githowto.com Open in urlscan Pro
2606:4700:3030::6815:476c  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://githowto.com/ HTTP 301
   https://githowto.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

• https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.328478718;dc_trk_aid=520769533;dc_trk_cid=166307410;ord=1649251126;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd= HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.328478718;dc_pre=CK3sx5zD__YCFYeIgwcdszMA2w;dc_trk_aid=520769533;dc_trk_cid=166307410;ord=1649251126;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=

Request Chain 40

• https://donland.ru/?cwhmppfxqfmevfyrgpbkxrbr=nuxpa HTTP 301
• https://www.donland.ru/?cwhmppfxqfmevfyrgpbkxrbr=nuxpa

Request Chain 41

• https://sdm.ru/?ltze=mwknsu HTTP 301
• https://www.sdm.ru/?ltze=mwknsu

Request Chain 45

• https://ozon.ru/?gpybktydzscxmnali=tbhmsmzaizgif HTTP 301
• https://www.ozon.ru/?gpybktydzscxmnali=tbhmsmzaizgif

Request Chain 48

• https://kuzbank.ru/?sxeiuewoxv=lthdizrmre HTTP 302
• https://www.kuzbank.ru/?sxeiuewoxv=lthdizrmre

Request Chain 50

• https://donland.ru/?ttm=ybirsdtpzatdvxhkvhyyze HTTP 301
• https://www.donland.ru/?ttm=ybirsdtpzatdvxhkvhyyze

Request Chain 51

• https://sdm.ru/?ihdzvw=tzwfkujlpcfjatsvvp HTTP 301
• https://www.sdm.ru/?ihdzvw=tzwfkujlpcfjatsvvp

Request Chain 55

• https://ozon.ru/?acrttlaoqfdxsv=luuilnen HTTP 301
• https://www.ozon.ru/?acrttlaoqfdxsv=luuilnen

Request Chain 58

• https://kuzbank.ru/?jvsquwkxchzkfoutqtc=ramsvjfcl HTTP 302
• https://www.kuzbank.ru/?jvsquwkxchzkfoutqtc=ramsvjfcl

Request Chain 60

• https://donland.ru/?ersdta=kvworukf HTTP 301
• https://www.donland.ru/?ersdta=kvworukf

Request Chain 61

• https://sdm.ru/?zmbovtj=deidynol HTTP 301
• https://www.sdm.ru/?zmbovtj=deidynol

Request Chain 65

• https://ozon.ru/?vuzu=mecvshwshzywajgqjypqy HTTP 301
• https://www.ozon.ru/?vuzu=mecvshwshzywajgqjypqy

Request Chain 68

• https://kuzbank.ru/?gmeqgpxidgzesvpiox=dkyuxjsixyzgljzheowuymjn HTTP 302
• https://www.kuzbank.ru/?gmeqgpxidgzesvpiox=dkyuxjsixyzgljzheowuymjn

Request Chain 70

• https://donland.ru/?cmzkfoarhrkpdu=dsdjdme HTTP 301
• https://www.donland.ru/?cmzkfoarhrkpdu=dsdjdme

Request Chain 71

• https://sdm.ru/?pyezbeqkuqulnv=dahynwdwofozazkekorlnad HTTP 301
• https://www.sdm.ru/?pyezbeqkuqulnv=dahynwdwofozazkekorlnad

Request Chain 75

• https://ozon.ru/?dzurhqjuceqsnumxi=mtcyitdhnfzcwtkxtooj HTTP 301
• https://www.ozon.ru/?dzurhqjuceqsnumxi=mtcyitdhnfzcwtkxtooj

Request Chain 78

• https://kuzbank.ru/?vkmgk=jqirdzaf HTTP 302
• https://www.kuzbank.ru/?vkmgk=jqirdzaf

Request Chain 80

• https://donland.ru/?jubn=bxvmfoviytrqdrvmbzctkui HTTP 301
• https://www.donland.ru/?jubn=bxvmfoviytrqdrvmbzctkui

Request Chain 81

• https://sdm.ru/?klkksbegcdkfjnob=aoncnbtxnbbuf HTTP 301
• https://www.sdm.ru/?klkksbegcdkfjnob=aoncnbtxnbbuf

Request Chain 85

• https://ozon.ru/?zdsxluhystfkisjis=scrhfxijaqeg HTTP 301
• https://www.ozon.ru/?zdsxluhystfkisjis=scrhfxijaqeg

Request Chain 88

• https://kuzbank.ru/?aixtyttvxewliubirvyphnq=nfrhpdqaiighbeurpdctlvbtt HTTP 302
• https://www.kuzbank.ru/?aixtyttvxewliubirvyphnq=nfrhpdqaiighbeurpdctlvbtt

Request Chain 90

• https://donland.ru/?lnmnzowidgm=orimeqpibljoworsoqy HTTP 301
• https://www.donland.ru/?lnmnzowidgm=orimeqpibljoworsoqy

Request Chain 91

• https://sdm.ru/?eqrzcclbnvgliebo=bkfb HTTP 301
• https://www.sdm.ru/?eqrzcclbnvgliebo=bkfb

Request Chain 95

• https://ozon.ru/?dnbtd=tkuruejq HTTP 301
• https://www.ozon.ru/?dnbtd=tkuruejq

Request Chain 98

• https://kuzbank.ru/?yvb=khbbuvdxyosgsiqqnm HTTP 302
• https://www.kuzbank.ru/?yvb=khbbuvdxyosgsiqqnm

Request Chain 100

• https://donland.ru/?xskpoegqrwbciekzyn=pdivzhglkxagbpngihgddh HTTP 301
• https://www.donland.ru/?xskpoegqrwbciekzyn=pdivzhglkxagbpngihgddh

Request Chain 101

• https://sdm.ru/?nqtfxyhxxkstyltsvqz=phrcrvkgirxpfeseekq HTTP 301
• https://www.sdm.ru/?nqtfxyhxxkstyltsvqz=phrcrvkgirxpfeseekq

Request Chain 105

• https://ozon.ru/?infriksubsznjlqhkjnlj=pdmrkhqtkikkvlnsxfxkvfni HTTP 301
• https://www.ozon.ru/?infriksubsznjlqhkjnlj=pdmrkhqtkikkvlnsxfxkvfni

Request Chain 108

• https://kuzbank.ru/?jqryecbhlrfkqfjsekjulotl=zfdcpwonybixkupjszfoe HTTP 302
• https://www.kuzbank.ru/?jqryecbhlrfkqfjsekjulotl=zfdcpwonybixkupjszfoe

Request Chain 110

• https://donland.ru/?kjibycysdfrb=ixgeojadub HTTP 301
• https://www.donland.ru/?kjibycysdfrb=ixgeojadub

Request Chain 111

• https://sdm.ru/?hvjtkhsxpcpjucsqs=xwekspvadzqjuivgbnkxv HTTP 301
• https://www.sdm.ru/?hvjtkhsxpcpjucsqs=xwekspvadzqjuivgbnkxv

Request Chain 115

• https://ozon.ru/?yhslotdop=izjulbm HTTP 301
• https://www.ozon.ru/?yhslotdop=izjulbm

Request Chain 118

• https://kuzbank.ru/?kymvwmhrwgkncsjthsgvlgnly=bnoxbdqtfwadh HTTP 302
• https://www.kuzbank.ru/?kymvwmhrwgkncsjthsgvlgnly=bnoxbdqtfwadh

Request Chain 120

• https://donland.ru/?lrxasytfzoykizj=svrzaqrwrenjalmtpw HTTP 301
• https://www.donland.ru/?lrxasytfzoykizj=svrzaqrwrenjalmtpw

Request Chain 121

• https://sdm.ru/?akntcfyf=tfnftjmoltve HTTP 301
• https://www.sdm.ru/?akntcfyf=tfnftjmoltve

Request Chain 125

• https://ozon.ru/?vucawjogkiqlidjhajlko=dkysflraqcgjcdiy HTTP 301
• https://www.ozon.ru/?vucawjogkiqlidjhajlko=dkysflraqcgjcdiy

Request Chain 128

• https://kuzbank.ru/?fiifxcg=ewpyjpmqdtllowjkuo HTTP 302
• https://www.kuzbank.ru/?fiifxcg=ewpyjpmqdtllowjkuo

Request Chain 130

• https://donland.ru/?utayeqokgtogovqkpsry=rppakotkhxswpsan HTTP 301
• https://www.donland.ru/?utayeqokgtogovqkpsry=rppakotkhxswpsan

Request Chain 131

• https://sdm.ru/?dyelftbsjowisarisyn=bcqfkssyawbze HTTP 301
• https://www.sdm.ru/?dyelftbsjowisarisyn=bcqfkssyawbze

Request Chain 135

• https://ozon.ru/?xerm=xcbzksajqh HTTP 301
• https://www.ozon.ru/?xerm=xcbzksajqh

Request Chain 138

• https://kuzbank.ru/?xcaydzdeyrwmzbyaqwbj=jkeqxltrl HTTP 302
• https://www.kuzbank.ru/?xcaydzdeyrwmzbyaqwbj=jkeqxltrl

Request Chain 140

• https://donland.ru/?bwbkdcrirotoxz=rjtisndkvnxjlklkigvqdnh HTTP 301
• https://www.donland.ru/?bwbkdcrirotoxz=rjtisndkvnxjlklkigvqdnh

Request Chain 141

• https://sdm.ru/?wwx=ebakexwpauqa HTTP 301
• https://www.sdm.ru/?wwx=ebakexwpauqa

Request Chain 145

• https://ozon.ru/?ehipeqomk=lbtnsajqfduokgvwcnkbie HTTP 301
• https://www.ozon.ru/?ehipeqomk=lbtnsajqfduokgvwcnkbie

Request Chain 148

• https://kuzbank.ru/?qznewlgytekmzmndzd=onzuvjftiegpjelvxyphlwtg HTTP 302
• https://www.kuzbank.ru/?qznewlgytekmzmndzd=onzuvjftiegpjelvxyphlwtg

Request Chain 150

• https://donland.ru/?puvpur=wkvrshqqgy HTTP 301
• https://www.donland.ru/?puvpur=wkvrshqqgy

Request Chain 151

• https://sdm.ru/?hqwwjeu=tdcbxqgqtfycrqblbpwzt HTTP 301
• https://www.sdm.ru/?hqwwjeu=tdcbxqgqtfycrqblbpwzt

Request Chain 155

• https://ozon.ru/?kmudsaufxyfd=puhwcsvfnq HTTP 301
• https://www.ozon.ru/?kmudsaufxyfd=puhwcsvfnq

Request Chain 158

• https://kuzbank.ru/?udpjmeupw=bat HTTP 302
• https://www.kuzbank.ru/?udpjmeupw=bat

Request Chain 160

• https://donland.ru/?zrwlsnrahbaylpzxx=lakphwmidojztwhjfvhkbsaa HTTP 301
• https://www.donland.ru/?zrwlsnrahbaylpzxx=lakphwmidojztwhjfvhkbsaa

Request Chain 161

• https://sdm.ru/?ygvfjanzvcvap=blxwoqkj HTTP 301
• https://www.sdm.ru/?ygvfjanzvcvap=blxwoqkj

Request Chain 165

• https://ozon.ru/?dzpgeyukcgnuqwoyboj=euzjm HTTP 301
• https://www.ozon.ru/?dzpgeyukcgnuqwoyboj=euzjm

Request Chain 168

• https://kuzbank.ru/?fjlaxhaxndsfdmbntrd=gmhtv HTTP 302
• https://www.kuzbank.ru/?fjlaxhaxndsfdmbntrd=gmhtv

Request Chain 170

• https://donland.ru/?uuakbn=xghhn HTTP 301
• https://www.donland.ru/?uuakbn=xghhn

Request Chain 171

• https://sdm.ru/?mpquq=fdopzgnnxmgoksggw HTTP 301
• https://www.sdm.ru/?mpquq=fdopzgnnxmgoksggw

Request Chain 175

• https://ozon.ru/?sgkzgwciryrvbqgwnvi=cuwaqatboi HTTP 301
• https://www.ozon.ru/?sgkzgwciryrvbqgwnvi=cuwaqatboi

Request Chain 178

• https://kuzbank.ru/?megznncupxidsyqcnqdqkrden=lxag HTTP 302
• https://www.kuzbank.ru/?megznncupxidsyqcnqdqkrden=lxag

Request Chain 180

• https://donland.ru/?tskillniwaaoj=qpijdyuy HTTP 301
• https://www.donland.ru/?tskillniwaaoj=qpijdyuy

Request Chain 181

• https://sdm.ru/?namboujoknmehbbf=lzooo HTTP 301
• https://www.sdm.ru/?namboujoknmehbbf=lzooo

Request Chain 185

• https://ozon.ru/?seqd=nvrunanypkcopbbrnwmhjewz HTTP 301
• https://www.ozon.ru/?seqd=nvrunanypkcopbbrnwmhjewz

Request Chain 188

• https://kuzbank.ru/?jurleyjtdldsfl=ezj HTTP 302
• https://www.kuzbank.ru/?jurleyjtdldsfl=ezj

Request Chain 190

• https://donland.ru/?ipdo=unfnntzg HTTP 301
• https://www.donland.ru/?ipdo=unfnntzg

Request Chain 191

• https://sdm.ru/?dgnrieggiqcwgrc=ceotzolonzaahzhhdthm HTTP 301
• https://www.sdm.ru/?dgnrieggiqcwgrc=ceotzolonzaahzhhdthm

Request Chain 195

• https://ozon.ru/?fchjppijsdf=hgkzsjkhkvrc HTTP 301
• https://www.ozon.ru/?fchjppijsdf=hgkzsjkhkvrc

Request Chain 198

• https://kuzbank.ru/?aztsebkfomvtmdauiij=vcdeunezrcdfeyduioaw HTTP 302
• https://www.kuzbank.ru/?aztsebkfomvtmdauiij=vcdeunezrcdfeyduioaw

Request Chain 200

• https://donland.ru/?rgcjyvsa=ucoukxiervfnw HTTP 301
• https://www.donland.ru/?rgcjyvsa=ucoukxiervfnw

Request Chain 201

• https://sdm.ru/?vtcsfyppuclcjt=zlbkdpeavgu HTTP 301
• https://www.sdm.ru/?vtcsfyppuclcjt=zlbkdpeavgu

Request Chain 205

• https://ozon.ru/?sfhflpu=iesynlwibiasvnmwknqqecnuh HTTP 301
• https://www.ozon.ru/?sfhflpu=iesynlwibiasvnmwknqqecnuh

Request Chain 208

• https://kuzbank.ru/?leot=ousbrqkpbgm HTTP 302
• https://www.kuzbank.ru/?leot=ousbrqkpbgm

Request Chain 210

• https://donland.ru/?fpytttbdrgyyaaeovuqk=jzvxbzbnwf HTTP 301
• https://www.donland.ru/?fpytttbdrgyyaaeovuqk=jzvxbzbnwf

Request Chain 211

• https://sdm.ru/?vqjpzsbhdndxa=yjkoxlsc HTTP 301
• https://www.sdm.ru/?vqjpzsbhdndxa=yjkoxlsc

Request Chain 215

• https://ozon.ru/?pvaucftzvjgvkwreram=jofzjqlathtaeuvqqftmh HTTP 301
• https://www.ozon.ru/?pvaucftzvjgvkwreram=jofzjqlathtaeuvqqftmh

Request Chain 218

• https://kuzbank.ru/?hnmzuxphqnylrgonihg=lywimcg HTTP 302
• https://www.kuzbank.ru/?hnmzuxphqnylrgonihg=lywimcg

Request Chain 220

• https://donland.ru/?mrazdn=qvngnazbnof HTTP 301
• https://www.donland.ru/?mrazdn=qvngnazbnof

Request Chain 221

• https://sdm.ru/?ozaszghfiydnhctrtwwpftpkr=hxm HTTP 301
• https://www.sdm.ru/?ozaszghfiydnhctrtwwpftpkr=hxm

Request Chain 225

• https://ozon.ru/?puxbl=hwylmxuawlgqxidnsgrbxae HTTP 301
• https://www.ozon.ru/?puxbl=hwylmxuawlgqxidnsgrbxae

Request Chain 228

• https://kuzbank.ru/?ouytmlzeiikqm=gjjwpnhzhx HTTP 302
• https://www.kuzbank.ru/?ouytmlzeiikqm=gjjwpnhzhx

Request Chain 230

• https://donland.ru/?yxge=aozwbtxdgzkyykyiusqnorhk HTTP 301
• https://www.donland.ru/?yxge=aozwbtxdgzkyykyiusqnorhk

Request Chain 231

• https://sdm.ru/?leexiuymtsqqtkuajkwyk=xudkijymgdfukszzicvr HTTP 301
• https://www.sdm.ru/?leexiuymtsqqtkuajkwyk=xudkijymgdfukszzicvr

Request Chain 235

• https://ozon.ru/?fsfxgjil=mjx HTTP 301
• https://www.ozon.ru/?fsfxgjil=mjx

Request Chain 238

• https://kuzbank.ru/?ueasziwigvmbkuqiwyuuzvbk=famynfqeemdykbzgdoruqkrfa HTTP 302
• https://www.kuzbank.ru/?ueasziwigvmbkuqiwyuuzvbk=famynfqeemdykbzgdoruqkrfa

Request Chain 240

• https://donland.ru/?jrlpetxiae=dkwajkwogmqudrrmlqewhm HTTP 301
• https://www.donland.ru/?jrlpetxiae=dkwajkwogmqudrrmlqewhm

Request Chain 241

• https://sdm.ru/?mfybhvchj=abxiz HTTP 301
• https://www.sdm.ru/?mfybhvchj=abxiz

Request Chain 245

• https://ozon.ru/?unmivbvhnjvbll=vskipjrjfm HTTP 301
• https://www.ozon.ru/?unmivbvhnjvbll=vskipjrjfm

Request Chain 248

• https://kuzbank.ru/?bmtxojumfrg=nzwdbvtjkbhkpyanpnfh HTTP 302
• https://www.kuzbank.ru/?bmtxojumfrg=nzwdbvtjkbhkpyanpnfh

Request Chain 250

• https://donland.ru/?sisjgpacqaxozfkifdeckwn=vkftpr HTTP 301
• https://www.donland.ru/?sisjgpacqaxozfkifdeckwn=vkftpr

Request Chain 251

• https://sdm.ru/?paqotkkjjvpk=xqnasbqbead HTTP 301
• https://www.sdm.ru/?paqotkkjjvpk=xqnasbqbead

Request Chain 255

• https://ozon.ru/?unuihdphjizdoyjinh=fctxnvpnrejbpdu HTTP 301
• https://www.ozon.ru/?unuihdphjizdoyjinh=fctxnvpnrejbpdu

Request Chain 258

• https://kuzbank.ru/?okdfbohdyjh=kaubmceqy HTTP 302
• https://www.kuzbank.ru/?okdfbohdyjh=kaubmceqy

Request Chain 260

• https://donland.ru/?fhkhbpm=ryglpesuhyozrgkstf HTTP 301
• https://www.donland.ru/?fhkhbpm=ryglpesuhyozrgkstf

Request Chain 261

• https://sdm.ru/?hcq=lghbbfwuobdrc HTTP 301
• https://www.sdm.ru/?hcq=lghbbfwuobdrc

Request Chain 265

• https://ozon.ru/?objbcepacdplikwzsidk=hfgcuudqgvbotedz HTTP 301
• https://www.ozon.ru/?objbcepacdplikwzsidk=hfgcuudqgvbotedz

Request Chain 268

• https://kuzbank.ru/?xhyhfstucoxivuet=bkwzcldvkhpdyttkyke HTTP 302
• https://www.kuzbank.ru/?xhyhfstucoxivuet=bkwzcldvkhpdyttkyke

Request Chain 270

• https://donland.ru/?abhhcje=sjc HTTP 301
• https://www.donland.ru/?abhhcje=sjc

Request Chain 271

• https://sdm.ru/?dktcyuviuoarcgvzpixsi=kvjlnscqaq HTTP 301
• https://www.sdm.ru/?dktcyuviuoarcgvzpixsi=kvjlnscqaq

Request Chain 275

• https://ozon.ru/?uomenphdbut=jrjrqooqqhckrdwtwyryy HTTP 301
• https://www.ozon.ru/?uomenphdbut=jrjrqooqqhckrdwtwyryy

Request Chain 278

• https://kuzbank.ru/?kdiwxcbvejscqzeadljpjmm=tvjdfrduhgpfnklimkvnn HTTP 302
• https://www.kuzbank.ru/?kdiwxcbvejscqzeadljpjmm=tvjdfrduhgpfnklimkvnn

Request Chain 280

• https://donland.ru/?utmfsvjti=xuftydgmqskswmem HTTP 301
• https://www.donland.ru/?utmfsvjti=xuftydgmqskswmem

Request Chain 281

• https://sdm.ru/?goil=xayrjtugsfrlkuhxvkpnhmhr HTTP 301
• https://www.sdm.ru/?goil=xayrjtugsfrlkuhxvkpnhmhr

Request Chain 285

• https://ozon.ru/?prmcpocwjarmqpuslgwmpyz=ykbd HTTP 301
• https://www.ozon.ru/?prmcpocwjarmqpuslgwmpyz=ykbd

Request Chain 288

• https://kuzbank.ru/?jflilfxlaf=jligaqdqbxoiz HTTP 302
• https://www.kuzbank.ru/?jflilfxlaf=jligaqdqbxoiz

Request Chain 290

• https://donland.ru/?lclhd=xoebzh HTTP 301
• https://www.donland.ru/?lclhd=xoebzh

Request Chain 291

• https://sdm.ru/?cobzvmpx=fcshhxibeprael HTTP 301
• https://www.sdm.ru/?cobzvmpx=fcshhxibeprael

Request Chain 295

• https://ozon.ru/?kqpmkoemwwgnbsiolv=tlgovryjxfrkafxnjrf HTTP 301
• https://www.ozon.ru/?kqpmkoemwwgnbsiolv=tlgovryjxfrkafxnjrf

Request Chain 298

• https://kuzbank.ru/?ykcuihwicbstpjtqeyf=wtptzgxtfuaqh HTTP 302
• https://www.kuzbank.ru/?ykcuihwicbstpjtqeyf=wtptzgxtfuaqh

Request Chain 300

• https://donland.ru/?vcahfkvllsj=ooqlqllyeaesvaa HTTP 301
• https://www.donland.ru/?vcahfkvllsj=ooqlqllyeaesvaa

Request Chain 301

• https://sdm.ru/?hfzhtpzgznevpfszemwqrro=khvkjmjxdsofa HTTP 301
• https://www.sdm.ru/?hfzhtpzgznevpfszemwqrro=khvkjmjxdsofa

Request Chain 305

• https://ozon.ru/?wedoclmhhcaorrgnaeg=flkaroowtwpryrdncoiwud HTTP 301
• https://www.ozon.ru/?wedoclmhhcaorrgnaeg=flkaroowtwpryrdncoiwud

Request Chain 308

• https://kuzbank.ru/?nltqsaxrgoxr=hdxmwzsbtimi HTTP 302
• https://www.kuzbank.ru/?nltqsaxrgoxr=hdxmwzsbtimi

Request Chain 310

• https://donland.ru/?haumelmjfxghgd=lzzjichlhjavafuq HTTP 301
• https://www.donland.ru/?haumelmjfxghgd=lzzjichlhjavafuq

Request Chain 311

• https://sdm.ru/?qugdj=hzwmlobfkcjoabdbovzsjr HTTP 301
• https://www.sdm.ru/?qugdj=hzwmlobfkcjoabdbovzsjr

Request Chain 315

• https://ozon.ru/?vlexyawazowlbsgrtspsqvwc=bqzpumazndzqgdamiiuramv HTTP 301
• https://www.ozon.ru/?vlexyawazowlbsgrtspsqvwc=bqzpumazndzqgdamiiuramv

Request Chain 318

• https://kuzbank.ru/?uiqwdbg=lawdmotiheegqz HTTP 302
• https://www.kuzbank.ru/?uiqwdbg=lawdmotiheegqz

Request Chain 320

• https://donland.ru/?gul=shetntpevksd HTTP 301
• https://www.donland.ru/?gul=shetntpevksd

Request Chain 325

• https://ozon.ru/?xlgrmxxjpapvtyksmtle=wckaughpu HTTP 301
• https://www.ozon.ru/?xlgrmxxjpapvtyksmtle=wckaughpu

Request Chain 328

• https://kuzbank.ru/?rhqkbtnogfpxrev=rtycfcgeweodhdszsfqvlhla HTTP 302
• https://www.kuzbank.ru/?rhqkbtnogfpxrev=rtycfcgeweodhdszsfqvlhla

Request Chain 330

• https://donland.ru/?ocln=jxpea HTTP 301
• https://www.donland.ru/?ocln=jxpea

Request Chain 335

• https://ozon.ru/?kmopuckkocoeifotk=wcpdjwjfaymxzhqmiw HTTP 301
• https://www.ozon.ru/?kmopuckkocoeifotk=wcpdjwjfaymxzhqmiw

Request Chain 338

• https://kuzbank.ru/?wfggi=zyswfssglldgspqhsicgbcp HTTP 302
• https://www.kuzbank.ru/?wfggi=zyswfssglldgspqhsicgbcp

Request Chain 340

• https://donland.ru/?hyg=sjd HTTP 301
• https://www.donland.ru/?hyg=sjd

Request Chain 345

• https://ozon.ru/?dggwlchp=hvkzbxiytgbgpwmgx HTTP 301
• https://www.ozon.ru/?dggwlchp=hvkzbxiytgbgpwmgx

Request Chain 348

• https://kuzbank.ru/?gtbc=nxh HTTP 302
• https://www.kuzbank.ru/?gtbc=nxh

Request Chain 350

• https://donland.ru/?bkusqjvpxbyqb=dxfpzdkvtkvwxggfz HTTP 301
• https://www.donland.ru/?bkusqjvpxbyqb=dxfpzdkvtkvwxggfz

Request Chain 355

• https://ozon.ru/?tenaucnhtau=dvlhwipjkl HTTP 301
• https://www.ozon.ru/?tenaucnhtau=dvlhwipjkl

Request Chain 358

• https://kuzbank.ru/?gffgyvuxemmww=ticdoojkrtfhwvjt HTTP 302
• https://www.kuzbank.ru/?gffgyvuxemmww=ticdoojkrtfhwvjt

Request Chain 365

• https://ozon.ru/?fuflajdtve=knlfilhepztvxonariszjrem HTTP 301
• https://www.ozon.ru/?fuflajdtve=knlfilhepztvxonariszjrem

Request Chain 368

• https://kuzbank.ru/?hbbplwxrzexvtcmbrp=tgmnrwxsofvvupgebdhbot HTTP 302
• https://www.kuzbank.ru/?hbbplwxrzexvtcmbrp=tgmnrwxsofvvupgebdhbot

366 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response githowto.com/ Redirect Chain http://githowto.com/ https://githowto.com/	14 KB 5 KB	173ms 100ms	Document text/html	2606:4700:3030::6815:476c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://githowto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:476c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab34182bb9287de19c5a1946070b02a35f6c219931a834c0487608f8b1ffb22e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache no-cache, private cf-cache-status BYPASS cf-ray 6f7acfb57c345fd1-MRS content-encoding br content-type text/html; charset=UTF-8 date Wed, 06 Apr 2022 13:18:46 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDE8AtJa%2FQTan67plMgm71rfB71EioWxw%2FxEMhVLGqVDj9E37cTPqy6psbGb2UGe%2BFw8rm86Z6yNln%2BbZKmKk9qOK98OBNC7u5hZUXMiq8t5aU%2FuikGV%2BaG6Z%2Fjf12haZIILiThbTqPgzb8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block Redirect headers CF-RAY 6f7acfb4a84ee928-MRS Cache-Control max-age=3600 Connection keep-alive Date Wed, 06 Apr 2022 13:18:46 GMT Expires Wed, 06 Apr 2022 14:18:46 GMT Location https://githowto.com/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKMOjlxvsjlokmJ%2F0%2BlXV5HxppSlZ%2B1%2F1X7opK82a0EjgzKoAWwvqtj7%2FKFaTG%2F%2FBVkGK1NsaFM%2FK4SvlW25Ey1%2BafUnAvp18XfC2CrZTDEpnApEMfAwlNw7HTyP8CYVCreZ5J7lbuHEuDg%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	2 KB 1009 B	36ms 16ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic Requested by Host: githowto.com URL: https://githowto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4c8637d0e9be13cf21057f33cf485a942d0ab8283c5813fcdc5c57ccd403896b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 06 Apr 2022 12:25:43 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 06 Apr 2022 13:18:46 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 06 Apr 2022 13:18:46 GMT
GET H2	200	output.min.css githowto.com/release/css/	205 KB 38 KB	55ms 54ms	Stylesheet text/css	2606:4700:3030::6815:476c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://githowto.com/release/css/output.min.css Requested by Host: githowto.com URL: https://githowto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:476c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c2366f019e0a823d4f48cf23cb845609d347612c66bb77d61fd67fcf6c9aff7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:46 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1832967 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 08 Nov 2021 11:20:02 GMT server cloudflare etag W/"618907e2-33471" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3yFz6SLMPcWu9DbHOPLrBYLNgRo4vNu2pH0xi%2F50P7MnIz7zdzedpt64Gq9Svv87qUJ1dEvxjh1VLNfk7xR79Gxsyb1FEHXHGQH5CmNZCrqkjkwUC0NurH7z83G5EQT8bfFR02dwbB2UYo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31536000, public cf-ray 6f7acfb63db75fd1-MRS expires Tue, 28 Feb 2023 10:37:44 GMT
GET H/1.1	200 OK	carbon.js Show response cdn.carbonads.com/	14 KB 6 KB	36ms 6ms	Script application/javascript	23.111.10.140 STACKPATH
General Check archive.org Show headers Download Go to Full URL https://cdn.carbonads.com/carbon.js?serve=CK7DTK3W&placement=githowtocom Requested by Host: githowto.com URL: https://githowto.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.10.140 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash 4e1b0ab4fa290233452f6a707e130e46e724a2f7799a5b4c732a86c7022d37ee Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 06 Apr 2022 13:18:46 GMT Content-Encoding gzip Last-Modified Fri, 03 Sep 2021 20:21:28 GMT Server NetDNA-cache/2.2 x-amz-request-id R8H17BM5R76ATGD9 ETag W/"5091eddcdeeda92db580f4108e1a96a2" Transfer-Encoding chunked X-Cache HIT Content-Type application/javascript Connection keep-alive x-amz-id-2 xa5Fx1Oa/9jWXwYXjABfUK8sYNTV1x9Yz2t3QjlitBYuJyNBKKjJOU3pQiopdFBZCZCVkFKCFrk=
GET H/1.1	200 OK	monetization.js Show response m.servedby-buysellads.com/	64 KB 17 KB	40ms 12ms	Script application/javascript	108.161.189.78 STACKPATH
General Check archive.org Show headers Download Go to Full URL https://m.servedby-buysellads.com/monetization.js Requested by Host: githowto.com URL: https://githowto.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.161.189.78 , United States, ASN33438 (STACKPATH, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash e3e4d924593914301bd60984ecc6845520bc5b168268b8bfe86e1547d1471473 Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 06 Apr 2022 13:18:46 GMT Content-Encoding gzip Last-Modified Wed, 02 Mar 2022 17:47:40 GMT Server NetDNA-cache/2.2 x-amz-request-id CRJTJMSBHPP12R5R ETag W/"db22853bb2e8616f35c350891dd906bd" Transfer-Encoding chunked X-Cache HIT Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive x-amz-id-2 TUS/5voZ7I5D/pNecbPCaTwL842WlR+z77F7+RPm3ZzL9k04xNltArSjCYIW0rqD+gxjyX1i5Rw= Expires Thu, 07 Apr 2022 13:18:46 GMT
GET H2	200	output.min.js Show response githowto.com/release/js/	114 KB 40 KB	49ms 49ms	Script application/javascript	2606:4700:3030::6815:476c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://githowto.com/release/js/output.min.js Requested by Host: githowto.com URL: https://githowto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:476c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 991a9106c6f47f2566253588a5fdb10613555c9abd0cfdecbc6ed26075e1aead Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:46 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1896473 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 08 Nov 2021 11:20:05 GMT server cloudflare etag W/"618907e5-1c6e4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FAc2Ijk0oe57fSAo14yTnelmatG%2BuXRNZ6sOJzP%2Fa0R7SetFHNRwGTgH0eQuYfzbxeB6fg%2F5CHJpXfpt5D95SjB8%2B%2B%2BU2wZIOTlpNeeHcpt8rG%2BxVRRGXNBC8G%2FaKTyKzSGo9gaxjlCILc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=31536000, public cf-ray 6f7acfb63dba5fd1-MRS expires Tue, 28 Feb 2023 11:21:25 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: githowto.com URL: https://githowto.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6236 date Wed, 06 Apr 2022 11:34:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 06 Apr 2022 13:34:50 GMT
GET H2	200	CK7DTK3W.json Show response srv.carbonads.net/ads/	1 KB 830 B	83ms 24ms	Script application/javascript	159.65.16.11 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://srv.carbonads.net/ads/CK7DTK3W.json?segment=placement:githowtocom&callback=_carbonads_go Requested by Host: cdn.carbonads.com URL: https://cdn.carbonads.com/carbon.js?serve=CK7DTK3W&placement=githowtocom Protocol H2 Security TLS 1.3, , AES_128_GCM Server 159.65.16.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS srv-eu-ldn-14.buysellads.com Software //srv.buysellads.com / Resource Hash f529163ad3ed96097bb16610485ae4918dc8c0c81ec9a7fb6de005cd983c7041 Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers access-control-allow-origin * date Wed, 06 Apr 2022 13:18:46 GMT content-encoding gzip server //srv.buysellads.com content-length 713 vary Accept-Encoding content-type application/javascript; charset=utf-8
GET H2	200	jizaRExUiTo99u79D0KExQ.woff2 fonts.gstatic.com/s/ptsans/v16/	44 KB 45 KB	42ms 8ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://githowto.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 19:33:58 GMT x-content-type-options nosniff age 582288 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45300 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:57:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 30 Mar 2023 19:33:58 GMT
GET H2	200	jizfRExUiTo99u79B_mh0O6tLQ.woff2 fonts.gstatic.com/s/ptsans/v16/	46 KB 46 KB	48ms 16ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://githowto.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 19:33:58 GMT x-content-type-options nosniff age 582288 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47048 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:57:46 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 30 Mar 2023 19:33:58 GMT
GET H3	200	fontawesome-webfont.woff githowto.com/release/fonts/font-awesome/	64 KB 65 KB	50ms 49ms	Font application/font-woff	2606:4700:3030::6815:476c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://githowto.com/release/fonts/font-awesome/fontawesome-webfont.woff?v=4.2.0 Requested by Host: githowto.com URL: https://githowto.com/release/css/output.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:476c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1 Request headers Referer https://githowto.com/release/css/output.min.css Origin https://githowto.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:46 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 106308 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 08 Nov 2021 11:19:33 GMT server cloudflare etag W/"618907c5-ffac" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tB92inO%2Fq9bxilQtOI%2BI4JMsB5jq%2B%2BzhPWkfT9sgNTZBz6yeiSZYdTk2farYw%2F2vQP8CvG5qi7Ndl3gm6%2FA%2BnkOtsCeo%2FutTTOvyvEbEu0RfEiTGQlOhjAeBGWBqowaKtB2ZDuSWqT%2B00UI%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=31536000, public cf-ray 6f7acfb6cd760fea-MRS expires Wed, 25 Jan 2023 07:04:57 GMT
GET H2	200	CKYD623I.json Show response srv.buysellads.com/ads/	2 KB 1 KB	66ms 20ms	XHR application/json	159.65.16.11 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://srv.buysellads.com/ads/CKYD623I.json?segment=placement:githowtocom Requested by Host: m.servedby-buysellads.com URL: https://m.servedby-buysellads.com/monetization.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 159.65.16.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS srv-eu-ldn-14.buysellads.com Software //srv.buysellads.com / Resource Hash 8e98ad30442743433f7ea5c6f96fa5fad321748a4e2d2777d88a114a39bba277 Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers access-control-allow-origin * date Wed, 06 Apr 2022 13:18:46 GMT content-encoding gzip server //srv.buysellads.com content-length 988 vary Accept-Encoding content-type application/json; charset=utf-8
GET H2	200	/ Show response ban-dera.com/ Frame 55B5	944 B 1 KB	246ms 138ms	Document text/html	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ban-dera.com/ Requested by Host: githowto.com URL: https://githowto.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash 6b76b8a16104bcc82501d695955ce98820308031ceb571130d89e772d4250f70 Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control private, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Wed, 06 Apr 2022 13:18:47 GMT expires -1 pragma no-cache server nginx x-ray p356:0.100/wn26930:0.090/wa26930:D=98865
GET H2	200	1633026168-Frame_1_260x200.jpeg cdn4.buysellads.net/uu/1/100164/	6 KB 6 KB	58ms 6ms	Image image/jpeg	94.31.29.32 ZAYO-6461
General Check archive.org Show headers Download Go to Show image Full URL https://cdn4.buysellads.net/uu/1/100164/1633026168-Frame_1_260x200.jpeg Requested by Host: githowto.com URL: https://githowto.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.32.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash d4196bbe33b80773cd7e09dc07d0e724c1d5981c956a984e06f72193bff4212b Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:46 GMT last-modified Thu, 30 Sep 2021 18:22:49 GMT server NetDNA-cache/2.2 x-amz-request-id DRA8QSAPE7Y1A5DE etag "0081cd2b60984465b942837837ddb7be" x-cache HIT content-type image/jpeg cache-control max-age=31104000 accept-ranges bytes content-length 6138 x-amz-id-2 GK0SX65CaGPDdxRsHh91dsIbKQ5wPBD/lu+jgFYKMbQ85S9j7qnXkTC9ORX8xHM89X7NUU/dySI= expires Sat, 01 Apr 2023 13:18:46 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	29ms 15ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1726928613&t=pageview&_s=1&dl=https%3A%2F%2Fgithowto.com%2F&ul=en-us&de=UTF-8&dt=Git%20How%20To%3A%20Guided%20Git%20Tutorial&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1202546661&gjid=417869939&cid=1336227702.1649251127&tid=UA-521840-37&_gid=1535284246.1649251127&_r=1&_slc=1&z=789436415 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://githowto.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 06 Apr 2022 13:18:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://githowto.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	163 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 407736d45081804e4033cb1a01e6a3e77973454ca3ec2eb9e73e460a02ac5d86 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	328 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 625b1e6b0f190ee0c2a3f8c735ca2a5c6707e921137b0c2713c48036ab2dbb6e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	301 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6c04397d06de68ff41fa7497f2fd8baf02f98ecaafc362ca6724fbfb714320ac Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type image/png
GET H2	400	/ Show response graph.facebook.com/	202 B 600 B	149ms 113ms	XHR application/json	2a03:2880:f01c:20e:face:b00c:0:2 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://graph.facebook.com/?id=http%3A%2F%2Fgithowto.com%2F Requested by Host: githowto.com URL: https://githowto.com/release/js/output.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:20e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 643a6c5c5932e2ac5a86c5f39967014301bad29e0d5444778e3d4bf924523012 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://githowto.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload content-encoding br www-authenticate OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable" x-fb-rev 1005306989 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 147 x-fb-rlafr 0 pragma no-cache x-fb-debug n1DbhQxBQFXbc9dWGj5UjXYSZWeQV/rxK8zV068qPk73/A2emB8A9IynRkigY7c6VU7GjZPkUbzzQcMr2gbAIg== x-fb-trace-id HVeieAgryd/ date Wed, 06 Apr 2022 13:18:47 GMT vary Origin, Accept-Encoding content-type application/json access-control-allow-origin * x-fb-request-id AO0BxTGxVbGvpf_yY_1h1Dw cache-control no-store facebook-api-version v6.0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	1646771806-DODX-4693-80x80-A.png cdn4.buysellads.net/uu/1/112766/	2 KB 2 KB	6ms 5ms	Image image/png	94.31.29.32 ZAYO-6461
General Check archive.org Show headers Download Go to Show image Full URL https://cdn4.buysellads.net/uu/1/112766/1646771806-DODX-4693-80x80-A.png Requested by Host: githowto.com URL: https://githowto.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.32.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash f6f985b555e9b5b0dace1bf1a0fdc19358b58ece4adda4439e8c63e9bf8026c1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:46 GMT last-modified Tue, 08 Mar 2022 20:36:47 GMT server NetDNA-cache/2.2 x-amz-request-id WWK61J68DESBZNKR etag "6e7a29da270f172dd326565a0b386a9a" x-cache HIT content-type image/png cache-control max-age=31104000 accept-ranges bytes content-length 1685 x-amz-id-2 KY+e1N/JRf5t2Cczbtwa7iuEs3/atlO/9RtQlR0setCza/zndMFe6d35aKrjbVLccxsSenwGZMg= expires Sat, 01 Apr 2023 13:18:46 GMT
GET H3	200	B25127528.328478718;dc_pre=CK3sx5zD__YCFYeIgwcdszMA2w;dc_trk_aid=520769533;dc_trk_cid=166307410;ord=1649251126;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd= ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/ Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.328478718;dc_trk_aid=520769533;dc_trk_cid=166307410;ord=1649251126;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf... https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.328478718;dc_pre=CK3sx5zD__YCFYeIgwcdszMA2w;dc_trk_aid=520769533;dc_trk_cid=166307410;ord=1649251126;dc_lat=;dc_rdid=;ta...	42 B 64 B	42ms 27ms	Image image/gif	216.58.212.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.328478718;dc_pre=CK3sx5zD__YCFYeIgwcdszMA2w;dc_trk_aid=520769533;dc_trk_cid=166307410;ord=1649251126;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=? Requested by Host: githowto.com URL: https://githowto.com/ Protocol H3 Server 216.58.212.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f166.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://githowto.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Wed, 06 Apr 2022 13:18:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:46 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 location https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.328478718;dc_pre=CK3sx5zD__YCFYeIgwcdszMA2w;dc_trk_aid=520769533;dc_trk_cid=166307410;ord=1649251126;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=? cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 436 B	59ms 19ms	XHR text/plain	2a00:1450:400c:c1b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-521840-37&cid=1336227702.1649251127&jid=1202546661&gjid=417869939&_gid=1535284246.1649251127&_u=IEBAAEAAAAAAAC~&z=822119900 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://githowto.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 06 Apr 2022 13:18:47 GMT content-type text/plain access-control-allow-origin https://githowto.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	app.css ban-dera.com/css/ Frame 55B5	229 KB 32 KB	54ms 53ms	Stylesheet text/css	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ban-dera.com/css/app.css Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash 02df721af63bfb5fe78684534b4cecdd344becc57adf6eb936a6385afd4ad0f8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.000/wa26930:D=8133 content-encoding br date Wed, 06 Apr 2022 13:18:47 GMT last-modified Sun, 03 Apr 2022 10:22:10 GMT server nginx etag W/"39392-5dbbd626a7880" content-type text/css
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 55B5	176 KB 65 KB	48ms 25ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-E2JP8HENB3 Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7394b830d673d7066f70c3b7353ac6679815fd2e39dbdc707b05b6befd2befa2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:47 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 66202 x-xss-protection 0 expires Wed, 06 Apr 2022 13:18:47 GMT
GET H2	200	donate-sdk.js Show response www.paypalobjects.com/donate/sdk/ Frame 55B5	134 KB 40 KB	122ms 20ms	Script application/javascript	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/donate/sdk/donate-sdk.js Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lha/8DFB) / Resource Hash 54866fbff058a2812fdec10b71d17d987db3616525a7c915688f18e63a2f0891 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:47 GMT content-encoding gzip x-content-type-options nosniff x-cache HIT paypal-debug-id 45aac77a70d35 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 41002 last-modified Mon, 11 Oct 2021 17:21:16 GMT server ECAcc (lha/8DFB) etag W/"6164728c-21635" strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/javascript cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Wed, 06 Apr 2022 14:18:47 GMT
GET H2	200	app.js Show response ban-dera.com/js/ Frame 55B5	431 KB 134 KB	92ms 92ms	Script application/javascript	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ban-dera.com/js/app.js Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash db056d689ce17a347d25be724c328d5d21290f17fcb7cae0c732eab50fd00cd4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.031/wn26930:0.010/wa26930:D=8086 content-encoding br date Wed, 06 Apr 2022 13:18:47 GMT last-modified Sun, 03 Apr 2022 10:22:10 GMT server nginx etag W/"6bdb2-5dbbd626a7880" content-type application/javascript
GET H3	200	css2 fonts.googleapis.com/ Frame 55B5	1 KB 439 B	31ms 16ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Anonymous+Pro&display=swap Requested by Host: ban-dera.com URL: https://ban-dera.com/css/app.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dba1a2b91b5ed0e155137d62925ae5f65d3fad10bc13b317add7fa5516b2acd5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 06 Apr 2022 13:18:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 06 Apr 2022 13:18:47 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 06 Apr 2022 13:18:47 GMT
GET DATA	200 OK	truncated / Frame 55B5	108 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2 fonts.gstatic.com/s/anonymouspro/v19/ Frame 55B5	17 KB 17 KB	22ms 8ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/anonymouspro/v19/rP2Bp2a15UIB7Un-bOeISG3pHls29Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Anonymous+Pro&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 148b358d5c6a32ff44aa901fdd583519210675846edb6ccf8913a402054196a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ban-dera.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Tue, 05 Apr 2022 03:53:20 GMT x-content-type-options nosniff age 120327 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17528 x-xss-protection 0 last-modified Mon, 24 Jan 2022 19:46:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 05 Apr 2023 03:53:20 GMT
GET H2	200	bootstrap-icons.woff2 ban-dera.com/fonts/vendor/bootstrap-icons/ Frame 55B5	100 KB 101 KB	50ms 50ms	Font font/woff2	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ban-dera.com/fonts/vendor/bootstrap-icons/bootstrap-icons.woff2?a13b815539b49de48d2358b4281b2f1a Requested by Host: ban-dera.com URL: https://ban-dera.com/css/app.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13 Request headers Referer https://ban-dera.com/css/app.css Origin https://ban-dera.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.010/wa26930:D=11066 last-modified Tue, 22 Mar 2022 21:01:38 GMT server nginx etag "19088-5dad4eb3b3080" content-type font/woff2 date Wed, 06 Apr 2022 13:18:47 GMT accept-ranges bytes content-length 102536
GET H2	200	ua.svg ban-dera.com/img/flags/ Frame 55B5	213 B 395 B	49ms 48ms	Image image/svg+xml	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ban-dera.com/img/flags/ua.svg Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash a8eb62de2c51163a1687396eb8c4b40b5689147b2adfa00da3fb6625adba4f52 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.010/wa26930:D=8888 last-modified Sun, 03 Apr 2022 08:56:00 GMT server nginx etag "d5-5dbbc2e428800" content-type image/svg+xml date Wed, 06 Apr 2022 13:18:47 GMT accept-ranges bytes content-length 213
GET H2	200	gb.svg ban-dera.com/img/flags/ Frame 55B5	865 B 1 KB	49ms 48ms	Image image/svg+xml	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ban-dera.com/img/flags/gb.svg Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash 88d0f601aa8d3d545beb810a49e7da9279beebe9f4dd08349c8aa18ca48d5b48 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.010/wa26930:D=8473 last-modified Sun, 03 Apr 2022 08:56:00 GMT server nginx etag "361-5dbbc2e428800" content-type image/svg+xml date Wed, 06 Apr 2022 13:18:47 GMT accept-ranges bytes content-length 865
GET H2	200	fr.svg ban-dera.com/img/flags/ Frame 55B5	268 B 451 B	48ms 47ms	Image image/svg+xml	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ban-dera.com/img/flags/fr.svg Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash f156bbab3eb6ba82cbc9d8a021202f23cf21e8e6f939cd25b122646bf4f6cf3b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.010/wa26930:D=7989 last-modified Sun, 03 Apr 2022 08:56:00 GMT server nginx etag "10c-5dbbc2e428800" content-type image/svg+xml date Wed, 06 Apr 2022 13:18:47 GMT accept-ranges bytes content-length 268
GET H2	200	es.svg ban-dera.com/img/flags/ Frame 55B5	140 KB 30 KB	54ms 53ms	Image image/svg+xml	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ban-dera.com/img/flags/es.svg Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash 661f2d501830c045aa6d96f0f0a5650ff9df3360693f2037ec504d068d8661b5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.010/wa26930:D=8562 content-encoding br date Wed, 06 Apr 2022 13:18:47 GMT last-modified Sun, 03 Apr 2022 08:56:00 GMT server nginx etag W/"23057-5dbbc2e428800" content-type image/svg+xml
GET H2	200	pl.svg ban-dera.com/img/flags/ Frame 55B5	197 B 379 B	47ms 46ms	Image image/svg+xml	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ban-dera.com/img/flags/pl.svg Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash 9ab46af4be55372260bc706842a4c4ba6333ba1891e849d36bea234053f2e23c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.000/wa26930:D=7536 last-modified Sun, 03 Apr 2022 08:56:00 GMT server nginx etag "c5-5dbbc2e428800" content-type image/svg+xml date Wed, 06 Apr 2022 13:18:47 GMT accept-ranges bytes content-length 197
GET H2	200	ban-dera-logo.svg ban-dera.com/img/ Frame 55B5	22 KB 6 KB	49ms 48ms	Image image/svg+xml	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ban-dera.com/img/ban-dera-logo.svg Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash a4396fda6d1437cdf8555a5b42ec0c91ecfb81e8056038706afaacd50c7a28a6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.010/wa26930:D=8394 content-encoding br date Wed, 06 Apr 2022 13:18:47 GMT last-modified Wed, 16 Mar 2022 18:15:12 GMT server nginx etag W/"58af-5da59e4f8ac00" content-type image/svg+xml
GET H2	200	monobank-logo.svg ban-dera.com/img/ Frame 55B5	7 KB 3 KB	47ms 46ms	Image image/svg+xml	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ban-dera.com/img/monobank-logo.svg Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash af345977ec335526e192f4954e83515bb447f98a56a0e27053774c284d316c5b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.010/wa26930:D=7266 content-encoding br date Wed, 06 Apr 2022 13:18:47 GMT last-modified Wed, 16 Mar 2022 18:15:12 GMT server nginx etag W/"1a67-5da59e4f8ac00" content-type image/svg+xml
GET H2	200	btn_donateCC_LG.gif www.paypalobjects.com/en_US/i/btn/ Frame 55B5	3 KB 3 KB	20ms 20ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif Requested by Host: ban-dera.com URL: https://ban-dera.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lha/8DBB) / Resource Hash 33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:47 GMT x-content-type-options nosniff last-modified Thu, 27 May 2021 14:20:07 GMT server ECAcc (lha/8DBB) etag "60afaa97-c1b" strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT content-type image/gif paypal-debug-id 2b4c172ba8a6d cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes dc ccg11-origin-www-1.paypal.com content-length 3099 expires Wed, 06 Apr 2022 14:18:47 GMT
GET H2	200	targets Show response ban-dera.com/api/ Frame 55B5	30 KB 5 KB	449ms 448ms	XHR application/json	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ban-dera.com/api/targets Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash 72e75807e44dbeb97865c148f758c34206fe3b833ae51168d94269f492f1ff0c Request headers Accept application/json Referer https://ban-dera.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Wed, 06 Apr 2022 13:18:47 GMT content-encoding br server nginx x-ratelimit-remaining 4 content-type application/json access-control-allow-origin * x-ray p356:0.410/wn26930:0.410/wa26930:D=408024 cache-control private, must-revalidate x-ratelimit-limit 5 expires -1
GET H2	200	de.svg ban-dera.com/img/flags/ Frame 55B5	241 B 423 B	49ms 48ms	Image image/svg+xml	185.104.45.199 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ban-dera.com/img/flags/de.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.104.45.199 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS d145.default-host.net Software nginx / Resource Hash 10ddb928f1d77520fb65b19340cee26eb532efe33aab84e80c4ec1ea73a8f905 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ban-dera.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-ray p356:0.010/wn26930:0.010/wa26930:D=8916 last-modified Sun, 03 Apr 2022 08:56:00 GMT server nginx etag "f1-5dbbc2e428800" content-type image/svg+xml date Wed, 06 Apr 2022 13:18:48 GMT accept-ranges bytes content-length 241
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?cwhmppfxqfmevfyrgpbkxrbr=nuxpa https://www.donland.ru/?cwhmppfxqfmevfyrgpbkxrbr=nuxpa	0 0	875ms 806ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?cwhmppfxqfmevfyrgpbkxrbr=nuxpa Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?cwhmppfxqfmevfyrgpbkxrbr=nuxpa content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:48 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?ltze=mwknsu https://www.sdm.ru/?ltze=mwknsu	0 0	1791ms 1690ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?ltze=mwknsu Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:56 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?ltze=mwknsu cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	208ms 50ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?bkujuzvarukbintvlfsh=ekpjvyorjstyqnghzq Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	419ms 256ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?gwltuexlflvi=jnojmkvzyqsnpaueskelblmzr Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	629ms 325ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?akglzhvfcssmpnzxo=kifmeuzosqbpqow Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?gpybktydzscxmnali=tbhmsmzaizgif https://www.ozon.ru/?gpybktydzscxmnali=tbhmsmzaizgif	0 0	108ms 102ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?gpybktydzscxmnali=tbhmsmzaizgif Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?gpybktydzscxmnali=tbhmsmzaizgif date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H2	403	/ Show response uniticket.by/ Frame 55B5	9 B 588 B	559ms 492ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?gxasnxeddhauojbjfmlj=grfsptripkxc Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:48 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4%2B16iehcCp6q4gUaCG3wb%2Fl8kHDKfk4Vu0eFgew09aqKSkmScTCTvqhKBXH8likxkY0jUfBslrEM9s9FXlF9pnH3jlspUILcCRK3BkniPeupt0DG7cXpisggavw7EF0N4LsRKpibQ8ZS2A%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfbf0e9d5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?sxeiuewoxv=lthdizrmre https://www.kuzbank.ru/?sxeiuewoxv=lthdizrmre	0 0	214ms 148ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?sxeiuewoxv=lthdizrmre Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?sxeiuewoxv=lthdizrmre date Wed, 06 Apr 2022 13:18:48 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?ttm=ybirsdtpzatdvxhkvhyyze https://www.donland.ru/?ttm=ybirsdtpzatdvxhkvhyyze	0 0	882ms 787ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?ttm=ybirsdtpzatdvxhkvhyyze Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?ttm=ybirsdtpzatdvxhkvhyyze content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:48 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?ihdzvw=tzwfkujlpcfjatsvvp https://www.sdm.ru/?ihdzvw=tzwfkujlpcfjatsvvp	0 0	2263ms 2161ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?ihdzvw=tzwfkujlpcfjatsvvp Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:56 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?ihdzvw=tzwfkujlpcfjatsvvp cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	108ms 51ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?oizbgjjh=ugfidwukkmamvll Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	321ms 212ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?beziphojdcslconqkcqgowkuk=estzbvrqjw Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	730ms 526ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?hvqinphtbzfyadlcmhjvuvy=ithizukjdavqdrd Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?acrttlaoqfdxsv=luuilnen https://www.ozon.ru/?acrttlaoqfdxsv=luuilnen	0 0	71ms 70ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?acrttlaoqfdxsv=luuilnen Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?acrttlaoqfdxsv=luuilnen date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H2	403	/ Show response uniticket.by/ Frame 55B5	9 B 289 B	522ms 522ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?nwwljf=miaauzvfynyjlmjvoyowdikk Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:48 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukarWhvxTOD8ddcko403oiaq2WWCAoatsEkVrwrfeyhITCOJXm2Oaj%2BfNuWIPPkI0PykyFV6qtepJ8LM76hQN9D2zAESQHeY9wUyjn105nda6fPXvC0IqXy14FMTJ1R8mZKOJuvvPvUb%2BXs%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfbf3ef15fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?jvsquwkxchzkfoutqtc=ramsvjfcl https://www.kuzbank.ru/?jvsquwkxchzkfoutqtc=ramsvjfcl	0 0	164ms 99ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?jvsquwkxchzkfoutqtc=ramsvjfcl Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?jvsquwkxchzkfoutqtc=ramsvjfcl date Wed, 06 Apr 2022 13:18:48 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?ersdta=kvworukf https://www.donland.ru/?ersdta=kvworukf	0 0	776ms 775ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?ersdta=kvworukf Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?ersdta=kvworukf content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:48 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?zmbovtj=deidynol https://www.sdm.ru/?zmbovtj=deidynol	0 0	1824ms 1717ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?zmbovtj=deidynol Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:56 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?zmbovtj=deidynol cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?ledtbwqyodcy=nywzarosgxyaigi Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	302ms 195ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?lpaoljjvyqjl=bwqhrzvhulrefzebovrg Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	239ms 135ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?elpgqvnmzygiimomujwwqw=xmjearkaxlilsctjpwvjtwp Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?vuzu=mecvshwshzywajgqjypqy https://www.ozon.ru/?vuzu=mecvshwshzywajgqjypqy	0 0	136ms 135ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?vuzu=mecvshwshzywajgqjypqy Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?vuzu=mecvshwshzywajgqjypqy date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H2	403	/ Show response uniticket.by/ Frame 55B5	9 B 297 B	478ms 477ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?hehihjsmcdxboqkhtemwbpz=eastaiyoehudnbjyyxlzwm Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:48 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5icBD7%2FcKygOB55jrG%2FZMmHltGN%2FDtjAs3R0tAYnHDcyxFcDW1s2e%2Fzj2TUM%2BX%2F7%2Fhwtec8lYinBMIJbm4Ik54W81SEbrKZwFZzHR6Mj0RltBU9hZdZjwkMhAWAc9tyCEupc4D%2FPp69S0M%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfbfe8075fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?gmeqgpxidgzesvpiox=dkyuxjsixyzgljzheowuymjn https://www.kuzbank.ru/?gmeqgpxidgzesvpiox=dkyuxjsixyzgljzheowuymjn	0 0	214ms 149ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?gmeqgpxidgzesvpiox=dkyuxjsixyzgljzheowuymjn Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?gmeqgpxidgzesvpiox=dkyuxjsixyzgljzheowuymjn date Wed, 06 Apr 2022 13:18:48 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?cmzkfoarhrkpdu=dsdjdme https://www.donland.ru/?cmzkfoarhrkpdu=dsdjdme	0 0	692ms 691ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?cmzkfoarhrkpdu=dsdjdme Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?cmzkfoarhrkpdu=dsdjdme content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:48 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?pyezbeqkuqulnv=dahynwdwofozazkekorlnad https://www.sdm.ru/?pyezbeqkuqulnv=dahynwdwofozazkekorlnad	0 0	2520ms 2413ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?pyezbeqkuqulnv=dahynwdwofozazkekorlnad Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:56 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?pyezbeqkuqulnv=dahynwdwofozazkekorlnad cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	50ms 47ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?pybozw=vwflfqfdvlhpyunzhff Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	242ms 184ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?yvqfxtemxswfykmhzgzkbnc=marckaukm Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	737ms 647ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?ultrb=xwoswww Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?dzurhqjuceqsnumxi=mtcyitdhnfzcwtkxtooj https://www.ozon.ru/?dzurhqjuceqsnumxi=mtcyitdhnfzcwtkxtooj	0 0	71ms 71ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?dzurhqjuceqsnumxi=mtcyitdhnfzcwtkxtooj Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?dzurhqjuceqsnumxi=mtcyitdhnfzcwtkxtooj date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H2	403	/ Show response uniticket.by/ Frame 55B5	9 B 293 B	507ms 505ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?ytesrcvjgnqiqusgbgksq=lsumwkmidrycpouayupuj Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:48 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qi7kuB8zw0sD3o3VOmOPaj95CwXSo%2F9GrIw%2BkY0GPNRkKsB4q3bOAZmiyNWto9Gs%2FAFQmXyIqSIE7lE5w37EAt0tH5E89AK1bWOYWBdy9N00d%2B1I%2FUG6jmGJJJttofS3xDPK2nSAdZ0nZ98%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc0891a5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?vkmgk=jqirdzaf https://www.kuzbank.ru/?vkmgk=jqirdzaf	0 0	172ms 172ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?vkmgk=jqirdzaf Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?vkmgk=jqirdzaf date Wed, 06 Apr 2022 13:18:48 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?jubn=bxvmfoviytrqdrvmbzctkui https://www.donland.ru/?jubn=bxvmfoviytrqdrvmbzctkui	0 0	806ms 805ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?jubn=bxvmfoviytrqdrvmbzctkui Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?jubn=bxvmfoviytrqdrvmbzctkui content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:48 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?klkksbegcdkfjnob=aoncnbtxnbbuf https://www.sdm.ru/?klkksbegcdkfjnob=aoncnbtxnbbuf	0 0	2141ms 2113ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?klkksbegcdkfjnob=aoncnbtxnbbuf Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:56 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?klkksbegcdkfjnob=aoncnbtxnbbuf cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	51ms 49ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?nltldpex=ulrtakqlgyi Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	276ms 265ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?iautiqxivsmgnuajl=ypknumsgszji Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	829ms 739ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?xvudpzqiuxdbodrbjwuktqo=ljbowl Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?zdsxluhystfkisjis=scrhfxijaqeg https://www.ozon.ru/?zdsxluhystfkisjis=scrhfxijaqeg	0 0	140ms 139ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?zdsxluhystfkisjis=scrhfxijaqeg Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?zdsxluhystfkisjis=scrhfxijaqeg date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H2	403	/ Show response uniticket.by/ Frame 55B5	9 B 287 B	515ms 512ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?rrfxindnpzu=kcpqjoge Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:48 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mT1UV68FU8GQAkpl2ATtJDus4bDCM1kQKGjCJCKAkUUR0DijpZRY2Ox8odGy1mxh%2BOBD60tQcpF9o07eHrECNJLaMGoftEIHdAZk2a7qu1BXF8O90BWYPhG8o52LJWxvMAgLrhQLSIFRsOA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc12a345fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?aixtyttvxewliubirvyphnq=nfrhpdqaiighbeurpdctlvbtt https://www.kuzbank.ru/?aixtyttvxewliubirvyphnq=nfrhpdqaiighbeurpdctlvbtt	0 0	91ms 91ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?aixtyttvxewliubirvyphnq=nfrhpdqaiighbeurpdctlvbtt Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?aixtyttvxewliubirvyphnq=nfrhpdqaiighbeurpdctlvbtt date Wed, 06 Apr 2022 13:18:48 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?lnmnzowidgm=orimeqpibljoworsoqy https://www.donland.ru/?lnmnzowidgm=orimeqpibljoworsoqy	0 0	686ms 686ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?lnmnzowidgm=orimeqpibljoworsoqy Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?lnmnzowidgm=orimeqpibljoworsoqy content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:48 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?eqrzcclbnvgliebo=bkfb https://www.sdm.ru/?eqrzcclbnvgliebo=bkfb	0 0	2474ms 2474ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?eqrzcclbnvgliebo=bkfb Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:56 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?eqrzcclbnvgliebo=bkfb cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	50ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?ydbjhbxqoihfsuclcvt=uwupencayxwcbwwgmfszjudod Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	174ms 172ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?oicrsvgrww=fkiq Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	923ms 838ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?wqe=napjhlqssbmtpx Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?dnbtd=tkuruejq https://www.ozon.ru/?dnbtd=tkuruejq	0 0	241ms 241ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?dnbtd=tkuruejq Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?dnbtd=tkuruejq date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H2	403	/ Show response uniticket.by/ Frame 55B5	9 B 316 B	475ms 473ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?leoj=kfkcfocfkunmmax Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGAGkj55O6XXp%2Fo6Ug7S0Fa9xK8Mt6FSulWGwy71KnyP09YW1yBX4NDpLUB9KU3x3yH7DG%2FvGQifSLapl3U%2B8q%2FrXVAA8747RzCsRyZboh%2BbT6K7kftzoalGwaW0ApNnRbANeXbxfSeejfQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc1cb995fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?yvb=khbbuvdxyosgsiqqnm https://www.kuzbank.ru/?yvb=khbbuvdxyosgsiqqnm	0 0	91ms 91ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?yvb=khbbuvdxyosgsiqqnm Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?yvb=khbbuvdxyosgsiqqnm date Wed, 06 Apr 2022 13:18:48 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?xskpoegqrwbciekzyn=pdivzhglkxagbpngihgddh https://www.donland.ru/?xskpoegqrwbciekzyn=pdivzhglkxagbpngihgddh	0 0	676ms 676ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?xskpoegqrwbciekzyn=pdivzhglkxagbpngihgddh Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?xskpoegqrwbciekzyn=pdivzhglkxagbpngihgddh content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:48 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?nqtfxyhxxkstyltsvqz=phrcrvkgirxpfeseekq https://www.sdm.ru/?nqtfxyhxxkstyltsvqz=phrcrvkgirxpfeseekq	0 0	2396ms 2396ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?nqtfxyhxxkstyltsvqz=phrcrvkgirxpfeseekq Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:57 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?nqtfxyhxxkstyltsvqz=phrcrvkgirxpfeseekq cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	50ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?obubsgmssqxakm=mofswyetscsrnmuzkjnq Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	246ms 238ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?swlajabcaucmr=ivbjuctxsfpsothvgiapvvhfj Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	1031ms 942ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?gcrtgebudvffkrbeketsfc=tpgchqk Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?infriksubsznjlqhkjnlj=pdmrkhqtkikkvlnsxfxkvfni https://www.ozon.ru/?infriksubsznjlqhkjnlj=pdmrkhqtkikkvlnsxfxkvfni	0 0	136ms 135ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?infriksubsznjlqhkjnlj=pdmrkhqtkikkvlnsxfxkvfni Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?infriksubsznjlqhkjnlj=pdmrkhqtkikkvlnsxfxkvfni date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 595 B	206ms 179ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?xvaholuzzamjhpljedu=gqwcuuypoqhta Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:48 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZgzevs3TxPsd443mV5bW7CPhg9AUU8qw%2BPdlIAqW0%2FF4pMLKTrKkmDU3XtZSmENTJ%2FUmUss7YuhGkukaoikgwSnUxD4G%2BeSdz24dk1J2LlVHWGOxy9V%2BMAdWcbJ7efrIMboYTQ3j0b7%2BfY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc28ce15fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?jqryecbhlrfkqfjsekjulotl=zfdcpwonybixkupjszfoe https://www.kuzbank.ru/?jqryecbhlrfkqfjsekjulotl=zfdcpwonybixkupjszfoe	0 0	92ms 92ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?jqryecbhlrfkqfjsekjulotl=zfdcpwonybixkupjszfoe Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?jqryecbhlrfkqfjsekjulotl=zfdcpwonybixkupjszfoe date Wed, 06 Apr 2022 13:18:48 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?kjibycysdfrb=ixgeojadub https://www.donland.ru/?kjibycysdfrb=ixgeojadub	0 0	501ms 501ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?kjibycysdfrb=ixgeojadub Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?kjibycysdfrb=ixgeojadub content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:48 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?hvjtkhsxpcpjucsqs=xwekspvadzqjuivgbnkxv https://www.sdm.ru/?hvjtkhsxpcpjucsqs=xwekspvadzqjuivgbnkxv	0 0	2367ms 2366ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?hvjtkhsxpcpjucsqs=xwekspvadzqjuivgbnkxv Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:57 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?hvjtkhsxpcpjucsqs=xwekspvadzqjuivgbnkxv cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	51ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?fgachpkavpvpc=gqaxrgramitp Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	226ms 224ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?jrkxhroltwuyj=epismnodirjgdslmbpvy Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	1128ms 1038ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?kkzgazeoxygpw=uginbrjgsydogotaerguec Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?yhslotdop=izjulbm https://www.ozon.ru/?yhslotdop=izjulbm	0 0	153ms 153ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?yhslotdop=izjulbm Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?yhslotdop=izjulbm date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 556 B	196ms 194ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?cpjtvopuevpffpnphfj=utspflvmtyg Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:48 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLsO0G63Lfa7nZqeWPjx%2BdSSZn0RzSPLCsJLmdEhzQAr9sNMRz2DHdCfdGQE7hpF48bcikYHfFGC8ycEYCx%2FQePZ%2BPVqnOrQyjhHGSpPouCuIiaqqY4CkjwfnNheH41L64XeIbNC0DvHQlc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc30d965fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?kymvwmhrwgkncsjthsgvlgnly=bnoxbdqtfwadh https://www.kuzbank.ru/?kymvwmhrwgkncsjthsgvlgnly=bnoxbdqtfwadh	0 0	91ms 90ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?kymvwmhrwgkncsjthsgvlgnly=bnoxbdqtfwadh Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?kymvwmhrwgkncsjthsgvlgnly=bnoxbdqtfwadh date Wed, 06 Apr 2022 13:18:48 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?lrxasytfzoykizj=svrzaqrwrenjalmtpw https://www.donland.ru/?lrxasytfzoykizj=svrzaqrwrenjalmtpw	0 0	438ms 438ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?lrxasytfzoykizj=svrzaqrwrenjalmtpw Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?lrxasytfzoykizj=svrzaqrwrenjalmtpw content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:48 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?akntcfyf=tfnftjmoltve https://www.sdm.ru/?akntcfyf=tfnftjmoltve	0 0	1740ms 1739ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?akntcfyf=tfnftjmoltve Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:57 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?akntcfyf=tfnftjmoltve cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	50ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?pycopahgdsvu=ynpxgakfyethokhdjou Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	341ms 231ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?jtnqszvdgxd=huzwtfjlodhnyxa Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	1232ms 1108ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?kwmfnnchzwxqnw=hatxuomhpuhkuypflyhrlawvc Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?vucawjogkiqlidjhajlko=dkysflraqcgjcdiy https://www.ozon.ru/?vucawjogkiqlidjhajlko=dkysflraqcgjcdiy	0 0	60ms 60ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?vucawjogkiqlidjhajlko=dkysflraqcgjcdiy Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?vucawjogkiqlidjhajlko=dkysflraqcgjcdiy date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 556 B	180ms 179ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?qrlyozuostpdcylwjfmyi=gzwestsxrkhvpwegenaf Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2lWf220v5ha2HSgmaizY8IhzjJbeU8vTpFqpVti4jFaiMen%2FfueBzN42JB9gsy9s6c4i%2BpSdWk%2BkM8xyrYCnizXxJJuInwXzyw48KMxOz9FRrTsji5zmHNm9w7I4X%2BfLXMmUFtunMwPEpw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc3ae9a5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?fiifxcg=ewpyjpmqdtllowjkuo https://www.kuzbank.ru/?fiifxcg=ewpyjpmqdtllowjkuo	0 0	87ms 87ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?fiifxcg=ewpyjpmqdtllowjkuo Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?fiifxcg=ewpyjpmqdtllowjkuo date Wed, 06 Apr 2022 13:18:48 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?utayeqokgtogovqkpsry=rppakotkhxswpsan https://www.donland.ru/?utayeqokgtogovqkpsry=rppakotkhxswpsan	0 0	470ms 470ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?utayeqokgtogovqkpsry=rppakotkhxswpsan Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?utayeqokgtogovqkpsry=rppakotkhxswpsan content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?dyelftbsjowisarisyn=bcqfkssyawbze https://www.sdm.ru/?dyelftbsjowisarisyn=bcqfkssyawbze	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 49ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?pkjubgdlmteu=zhvnwll Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	276ms 168ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?funhlwmofrbuqctplkmmg=hubdhweoyqpl Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	1334ms 1108ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?ydcjphswsnjigcl=cixsdwzkkyky Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?xerm=xcbzksajqh https://www.ozon.ru/?xerm=xcbzksajqh	0 0	62ms 61ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?xerm=xcbzksajqh Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?xerm=xcbzksajqh date Wed, 06 Apr 2022 13:18:48 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 557 B	193ms 193ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?igcfusqxvltsyoy=ntovcnecvlxvemiqovqwyp Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JiVfWD0Cx7lQshB5aTq7DGQGIemNYeUv9cnqeaq3HM7YNNwoGkSxiy%2FoVBuvDs7hEjqSLW97YBbXdl0x4tGiYL%2FoOmVFV1TR9OxTCXK7%2BLAtU%2FGLgDwLEpag5JlhQAPfj503S2e6DFggxQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc43f925fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?xcaydzdeyrwmzbyaqwbj=jkeqxltrl https://www.kuzbank.ru/?xcaydzdeyrwmzbyaqwbj=jkeqxltrl	0 0	156ms 155ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?xcaydzdeyrwmzbyaqwbj=jkeqxltrl Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?xcaydzdeyrwmzbyaqwbj=jkeqxltrl date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?bwbkdcrirotoxz=rjtisndkvnxjlklkigvqdnh https://www.donland.ru/?bwbkdcrirotoxz=rjtisndkvnxjlklkigvqdnh	0 0	458ms 458ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?bwbkdcrirotoxz=rjtisndkvnxjlklkigvqdnh Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?bwbkdcrirotoxz=rjtisndkvnxjlklkigvqdnh content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?wwx=ebakexwpauqa https://www.sdm.ru/?wwx=ebakexwpauqa	0 0	1619ms 1619ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?wwx=ebakexwpauqa Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:57 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?wwx=ebakexwpauqa cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?izmmzarhxu=xijfopciomxkgd Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	321ms 218ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?qxktx=pbyimafwiywzmurh Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	1433ms 1113ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?dmkzmnftigkcly=hhzikhfmavh Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?ehipeqomk=lbtnsajqfduokgvwcnkbie https://www.ozon.ru/?ehipeqomk=lbtnsajqfduokgvwcnkbie	0 0	129ms 128ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?ehipeqomk=lbtnsajqfduokgvwcnkbie Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?ehipeqomk=lbtnsajqfduokgvwcnkbie date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 561 B	194ms 194ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?rfpbmatsdb=cwgnsyqws Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avJv44UXBvwKjKoT76PBGd1MSMZg76j%2FV8UZjCG8%2FmgoaQ3m21%2BytPOKKsOMm4Rt%2Bejje%2BNVJkpuF9hhI5uuzfD7YFn5XY13NnWCbUb1egg0yG%2BD48BuGoFkwJ8XtYoW%2FRAthapCbrM5lhI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc4d8fe5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?qznewlgytekmzmndzd=onzuvjftiegpjelvxyphlwtg https://www.kuzbank.ru/?qznewlgytekmzmndzd=onzuvjftiegpjelvxyphlwtg	0 0	91ms 91ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?qznewlgytekmzmndzd=onzuvjftiegpjelvxyphlwtg Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?qznewlgytekmzmndzd=onzuvjftiegpjelvxyphlwtg date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?puvpur=wkvrshqqgy https://www.donland.ru/?puvpur=wkvrshqqgy	0 0	534ms 534ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?puvpur=wkvrshqqgy Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?puvpur=wkvrshqqgy content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?hqwwjeu=tdcbxqgqtfycrqblbpwzt https://www.sdm.ru/?hqwwjeu=tdcbxqgqtfycrqblbpwzt	0 0	1973ms 1973ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?hqwwjeu=tdcbxqgqtfycrqblbpwzt Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:57 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?hqwwjeu=tdcbxqgqtfycrqblbpwzt cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 47ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?rgvsmmvcvwdwfe=epkhazkyviftvo Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	329ms 226ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?mxvjdezykmpghguvayp=yzntmafzvflldmipwlgrhka Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	1541ms 1124ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?yegaqxxryvyterdclwuzca=dhqjqbqshfvgigs Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?kmudsaufxyfd=puhwcsvfnq https://www.ozon.ru/?kmudsaufxyfd=puhwcsvfnq	0 0	143ms 142ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?kmudsaufxyfd=puhwcsvfnq Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?kmudsaufxyfd=puhwcsvfnq date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 555 B	193ms 192ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?tdazpuiwokdkhpjjnjgelwe=xhmidsiuklg Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BYlsYO3WXQKy3sDkZ1eR3YdnJFRKzEYXvkYl04PFHxiIitNUZE9RIYSPTRoFBoxtPZy7R4RmTi3h2UueLOV9D8TkKliY6XfsWYVEJ9FXHrRdoirBZ3u9ovv4sLttbor%2F0APOqtytcpEIo0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc58a7a5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?udpjmeupw=bat https://www.kuzbank.ru/?udpjmeupw=bat	0 0	88ms 88ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?udpjmeupw=bat Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?udpjmeupw=bat date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?zrwlsnrahbaylpzxx=lakphwmidojztwhjfvhkbsaa https://www.donland.ru/?zrwlsnrahbaylpzxx=lakphwmidojztwhjfvhkbsaa	0 0	505ms 505ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?zrwlsnrahbaylpzxx=lakphwmidojztwhjfvhkbsaa Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?zrwlsnrahbaylpzxx=lakphwmidojztwhjfvhkbsaa content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?ygvfjanzvcvap=blxwoqkj https://www.sdm.ru/?ygvfjanzvcvap=blxwoqkj	0 0	1828ms 1828ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?ygvfjanzvcvap=blxwoqkj Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:57 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?ygvfjanzvcvap=blxwoqkj cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	48ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?tfczbomkkd=xrwyltn Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	338ms 231ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?vymhuuy=qgvwexiiqihgezjjbsgfft Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	1631ms 1114ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?ynpayo=nwqppggddzne Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?dzpgeyukcgnuqwoyboj=euzjm https://www.ozon.ru/?dzpgeyukcgnuqwoyboj=euzjm	0 0	132ms 132ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?dzpgeyukcgnuqwoyboj=euzjm Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?dzpgeyukcgnuqwoyboj=euzjm date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 556 B	195ms 194ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?cfcljhhjnm=ateqf Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvtUtu2%2BAOswwGznlMATD4gIBzymFE4dSsIqpq1Zvhb3AwKLPEtLvZ1wQ%2FVe0XbFzkpOHfEdkgS91rjmUVh33l9XETYViLcIh7GrslqLrDHDzGwVd4Y%2F92YIgyIyqqsHam8HJMYk6rAMlB0%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc62bb05fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?fjlaxhaxndsfdmbntrd=gmhtv https://www.kuzbank.ru/?fjlaxhaxndsfdmbntrd=gmhtv	0 0	89ms 89ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?fjlaxhaxndsfdmbntrd=gmhtv Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?fjlaxhaxndsfdmbntrd=gmhtv date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?uuakbn=xghhn https://www.donland.ru/?uuakbn=xghhn	0 0	494ms 494ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?uuakbn=xghhn Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?uuakbn=xghhn content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET H2	200	/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?mpquq=fdopzgnnxmgoksggw https://www.sdm.ru/?mpquq=fdopzgnnxmgoksggw	0 0	1777ms 1777ms	Fetch text/html	193.189.120.65 SDM-AS
General Check archive.org Show headers Download Go to Full URL https://www.sdm.ru/?mpquq=fdopzgnnxmgoksggw Protocol H2 Server 193.189.120.65 , Russian Federation, ASN34998 (SDM-AS, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers pragma no-cache date Wed, 06 Apr 2022 13:18:57 GMT x-content-type-options nosniff server nginx/1.12.2 p3p policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" x-powered-by PHP/7.0.33 x-frame-options SAMEORIGIN x-powered-cms Bitrix Site Manager (7068184ecc44953c972611a5eac71dd4) location https://www.sdm.ru/?mpquq=fdopzgnnxmgoksggw cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 vary HTTPS content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 47ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?anjqojzuxlwfvc=tfbv Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	321ms 219ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?wjhernxzuasepayrercs=lchkeuakckmxzccclehmyqz Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	1731ms 1109ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?ndzqxvgex=tjagjkvtjjmdpdbrarlk Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?sgkzgwciryrvbqgwnvi=cuwaqatboi https://www.ozon.ru/?sgkzgwciryrvbqgwnvi=cuwaqatboi	0 0	139ms 139ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?sgkzgwciryrvbqgwnvi=cuwaqatboi Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?sgkzgwciryrvbqgwnvi=cuwaqatboi date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 554 B	180ms 179ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?swq=byjxdnfqyxjhad Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIW3PHBU8UsOCmBgPXPHJhvrSIEq644m8uAaCMMtzoEw9Fwp5WFbep0Djszh0nxnl%2BIsyqqhXdWlU6b1J%2BwkiwtL%2FZXh0drrM2Q0t51cvkGpGesAcs9HbAi3g7wEXEsKemcQr6OS9qxsfNk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc6cca45fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?megznncupxidsyqcnqdqkrden=lxag https://www.kuzbank.ru/?megznncupxidsyqcnqdqkrden=lxag	0 0	89ms 89ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?megznncupxidsyqcnqdqkrden=lxag Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?megznncupxidsyqcnqdqkrden=lxag date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?tskillniwaaoj=qpijdyuy https://www.donland.ru/?tskillniwaaoj=qpijdyuy	0 0	438ms 438ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?tskillniwaaoj=qpijdyuy Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?tskillniwaaoj=qpijdyuy content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?namboujoknmehbbf=lzooo https://www.sdm.ru/?namboujoknmehbbf=lzooo	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	48ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?gntkgxlwj=kkomiyiyrimjjfzqufrgzkn Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	322ms 222ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?wtkdnwcshynxknqokgxii=nnvexmjfkcsdizxfmsk Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ taxireal.ru/ Frame 55B5	0 0	1834ms 1115ms	Fetch text/html	212.109.219.241 THEFIRST-AS
General Check archive.org Show headers Download Go to Full URL https://taxireal.ru/?hkqfrpozmjglhjmtepjkpg=eqxugxnefacdmplhdwskr Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.109.219.241 Gorno-Altaysk, Russian Federation, ASN29182 (THEFIRST-AS, RU), Reverse DNS taxireal.links.fvds.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?seqd=nvrunanypkcopbbrnwmhjewz https://www.ozon.ru/?seqd=nvrunanypkcopbbrnwmhjewz	0 0	146ms 146ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?seqd=nvrunanypkcopbbrnwmhjewz Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?seqd=nvrunanypkcopbbrnwmhjewz date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 559 B	190ms 190ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?jnswifugphzwcpkxoaerqrzec=yodpeocxoyh Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2F%2Fsc6uJEZr9e83qJu38cApviyig9PQ2U7YDU%2FNiR5kuMCIkAtlQy5MPKWnROTTKlBdQdXQ0GYKFEhl6av32N37wwTtntd%2BVo2n%2BsBxYGFwEyqk%2BoQ7vp0eVXm1ARIj40GrMPqLCDIgnFno%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc76dea5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?jurleyjtdldsfl=ezj https://www.kuzbank.ru/?jurleyjtdldsfl=ezj	0 0	98ms 98ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?jurleyjtdldsfl=ezj Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?jurleyjtdldsfl=ezj date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?ipdo=unfnntzg https://www.donland.ru/?ipdo=unfnntzg	0 0	464ms 463ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?ipdo=unfnntzg Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?ipdo=unfnntzg content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?dgnrieggiqcwgrc=ceotzolonzaahzhhdthm https://www.sdm.ru/?dgnrieggiqcwgrc=ceotzolonzaahzhhdthm	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	51ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?mooffsjoefpxpnfex=dknybgggznqeaawowki Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET H/1.1	200 OK	/ rencredit.ru/ Frame 55B5	0 0	335ms 231ms	Fetch text/html	91.201.250.5 RCCF
General Check archive.org Show headers Download Go to Full URL https://rencredit.ru/?qhd=dcshsztdbqxmfgoazdklfxmea Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.201.250.5 , Russian Federation, ASN34802 (RCCF, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?fchjppijsdf=hgkzsjkhkvrc https://www.ozon.ru/?fchjppijsdf=hgkzsjkhkvrc	0 0	165ms 165ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?fchjppijsdf=hgkzsjkhkvrc Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?fchjppijsdf=hgkzsjkhkvrc date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 551 B	181ms 180ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?jpcwetnsknjtnlcgsl=sfvaalbyl Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRX1Nc32mY2Cm6sSQceGNlQUgo8OCu%2BipqeX0qrZlYimL2h4H8jlmnOQ7SlSfFbSlKSegfXcjUWZgb91U67A3ftXxQC5yzCcu0HkU50tB0TA5YkOg76vP3JenvaPditaR8fQfPpJsDtNfzA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc80f115fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?aztsebkfomvtmdauiij=vcdeunezrcdfeyduioaw https://www.kuzbank.ru/?aztsebkfomvtmdauiij=vcdeunezrcdfeyduioaw	0 0	94ms 94ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?aztsebkfomvtmdauiij=vcdeunezrcdfeyduioaw Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?aztsebkfomvtmdauiij=vcdeunezrcdfeyduioaw date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?rgcjyvsa=ucoukxiervfnw https://www.donland.ru/?rgcjyvsa=ucoukxiervfnw	0 0	498ms 498ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?rgcjyvsa=ucoukxiervfnw Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?rgcjyvsa=ucoukxiervfnw content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?vtcsfyppuclcjt=zlbkdpeavgu https://www.sdm.ru/?vtcsfyppuclcjt=zlbkdpeavgu	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?nibi=pgycgereddmtfwawyxmivt Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?sfhflpu=iesynlwibiasvnmwknqqecnuh https://www.ozon.ru/?sfhflpu=iesynlwibiasvnmwknqqecnuh	0 0	140ms 140ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?sfhflpu=iesynlwibiasvnmwknqqecnuh Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?sfhflpu=iesynlwibiasvnmwknqqecnuh date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 555 B	203ms 202ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?jawdvohdqspafppntywk=qmzytlqfxuelnbhvql Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJRhTCdEAGuxX39GSZFjTRcK43FsizWvU7MuZJIrOwi4Tw6T59Otzg9sCAa3JVCnYDHkuxqcWydB0b0V0I%2B3lLZ2ua%2F4aqPsts5zHjJNcz8VJ3JQCSV1yFUzFhuW6z7UeCz3vd4LBV2GCMI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc8a8225fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?leot=ousbrqkpbgm https://www.kuzbank.ru/?leot=ousbrqkpbgm	0 0	90ms 89ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?leot=ousbrqkpbgm Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?leot=ousbrqkpbgm date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?fpytttbdrgyyaaeovuqk=jzvxbzbnwf https://www.donland.ru/?fpytttbdrgyyaaeovuqk=jzvxbzbnwf	0 0	582ms 582ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?fpytttbdrgyyaaeovuqk=jzvxbzbnwf Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?fpytttbdrgyyaaeovuqk=jzvxbzbnwf content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?vqjpzsbhdndxa=yjkoxlsc https://www.sdm.ru/?vqjpzsbhdndxa=yjkoxlsc	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?xuecjlwclmtqkgsyapxs=kwcozbh Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?pvaucftzvjgvkwreram=jofzjqlathtaeuvqqftmh https://www.ozon.ru/?pvaucftzvjgvkwreram=jofzjqlathtaeuvqqftmh	0 0	145ms 144ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?pvaucftzvjgvkwreram=jofzjqlathtaeuvqqftmh Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?pvaucftzvjgvkwreram=jofzjqlathtaeuvqqftmh date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 559 B	193ms 193ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?wbyoojngiijzf=qawpveazzneidnse Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzLkp%2FWH7VCYrNI7K48Bv%2F9ZvdPz50LKF7Z7JBU9OCH2JL%2BX%2B9siWT7BVYdU%2FDca4Z2ZuDALuECeyOj5V9nu5tsLy2OF89N4hygQtlnF8tEKJsRBseitxK2vtQhDl2wszKSLqc9zduEZX9A%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc9494e5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?hnmzuxphqnylrgonihg=lywimcg https://www.kuzbank.ru/?hnmzuxphqnylrgonihg=lywimcg	0 0	98ms 98ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?hnmzuxphqnylrgonihg=lywimcg Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?hnmzuxphqnylrgonihg=lywimcg date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?mrazdn=qvngnazbnof https://www.donland.ru/?mrazdn=qvngnazbnof	0 0	657ms 656ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?mrazdn=qvngnazbnof Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?mrazdn=qvngnazbnof content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:49 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?ozaszghfiydnhctrtwwpftpkr=hxm https://www.sdm.ru/?ozaszghfiydnhctrtwwpftpkr=hxm	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	48ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?ogdntfwd=uylxcjphpbzmlmkkw Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?puxbl=hwylmxuawlgqxidnsgrbxae https://www.ozon.ru/?puxbl=hwylmxuawlgqxidnsgrbxae	0 0	141ms 141ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?puxbl=hwylmxuawlgqxidnsgrbxae Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?puxbl=hwylmxuawlgqxidnsgrbxae date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 554 B	188ms 188ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?frwhlrneadhnhjdijhelfrdbv=yojc Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXTtceiBWmv3WLO6%2FaMaGMRV9B0ya8in3LBIN8O6UUj93TcNG6UyVrNclK9LhOe61CD7U8c2DkkB1oBq4cQEutb71U9fuUV7J5l7LTaM92%2Buj9Ye8nC5fec9W8QTtaZtBDgn5g3%2FEuo%2Fork%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfc9da6b5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?ouytmlzeiikqm=gjjwpnhzhx https://www.kuzbank.ru/?ouytmlzeiikqm=gjjwpnhzhx	0 0	91ms 90ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?ouytmlzeiikqm=gjjwpnhzhx Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?ouytmlzeiikqm=gjjwpnhzhx date Wed, 06 Apr 2022 13:18:49 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?yxge=aozwbtxdgzkyykyiusqnorhk https://www.donland.ru/?yxge=aozwbtxdgzkyykyiusqnorhk	0 0	457ms 457ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?yxge=aozwbtxdgzkyykyiusqnorhk Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?yxge=aozwbtxdgzkyykyiusqnorhk content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:50 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?leexiuymtsqqtkuajkwyk=xudkijymgdfukszzicvr https://www.sdm.ru/?leexiuymtsqqtkuajkwyk=xudkijymgdfukszzicvr	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?zzmuhpja=ojiwfhjwumzdjujxydtord Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?fsfxgjil=mjx https://www.ozon.ru/?fsfxgjil=mjx	0 0	131ms 131ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?fsfxgjil=mjx Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?fsfxgjil=mjx date Wed, 06 Apr 2022 13:18:49 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 553 B	187ms 187ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?iqrltbkfpcez=dixdktvyzqhcxowoutrcl Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cef7OK6rwiNQS5VWpwet65fOaf1Tjfa%2BQ5GLVcAzEDTjZ0jA8WFnippLEEpUe%2FAvghlMDakz0eDIOkWmqzS5nPuRRAcRFazXlDp0O31hi8xdQiBGkQMKmP44EOSHbfg76TXYWgyUGd5Ch2A%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfca8b9e5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?ueasziwigvmbkuqiwyuuzvbk=famynfqeemdykbzgdoruqkrfa https://www.kuzbank.ru/?ueasziwigvmbkuqiwyuuzvbk=famynfqeemdykbzgdoruqkrfa	0 0	91ms 91ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?ueasziwigvmbkuqiwyuuzvbk=famynfqeemdykbzgdoruqkrfa Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?ueasziwigvmbkuqiwyuuzvbk=famynfqeemdykbzgdoruqkrfa date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?jrlpetxiae=dkwajkwogmqudrrmlqewhm https://www.donland.ru/?jrlpetxiae=dkwajkwogmqudrrmlqewhm	0 0	513ms 513ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?jrlpetxiae=dkwajkwogmqudrrmlqewhm Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?jrlpetxiae=dkwajkwogmqudrrmlqewhm content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:50 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?mfybhvchj=abxiz https://www.sdm.ru/?mfybhvchj=abxiz	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	58ms 50ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?jiqzjvjtlahbttoyw=bruveunumvc Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?unmivbvhnjvbll=vskipjrjfm https://www.ozon.ru/?unmivbvhnjvbll=vskipjrjfm	0 0	165ms 165ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?unmivbvhnjvbll=vskipjrjfm Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?unmivbvhnjvbll=vskipjrjfm date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 555 B	187ms 185ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?pxmqazfxtobocmzzolv=xebdrql Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mCz8eJh77atn1HTJFR68IKnI4Qouo0TZyM27RM4x%2BfOpP0CG7S8zJhd1fqSwE5OlS%2FmWbN207qsRW2PqhkxW3X%2FDlasuTm2Y%2BZmQmVxRoF2kxPciUBjs37ntoyDzcVQKU7wxfxnAs6QB80%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfcb2cdc5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?bmtxojumfrg=nzwdbvtjkbhkpyanpnfh https://www.kuzbank.ru/?bmtxojumfrg=nzwdbvtjkbhkpyanpnfh	0 0	90ms 90ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?bmtxojumfrg=nzwdbvtjkbhkpyanpnfh Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?bmtxojumfrg=nzwdbvtjkbhkpyanpnfh date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?sisjgpacqaxozfkifdeckwn=vkftpr https://www.donland.ru/?sisjgpacqaxozfkifdeckwn=vkftpr	0 0	529ms 529ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?sisjgpacqaxozfkifdeckwn=vkftpr Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?sisjgpacqaxozfkifdeckwn=vkftpr content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:50 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?paqotkkjjvpk=xqnasbqbead https://www.sdm.ru/?paqotkkjjvpk=xqnasbqbead	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	50ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?knotkaxfak=ruyefkt Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?unuihdphjizdoyjinh=fctxnvpnrejbpdu https://www.ozon.ru/?unuihdphjizdoyjinh=fctxnvpnrejbpdu	0 0	148ms 147ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?unuihdphjizdoyjinh=fctxnvpnrejbpdu Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?unuihdphjizdoyjinh=fctxnvpnrejbpdu date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 553 B	181ms 181ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?iijowdfuh=zpjmpxrbvjlbvngrg Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAYivneKfWIXJAKyhn7701UJ5t%2BgDg1DgzL9PnZRaco3RKdvidKGCyG0ECrgd0kGniUbfyaBsfhe6OpsYqp7AMhq8EL8ttX5Ey%2B1uMZfp42sVP0GJiat3RsjVlrXXLdu6EfRYD%2B1kal7YDU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfcbcdd65fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?okdfbohdyjh=kaubmceqy https://www.kuzbank.ru/?okdfbohdyjh=kaubmceqy	0 0	90ms 90ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?okdfbohdyjh=kaubmceqy Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?okdfbohdyjh=kaubmceqy date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?fhkhbpm=ryglpesuhyozrgkstf https://www.donland.ru/?fhkhbpm=ryglpesuhyozrgkstf	0 0	465ms 465ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?fhkhbpm=ryglpesuhyozrgkstf Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?fhkhbpm=ryglpesuhyozrgkstf content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:50 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?hcq=lghbbfwuobdrc https://www.sdm.ru/?hcq=lghbbfwuobdrc	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	50ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?sylrwfeesrkdwekxen=cfqudln Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?objbcepacdplikwzsidk=hfgcuudqgvbotedz https://www.ozon.ru/?objbcepacdplikwzsidk=hfgcuudqgvbotedz	0 0	157ms 156ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?objbcepacdplikwzsidk=hfgcuudqgvbotedz Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?objbcepacdplikwzsidk=hfgcuudqgvbotedz date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 555 B	187ms 186ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?smjsvy=qtdzdbrszfdfgxp Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZTiH9qWzgQH4JeWvnd8c7xOtAvaYT9heqpDcvHrPlgQ5JJbmw4KjEkyrjSZM2E6tokG2Pkj8OaKWNGHnFduvfx2eSCfG3LQ9PQiLCuD4k4VqFzjbH5Ni7vBey%2FaKwEAu18p4tT%2Bjexq5oE%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfcc6ef45fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?xhyhfstucoxivuet=bkwzcldvkhpdyttkyke https://www.kuzbank.ru/?xhyhfstucoxivuet=bkwzcldvkhpdyttkyke	0 0	91ms 91ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?xhyhfstucoxivuet=bkwzcldvkhpdyttkyke Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?xhyhfstucoxivuet=bkwzcldvkhpdyttkyke date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?abhhcje=sjc https://www.donland.ru/?abhhcje=sjc	0 0	511ms 511ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?abhhcje=sjc Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?abhhcje=sjc content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:50 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?dktcyuviuoarcgvzpixsi=kvjlnscqaq https://www.sdm.ru/?dktcyuviuoarcgvzpixsi=kvjlnscqaq	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?rwqhtia=lkbpjfbp Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?uomenphdbut=jrjrqooqqhckrdwtwyryy https://www.ozon.ru/?uomenphdbut=jrjrqooqqhckrdwtwyryy	0 0	132ms 132ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?uomenphdbut=jrjrqooqqhckrdwtwyryy Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?uomenphdbut=jrjrqooqqhckrdwtwyryy date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 552 B	194ms 193ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?ixhioqhcqhqgtihdosrp=qipbdyazlhw Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bojA1GH9A3ubomcHsBYAb9G3AIiGI61jVu%2B44mpenYsD4Nf8QCim2OxN0IN0fdbujS3Rr2KE2mcAmMZ06DbujULLTTxw%2Bt%2BbdyDoi2Ktw09Iwqa1vZu0dmdoR9koI1Y3jKqtJaqi9zLQZd4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfcd0fe55fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?kdiwxcbvejscqzeadljpjmm=tvjdfrduhgpfnklimkvnn https://www.kuzbank.ru/?kdiwxcbvejscqzeadljpjmm=tvjdfrduhgpfnklimkvnn	0 0	91ms 91ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?kdiwxcbvejscqzeadljpjmm=tvjdfrduhgpfnklimkvnn Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?kdiwxcbvejscqzeadljpjmm=tvjdfrduhgpfnklimkvnn date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?utmfsvjti=xuftydgmqskswmem https://www.donland.ru/?utmfsvjti=xuftydgmqskswmem	0 0	500ms 500ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?utmfsvjti=xuftydgmqskswmem Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?utmfsvjti=xuftydgmqskswmem content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:50 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?goil=xayrjtugsfrlkuhxvkpnhmhr https://www.sdm.ru/?goil=xayrjtugsfrlkuhxvkpnhmhr	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	51ms 49ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?okrqkogtmfzwopsyrhik=pnuad Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?prmcpocwjarmqpuslgwmpyz=ykbd https://www.ozon.ru/?prmcpocwjarmqpuslgwmpyz=ykbd	0 0	134ms 134ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?prmcpocwjarmqpuslgwmpyz=ykbd Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?prmcpocwjarmqpuslgwmpyz=ykbd date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 561 B	190ms 190ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?qecmpybkkgmwdypxs=ksfovitealtesf Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnPMmAeXaabEqhwd36jvU2mAt2AghlMU1UQ%2FJXf0qYRgVX5y7GzuHY%2FtqRcA%2FqLHxKlqyz2vxt%2F%2Fk6WvMjbrvFpFrqc1XD%2BLXUPBPru3cSFFcNfrsE%2BwgETqmEUS6eskx9Kwl6tqpnZemlc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfcda9015fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?jflilfxlaf=jligaqdqbxoiz https://www.kuzbank.ru/?jflilfxlaf=jligaqdqbxoiz	0 0	90ms 90ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?jflilfxlaf=jligaqdqbxoiz Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?jflilfxlaf=jligaqdqbxoiz date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?lclhd=xoebzh https://www.donland.ru/?lclhd=xoebzh	0 0	479ms 479ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?lclhd=xoebzh Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?lclhd=xoebzh content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:50 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?cobzvmpx=fcshhxibeprael https://www.sdm.ru/?cobzvmpx=fcshhxibeprael	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 49ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?jdlwwdlssdf=eghbdrzoterjvkbgvhda Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?kqpmkoemwwgnbsiolv=tlgovryjxfrkafxnjrf https://www.ozon.ru/?kqpmkoemwwgnbsiolv=tlgovryjxfrkafxnjrf	0 0	137ms 137ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?kqpmkoemwwgnbsiolv=tlgovryjxfrkafxnjrf Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?kqpmkoemwwgnbsiolv=tlgovryjxfrkafxnjrf date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 554 B	179ms 179ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?nszirsnjgtdq=kbxihpksdqhocuuoxjjtr Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCGwZLfRsA4gfX6q0V0IPZ1GxKg618bdkV8k4wIbr54a1BpX3qd2qP0reiI%2B4vjRPinB%2B7cniNjCS553cKnIgAfUgbn32EnVWKBQKUwY0bsz9kc%2FWHjByshPqeM3U75i7k1l7XrozygP1vk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfce4a2a5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?ykcuihwicbstpjtqeyf=wtptzgxtfuaqh https://www.kuzbank.ru/?ykcuihwicbstpjtqeyf=wtptzgxtfuaqh	0 0	95ms 95ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?ykcuihwicbstpjtqeyf=wtptzgxtfuaqh Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?ykcuihwicbstpjtqeyf=wtptzgxtfuaqh date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET H2	200	/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?vcahfkvllsj=ooqlqllyeaesvaa https://www.donland.ru/?vcahfkvllsj=ooqlqllyeaesvaa	0 0	488ms 487ms	Fetch text/html	185.178.208.60 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.donland.ru/?vcahfkvllsj=ooqlqllyeaesvaa Protocol H2 Server 185.178.208.60 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.donland.ru/?vcahfkvllsj=ooqlqllyeaesvaa content-security-policy upgrade-insecure-requests; content-encoding br server ddos-guard date Wed, 06 Apr 2022 13:18:50 GMT vary Accept-Encoding content-type text/html
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?hfzhtpzgznevpfszemwqrro=khvkjmjxdsofa https://www.sdm.ru/?hfzhtpzgznevpfszemwqrro=khvkjmjxdsofa	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	54ms 54ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?vyyzhybmwzfkzumcavjq=chgpiaksqkvwrl Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?wedoclmhhcaorrgnaeg=flkaroowtwpryrdncoiwud https://www.ozon.ru/?wedoclmhhcaorrgnaeg=flkaroowtwpryrdncoiwud	0 0	144ms 144ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?wedoclmhhcaorrgnaeg=flkaroowtwpryrdncoiwud Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?wedoclmhhcaorrgnaeg=flkaroowtwpryrdncoiwud date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 553 B	182ms 182ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?euqenjxs=yhgjdguwr Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcu103E2qqHiG8C3PNc3jWlq8KwWZoyRmQRZ8lH4X9JLEMBYLO7dr%2FJqi7F2nUMVJHBcbQzZPbu4Prb6u2eLs7NvkRSaoQzcaybO3NsS4eLDTYF0f6IPZplIvSShhf9U5S2DxhdqX9Qe4R8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfceeb4f5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?nltqsaxrgoxr=hdxmwzsbtimi https://www.kuzbank.ru/?nltqsaxrgoxr=hdxmwzsbtimi	0 0	95ms 95ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?nltqsaxrgoxr=hdxmwzsbtimi Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?nltqsaxrgoxr=hdxmwzsbtimi date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET		/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?haumelmjfxghgd=lzzjichlhjavafuq https://www.donland.ru/?haumelmjfxghgd=lzzjichlhjavafuq	0 0
GET		/ www.sdm.ru/ Frame 55B5 Redirect Chain https://sdm.ru/?qugdj=hzwmlobfkcjoabdbovzsjr https://www.sdm.ru/?qugdj=hzwmlobfkcjoabdbovzsjr	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	54ms 53ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?gpbmyidrpdgksn=prriioiqsgbwlfgf Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?vlexyawazowlbsgrtspsqvwc=bqzpumazndzqgdamiiuramv https://www.ozon.ru/?vlexyawazowlbsgrtspsqvwc=bqzpumazndzqgdamiiuramv	0 0	152ms 152ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?vlexyawazowlbsgrtspsqvwc=bqzpumazndzqgdamiiuramv Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?vlexyawazowlbsgrtspsqvwc=bqzpumazndzqgdamiiuramv date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 553 B	192ms 191ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?ucp=mpk Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:50 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myL3hqX8yJyD%2BOSumc9nESME1GbB2neFi4O0wC1dQdiiyLOWm1rFsElMSUgkFb1EfsfOu7YcdidVQQofZ1%2FLrvRhR8Ju1PStxKuPWjkKflJlirk%2FQeeUt51l3t26TR5PEsBszFkyM1mOfms%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfcf8c665fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?uiqwdbg=lawdmotiheegqz https://www.kuzbank.ru/?uiqwdbg=lawdmotiheegqz	0 0	93ms 93ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?uiqwdbg=lawdmotiheegqz Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?uiqwdbg=lawdmotiheegqz date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET		/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?gul=shetntpevksd https://www.donland.ru/?gul=shetntpevksd	0 0
GET		/ sdm.ru/ Frame 55B5	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	51ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?kuepqsehsglqrtagtpql=omevyjxjieiqdpxrsiey Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?xlgrmxxjpapvtyksmtle=wckaughpu https://www.ozon.ru/?xlgrmxxjpapvtyksmtle=wckaughpu	0 0	140ms 140ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?xlgrmxxjpapvtyksmtle=wckaughpu Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?xlgrmxxjpapvtyksmtle=wckaughpu date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 560 B	192ms 191ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?pbeyvidavgsp=qoqtzcybbdzxxjbwzdc Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:51 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukrELUN8juoUioVysjvSz9jdImh3FUCWwmyfWEsk1sfJjyMY7Jz7xWBxERAY%2FQbg%2FCfYm%2Bc2WxBrZlT2ZyHtD0mEbx28XRcJEvZSrymyqucaNJpN%2FUzwMSXgHesuJNFbNyYR%2F35jbitYZDA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfd02d925fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?rhqkbtnogfpxrev=rtycfcgeweodhdszsfqvlhla https://www.kuzbank.ru/?rhqkbtnogfpxrev=rtycfcgeweodhdszsfqvlhla	0 0	97ms 97ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?rhqkbtnogfpxrev=rtycfcgeweodhdszsfqvlhla Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?rhqkbtnogfpxrev=rtycfcgeweodhdszsfqvlhla date Wed, 06 Apr 2022 13:18:50 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET		/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?ocln=jxpea https://www.donland.ru/?ocln=jxpea	0 0
GET		/ sdm.ru/ Frame 55B5	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	48ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?vihghbstoeadpkpbrjmkb=yozgrkfzbrl Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?kmopuckkocoeifotk=wcpdjwjfaymxzhqmiw https://www.ozon.ru/?kmopuckkocoeifotk=wcpdjwjfaymxzhqmiw	0 0	151ms 151ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?kmopuckkocoeifotk=wcpdjwjfaymxzhqmiw Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?kmopuckkocoeifotk=wcpdjwjfaymxzhqmiw date Wed, 06 Apr 2022 13:18:50 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 556 B	203ms 202ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?zxzz=azdrrnecuskkmnfx Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:51 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnhQ9ZfQOnEoqP%2FYGkeEfhHhCMkGr4yrr%2FedEdBcKWgGoL68tzO%2FCqRlSNeugdpLGaMmlkkdu7WO7wAYtsehZMgX4dpk3f7RWupGBpOur5GQmbtGKUziif91qW4NU9UEPkPBFfMXVJJw9us%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfd0ced75fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?wfggi=zyswfssglldgspqhsicgbcp https://www.kuzbank.ru/?wfggi=zyswfssglldgspqhsicgbcp	0 0	92ms 91ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?wfggi=zyswfssglldgspqhsicgbcp Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?wfggi=zyswfssglldgspqhsicgbcp date Wed, 06 Apr 2022 13:18:51 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET		/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?hyg=sjd https://www.donland.ru/?hyg=sjd	0 0
GET		/ sdm.ru/ Frame 55B5	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	49ms 49ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?eij=ngkqhxsqpvjdzwuxyeiqjc Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET H2	200	/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?dggwlchp=hvkzbxiytgbgpwmgx https://www.ozon.ru/?dggwlchp=hvkzbxiytgbgpwmgx	0 0	130ms 130ms	Fetch text/html	178.248.238.156 QRATOR
General Check archive.org Show headers Download Go to Full URL https://www.ozon.ru/?dggwlchp=hvkzbxiytgbgpwmgx Protocol H2 Server 178.248.238.156 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.ozon.ru/?dggwlchp=hvkzbxiytgbgpwmgx date Wed, 06 Apr 2022 13:18:51 GMT server QRATOR content-length 162 content-type text/html
GET H3	403	/ Show response uniticket.by/ Frame 55B5	9 B 550 B	197ms 196ms	Fetch text/html	2606:4700:3037::ac43:d939 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://uniticket.by/?cjeuatfrtscgdvpkhlnxhzhj=qilpfcskdsxi Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:d939 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 13:18:51 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoJYdg22eu2W8tcUg%2FUru7Kh5wKSJcICIPmOzGm8ado7CClryFRDaHpLQhh0gR1goyhudx7TSRGABe0ZqwUCWplhIgloSNAtlPPzNgrFPbg2FQebQ0R6to80D0KuLYhHt774RP6AgV3NcLg%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 x-turbo-charged-by LiteSpeed cf-ray 6f7acfd16ffc5fd0-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?gtbc=nxh https://www.kuzbank.ru/?gtbc=nxh	0 0	93ms 93ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?gtbc=nxh Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?gtbc=nxh date Wed, 06 Apr 2022 13:18:51 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET		/ www.donland.ru/ Frame 55B5 Redirect Chain https://donland.ru/?bkusqjvpxbyqb=dxfpzdkvtkvwxggfz https://www.donland.ru/?bkusqjvpxbyqb=dxfpzdkvtkvwxggfz	0 0
GET		/ sdm.ru/ Frame 55B5	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	50ms 48ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?mxdaanvjqzxxkbt=fwtnyiiie Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET		/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?tenaucnhtau=dvlhwipjkl https://www.ozon.ru/?tenaucnhtau=dvlhwipjkl	0 0
GET		/ uniticket.by/ Frame 55B5	0 0
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET H2	200	/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?gffgyvuxemmww=ticdoojkrtfhwvjt https://www.kuzbank.ru/?gffgyvuxemmww=ticdoojkrtfhwvjt	0 0	91ms 91ms	Fetch text/html	185.137.235.138 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://www.kuzbank.ru/?gffgyvuxemmww=ticdoojkrtfhwvjt Protocol H2 Server 185.137.235.138 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS alermo.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers location https://www.kuzbank.ru/?gffgyvuxemmww=ticdoojkrtfhwvjt date Wed, 06 Apr 2022 13:18:51 GMT x-content-type-options nosniff server nginx content-length 138 x-frame-options SAMEORIGIN content-type text/html
GET		/ alfabank.ru/everyday/online/ Frame 55B5	0 0
GET		/ donland.ru/ Frame 55B5	0 0
GET		/ sdm.ru/ Frame 55B5	0 0
GET H2	403	/ wagnera.ru/ Frame 55B5	0 0	53ms 52ms	Fetch text/html	77.222.42.218 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://wagnera.ru/?xvwpcnswnxa=sneabxscmqkaaxjuys Requested by Host: ban-dera.com URL: https://ban-dera.com/js/app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.222.42.218 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS 77-222-42-218.vps-ptr.clients.spaceweb.ru Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers
GET		/ rencredit.ru/ Frame 55B5	0 0
GET		/ taxireal.ru/ Frame 55B5	0 0
GET		/ www.ozon.ru/ Frame 55B5 Redirect Chain https://ozon.ru/?fuflajdtve=knlfilhepztvxonariszjrem https://www.ozon.ru/?fuflajdtve=knlfilhepztvxonariszjrem	0 0
GET		/ uniticket.by/ Frame 55B5	0 0
GET		/ gtrklnr.com/ Frame 55B5	0 0
GET		/ www.kuzbank.ru/ Frame 55B5 Redirect Chain https://kuzbank.ru/?hbbplwxrzexvtcmbrp=tgmnrwxsofvvupgebdhbot https://www.kuzbank.ru/?hbbplwxrzexvtcmbrp=tgmnrwxsofvvupgebdhbot	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?tqvdraplnypcyahdo=ryz

Domain

gtrklnr.com

URL

https://gtrklnr.com/?xdfahbipnzqnis=gnskqsrehqvjn

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?nbxgrsmrcdlryfzdylmbgkj=xnfoixzzdfglkhesyrnr

Domain

gtrklnr.com

URL

https://gtrklnr.com/?mwxmylcjegvhqotcipiurya=olhilmqocdjzqfeuzftmbnbl

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?jizjvyrvmkaznkfbuzwrude=qitkarswamexs

Domain

gtrklnr.com

URL

https://gtrklnr.com/?jgmeasszulhickzugjraxhl=eiabtnyqqzplqhwyw

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?somhxdc=gdigynjlqyyuwb

Domain

gtrklnr.com

URL

https://gtrklnr.com/?unvuheulylmxg=njeenagynfxosmbiypontoje

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?qbqorktrnsikqetpcdmdpbn=rluxyoxzqfxtc

Domain

gtrklnr.com

URL

https://gtrklnr.com/?rpcfz=lbaoql

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?foaihgsip=vbskcwohhcipx

Domain

gtrklnr.com

URL

https://gtrklnr.com/?gfmjbkn=zajgnvrenwzsw

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?qwltmtdgqxncnymu=dgnh

Domain

gtrklnr.com

URL

https://gtrklnr.com/?ixmog=coq

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?pxnpcyfnvszfpm=wadhxezwuwwsibb

Domain

gtrklnr.com

URL

https://gtrklnr.com/?wvthu=gnjlrdiolez

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?wxrf=dex

Domain

gtrklnr.com

URL

https://gtrklnr.com/?dwzhqkcnefgplicfbtzaxql=cdwjaypmwtlrktujey

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?ibvruuywkdclzqupcughdw=gemffwbvsjhmcslrs

Domain

www.sdm.ru

URL

https://www.sdm.ru/?dyelftbsjowisarisyn=bcqfkssyawbze

Domain

gtrklnr.com

URL

https://gtrklnr.com/?aqxqoryyuudjqayuktbpqgz=cvyuilgq

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?jwrhiboekivvlrev=cvecfbx

Domain

gtrklnr.com

URL

https://gtrklnr.com/?gijkjgxebnvrrpocfihfvle=sosgeokzvasqieomcix

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?yqapyohwwpddkh=jxtvpkpiavpjxgxtf

Domain

gtrklnr.com

URL

https://gtrklnr.com/?xdfexz=fifvlioclbiwbtddo

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?nzgxkrfxuetcxx=mhwfhijyhkxlypfxqiwv

Domain

gtrklnr.com

URL

https://gtrklnr.com/?mgkavshlofgmxxkolw=tqcbkgaqoo

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?rddxotkz=hxfuxlvc

Domain

gtrklnr.com

URL

https://gtrklnr.com/?uiydbr=wvumdnsxbvbszpip

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?zlrcshrklrq=kgdwtnbkgpqi

Domain

www.sdm.ru

URL

https://www.sdm.ru/?namboujoknmehbbf=lzooo

Domain

gtrklnr.com

URL

https://gtrklnr.com/?zqruikkrfuovbdwxkg=yqz

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?pwkvboau=eawdponsbzevcfz

Domain

www.sdm.ru

URL

https://www.sdm.ru/?dgnrieggiqcwgrc=ceotzolonzaahzhhdthm

Domain

taxireal.ru

URL

https://taxireal.ru/?fvjmfkyfyslsxec=ctsktogaocxckwwmevdexhzjv

Domain

gtrklnr.com

URL

https://gtrklnr.com/?vurvlmvrhznhcv=sskqtixuknopfpxynjvbryngy

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?vapjikuzzntjbixcilev=ysheabdzcotunaimctrpjrau

Domain

www.sdm.ru

URL

https://www.sdm.ru/?vtcsfyppuclcjt=zlbkdpeavgu

Domain

rencredit.ru

URL

https://rencredit.ru/?seo=hworaaeachnnq

Domain

taxireal.ru

URL

https://taxireal.ru/?aesb=lfvxjmurrzprnmenqhuqxml

Domain

gtrklnr.com

URL

https://gtrklnr.com/?byhzxusbbjejsazh=lkkudjbvssfssskv

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?cldnugnehgfcw=tllkfj

Domain

www.sdm.ru

URL

https://www.sdm.ru/?vqjpzsbhdndxa=yjkoxlsc

Domain

rencredit.ru

URL

https://rencredit.ru/?kvdbutnibokgioqpqzmzqohn=svgtssenbmcr

Domain

taxireal.ru

URL

https://taxireal.ru/?xmhvioeloyivlcasguvuh=hbfsfyzcgq

Domain

gtrklnr.com

URL

https://gtrklnr.com/?fkyhtegsdolhovovifjjfu=upnw

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?vdeslp=kgbpwjrlnfzex

Domain

www.sdm.ru

URL

https://www.sdm.ru/?ozaszghfiydnhctrtwwpftpkr=hxm

Domain

rencredit.ru

URL

https://rencredit.ru/?fudrcjzsysheqiezamcwjfffy=epvustohgxutzy

Domain

taxireal.ru

URL

https://taxireal.ru/?cajojguel=spzmusxrdrshacufkyokqrfy

Domain

gtrklnr.com

URL

https://gtrklnr.com/?chwihfcbadspbvrveecikfxw=rrcdwqtztwi

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?qbpenkekswifayjcrcuyyv=zcuwrufewvdryf

Domain

www.sdm.ru

URL

https://www.sdm.ru/?leexiuymtsqqtkuajkwyk=xudkijymgdfukszzicvr

Domain

rencredit.ru

URL

https://rencredit.ru/?isfrtothlokfacdqrnjgcpcw=ucspcveknriql

Domain

taxireal.ru

URL

https://taxireal.ru/?gegz=rgwlxduqmtuqeew

Domain

gtrklnr.com

URL

https://gtrklnr.com/?dkwksjyhghgxnydvtmjmymuq=erdijokudqon

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?prlsfmurfgamljmbmrmceio=nqtofr

Domain

www.sdm.ru

URL

https://www.sdm.ru/?mfybhvchj=abxiz

Domain

rencredit.ru

URL

https://rencredit.ru/?lasme=rbyfwxyvglugzdhozifu

Domain

taxireal.ru

URL

https://taxireal.ru/?dqwfvfcgl=ofqrycmqxytjwqiqmrtxmrx

Domain

gtrklnr.com

URL

https://gtrklnr.com/?yxeuabgctmk=mjseocylhrslyzyjhizwuqx

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?zovngjaagaurogwlxmga=pkrbyqgtcgkdhnwdmcb

Domain

www.sdm.ru

URL

https://www.sdm.ru/?paqotkkjjvpk=xqnasbqbead

Domain

rencredit.ru

URL

https://rencredit.ru/?yxowuhebudlsymihkbqtgufl=xhgkyhqfkbwhofwdomxdeczh

Domain

taxireal.ru

URL

https://taxireal.ru/?zfhmueeeyafmzfnrvdinyarl=gerogitaljxtmq

Domain

gtrklnr.com

URL

https://gtrklnr.com/?eimxutvxofnpwbikkgxthsiya=aplgfp

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?igckqzswqnxwldzyf=atdehpnmfrfurdfum

Domain

www.sdm.ru

URL

https://www.sdm.ru/?hcq=lghbbfwuobdrc

Domain

rencredit.ru

URL

https://rencredit.ru/?ohlbcatknhrsvaeharkgkxrn=ucttievjiglsaevr

Domain

taxireal.ru

URL

https://taxireal.ru/?cvtwxvyfmeefauwtlazlhpp=ojtztfx

Domain

gtrklnr.com

URL

https://gtrklnr.com/?wrhapdqkojz=xfzofh

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?fugtfvlooerwv=xjsfupzqpazqrhptbkaw

Domain

www.sdm.ru

URL

https://www.sdm.ru/?dktcyuviuoarcgvzpixsi=kvjlnscqaq

Domain

rencredit.ru

URL

https://rencredit.ru/?fuzkcln=ntqtbvvkfwom

Domain

taxireal.ru

URL

https://taxireal.ru/?kjrqsgaltkadsatlcz=bdkuwdl

Domain

gtrklnr.com

URL

https://gtrklnr.com/?egwdctjenzkzbma=cxegdhpphfxniflkmnmmurwg

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?vdfiov=tixzwyqaiqeshyjudxdxzub

Domain

www.sdm.ru

URL

https://www.sdm.ru/?goil=xayrjtugsfrlkuhxvkpnhmhr

Domain

rencredit.ru

URL

https://rencredit.ru/?sypvwtvzdg=ebcuuxppibgkwcxqnsegl

Domain

taxireal.ru

URL

https://taxireal.ru/?ozvksojmltaslqlfnphk=vcfpikhlj

Domain

gtrklnr.com

URL

https://gtrklnr.com/?dxrxftd=aptctkbazvqzplbbgfzbgz

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?lpox=tvmmghlsyiztogljv

Domain

www.sdm.ru

URL

https://www.sdm.ru/?cobzvmpx=fcshhxibeprael

Domain

rencredit.ru

URL

https://rencredit.ru/?oeujvgugnjfwzpgvtq=iqrsnh

Domain

taxireal.ru

URL

https://taxireal.ru/?ckxgigjrkgpmg=wuzowtlkqqvqrlxgiifti

Domain

gtrklnr.com

URL

https://gtrklnr.com/?iqtbjdejexyyofzv=djsvjsbzqaadjzwoamtpsg

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?wwsyyonqyqx=gspzwfjadbggzkdd

Domain

www.sdm.ru

URL

https://www.sdm.ru/?hfzhtpzgznevpfszemwqrro=khvkjmjxdsofa

Domain

rencredit.ru

URL

https://rencredit.ru/?wsvyj=vrl

Domain

taxireal.ru

URL

https://taxireal.ru/?mvcbnbv=igbnfswnurxkdlabluwdcvc

Domain

gtrklnr.com

URL

https://gtrklnr.com/?fleaycydhjmdcvyxnjtrphoy=ysdlycr

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?gzsfrpihoirrlqynpt=asutmzgebzwzmhnqvqggpfuf

Domain

www.donland.ru

URL

https://www.donland.ru/?haumelmjfxghgd=lzzjichlhjavafuq

Domain

www.sdm.ru

URL

https://www.sdm.ru/?qugdj=hzwmlobfkcjoabdbovzsjr

Domain

rencredit.ru

URL

https://rencredit.ru/?cskkdztgazvvygsc=ehcradotxrsevyttcmzhm

Domain

taxireal.ru

URL

https://taxireal.ru/?zjhiisvooorujqsjsnzujhrwb=ftxkothggigegjbsykql

Domain

gtrklnr.com

URL

https://gtrklnr.com/?jqjmahkxagxvafvxwjcqqkmz=idwoqkht

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?rabuefyrfkasheqhhlcvupuc=mhrsvzkqleorq

Domain

www.donland.ru

URL

https://www.donland.ru/?gul=shetntpevksd

Domain

sdm.ru

URL

https://sdm.ru/?sykovqyppwebjqiicig=sckkcoegjbepbforvjeiwhe

Domain

rencredit.ru

URL

https://rencredit.ru/?oaa=bqflafrpaio

Domain

taxireal.ru

URL

https://taxireal.ru/?iprwduh=mdxtonulqqaxfnkgwqqohxs

Domain

gtrklnr.com

URL

https://gtrklnr.com/?pjt=ukkuqvgbwuhybanscccnsr

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?qzlaiqoprhrmi=exhewyojvgxgyulut

Domain

www.donland.ru

URL

https://www.donland.ru/?ocln=jxpea

Domain

sdm.ru

URL

https://sdm.ru/?cwwjyznee=rplrokaqcudnr

Domain

rencredit.ru

URL

https://rencredit.ru/?ytpzzwgbycrwt=cuzhzzohflqbzteiruhnavf

Domain

taxireal.ru

URL

https://taxireal.ru/?cwvsgueryjryqkju=zqxnjcvtctneogsky

Domain

gtrklnr.com

URL

https://gtrklnr.com/?uhjalfd=tmrroeybxkfhdznyuqfqwi

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?uze=yjfgpznjrcnjxpsdnwtfp

Domain

www.donland.ru

URL

https://www.donland.ru/?hyg=sjd

Domain

sdm.ru

URL

https://sdm.ru/?chfnejvlzupdob=pdnxbdzgreviat

Domain

rencredit.ru

URL

https://rencredit.ru/?sekcx=hgmgouvvakhzbwzxxucyfib

Domain

taxireal.ru

URL

https://taxireal.ru/?tex=kixhmknsfabryadxkux

Domain

gtrklnr.com

URL

https://gtrklnr.com/?hezfkcksaeoowffr=ervhipirwloggi

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?cvexpmgytdsxpbmuouz=kvezxryzp

Domain

www.donland.ru

URL

https://www.donland.ru/?bkusqjvpxbyqb=dxfpzdkvtkvwxggfz

Domain

sdm.ru

URL

https://sdm.ru/?rpfxavmdtakyh=fee

Domain

rencredit.ru

URL

https://rencredit.ru/?odcebkuavcjusgrfxlpelt=fzulojmatzyrvnpskoghqto

Domain

taxireal.ru

URL

https://taxireal.ru/?yobh=zryijjygsvqqwkyoloa

Domain

www.ozon.ru

URL

https://www.ozon.ru/?tenaucnhtau=dvlhwipjkl

Domain

uniticket.by

URL

https://uniticket.by/?nflpbjwfljtnav=pfbhwc

Domain

gtrklnr.com

URL

https://gtrklnr.com/?dtlmnegnf=jjnzmkmqjxnrxmdogv

Domain

alfabank.ru

URL

https://alfabank.ru/everyday/online/?wurehmtqlzvmqodlkd=msmgfaefouespfxwaxwbjfh

Domain

donland.ru

URL

https://donland.ru/?velndvimxvw=djobffwpeffhllfi

Domain

sdm.ru

URL

https://sdm.ru/?uglqrwqnmnttbkbcjsidnu=aktferonc

Domain

rencredit.ru

URL

https://rencredit.ru/?qziuxfyvwic=ttpyrzfgooe

Domain

taxireal.ru

URL

https://taxireal.ru/?nbhaxptxeucvfpcus=wikr

Domain

www.ozon.ru

URL

https://www.ozon.ru/?fuflajdtve=knlfilhepztvxonariszjrem

Domain

uniticket.by

URL

https://uniticket.by/?zbrkdesb=zgkhsb

Domain

gtrklnr.com

URL

https://gtrklnr.com/?dtwqfiexjcezlwhfiwg=ymzvieclu

Domain

www.kuzbank.ru

URL

https://www.kuzbank.ru/?hbbplwxrzexvtcmbrp=tgmnrwxsofvvupgebdhbot