urlscan.io logo urlscan.io
SecurityTrails logo

paulloft.ru Open in urlscan Pro
109.195.195.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trackavito.tk/
Effective URL: https://paulloft.ru/
Submission: On July 17 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 109.195.195.191, located in Ulyanovsk, Russian Federation and belongs to ULSK-AS, RU. The main domain is paulloft.ru.
TLS certificate: Issued by R3 on May 18th 2024. Valid for: 3 months.
This is the only time paulloft.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 109.195.195.191 39028 (ULSK-AS)
2 142.250.186.36 15169 (GOOGLE)
1 142.250.186.138 15169 (GOOGLE)
1 216.58.206.35 15169 (GOOGLE)
3 7 87.250.250.119 13238 (YANDEX)
2 216.58.206.78 15169 (GOOGLE)
1 77.88.21.119 13238 (YANDEX)
30 7
20    109.195.195.191 (Ulyanovsk, Russian Federation)

ASN39028 (ULSK-AS, RU)
PTR: 109x195x195x191.static-customer.ulsk.ertelecom.ru
trackavito.tk
paulloft.ru
2    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
ajax.googleapis.com
1    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net
www.gstatic.com
7    87.250.250.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
2    216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f14.1e100.net
www.google-analytics.com
1    77.88.21.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.com
Apex Domain
Subdomains		 Transfer
19 paulloft.ru
paulloft.ru
2 MB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
4 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
56 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 10
1 KB
1 gstatic.com
www.gstatic.com
213 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
29 KB
1 trackavito.tk
trackavito.tk
204 B
30 8
Domain Requested by
19 paulloft.ru paulloft.ru
6 mc.yandex.com 2 redirects paulloft.ru
mc.yandex.ru
2 www.google-analytics.com paulloft.ru
www.google-analytics.com
2 mc.yandex.ru 1 redirects paulloft.ru
2 www.google.com paulloft.ru
www.gstatic.com
1 www.gstatic.com www.google.com
1 ajax.googleapis.com paulloft.ru
1 trackavito.tk 1 redirects
30 8
Subject Issuer Validity Valid
paulloft.ru
R3		 2024-05-18 -
2024-08-16		 3 months crt.sh
www.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://paulloft.ru/
Frame ID: 6F76758683715EFB181DCF4DB7577CE0
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegecMUAAAAAIqjuqpXcfjbnaUVIdiTEpb4FZ91&co=aHR0cHM6Ly9wYXVsbG9mdC5ydTo0NDM.&hl=it&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=h03858ablwcv
Frame ID: 08B6E10D887CFBA20853A63891A80FD3
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 69747CD6CE502A0156159664DC57CFEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PaulLoft

Page URL History Show full URLs

  1. https://trackavito.tk/ HTTP 302
    https://paulloft.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

30
Requests

93 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

2715 kB
Transfer

3224 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trackavito.tk/ HTTP 302
    https://paulloft.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10433.NqonroWmfQX1oLvRh1OF4FON2Oz2G9optxbiHEallHoQ-OVALmj3KOLczRZIgZ0G.L3O5f_B2ZRTwcnWayJ8fk5W2Eto%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10433.sRPaRDb_XlR7ZPe4TgHUISFUSfWHLrFieGQW9nKo5iQv44FjynNZjMCAz0A2oat2kc1RsWvs2M-BMnTH58ELaVHqDSX8bsBFbHbYQdj1exZxZCkZRz-XACFggWeflnGAuWe7EaQgkyFf_-FJb9teI80uBtpz0fGfYkG8E7BZ3F6BiqcEOqKnB08aZxKvSnOQsV__nbiY13atv7Rzx6bcdB8BSK1bpBc7DToAcxGZX10%2C.fX7ShuJltkEDTasFpDLb8i-2RJs%2C
Request Chain 26
  • https://mc.yandex.com/watch/29105520?wmode=7&page-url=https%3A%2F%2Fpaulloft.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A567581136372%3Ahid%3A219367049%3Az%3A120%3Ai%3A20240717221545%3Aet%3A1721247345%3Ac%3A1%3Arn%3A841623124%3Arqn%3A1%3Au%3A1721247345798011455%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1773%3Ads%3A0%2C403%2C117%2C2%2C608%2C0%2C%2C654%2C1%2C%2C%2C%2C1886%3Aco%3A0%3Acpf%3A1%3Ans%3A1721247342400%3Agi%3AR0ExLjIuNjY5NjQ1NTg5LjE3MjEyNDczNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721247345%3At%3APaulLoft&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3178756)ti(1) HTTP 302
  • https://mc.yandex.com/watch/29105520/1?wmode=7&page-url=https%3A%2F%2Fpaulloft.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A567581136372%3Ahid%3A219367049%3Az%3A120%3Ai%3A20240717221545%3Aet%3A1721247345%3Ac%3A1%3Arn%3A841623124%3Arqn%3A1%3Au%3A1721247345798011455%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1773%3Ads%3A0%2C403%2C117%2C2%2C608%2C0%2C%2C654%2C1%2C%2C%2C%2C1886%3Aco%3A0%3Acpf%3A1%3Ans%3A1721247342400%3Agi%3AR0ExLjIuNjY5NjQ1NTg5LjE3MjEyNDczNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721247345%3At%3APaulLoft&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178756%29ti%281%29

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paulloft.ru/
Redirect Chain
  • https://trackavito.tk/
  • https://paulloft.ru/
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a0c94406e30c8620ed76a1582c88dbee37a1c74614c37cc9330d2748e9c095c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Jul 2024 20:15:43 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 17 Jul 2024 20:15:42 GMT
Location
https://paulloft.ru/
Server
nginx/1.18.0 (Ubuntu)
style.css
paulloft.ru/resource/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paulloft.ru/resource/style.css?v=2
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
08475202f72d891bf7a36673ed2d78e38b00957a49121483b512022777481774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Nov 2019 11:31:01 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5dd3d275-1cdd"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7389
Expires
Thu, 31 Dec 2037 23:55:55 GMT
trackavito.jpg
paulloft.ru/resource/img/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/trackavito.jpg
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f285a2c6c4f0e113504027ae367c63684fcc830b0b15734d13a6be50e5465231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-256ef"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
153327
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vkmusic.jpg
paulloft.ru/resource/img/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/vkmusic.jpg
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
91ce8964f59766994d4c73df24edc314b6add61915e122c668943d6a2611cb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-11262"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70242
Expires
Thu, 31 Dec 2037 23:55:55 GMT
roofer.jpg
paulloft.ru/resource/img/ 		564 KB
564 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/roofer.jpg
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
55e87fab4cd816fa9bb77b60f6c28e575adc4d76d81a9428d0d4ccb5098b2806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 07 Oct 2018 19:11:04 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5bba5a48-8cf9f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
577439
Expires
Thu, 31 Dec 2037 23:55:55 GMT
zolotoy-vek.jpg
paulloft.ru/resource/img/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/zolotoy-vek.jpg
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
21d484f3185ee9f2e0414f3ddc5d2cf8fee0691bfca27e3fdc5a70f506d6d2d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-213d0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136144
Expires
Thu, 31 Dec 2037 23:55:55 GMT
zaryad.jpg
paulloft.ru/resource/img/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/zaryad.jpg
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9bc555cec44527b42aa09fe437d72fd2733fec9981160bfe9be06ca3dda6257f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-218bb"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
137403
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ortodont.jpg
paulloft.ru/resource/img/ 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/ortodont.jpg
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
641a61ebb9dec4868b1df5a2316c5ea6174e5bd66713d49c2f7240d3eace9c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 07 Oct 2018 19:16:16 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5bba5b80-39ec0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
237248
Expires
Thu, 31 Dec 2037 23:55:55 GMT
barcelona.jpg
paulloft.ru/resource/img/ 		584 KB
585 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/barcelona.jpg
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f38b807d542042a60ebcad89d45c2fd73b14f077fb8eb31dd24837f4f36811f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 07 Oct 2018 19:21:42 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5bba5cc6-92108"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
598280
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gusiga.jpg
paulloft.ru/resource/img/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/gusiga.jpg
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bd382668fb2b8fa8de0042c5f62e3551e9809434fc7e1eb02c30a52c4092584a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 07 Oct 2018 18:42:33 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5bba5399-1d0fd"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
119037
Expires
Thu, 31 Dec 2037 23:55:55 GMT
arraymerge.png
paulloft.ru/resource/img/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/arraymerge.png
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
442b1ab6132618bf741c6fac922e8c0bbd045baf040f16e05f47f157b47b385a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Dec 2020 09:41:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5fd7332c-14fd3"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85971
Expires
Thu, 31 Dec 2037 23:55:55 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LegecMUAAAAAIqjuqpXcfjbnaUVIdiTEpb4FZ91
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
e17962f8bf7d06a11ddc66a3d9883e0fcdab39682159eab6cb5abdac949e2b99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 20:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 17 Jul 2024 20:15:44 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
sffe /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 12:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29478
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Jul 2025 12:00:05 GMT
main.js
paulloft.ru/resource/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paulloft.ru/resource/main.js?v=2
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e296b9a73130b34bbfcf601b5ce73ec72dd786021fc09f0734c24f737b7c5d6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 06 Mar 2020 08:41:13 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5e620ca9-e43"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3651
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.css
paulloft.ru/resource/ 		15 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paulloft.ru/resource/bootstrap.min.css
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/resource/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
590a5fb254dd44f7a94f84e67c135d3eedf6d29e4e22630776d0c32f40ba089d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-3d4b"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15691
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fonts.css
paulloft.ru/resource/ 		883 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paulloft.ru/resource/fonts.css
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/resource/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b137abc1f922c26c953b3b91898481476c86e33ea6133a5042af5a27fc7844a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-373"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
883
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bodyicons.png
paulloft.ru/resource/img/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/bodyicons.png
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/resource/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8f655a2b1c0296804319db3eb8eae41713c40bebcce5c2ecd9f97c6d86785190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/resource/style.css?v=2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-13123"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78115
Expires
Thu, 31 Dec 2037 23:55:55 GMT
grumpy-art.png
paulloft.ru/resource/img/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paulloft.ru/resource/img/grumpy-art.png
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/resource/style.css?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3573494637e9041221a0ecaaaf20a2c776afcc0ac4c069792590a0137dcceb40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/resource/style.css?v=2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-1338d"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78733
Expires
Thu, 31 Dec 2037 23:55:55 GMT
opensans-bold.woff
paulloft.ru/resource/fonts/ 		68 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paulloft.ru/resource/fonts/opensans-bold.woff
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/resource/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7098d859001a574f5f782d0c7c8392502ec813b2bea576decfe53e924518a638
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/resource/fonts.css
Origin
https://paulloft.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-11128"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69928
Expires
Thu, 31 Dec 2037 23:55:55 GMT
opensans-regular.woff
paulloft.ru/resource/fonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paulloft.ru/resource/fonts/opensans-regular.woff
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/resource/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8d7514648dd27dfa6bd7ee6b40656b8dfc1a834aa1b3ce4a90d8f1243ba458ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/resource/fonts.css
Origin
https://paulloft.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb00d-106dc"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67292
Expires
Thu, 31 Dec 2037 23:55:55 GMT
recaptcha__it.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		535 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LegecMUAAAAAIqjuqpXcfjbnaUVIdiTEpb4FZ91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f3.1e100.net
Software
sffe /
Resource Hash
40d2ae9e406ec334ab1270cbc544e7d468676fa1ee2eb790f79a0864442ebf7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paulloft.ru/
Origin
https://paulloft.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:58:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217283
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Jul 2025 11:58:29 GMT
watch.js
mc.yandex.ru/metrika/ 		155 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
47d6d0295bad9f588dd2426f6b6285e83118e5bc151a61eab0eb0656661de576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
date
Wed, 17 Jul 2024 20:15:44 GMT
last-modified
Wed, 17 Jul 2024 14:44:59 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6697d8eb-db24"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56100
expires
Wed, 17 Jul 2024 21:15:44 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jul 2024 18:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6397
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Jul 2024 20:29:07 GMT
collect
www.google-analytics.com/j/ 		3 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=927708003&t=pageview&_s=1&dl=https%3A%2F%2Fpaulloft.ru%2F&ul=it-it&de=UTF-8&dt=PaulLoft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1805511410&gjid=1764029291&cid=669645589.1721247345&tid=UA-31795946-4&_gid=555338292.1721247345&_r=1&_slc=1&z=629296734
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 20:15:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paulloft.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10433.NqonroWmfQX1oLvRh1OF4FON2Oz2G9optxbiHEallHoQ-OVALmj3KOLczRZIgZ0G.L3O5f_B2ZRTwcnWayJ8fk5W2Eto%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10433.sRPaRDb_XlR7ZPe4TgHUISFUSfWHLrFieGQW9nKo5iQv44FjynNZjMCAz0A2oat2kc1RsWvs2M-BMnTH58ELaVHqDSX8bsBFbHbYQdj1exZxZCkZRz-XACFggWeflnGAuWe7EaQgky...
43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10433.sRPaRDb_XlR7ZPe4TgHUISFUSfWHLrFieGQW9nKo5iQv44FjynNZjMCAz0A2oat2kc1RsWvs2M-BMnTH58ELaVHqDSX8bsBFbHbYQdj1exZxZCkZRz-XACFggWeflnGAuWe7EaQgkyFf_-FJb9teI80uBtpz0fGfYkG8E7BZ3F6BiqcEOqKnB08aZxKvSnOQsV__nbiY13atv7Rzx6bcdB8BSK1bpBc7DToAcxGZX10%2C.fX7ShuJltkEDTasFpDLb8i-2RJs%2C
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jul 2024 20:15:45 GMT
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10433.sRPaRDb_XlR7ZPe4TgHUISFUSfWHLrFieGQW9nKo5iQv44FjynNZjMCAz0A2oat2kc1RsWvs2M-BMnTH58ELaVHqDSX8bsBFbHbYQdj1exZxZCkZRz-XACFggWeflnGAuWe7EaQgkyFf_-FJb9teI80uBtpz0fGfYkG8E7BZ3F6BiqcEOqKnB08aZxKvSnOQsV__nbiY13atv7Rzx6bcdB8BSK1bpBc7DToAcxGZX10%2C.fX7ShuJltkEDTasFpDLb8i-2RJs%2C
date
Wed, 17 Jul 2024 20:15:45 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 20:15:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 17 Jul 2024 14:44:59 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6697d8eb-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 17 Jul 2024 21:15:45 GMT
anchor
www.google.com/recaptcha/api2/ Frame 08B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LegecMUAAAAAIqjuqpXcfjbnaUVIdiTEpb4FZ91&co=aHR0cHM6Ly9wYXVsbG9mdC5ydTo0NDM.&hl=it&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=h03858ablwcv
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__it.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WbiFP5XP-rjIdZ_DkUq3kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paulloft.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WbiFP5XP-rjIdZ_DkUq3kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jul 2024 20:15:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1
mc.yandex.com/watch/29105520/
Redirect Chain
  • https://mc.yandex.com/watch/29105520?wmode=7&page-url=https%3A%2F%2Fpaulloft.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait...
  • https://mc.yandex.com/watch/29105520/1?wmode=7&page-url=https%3A%2F%2Fpaulloft.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
458 B
914 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/29105520/1?wmode=7&page-url=https%3A%2F%2Fpaulloft.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A567581136372%3Ahid%3A219367049%3Az%3A120%3Ai%3A20240717221545%3Aet%3A1721247345%3Ac%3A1%3Arn%3A841623124%3Arqn%3A1%3Au%3A1721247345798011455%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1773%3Ads%3A0%2C403%2C117%2C2%2C608%2C0%2C%2C654%2C1%2C%2C%2C%2C1886%3Aco%3A0%3Acpf%3A1%3Ans%3A1721247342400%3Agi%3AR0ExLjIuNjY5NjQ1NTg5LjE3MjEyNDczNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721247345%3At%3APaulLoft&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178756%29ti%281%29
Requested by
Host: paulloft.ru
URL: https://paulloft.ru/
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
fb81cfb204be03c897e238e9f5e1b43d2a4c98ec64fe3919cc8c60bc83c4a4bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jul 2024 20:15:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 17-Jul-2024 20:15:45 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paulloft.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
458
x-xss-protection
1; mode=block
expires
Wed, 17-Jul-2024 20:15:45 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 17 Jul 2024 20:15:45 GMT
last-modified
Wed, 17-Jul-2024 20:15:45 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
https://paulloft.ru
location
/watch/29105520/1?wmode=7&page-url=https%3A%2F%2Fpaulloft.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A567581136372%3Ahid%3A219367049%3Az%3A120%3Ai%3A20240717221545%3Aet%3A1721247345%3Ac%3A1%3Arn%3A841623124%3Arqn%3A1%3Au%3A1721247345798011455%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1773%3Ads%3A0%2C403%2C117%2C2%2C608%2C0%2C%2C654%2C1%2C%2C%2C%2C1886%3Aco%3A0%3Acpf%3A1%3Ans%3A1721247342400%3Agi%3AR0ExLjIuNjY5NjQ1NTg5LjE3MjEyNDczNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1721247345%3At%3APaulLoft&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178756%29ti%281%29
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 17-Jul-2024 20:15:45 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 6974 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paulloft.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1048
content-type
text/html
date
Wed, 17 Jul 2024 20:15:46 GMT
etag
"6697d8eb-418"
expires
Wed, 17 Jul 2024 21:15:46 GMT
last-modified
Wed, 17 Jul 2024 14:44:59 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
favicon.ico
paulloft.ru/ 		842 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://paulloft.ru/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.195.195.191 Ulyanovsk, Russian Federation, ASN39028 (ULSK-AS, RU),
Reverse DNS
109x195x195x191.static-customer.ulsk.ertelecom.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4e569371fd4b85931e132bc7a54fb9a5cb9544f420382515a34715ffdd2136c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://paulloft.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Wed, 17 Jul 2024 20:15:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2017 19:35:44 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5a3eb010-34a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
842

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter29105520 object| recaptcha object| closure_lm_546958

23 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJAWQKlKexdbTfnz63yeCKZ5rubu_5E-7MqpLPI0CXb7v0lg5ndfpKnn36DF1PeyI4GzCqCGlOgnjwiaIW9KF8o
.paulloft.ru/ Name: _ga
Value: GA1.2.669645589.1721247345
.paulloft.ru/ Name: _gid
Value: GA1.2.555338292.1721247345
.paulloft.ru/ Name: _gat
Value: 1
.yandex.ru/ Name: i
Value: 8/vMeD3z4hPviiMjUD/9u3/DRgng15rtNOWE9bUMeMBBSOLO2NcYO6XABxABGImRd4WpQK/D5LOlGHX9YkAmiyFO8j0=
.yandex.ru/ Name: yandexuid
Value: 8820300451721247344
.yandex.ru/ Name: yashr
Value: 3777372021721247344
.paulloft.ru/ Name: _ym_uid
Value: 1721247345798011455
.paulloft.ru/ Name: _ym_d
Value: 1721247345
.yandex.com/ Name: yashr
Value: 9200965651721247345
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2708491793fake
.paulloft.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2127692781fake
.yandex.com/ Name: yandexuid
Value: 8820300451721247344
.yandex.com/ Name: yuidss
Value: 8820300451721247344
.yandex.com/ Name: i
Value: 8/vMeD3z4hPviiMjUD/9u3/DRgng15rtNOWE9bUMeMBBSOLO2NcYO6XABxABGImRd4WpQK/D5LOlGHX9YkAmiyFO8j0=
.yandex.com/ Name: yp
Value: 1721333745.yu.1917237581721247345
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 112392211721247345
.yandex.com/ Name: ymex
Value: 1723839345.oyu.1917237581721247345#1752783345.yrts.1721247345
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGDxzOC0Bg==
.paulloft.ru/ Name: _ym_visorc
Value: w

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
mc.yandex.com
mc.yandex.ru
paulloft.ru
trackavito.tk
www.google-analytics.com
www.google.com
www.gstatic.com
109.195.195.191
142.250.186.138
142.250.186.36
216.58.206.35
216.58.206.78
77.88.21.119
87.250.250.119
08475202f72d891bf7a36673ed2d78e38b00957a49121483b512022777481774
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21d484f3185ee9f2e0414f3ddc5d2cf8fee0691bfca27e3fdc5a70f506d6d2d4
3573494637e9041221a0ecaaaf20a2c776afcc0ac4c069792590a0137dcceb40
40d2ae9e406ec334ab1270cbc544e7d468676fa1ee2eb790f79a0864442ebf7a
442b1ab6132618bf741c6fac922e8c0bbd045baf040f16e05f47f157b47b385a
47d6d0295bad9f588dd2426f6b6285e83118e5bc151a61eab0eb0656661de576
4e569371fd4b85931e132bc7a54fb9a5cb9544f420382515a34715ffdd2136c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e87fab4cd816fa9bb77b60f6c28e575adc4d76d81a9428d0d4ccb5098b2806
590a5fb254dd44f7a94f84e67c135d3eedf6d29e4e22630776d0c32f40ba089d
641a61ebb9dec4868b1df5a2316c5ea6174e5bd66713d49c2f7240d3eace9c67
7098d859001a574f5f782d0c7c8392502ec813b2bea576decfe53e924518a638
8d7514648dd27dfa6bd7ee6b40656b8dfc1a834aa1b3ce4a90d8f1243ba458ba
8f655a2b1c0296804319db3eb8eae41713c40bebcce5c2ecd9f97c6d86785190
91ce8964f59766994d4c73df24edc314b6add61915e122c668943d6a2611cb6e
9bc555cec44527b42aa09fe437d72fd2733fec9981160bfe9be06ca3dda6257f
a0c94406e30c8620ed76a1582c88dbee37a1c74614c37cc9330d2748e9c095c9
b137abc1f922c26c953b3b91898481476c86e33ea6133a5042af5a27fc7844a4
bd382668fb2b8fa8de0042c5f62e3551e9809434fc7e1eb02c30a52c4092584a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e17962f8bf7d06a11ddc66a3d9883e0fcdab39682159eab6cb5abdac949e2b99
e296b9a73130b34bbfcf601b5ce73ec72dd786021fc09f0734c24f737b7c5d6c
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f285a2c6c4f0e113504027ae367c63684fcc830b0b15734d13a6be50e5465231
f38b807d542042a60ebcad89d45c2fd73b14f077fb8eb31dd24837f4f36811f8
fb81cfb204be03c897e238e9f5e1b43d2a4c98ec64fe3919cc8c60bc83c4a4bd