URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Submission: On August 23 via api from US

Summary

This website contacted 14 IPs in 4 countries across 16 domains to perform 37 HTTP transactions.
The main IP is 109.194.47.20, located in Tomsk, Russian Federation and belongs to TOMSK-AS, RU. The main domain is dinas.tomsk.ru.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
11 109.194.47.20 56981 (TOMSK-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 93.186.225.197 47541 (VKONTAKTE...)
1 195.161.16.142 8342 (RTCOMM-AS)
1 178.250.0.130 44788 (ASN-CRITE...)
1 1 2a02:6b8::90 13238 (YANDEX)
3 8 2a02:6b8::1:119 13238 (YANDEX)
1 2a02:6b8:a::a 13238 (YANDEX)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 217.69.133.145 47764 (MAILRU-AS...)
4 195.201.243.72 24940 (HETZNER-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
37 14
Domain
Subdomains
Transfer
10 yandex.ru
47 KB
10 www.tomsk.ru
.www.tomsk.ru Failed
161 KB
4 acint.net
www.acint.net Failed
7 KB
3 gstatic.com
24 KB
2 google-analytics.com
18 KB
2 mail.ru
8 KB
2 vk.com
23 KB
1 google.de
109 B
1 google.com
180 B
1 doubleclick.net
160 B
1 googletagmanager.com
19 KB
1 criteo.net
25 KB
1 giraff.io
22 KB
1 fonts.googleapis.com
855 B
1 dinas.tomsk.ru
10 KB
0 mail.tomsk.ru Failed
.mail.tomsk.ru Failed
0 B
37 16
Domain Requested by
10 www.tomsk.ru dinas.tomsk.ru
www.tomsk.ru
8 mc.yandex.ru 3 redirects dinas.tomsk.ru
4 www.acint.net dinas.tomsk.ru
www.acint.net
dinas.tomsk.ru
3 fonts.gstatic.com dinas.tomsk.ru
www.tomsk.ru
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 top-fwz1.mail.ru dinas.tomsk.ru
top-fwz1.mail.ru
2 vk.com dinas.tomsk.ru
1 www.google.de dinas.tomsk.ru
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com dinas.tomsk.ru
1 yandex.ru dinas.tomsk.ru
1 bs.yandex.ru 1 redirects
1 static.criteo.net dinas.tomsk.ru
1 code.giraff.io dinas.tomsk.ru
1 fonts.googleapis.com dinas.tomsk.ru
1 dinas.tomsk.ru
0 mail.tomsk.ru Failed dinas.tomsk.ru
37 18
Subject / Issuer Validity Valid
*.googleapis.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months
vk.com
Sectigo ECC Extended Validation Secure Server CA
2019-07-11 -
2020-07-09
a year
*.giraff.io
COMODO RSA Domain Validation Secure Server CA
2018-09-21 -
2019-09-28
a year
*.criteo.net
DigiCert ECC Secure Server CA
2019-03-26 -
2020-03-30
a year
tomsk.ru
Let's Encrypt Authority X3
2019-08-17 -
2019-11-15
3 months
bs.yandex.ru
Yandex CA
2018-10-03 -
2019-10-03
a year
yandex.ru
Yandex CA
2018-10-03 -
2019-10-03
a year
*.google.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months
*.google-analytics.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months

1970-01-01 -
1970-01-01
a few seconds
*.acint.net
Let's Encrypt Authority X3
2019-08-06 -
2019-11-04
3 months
www.google.de
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Web
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
/err/?paypal.ch/ch/cgi-bin
48 KB
10 KB
Document
General
Full URL
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
f0f3c6b8c3bcbcdad279d3f8414b26a492e299b1e155896cdacf6869dd20f79e

Request headers

Host
dinas.tomsk.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.2
Date
Fri, 23 Aug 2019 18:40:14 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
10314
Connection
keep-alive
Set-Cookie
cuid=5d60330eb5fbb; expires=Wed, 31-Dec-2036 17:00:00 GMT; Max-Age=547769986; path=/; domain=www.tomsk.ru
X-Cache-Status
MISS
Vary
Accept-Encoding
Content-Encoding
gzip
css?family=Open+Sans:400,400i,600,600i&subset=cyrillic
fonts.googleapis.com
10 KB
855 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i&subset=cyrillic
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d07ee1496c29074e04847d36cafcc11cae6b648c3d3063fdb532121a364b546f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 23 Aug 2019 18:40:14 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 23 Aug 2019 18:40:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Fri, 23 Aug 2019 18:40:14 GMT
openapi.js?121
vk.com/js/api
96 KB
23 KB
Script
General
Full URL
https://vk.com/js/api/openapi.js?121
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
93.186.225.197 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
VK /
Resource Hash
4a94521a608e0aeab2e0cc64d0b2b3d3e97b442eb6dec22ecbbdae7d2647df62

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:15 GMT
content-encoding
gzip
x-frontend
front609307
last-modified
Fri, 23 Aug 2019 14:19:49 GMT
server
VK
etag
"5d5ff605-5a5b"
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23131
expires
Tue, 27 Aug 2019 18:40:15 GMT
Adblocked widget-tomskru.js
code.giraff.io/data
71 KB
22 KB
Script
General
Full URL
https://code.giraff.io/data/widget-tomskru.js
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
195.161.16.142 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c33708b02718debfa1974c137000dc807e32e6b23d887ddb76e0a1daebd35b9d
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:15 GMT
content-encoding
gzip
last-modified
Fri, 23 Aug 2019 18:38:26 GMT
server
nginx/1.16.0
etag
W/"5d6032a2-11d7b"
status
200
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
Adblocked publishertag.js
static.criteo.net/js/ld
82 KB
25 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
6f965e91fcd9010bc9f4d1225479b4996cecf25c4bff92f99df371bf159379f3
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 18:40:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2019 22:21:06 GMT
Server
nginx
ETag
W/"5d38d9d2-14765"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Timing-Allow-Origin
*
Expires
Sat, 24 Aug 2019 18:40:17 GMT
foundation-icons.woff
www.tomsk.ru/v3/icons
0
0

styles2018.css?1559277147
www.tomsk.ru/v3/css
145 KB
42 KB
Stylesheet
General
Full URL
https://www.tomsk.ru/v3/css/styles2018.css?1559277147
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
80c6a4b2c6febec0ae287fabfba17253817f8e9d05ee1cb1b064eac8c7fe98ca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
42976
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 31 May 2019 04:32:27 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
etag
"24575-58a2780740cc0-gzip"
strict-transport-security
max-age=31536000
content-type
text/css
content-security-policy
frame-ancestors 'self' http://webvisor.com
accept-ranges
bytes
v3-page.concat.js?1565701844
www.tomsk.ru/js
268 KB
87 KB
Script
General
Full URL
https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
a85f72f43d7e7b43b5bebb096154279ff7c74539e75960c5e940446e02d4bcf7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:18 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 13 Aug 2019 13:10:44 GMT
server
nginx/1.14.2
etag
"42e4b-58fff5e3c5d00-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
x-xss-protection
1; mode=block
content-security-policy
frame-ancestors 'self' http://webvisor.com
strict-transport-security
max-age=31536000
accept-ranges
bytes
vary
Accept-Encoding
x-content-type-options
nosniff
Adblocked 3_1_FFFFFFFF_EFEFEFFF_0_pageviews
mc.yandex.ru/informer/17598292
Redirect Chain
  • https://bs.yandex.ru/informer/17598292/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
  • https://mc.yandex.ru/informer/17598292/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
1 KB
2 KB
Image
General
Full URL
https://mc.yandex.ru/informer/17598292/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d5877a8ba07e7bc417f3be93d12dfb1664d31321ee7c8a3dba61008687f45503
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Aug 2019 18:40:15 GMT
Last-Modified
Fri, 23-Aug-2019 18:40:15 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
1502
X-XSS-Protection
1; mode=block
Expires
Fri, 23-Aug-2019 18:40:15 GMT

Redirect headers

status
302
date
Fri, 23 Aug 2019 18:40:14 GMT
location
https://mc.yandex.ru/informer/17598292/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
server
nginx/1.12.2
timing-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
Adblocked cycounter?www.tomsk.ru&theme=light&lang=ru
yandex.ru
637 B
952 B
Image
General
Full URL
https://yandex.ru/cycounter?www.tomsk.ru&theme=light&lang=ru
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a0b53749c3bbdcc79c07efbd5034b4099fa6311f9db79427e5deec62ebf36d64
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
x-content-type-options
nosniff
last-modified
Tue, 30 Jul 2019 15:12:44 GMT
content-type
image/png
x-xss-protection
1; mode=block
expires
Tue, 13 Aug 2019 15:12:44 GMT
18.png
www.tomsk.ru/images
833 B
1 KB
Image
General
Full URL
https://www.tomsk.ru/images/18.png
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
0cc9475fb1bb304f9403f1b7e63e576f23b20285c3d3f9c752bedbc5ff2172f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:18 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 19 Oct 2015 07:24:37 GMT
server
nginx/1.14.2
etag
"341-5227009a45740"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-xss-protection
1; mode=block
content-security-policy
frame-ancestors 'self' http://webvisor.com
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
833
x-content-type-options
nosniff
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i&subset=cyrillic
Origin
http://dinas.tomsk.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 22 Aug 2019 20:01:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
81500
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9132
x-xss-protection
0
expires
Fri, 21 Aug 2020 20:01:58 GMT
Adblocked gtm.js?id=GTM-WKPDFR5
www.googletagmanager.com
51 KB
19 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKPDFR5
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a950854dbc6ac3fc3e9420f1fa4bfefe56f8a2736e322e2a0ea9df4396219c9d
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:18 GMT
content-encoding
br
last-modified
Fri, 23 Aug 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
19509
x-xss-protection
0
expires
Fri, 23 Aug 2019 18:40:18 GMT
Adblocked code.js
top-fwz1.mail.ru/js
15 KB
7 KB
Script
General
Full URL
http://top-fwz1.mail.ru/js/code.js
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
, ,
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
8cde6a7d0fc344342fbdad9e8b7c6c248a5bc55084b4b495813a21bc482960ce
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 18:40:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Access-Control-Allow-Headers
x-requested-with
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Thu, 27 Jun 2019 14:29:02 GMT
Server
nginx
ETag
W/"5d14d2ae-3c6c"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
max-age=43200, private
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Adblocked watch.js
mc.yandex.ru/metrika
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
133 KB
39 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5242c393e1ca7eea7a4dcbb220680e9e03d85e2f98e778d5999d3eda067e7853
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 18:40:18 GMT
Content-Encoding
br
Last-Modified
Wed, 14 Aug 2019 12:43:05 GMT
Server
nginx/1.14.2
ETag
"5d5401d9-9c12"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
39954
Expires
Fri, 23 Aug 2019 19:40:18 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Date
Fri, 23 Aug 2019 18:40:18 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Length
185
Content-Type
text/html
Verified Adblocked rtrg?p=VK-RTRG-213460-h7yXa
vk.com
49 B
329 B
Image
General
Full URL
https://vk.com/rtrg?p=VK-RTRG-213460-h7yXa
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
93.186.225.197 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
VK / PHP/3.20653
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Verified resource
extjs/6.2.0/welcome/css/blank.gif at cdnjs.com, project extjs
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:18 GMT
content-encoding
gzip
x-frontend
front609307
server
VK
x-powered-by
PHP/3.20653
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
21819
www.tomsk.ru/bp
29 B
679 B
XHR
General
Full URL
https://www.tomsk.ru/bp/21819
Requested by
Host: www.tomsk.ru
URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
736a1deb5f789ec9134f7bd4fecf6e58f9a843a5155dea4750bfe10e5a84cbbf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 23 Aug 2019 18:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-status
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
frame-ancestors 'self' http://webvisor.com
access-control-allow-headers
Accept, X-Requested-With
expires
Thu, 19 Nov 1981 08:52:00 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: www.tomsk.ru
URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i&subset=cyrillic
Origin
http://dinas.tomsk.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 10:34:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
29140
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9180
x-xss-protection
0
expires
Sat, 22 Aug 2020 10:34:38 GMT
mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17
5 KB
6 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFUZ0bf8pkAp6a.woff2
Requested by
Host: www.tomsk.ru
URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i&subset=cyrillic
Origin
http://dinas.tomsk.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 20 Aug 2019 18:16:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:48 GMT
server
sffe
age
260639
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
5608
x-xss-protection
0
expires
Wed, 19 Aug 2020 18:16:19 GMT
user-info
www.tomsk.ru/profile/account
39 B
671 B
XHR
General
Full URL
https://www.tomsk.ru/profile/account/user-info
Requested by
Host: www.tomsk.ru
URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
355ee5ebae71cbe74374bef189858c64f90f9e46aef29615d4e2d3a71993f53e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 23 Aug 2019 18:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
frame-ancestors 'self' http://webvisor.com
access-control-allow-headers
Accept, X-Requested-With
expires
Thu, 19 Nov 1981 08:52:00 GMT
bg_head.jpg
www.tomsk.ru/v3/images
18 KB
19 KB
Image
General
Full URL
https://www.tomsk.ru/v3/images/bg_head.jpg
Requested by
Host: www.tomsk.ru
URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
287fb20269293ff19b793e0eca40d2dd4edfbc14338e85be6922d6850f70785a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomsk.ru/v3/css/styles2018.css?1559277147
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:18 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 21 Jul 2018 09:12:28 GMT
server
nginx/1.14.2
etag
"49aa-5717ecfb33700"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
content-security-policy
frame-ancestors 'self' http://webvisor.com
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
18858
x-content-type-options
nosniff
logo8.svg
www.tomsk.ru/v3/images
5 KB
3 KB
Image
General
Full URL
https://www.tomsk.ru/v3/images/logo8.svg
Requested by
Host: www.tomsk.ru
URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
65a563cde64e6bc4e991b3d7e7b4ce855bc3e19f96df46064a422ed23e4b942e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomsk.ru/v3/css/styles2018.css?1559277147
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:18 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Jan 2019 03:04:29 GMT
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
etag
W/"1382-57f624d99c940"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
x-xss-protection
1; mode=block
content-security-policy
frame-ancestors 'self' http://webvisor.com
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
dark3.php
mail.tomsk.ru
0
0

21820
www.tomsk.ru/bp
29 B
679 B
XHR
General
Full URL
https://www.tomsk.ru/bp/21820
Requested by
Host: www.tomsk.ru
URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
736a1deb5f789ec9134f7bd4fecf6e58f9a843a5155dea4750bfe10e5a84cbbf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 23 Aug 2019 18:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache-status
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
frame-ancestors 'self' http://webvisor.com
access-control-allow-headers
Accept, X-Requested-With
expires
Thu, 19 Nov 1981 08:52:00 GMT
bg_search.jpg
www.tomsk.ru/v3/images
5 KB
6 KB
Image
General
Full URL
https://www.tomsk.ru/v3/images/bg_search.jpg
Requested by
Host: www.tomsk.ru
URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
ec9ad9cd56d7dfe18c3d0ae8c538728a6639ac3cfb34266b39f281437cbe7954
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.tomsk.ru/v3/css/styles2018.css?1559277147
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 18:40:18 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 21 Jul 2018 13:19:33 GMT
server
nginx/1.14.2
etag
"157d-571824356c340"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
content-security-policy
frame-ancestors 'self' http://webvisor.com
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
5501
x-content-type-options
nosniff
Adblocked aci.js
www.acint.net
19 KB
6 KB
Script
General
Full URL
https://www.acint.net/aci.js
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
nginx /
Resource Hash
b4543e0a3b847b39a5caa7f37288ecf8719a547881d6d076ca8112f3d3c7940d
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 18:40:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Aug 2019 10:52:48 GMT
Server
nginx
ETag
"5d5d2280-189c"
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Connection
keep-alive
Content-Length
6300
Expires
Sat, 24 Aug 2019 06:40:19 GMT
?callback=jQuery224018692778683536027_1566585618785&_=1566585618786
www.tomsk.ru/jsonp/weather-currency
808 B
1 KB
Script
General
Full URL
https://www.tomsk.ru/jsonp/weather-currency/?callback=jQuery224018692778683536027_1566585618785&_=1566585618786
Requested by
Host: www.tomsk.ru
URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.194.47.20 Tomsk, Russian Federation, ASN56981 (TOMSK-AS, RU),
Reverse DNS
www.tomsk.ru
Software
nginx/1.14.2 /
Resource Hash
f617daf0998b367acedfbfc13d240cec53986a84a4d185303f4bbeae549a4fa3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://webvisor.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 18:40:18 GMT
x-content-type-options
nosniff
server
nginx/1.14.2
x-cache-status
MISS
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf8
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
frame-ancestors 'self' http://webvisor.com
strict-transport-security
max-age=31536000
content-length
808
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
expires
Thu, 19 Nov 1981 08:52:00 GMT
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKPDFR5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
3403
date
Fri, 23 Aug 2019 17:43:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 23 Aug 2019 19:43:35 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41074803-2&cid=1730192012.1566585619&jid=667979478&_v=j79&z=1783560925&slf_rd=1&random=1180811195
www.google.de/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=10881099&t=pageview&_s=1&dl=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D588...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41074803-2&cid=1730192012.1566585619&jid=667979478&_gid=1108763340.1566585619&gjid=1827840406&_v=j79&z=1783560925
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41074803-2&cid=1730192012.1566585619&jid=667979478&_v=j79&z=1783560925
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41074803-2&cid=1730192012.1566585619&jid=667979478&_v=j79&z=1783560925&slf_rd=1&random=1180811195
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41074803-2&cid=1730192012.1566585619&jid=667979478&_v=j79&z=1783560925&slf_rd=1&random=1180811195
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Aug 2019 18:40:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 23 Aug 2019 18:40:18 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41074803-2&cid=1730192012.1566585619&jid=667979478&_v=j79&z=1783560925&slf_rd=1&random=1180811195
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked 1?wmode=7&page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132...
mc.yandex.ru/watch/17598292
Redirect Chain
  • https://mc.yandex.ru/watch/17598292?wmode=7&page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8...
  • https://mc.yandex.ru/watch/17598292/1?wmode=7&page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8...
133 B
682 B
XHR
General
Full URL
https://mc.yandex.ru/watch/17598292/1?wmode=7&page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132&charset=utf-8&browser-info=ti%3A10%3Ans%3A1566585614442%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190823204019%3Aet%3A1566585619%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A73563711%3Ahid%3A123061830%3Ads%3A147%2C102%2C106%2C1%2C0%2C0%2C0%2C4010%2C7%2C%2C%2C%2C4420%3Afp%3A416%3Agdpr%3A14%3Av%3A1705%3Ast%3A1566585619%3Au%3A1566585619710792294%3At%3A%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20tomsk.ru
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
43dbbc3756b2b61fd159b4d6639bc0601a83f08f4c5232648a77451de32510ad
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Aug 2019 18:40:19 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 23-Aug-2019 18:40:19 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://dinas.tomsk.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
133
X-XSS-Protection
1; mode=block
Expires
Fri, 23-Aug-2019 18:40:19 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Aug 2019 18:40:19 GMT
Last-Modified
Fri, 23-Aug-2019 18:40:19 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://dinas.tomsk.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/17598292/1?wmode=7&page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132&charset=utf-8&browser-info=ti%3A10%3Ans%3A1566585614442%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190823204019%3Aet%3A1566585619%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A73563711%3Ahid%3A123061830%3Ads%3A147%2C102%2C106%2C1%2C0%2C0%2C0%2C4010%2C7%2C%2C%2C%2C4420%3Afp%3A416%3Agdpr%3A14%3Av%3A1705%3Ast%3A1566585619%3Au%3A1566585619710792294%3At%3A%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20tomsk.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 23-Aug-2019 18:40:19 GMT
Verified Adblocked advert.gif
mc.yandex.ru/metrika
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 18:40:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Fri, 23 Aug 2019 19:40:19 GMT
Adblocked webscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132;st=1566585618862;title=%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D1%81%D0%BA%D0%BE%D0%B9%20%D0%...
top-fwz1.mail.ru/counter?js=13;id=2406162;u=http%3A//dinas.tomsk.ru/err/%3Fpaypal.ch/ch/cgi-bin
43 B
949 B
Other
General
Full URL
http://top-fwz1.mail.ru/counter?js=13;id=2406162;u=http%3A//dinas.tomsk.ru/err/%3Fpaypal.ch/ch/cgi-bin/webscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132;st=1566585618862;title=%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20tomsk.ru;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=f2f1b7e4a1ccae53;ver=60.0.1;_=0.1669237942927262
Requested by
Host: top-fwz1.mail.ru
URL: http://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
, ,
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 23 Aug 2019 18:40:19 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Access-Control-Allow-Headers
x-requested-with
AMP-Access-Control-Allow-Source-Origin
http://dinas.tomsk.ru
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
http://dinas.tomsk.ru
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
http://dinas.tomsk.ru
Keep-Alive
timeout=60
Adblocked Cookie set ?dp=10
www.acint.net/mc
0
0
Document
General
Full URL
https://www.acint.net/mc/?dp=10
Requested by
Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
nginx /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Host
www.acint.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Accept-Encoding
gzip, deflate, br
Cookie
aid=w8nzSF1gMxQ6nQW9DlAxAniJ7pIkiWdTVhUgHGdLTTTprDJo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132

Response headers

Server
nginx
Date
Fri, 23 Aug 2019 18:40:20 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
cSyncDp7v2=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp14v2=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp17=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp23=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp24=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp32=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp37=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp45=1566585620; expires=Tue, 27-Aug-19 12:40:20 GMT; path=/; domain=.acint.net cSyncDp54v2=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp62=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp67v2=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp68=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp71=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp74=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp75=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp77=1566585620; expires=Tue, 10-Sep-19 06:40:20 GMT; path=/; domain=.acint.net cSyncDp79=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp84=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp88=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp92=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp101=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp104=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp111=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net cSyncDp112=1566585620; expires=Sun, 22-Sep-19 18:40:20 GMT; path=/; domain=.acint.net
P3P
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Content-Encoding
gzip
Adblocked ?v=0.2.1&uid=a79f31f3-4fbc-452a-a9af-61d9a5a37ce9&dp=10&tz=%2B02%3A00&nc=00750542&u=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D588...
www.acint.net/hit
43 B
471 B
Image
General
Full URL
https://www.acint.net/hit/?v=0.2.1&uid=a79f31f3-4fbc-452a-a9af-61d9a5a37ce9&dp=10&tz=%2B02%3A00&nc=00750542&u=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132&r=&rs=1600x1200&t=%D0%93%D0%BE%D1%80%D0%BE%D0%B4%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20tomsk.ru&oE=1&oP=1&dT=2019-08-23T20%3A40%3A20.007&fu=a30ab65c-13e4-4438-8b72-14422e22cbee
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 18:40:20 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Wed, 19 Apr 2000 11:43:00 GMT
Adblocked ?v=0.2.1&uid=a79f31f3-4fbc-452a-a9af-61d9a5a37ce9&dp=10&tz=%2B02%3A00&nc=31766149&dT=2019-08-23T20%3A40%3A23.008
www.acint.net/ping
43 B
471 B
Image
General
Full URL
https://www.acint.net/ping/?v=0.2.1&uid=a79f31f3-4fbc-452a-a9af-61d9a5a37ce9&dp=10&tz=%2B02%3A00&nc=31766149&dT=2019-08-23T20%3A40%3A23.008
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
regensburg.aucourant.info
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 23 Aug 2019 18:40:23 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Wed, 19 Apr 2000 11:43:00 GMT
Verified Adblocked 1?page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132&charset...
mc.yandex.ru/watch/17598292
Redirect Chain
  • https://mc.yandex.ru/watch/17598292?page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132b...
  • https://mc.yandex.ru/watch/17598292/1?page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c13...
43 B
444 B
Other
General
Full URL
https://mc.yandex.ru/watch/17598292/1?page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1566585614442%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190823204034%3Aet%3A1566585634%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A118%3Arn%3A555433108%3Ahid%3A123061830%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1705%3Ast%3A1566585634%3Au%3A1566585619710792294%3App%3A823294630
Requested by
Host: dinas.tomsk.ru
URL: http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://dinas.tomsk.ru/err/?paypal.ch/ch/cgi-bin/webscr1.htm?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 23 Aug 2019 18:40:34 GMT
Last-Modified
Fri, 23-Aug-2019 18:40:34 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Fri, 23-Aug-2019 18:40:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 23 Aug 2019 18:40:34 GMT
Last-Modified
Fri, 23-Aug-2019 18:40:34 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://dinas.tomsk.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/17598292/1?page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132bc41e0934cfc023d4r4ere32132&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1566585614442%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190823204034%3Aet%3A1566585634%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A118%3Arn%3A555433108%3Ahid%3A123061830%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1705%3Ast%3A1566585634%3Au%3A1566585619710792294%3App%3A823294630
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 23-Aug-2019 18:40:34 GMT
?v=0.2.1&uid=a79f31f3-4fbc-452a-a9af-61d9a5a37ce9&dp=10&tz=%2B02%3A00&nc=59852038&dT=2019-08-23T20%3A40%3A43.009
www.acint.net/ping
0
0

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 8
  • https://bs.yandex.ru/informer/17598292/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
  • https://mc.yandex.ru/informer/17598292/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
Request 14
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
Request 28
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=10881099&t=pageview&_s=1&dl=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D588...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41074803-2&cid=1730192012.1566585619&jid=667979478&_gid=1108763340.1566585619&gjid=1827840406&_v=j79&z=1783560925
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41074803-2&cid=1730192012.1566585619&jid=667979478&_v=j79&z=1783560925
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41074803-2&cid=1730192012.1566585619&jid=667979478&_v=j79&z=1783560925&slf_rd=1&random=1180811195
Request 29
  • https://mc.yandex.ru/watch/17598292?wmode=7&page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8...
  • https://mc.yandex.ru/watch/17598292/1?wmode=7&page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8...
Request 35
  • https://mc.yandex.ru/watch/17598292?page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c132b...
  • https://mc.yandex.ru/watch/17598292/1?page-url=http%3A%2F%2Fdinas.tomsk.ru%2Ferr%2F%3Fpaypal.ch%2Fch%2Fcgi-bin%2Fwebscr1.htm%3Fcmd%3D_login-run%26dispatch%3D5885d80a13c0db1f1ff80d546411d7f8a8350c13...

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.tomsk.ru
URL
https://www.tomsk.ru/v3/icons/foundation-icons.woff
Domain
mail.tomsk.ru
URL
https://mail.tomsk.ru/dark3.php
Domain
www.acint.net
URL
https://www.acint.net/ping/?v=0.2.1&uid=a79f31f3-4fbc-452a-a9af-61d9a5a37ce9&dp=10&tz=%2B02%3A00&nc=59852038&dT=2019-08-23T20%3A40%3A43.009

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| updateDeskById function| delayDeskById function| activeDeskById function| tr_hideAllPanel function| requestParseString function| getQueryVariable function| hashParseString function| hashBuildString function| layoutToggleTab function| getRealtyPage function| getAutoPage function| getJobEmployerPage function| getJobEmployersPage function| getKadryAgencyBigPage function| getConsultantsPage function| getJobPage function| getAfishaPage function| getAfishaEventBlock function| getTreningPage function| getDeskPage function| getDirectoryPage function| isVoted function| showVoteResults function| hideVoteResults function| submitVote function| getVoted function| getSkidkiPage function| getLastFotosPage function| getTopFotosPage function| getHistoryPage function| getAutorsPage function| getAlbomsByUserPage function| getAlbomPage function| getTagPage function| getSearchPage function| getRealtyAgencyPage function| getNewsArchivePage function| getAnekdotPage function| startLightbox function| supports_html5_storage object| phpPrintRBeautifier object| html5 object| Modernizr function| $ function| jQuery object| $tru function| showFormValidateErrors object| dataLayer function| obj2qs object| fastXDM object| VK object| _tmr object| _acic object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter17598292 object| _acil

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.tomsk.ru/js/v3-page.concat.js?1565701844, Line 10, Column552
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

bs.yandex.ru
code.giraff.io
dinas.tomsk.ru
fonts.googleapis.com
fonts.gstatic.com
mail.tomsk.ru
mc.yandex.ru
static.criteo.net
stats.g.doubleclick.net
top-fwz1.mail.ru
vk.com
www.acint.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.tomsk.ru
yandex.ru

mail.tomsk.ru
www.acint.net
www.tomsk.ru

109.194.47.20
178.250.0.130
195.161.16.142
195.201.243.72
217.69.133.145
2a00:1450:4001:80b::200a
2a00:1450:4001:814::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:400c:c04::9b
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
93.186.225.197

0cc9475fb1bb304f9403f1b7e63e576f23b20285c3d3f9c752bedbc5ff2172f3
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
287fb20269293ff19b793e0eca40d2dd4edfbc14338e85be6922d6850f70785a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
355ee5ebae71cbe74374bef189858c64f90f9e46aef29615d4e2d3a71993f53e
43dbbc3756b2b61fd159b4d6639bc0601a83f08f4c5232648a77451de32510ad
4a94521a608e0aeab2e0cc64d0b2b3d3e97b442eb6dec22ecbbdae7d2647df62
5242c393e1ca7eea7a4dcbb220680e9e03d85e2f98e778d5999d3eda067e7853
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
65a563cde64e6bc4e991b3d7e7b4ce855bc3e19f96df46064a422ed23e4b942e
6f965e91fcd9010bc9f4d1225479b4996cecf25c4bff92f99df371bf159379f3
736a1deb5f789ec9134f7bd4fecf6e58f9a843a5155dea4750bfe10e5a84cbbf
80c6a4b2c6febec0ae287fabfba17253817f8e9d05ee1cb1b064eac8c7fe98ca
8cde6a7d0fc344342fbdad9e8b7c6c248a5bc55084b4b495813a21bc482960ce
a017bfd8b7ff27e2fa869cb6beeacfd550ab2fa4955429bc460aeae8ddbf91e8
a0b53749c3bbdcc79c07efbd5034b4099fa6311f9db79427e5deec62ebf36d64
a85f72f43d7e7b43b5bebb096154279ff7c74539e75960c5e940446e02d4bcf7
a950854dbc6ac3fc3e9420f1fa4bfefe56f8a2736e322e2a0ea9df4396219c9d
b4543e0a3b847b39a5caa7f37288ecf8719a547881d6d076ca8112f3d3c7940d
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c33708b02718debfa1974c137000dc807e32e6b23d887ddb76e0a1daebd35b9d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07ee1496c29074e04847d36cafcc11cae6b648c3d3063fdb532121a364b546f
d5877a8ba07e7bc417f3be93d12dfb1664d31321ee7c8a3dba61008687f45503
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ec9ad9cd56d7dfe18c3d0ae8c538728a6639ac3cfb34266b39f281437cbe7954
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f3c6b8c3bcbcdad279d3f8414b26a492e299b1e155896cdacf6869dd20f79e
f617daf0998b367acedfbfc13d240cec53986a84a4d185303f4bbeae549a4fa3