8 2a02:6b8::4:50 208722 (GLOBAL_DC)
8 8 2a02:6b8::2:50 208722 (GLOBAL_DC)
8 2a02:6b8::24 208722 (GLOBAL_DC)
2 3 159.69.189.236 24940 (HETZNER-AS)
1 2 31.172.81.159 44066 (DE-FIRSTC...)
3 3 88.212.201.198 39134 (UNITEDNET)
3 7 88.212.201.204 39134 (UNITEDNET)
1 193.200.64.20 6681 (GIVEME-CLOUD)
33 8
6    193.109.247.223 (Moscow, Russian Federation)

ASN204343 (COMPUBYTE-AS, CY)
PTR: dev.ucoz.net
www.cismea.narod.ru
s201.ucoz.net
1    185.134.203.99 (Russian Federation)

ASN203444 (MAPMAKERSGROUP, RU)
img.gismeteo.ru
11    78.46.253.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz.curs.md
www.curs.md
8    2a02:6b8::4:50 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
narod.yandex.ru
8    2a02:6b8::2:50 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
disk.yandex.ru
8    2a02:6b8::24 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
passport.yandex.ru
3    159.69.189.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.189.69.159.clients.your-server.de
construct.md
2    31.172.81.159 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
rot.spotsniper.ru
3    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
7    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
1    193.200.64.20 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: etarg.network
absoluteroute.com
Apex Domain
Subdomains		 Transfer
24 yandex.ru
narod.yandex.ru
disk.yandex.ru — Cisco Umbrella Rank: 101399
passport.yandex.ru — Cisco Umbrella Rank: 15898
7 KB
11 curs.md
www.curs.md
11 KB
10 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9361
5 KB
5 narod.ru
www.cismea.narod.ru
147 KB
3 construct.md
construct.md
465 B
2 spotsniper.ru
rot.spotsniper.ru — Cisco Umbrella Rank: 609734
576 B
1 absoluteroute.com
absoluteroute.com — Cisco Umbrella Rank: 205401
137 KB
1 gismeteo.ru
img.gismeteo.ru
879 B
1 ucoz.net
s201.ucoz.net
205 B
33 9
Domain Requested by
11 www.curs.md www.cismea.narod.ru
www.curs.md
10 counter.yadro.ru 6 redirects www.cismea.narod.ru
8 passport.yandex.ru www.cismea.narod.ru
8 disk.yandex.ru 8 redirects
8 narod.yandex.ru 8 redirects
5 www.cismea.narod.ru www.cismea.narod.ru
3 construct.md 2 redirects www.cismea.narod.ru
2 rot.spotsniper.ru 1 redirects www.cismea.narod.ru
1 absoluteroute.com www.cismea.narod.ru
1 img.gismeteo.ru www.cismea.narod.ru
1 s201.ucoz.net www.cismea.narod.ru
33 11
Subject Issuer Validity Valid
absoluteroute.com
R3		 2022-08-12 -
2022-11-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.cismea.narod.ru/
Frame ID: 682D5F7E05AEF24EF94C9B3792CC36E7
Requests: 23 HTTP requests in this frame

Frame: http://www.curs.md/ru/curs_provider_box/000000/180/595657
Frame ID: 28C971E857CDBEC4F4C1393CAD4E8793
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

3 %
HTTPS

27 %
IPv6

9
Domains

11
Subdomains

8
IPs

3
Countries

298 kB
Transfer

565 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://narod.yandex.ru/images/index_templ/7/title.gif HTTP 301
  • https://disk.yandex.ru/client/narod/?source=narod HTTP 302
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Request Chain 6
  • http://narod.yandex.ru/images/index_templ/7/hd.gif HTTP 301
  • https://disk.yandex.ru/client/narod/?source=narod HTTP 302
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Request Chain 7
  • http://narod.yandex.ru/images/index_templ/7/plus.gif HTTP 301
  • https://disk.yandex.ru/client/narod/?source=narod HTTP 302
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Request Chain 8
  • http://narod.yandex.ru/images/index_templ/7/folder.gif HTTP 301
  • https://disk.yandex.ru/client/narod/?source=narod HTTP 302
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Request Chain 9
  • http://narod.yandex.ru/images/index_templ/7/lplus.gif HTTP 301
  • https://disk.yandex.ru/client/narod/?source=narod HTTP 302
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Request Chain 10
  • http://narod.yandex.ru/images/index_templ/7/d-t.gif HTTP 301
  • https://disk.yandex.ru/client/narod/?source=narod HTTP 302
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Request Chain 11
  • http://narod.yandex.ru/images/index_templ/7/narod.gif HTTP 301
  • https://disk.yandex.ru/client/narod/?source=narod HTTP 302
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Request Chain 12
  • http://construct.md/Scripts/constructadvscript.js HTTP 302
  • http://construct.md/Scripts/constructadvscript.js/ HTTP 302
  • https://construct.md/index.php?/Scripts/constructadvscript.js//
Request Chain 15
  • http://rot.spotsniper.ru/?src=ucfs&s_subid=abnd HTTP 301
  • https://rot.spotsniper.ru/?src=ucfs&s_subid=abnd
Request Chain 16
  • http://counter.yadro.ru/hit;preroll_total_narod?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826508 HTTP 302
  • https://counter.yadro.ru/hit;preroll_total_narod?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826508 HTTP 302
  • https://counter.yadro.ru/hit;preroll_total_narod?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826508
Request Chain 17
  • http://counter.yadro.ru/hit;narodadst1?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661 HTTP 302
  • https://counter.yadro.ru/hit;narodadst1?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661 HTTP 302
  • https://counter.yadro.ru/hit;narodadst1?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
Request Chain 18
  • http://counter.yadro.ru/hit;narod_desktop_ad?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661 HTTP 302
  • https://counter.yadro.ru/hit;narod_desktop_ad?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661 HTTP 302
  • https://counter.yadro.ru/hit;narod_desktop_ad?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
Request Chain 19
  • http://narod.yandex.ru/images/index_templ/7/bg.gif HTTP 301
  • https://disk.yandex.ru/client/narod/?source=narod HTTP 302
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Request Chain 31
  • http://counter.yadro.ru/hit;desktop_click_load?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226829661 HTTP 307
  • https://counter.yadro.ru/hit;desktop_click_load?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226829661

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.cismea.narod.ru/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
3cf3bbf4f4d81964898e8715f2b959ad138109c7cf3b9d48aad7f321aef0a07d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Oct 2022 14:33:53 GMT
Keep-Alive
timeout=15
Server
nginx
Transfer-Encoding
chunked
/
www.cismea.narod.ru/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.cismea.narod.ru/?DiLZLXCk%5EhfAdBepTfMWuwBfxjPFVr%21WTihbiw0Ge4T4YHZklK1MX2b3IsO3ZXKL994PD1h2fW%5E%21EP%21WwXuMmp1TggK3YBaiMxCE7n6KAHzqwbGLBuiKunV%5ELm99nt%21RyUuBVj1tJtTF%21MrGSZFKzvKR4GSwOV%3B1YeTJcaIKU27DutErzxVfBK86pmm2J0waRcngtq4Tld02Yav5%3Bipcac5EWBz2z2qFjc3BqJABCYR6L3%21dxXnfEyjwlvFP%5EQISmwtinmeb
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
38b0bda896c8d925e342f50513a0a2293cb3343f38500b7a660b822db1bdf3bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 14:33:53 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-cache, no-store, private
Connection
keep-alive
Keep-Alive
timeout=15
jquery-3.3.1.min.js
www.cismea.narod.ru/.s/src/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.cismea.narod.ru/.s/src/jquery-3.3.1.min.js
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Feb 2018 13:16:03 GMT
Server
nginx
ETag
W/"5a8ace13-1538f"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=1728000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sun, 20 Nov 2022 14:33:53 GMT
uutils.fcg
s201.ucoz.net/cgi/ 		0
205 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s201.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.701416928998182
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:53 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=15
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
fcode.js
img.gismeteo.ru/flash/ 		637 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
http://img.gismeteo.ru/flash/fcode.js
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
185.134.203.99 , Russian Federation, ASN203444 (MAPMAKERSGROUP, RU),
Reverse DNS
Software
gis /
Resource Hash
d2241e288f1504719d50ef5734d403083182deeb3bdb686dec30de8545c61847

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
Last-Modified
Fri, 10 Jul 2009 23:17:36 GMT
Server
gis
ETag
"4a57cc10-27d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
637
595657
www.curs.md/ru/curs_provider/000000/180/ 		302 B
742 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.curs.md/ru/curs_provider/000000/180/595657
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
5cf8f7ea13ce8f3315d2fa80441597c02c2261d862fb8e5c64a76eff479086e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
ETag
W/"4928eca3de4715d3183c3ee66ce6e41a"
X-Cache-Status
BYPASS
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
private, must-revalidate
Connection
keep-alive
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block
auth
passport.yandex.ru/
Redirect Chain
  • http://narod.yandex.ru/images/index_templ/7/title.gif
  • https://disk.yandex.ru/client/narod/?source=narod
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::24 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Location
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Content-Length
0
X-Frame-Options
SAMEORIGIN
auth
passport.yandex.ru/
Redirect Chain
  • http://narod.yandex.ru/images/index_templ/7/hd.gif
  • https://disk.yandex.ru/client/narod/?source=narod
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::24 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Location
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Content-Length
0
X-Frame-Options
SAMEORIGIN
auth
passport.yandex.ru/
Redirect Chain
  • http://narod.yandex.ru/images/index_templ/7/plus.gif
  • https://disk.yandex.ru/client/narod/?source=narod
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::24 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Location
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Content-Length
0
X-Frame-Options
SAMEORIGIN
auth
passport.yandex.ru/
Redirect Chain
  • http://narod.yandex.ru/images/index_templ/7/folder.gif
  • https://disk.yandex.ru/client/narod/?source=narod
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::24 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Location
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Content-Length
0
X-Frame-Options
SAMEORIGIN
auth
passport.yandex.ru/
Redirect Chain
  • http://narod.yandex.ru/images/index_templ/7/lplus.gif
  • https://disk.yandex.ru/client/narod/?source=narod
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::24 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Location
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Content-Length
0
X-Frame-Options
SAMEORIGIN
auth
passport.yandex.ru/
Redirect Chain
  • http://narod.yandex.ru/images/index_templ/7/d-t.gif
  • https://disk.yandex.ru/client/narod/?source=narod
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::24 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Location
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Content-Length
0
X-Frame-Options
SAMEORIGIN
auth
passport.yandex.ru/
Redirect Chain
  • http://narod.yandex.ru/images/index_templ/7/narod.gif
  • https://disk.yandex.ru/client/narod/?source=narod
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::24 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Location
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Date
Mon, 31 Oct 2022 14:33:47 GMT
X-Content-Type-Options
nosniff
Content-Length
0
X-Frame-Options
SAMEORIGIN
index.php
construct.md/
Redirect Chain
  • http://construct.md/Scripts/constructadvscript.js
  • http://construct.md/Scripts/constructadvscript.js/
  • https://construct.md/index.php?/Scripts/constructadvscript.js//
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construct.md/index.php?/Scripts/constructadvscript.js//
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
159.69.189.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.189.69.159.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Location
https://construct.md/index.php?/Scripts/constructadvscript.js//
Date
Mon, 31 Oct 2022 14:22:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
309
Content-Type
text/html; charset=iso-8859-1
jquery-1.7.2.js
www.cismea.narod.ru/.s/src/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.cismea.narod.ru/.s/src/jquery-1.7.2.js
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/?DiLZLXCk%5EhfAdBepTfMWuwBfxjPFVr%21WTihbiw0Ge4T4YHZklK1MX2b3IsO3ZXKL994PD1h2fW%5E%21EP%21WwXuMmp1TggK3YBaiMxCE7n6KAHzqwbGLBuiKunV%5ELm99nt%21RyUuBVj1tJtTF%21MrGSZFKzvKR4GSwOV%3B1YeTJcaIKU27DutErzxVfBK86pmm2J0waRcngtq4Tld02Yav5%3Bipcac5EWBz2z2qFjc3BqJABCYR6L3%21dxXnfEyjwlvFP%5EQISmwtinmeb
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Sep 2022 17:44:28 GMT
Server
nginx
ETag
W/"6310ef7c-17278"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=1728000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sun, 20 Nov 2022 14:33:53 GMT
uwnd.min.js
www.cismea.narod.ru/.s/src/ 		205 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.cismea.narod.ru/.s/src/uwnd.min.js
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/?DiLZLXCk%5EhfAdBepTfMWuwBfxjPFVr%21WTihbiw0Ge4T4YHZklK1MX2b3IsO3ZXKL994PD1h2fW%5E%21EP%21WwXuMmp1TggK3YBaiMxCE7n6KAHzqwbGLBuiKunV%5ELm99nt%21RyUuBVj1tJtTF%21MrGSZFKzvKR4GSwOV%3B1YeTJcaIKU27DutErzxVfBK86pmm2J0waRcngtq4Tld02Yav5%3Bipcac5EWBz2z2qFjc3BqJABCYR6L3%21dxXnfEyjwlvFP%5EQISmwtinmeb
Protocol
HTTP/1.1
Server
193.109.247.223 Moscow, Russian Federation, ASN204343 (COMPUBYTE-AS, CY),
Reverse DNS
dev.ucoz.net
Software
nginx /
Resource Hash
8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Apr 2022 10:32:26 GMT
Server
nginx
ETag
W/"626678ba-3334b"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=1728000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Sun, 20 Nov 2022 14:33:53 GMT
/
rot.spotsniper.ru/
Redirect Chain
  • http://rot.spotsniper.ru/?src=ucfs&s_subid=abnd
  • https://rot.spotsniper.ru/?src=ucfs&s_subid=abnd
1 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rot.spotsniper.ru/?src=ucfs&s_subid=abnd
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
31.172.81.159 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Mon, 31 Oct 2022 14:33:46 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Length
1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Location
https://rot.spotsniper.ru/?src=ucfs&s_subid=abnd
Date
Mon, 31 Oct 2022 14:33:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
hit;preroll_total_narod
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;preroll_total_narod?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826508
  • https://counter.yadro.ru/hit;preroll_total_narod?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826508
  • https://counter.yadro.ru/hit;preroll_total_narod?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826508
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;preroll_total_narod?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826508
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 14:33:46 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 30 Oct 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 14:33:46 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;preroll_total_narod?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826508
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sat, 30 Oct 2021 21:00:00 GMT
hit;narodadst1
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;narodadst1?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
  • https://counter.yadro.ru/hit;narodadst1?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
  • https://counter.yadro.ru/hit;narodadst1?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;narodadst1?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 14:33:46 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 30 Oct 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 14:33:46 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;narodadst1?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sat, 30 Oct 2021 21:00:00 GMT
hit;narod_desktop_ad
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;narod_desktop_ad?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
  • https://counter.yadro.ru/hit;narod_desktop_ad?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
  • https://counter.yadro.ru/hit;narod_desktop_ad?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
43 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;narod_desktop_ad?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 14:33:46 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 30 Oct 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 14:33:46 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;narod_desktop_ad?q;r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226826661
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sat, 30 Oct 2021 21:00:00 GMT
auth
passport.yandex.ru/
Redirect Chain
  • http://narod.yandex.ru/images/index_templ/7/bg.gif
  • https://disk.yandex.ru/client/narod/?source=narod
  • https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::24 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

Location
https://passport.yandex.ru/auth?from=cloud&origin=disk_narod_ru&retpath=https%3A%2F%2Fdisk.yandex.ru%2Fclient%2Fnarod%2F%3Fsource%3Dnarod&backpath=https%3A%2F%2Fdisk.yandex.ru
Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Content-Length
0
X-Frame-Options
SAMEORIGIN
595657
www.curs.md/ru/curs_provider_box/000000/180/ Frame 28C9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.curs.md/ru/curs_provider_box/000000/180/595657
Requested by
Host: www.curs.md
URL: http://www.curs.md/ru/curs_provider/000000/180/595657
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
2732b89d953a3e82a0cdd6798fe68208495e331b7781c52c9513ecd58131021f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.cismea.narod.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 31 Oct 2022 14:33:46 GMT
ETag
W/"f4f223f50536891179b40c58435372fa"
Server
nginx
Transfer-Encoding
chunked
X-Cache-Status
BYPASS
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block
preluare.css
www.curs.md/css/ Frame 28C9 		1 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.curs.md/css/preluare.css
Requested by
Host: www.curs.md
URL: http://www.curs.md/ru/curs_provider_box/000000/180/595657
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
f51671d1676b54b11261c7417bd83efc1c5330bb2813d7972e3b6bed14fcb42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.curs.md/ru/curs_provider_box/000000/180/595657
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jul 2018 20:50:52 GMT
Server
nginx
ETag
W/"5b539cac-530"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=432000
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sat, 05 Nov 2022 14:33:46 GMT
usd.gif
www.curs.md/images/flags/ Frame 28C9 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.curs.md/images/flags/usd.gif
Requested by
Host: www.curs.md
URL: http://www.curs.md/ru/curs_provider_box/000000/180/595657
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
31ce56b606c2c65a528e75bf0a430315a37b89b82ac416b50a283b41d14e32e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.curs.md/ru/curs_provider_box/000000/180/595657
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jul 2018 20:50:52 GMT
Server
nginx
ETag
"5b539cac-499"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1177
X-XSS-Protection
1; mode=block
Expires
Sat, 05 Nov 2022 14:33:46 GMT
eur.gif
www.curs.md/images/flags/ Frame 28C9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.curs.md/images/flags/eur.gif
Requested by
Host: www.curs.md
URL: http://www.curs.md/ru/curs_provider_box/000000/180/595657
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
93d7d90f793f1c6acce1ca446c1ac4c301ddf60a7d233cf3a3ba4be9b7db3b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.curs.md/ru/curs_provider_box/000000/180/595657
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jul 2018 20:50:52 GMT
Server
nginx
ETag
"5b539cac-488"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1160
X-XSS-Protection
1; mode=block
Expires
Sat, 05 Nov 2022 14:33:46 GMT
rub.gif
www.curs.md/images/flags/ Frame 28C9 		371 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.curs.md/images/flags/rub.gif
Requested by
Host: www.curs.md
URL: http://www.curs.md/ru/curs_provider_box/000000/180/595657
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
54617b24008f39ec9ef6f3e22f34641ea994c912e508e4da2128d693b9007c98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.curs.md/ru/curs_provider_box/000000/180/595657
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jul 2018 20:50:52 GMT
Server
nginx
ETag
"5b539cac-173"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
371
X-XSS-Protection
1; mode=block
Expires
Sat, 05 Nov 2022 14:33:46 GMT
ron.gif
www.curs.md/images/flags/ Frame 28C9 		411 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.curs.md/images/flags/ron.gif
Requested by
Host: www.curs.md
URL: http://www.curs.md/ru/curs_provider_box/000000/180/595657
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
226460728dad3384a67ca94aff097aa85d335e1d64368c471107db0599497531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.curs.md/ru/curs_provider_box/000000/180/595657
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jul 2018 20:50:52 GMT
Server
nginx
ETag
"5b539cac-19b"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
411
X-XSS-Protection
1; mode=block
Expires
Sat, 05 Nov 2022 14:33:46 GMT
uah.gif
www.curs.md/images/flags/ Frame 28C9 		79 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.curs.md/images/flags/uah.gif
Requested by
Host: www.curs.md
URL: http://www.curs.md/ru/curs_provider_box/000000/180/595657
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
3194e2b5e14d7d11c705cecae880d02e916e8cdf8946423b729edbaeb1117670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.curs.md/ru/curs_provider_box/000000/180/595657
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jul 2018 20:50:52 GMT
Server
nginx
ETag
"5b539cac-4f"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79
X-XSS-Protection
1; mode=block
Expires
Sat, 05 Nov 2022 14:33:46 GMT
small_logo.gif
www.curs.md/images/sites/cursmd/ Frame 28C9 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.curs.md/images/sites/cursmd/small_logo.gif
Requested by
Host: www.curs.md
URL: http://www.curs.md/ru/curs_provider_box/000000/180/595657
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
91d29af0fd6e583cfb18d3ea68d077ecb7d5cb508f79eb4f0235106eb609218b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.curs.md/ru/curs_provider_box/000000/180/595657
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jul 2018 20:50:52 GMT
Server
nginx
ETag
"5b539cac-5ed"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1517
X-XSS-Protection
1; mode=block
Expires
Sat, 05 Nov 2022 14:33:46 GMT
widget_bg_up.gif
www.curs.md/images/ Frame 28C9 		157 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.curs.md/images/widget_bg_up.gif
Requested by
Host: www.curs.md
URL: http://www.curs.md/css/preluare.css
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
6c8c128507e1db0fdcdbee993591ba53b9966c4fb307f76249ec3a020e6c725a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.curs.md/css/preluare.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jul 2018 20:50:52 GMT
Server
nginx
ETag
"5b539cac-9d"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
157
X-XSS-Protection
1; mode=block
Expires
Sat, 05 Nov 2022 14:33:46 GMT
widget_bg_down.gif
www.curs.md/images/ Frame 28C9 		157 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.curs.md/images/widget_bg_down.gif
Requested by
Host: www.curs.md
URL: http://www.curs.md/css/preluare.css
Protocol
HTTP/1.1
Server
78.46.253.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
hz.curs.md
Software
nginx /
Resource Hash
f73a75c364eb87eed4b501031554773262413fe47141002bf8f5dd3a45666aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.curs.md/css/preluare.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Mon, 31 Oct 2022 14:33:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jul 2018 20:50:52 GMT
Server
nginx
ETag
"5b539cac-9d"
Content-Type
image/gif
Cache-Control
max-age=432000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
157
X-XSS-Protection
1; mode=block
Expires
Sat, 05 Nov 2022 14:33:46 GMT
vinos.js
absoluteroute.com/bens/ 		137 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://absoluteroute.com/bens/vinos.js?23433&u=null&a=0.26135031977377743
Requested by
Host: www.cismea.narod.ru
URL: http://www.cismea.narod.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.20 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
etarg.network
Software
nginx /
Resource Hash
69805577d074ea9d7cffbdf7f2d29f0df4d41a10553e0f59cfa8049582390518

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
text/javascript; charset=utf-8
Date
Mon, 31 Oct 2022 14:33:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NON DSP COR CURa TIA"
hit;desktop_click_load
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;desktop_click_load?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226829661
  • https://counter.yadro.ru/hit;desktop_click_load?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226829661
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;desktop_click_load?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226829661
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.cismea.narod.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 31 Oct 2022 14:33:49 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 30 Oct 2021 21:00:00 GMT

Redirect headers

Location
https://counter.yadro.ru/hit;desktop_click_load?r;s1600*1200*24;uhttp%3A//www.cismea.narod.ru/;1667226829661
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| ucoz_rndid function| uOnDomOrLater function| uShowAdBanner number| ucoz_prerollenable string| ucoz_server object| uPreroll object| a function| UranCooks1 function| uPreroll_setcookie string| ustub_url object| uad_user_geo function| $ function| jQuery function| _uFocus function| _uGetOffset function| _uMenu function| _uMENU function| _uComboBox function| _uSuggestList function| _uDraggable function| _uSlider function| _uTabCtrl function| _uWnd function| _txt function| _uColorBox function| _uParseXML undefined| _defAjaxError undefined| _hookAjaxError function| _uAjaxRequest undefined| _hookAjaxSuccess undefined| _defAjaxSuccess undefined| _defAjaxFormError undefined| _defAjaxFormComplete function| _uPostForm function| _uAjaxQueue function| includeJSfile undefined| _entrRm function| _entrRem function| _coloredTDs function| openLayerB function| _showOnTop function| encodeJS function| shrinkSpaces function| encodeHtmlVal function| _uLoadJS function| _uLoadCSS function| _uLoadCSSSync function| _uLoadFiles function| dumpObject function| _uHighlightA function| _uBuildMenu function| _uReplaceMenu function| _ubuild_submenus function| uSetCookie function| _uButton function| _uButtonEn function| _uButtonStringSwitch function| _uButtonArraySwitch function| _uTransStr undefined| typeaheadUtil function| _uOverlay function| _uAudioPlayer function| _uVideoPlayer function| _uPageMenu function| convertSize function| isES6 function| isArguments function| isFunction function| isString function| isArray function| isObject function| isNumber function| isDate function| isRegExp function| isNodeList function| ug_clund object| u_global_data string| w string| h string| value string| lang number| width number| height function| EtargLoadGoods_ee3de0167f string| cookie_expires object| cuet_options object| system object| _parent object| banner_clases boolean| edge boolean| linux boolean| new_opera boolean| ua_ios_opera boolean| ua_ios_opera_mini object| main number| cur_time boolean| wait_start number| _997726831838 object| _997726831831 object| cd string| dt

6 Cookies

Domain/Path Name / Value
.www.cismea.narod.ru/ Name: uaoffc1
Value: 1667226826
.yadro.ru/ Name: VID
Value: 3xGEGf15w2uQ1ZNzpA0029jD
.yandex.ru/ Name: yandexuid
Value: 3837854841667226826
.yandex.ru/ Name: i
Value: Xupp+BWXqJpmgkEIqcg1JJpiJsWaj4qOn9s7niEw8x3RsGB8WlK0Om8t1hGOE2iVrTPhdWdNLN/CvYIkgmbGEGTdDvU=
.absoluteroute.com/ Name: uuid
Value: 16672267453117783974
.cismea.narod.ru/ Name: u_count
Value: %5B0%2C0%5D

1 Console Messages

Source Level URL
Text
network error URL: https://construct.md/index.php?/Scripts/constructadvscript.js//
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

absoluteroute.com
construct.md
counter.yadro.ru
disk.yandex.ru
img.gismeteo.ru
narod.yandex.ru
passport.yandex.ru
rot.spotsniper.ru
s201.ucoz.net
www.cismea.narod.ru
www.curs.md
159.69.189.236
185.134.203.99
193.109.247.223
193.200.64.20
2a02:6b8::24
2a02:6b8::2:50
2a02:6b8::4:50
31.172.81.159
78.46.253.46
88.212.201.198
88.212.201.204
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
226460728dad3384a67ca94aff097aa85d335e1d64368c471107db0599497531
2732b89d953a3e82a0cdd6798fe68208495e331b7781c52c9513ecd58131021f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3194e2b5e14d7d11c705cecae880d02e916e8cdf8946423b729edbaeb1117670
31ce56b606c2c65a528e75bf0a430315a37b89b82ac416b50a283b41d14e32e3
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38b0bda896c8d925e342f50513a0a2293cb3343f38500b7a660b822db1bdf3bd
3cf3bbf4f4d81964898e8715f2b959ad138109c7cf3b9d48aad7f321aef0a07d
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
54617b24008f39ec9ef6f3e22f34641ea994c912e508e4da2128d693b9007c98
5cf8f7ea13ce8f3315d2fa80441597c02c2261d862fb8e5c64a76eff479086e6
69805577d074ea9d7cffbdf7f2d29f0df4d41a10553e0f59cfa8049582390518
6c8c128507e1db0fdcdbee993591ba53b9966c4fb307f76249ec3a020e6c725a
8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad
91d29af0fd6e583cfb18d3ea68d077ecb7d5cb508f79eb4f0235106eb609218b
93d7d90f793f1c6acce1ca446c1ac4c301ddf60a7d233cf3a3ba4be9b7db3b48
d2241e288f1504719d50ef5734d403083182deeb3bdb686dec30de8545c61847
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f51671d1676b54b11261c7417bd83efc1c5330bb2813d7972e3b6bed14fcb42f
f73a75c364eb87eed4b501031554773262413fe47141002bf8f5dd3a45666aa9