kansk.4-krasnoyarsk.ru Open in urlscan Pro
195.245.112.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kansk.4-krasnoyarsk.ru/
Submission: On October 09 via api (October 9th 2022, 2:05:50 pm UTC) from US — Scanned from NL

Summary HTTP 25 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 25 HTTP transactions. The main IP is 195.245.112.76, located in Dronten, Netherlands and belongs to ITLDC-NL, UA. The main domain is kansk.4-krasnoyarsk.ru.

This is the only time kansk.4-krasnoyarsk.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	195.245.112.76 195.245.112.76	21100 (ITLDC-NL) (ITLDC-NL)
1	37.1.223.207 37.1.223.207	58061 (SCALAXY-AS) (SCALAXY-AS)
1	2a02:6b8::17f 2a02:6b8::17f	13238 (YANDEX) (YANDEX)
1	2a02:6b8::14 2a02:6b8::14	13238 (YANDEX) (YANDEX)
1 15	94.228.127.144 94.228.127.144	9123 (TIMEWEB-AS) (TIMEWEB-AS)
2 3	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
25	8

4 195.245.112.76 (Dronten, Netherlands)

ASN21100 (ITLDC-NL, UA)
PTR: failc749.vds

kansk.4-krasnoyarsk.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.1.223.207 (Meppel, Netherlands)

ASN58061 (SCALAXY-AS, NL)

neothai.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::17f (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

info.weather.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::14 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

clck.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 94.228.127.144 (Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: da21146.timeweb.ru

web.gainnet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onenet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gainnet.ru web.gainnet.ru	907 KB
5	onenet.ru 1 redirects onenet.ru	4 KB
4	4-krasnoyarsk.ru kansk.4-krasnoyarsk.ru	11 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 5532	2 KB
2	gstatic.com fonts.gstatic.com	52 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	yandex.ru clck.yandex.ru — Cisco Umbrella Rank: 28818	571 B
1	yandex.net info.weather.yandex.net — Cisco Umbrella Rank: 506366	7 KB
1	neothai.ru neothai.ru	17 KB
25	9

	Domain	Requested by
10	web.gainnet.ru	kansk.4-krasnoyarsk.ru web.gainnet.ru
5	onenet.ru	1 redirects web.gainnet.ru
4	kansk.4-krasnoyarsk.ru	kansk.4-krasnoyarsk.ru
3	counter.yadro.ru	2 redirects kansk.4-krasnoyarsk.ru
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	web.gainnet.ru
1	clck.yandex.ru	kansk.4-krasnoyarsk.ru
1	info.weather.yandex.net	kansk.4-krasnoyarsk.ru
1	neothai.ru	kansk.4-krasnoyarsk.ru
25	9

This site contains links to these domains. Also see Links.

Domain
neothai.ru
clck.yandex.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
almetyevsk.4-kazan.ru R3	`2022-09-12` - `2022-12-11`	3 months	crt.sh
neothai.ru R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh
p.ya.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-10`	5 months	crt.sh
clck.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-08-26` - `2023-01-28`	5 months	crt.sh
web.gainnet.ru R3	`2022-08-13` - `2022-11-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
onenet.ru Sectigo RSA Domain Validation Secure Server CA	`2021-11-29` - `2022-12-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://kansk.4-krasnoyarsk.ru/
Frame ID: E0ED403A321F1E395D05DB6FF65C8F31
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Канск - Юридические консультации; Нотариальные конторы, нотариусы; Отделения полиции; Участковые; ГИБДД; Прокуратуры; Суды; Судебные приставы; Тюрьмы, колонии

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Page Statistics

25
Requests

88 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

1000 kB
Transfer

1320 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://neothai.ru/
Title: Купить-продать квартиру в Паттайе

Search URL Search Domain Scan URL

URL: https://clck.yandex.com/redir/dtype=stred/pid=7/cid=1228/*https://yandex.ru/pogoda/11307

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://counter.yadro.ru/hit?t14.4;r;s1600*1200*24;uhttp%3A//kansk.4-krasnoyarsk.ru/;0.391074909349336 HTTP 302
https://counter.yadro.ru/hit?t14.4;r;s1600*1200*24;uhttp%3A//kansk.4-krasnoyarsk.ru/;0.391074909349336 HTTP 302
https://counter.yadro.ru/hit?q;t14.4;r;s1600*1200*24;uhttp%3A//kansk.4-krasnoyarsk.ru/;0.391074909349336

Request Chain 19

https://onenet.ru/widget-builds/assets/flag.png HTTP 301
https://web.gainnet.ru/widget-builds/assets/flag.png

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
kansk.4-krasnoyarsk.ru/ 12 KB
4 KB 184ms
132ms Document
text/html 195.245.112.76
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: http://kansk.4-krasnoyarsk.ru/
Protocol: HTTP/1.1
Server: 195.245.112.76 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: failc749.vds
Software: nginx / PHP/5.2.17
Resource Hash: 68cd6b0e20481f3a8b13329f6036e7df8e061b2b3f39dce3b6b21cb53834ffb3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=windows-1251
Date: Sun, 09 Oct 2022 14:05:45 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=60
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: User-Agent,Accept
X-Powered-By: PHP/5.2.17

GET
H/1.1 200
OK styles.css
kansk.4-krasnoyarsk.ru/ 448 B
776 B 71ms
24ms Stylesheet
text/css 195.245.112.76
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL: https://kansk.4-krasnoyarsk.ru/styles.css
Requested by: Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.245.112.76 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: failc749.vds
Software: nginx /
Resource Hash: e987a80abe8716e68f47b078ff6eca4337876e97d74233b736b797145b8c6fd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Last-Modified: Thu, 09 Apr 2020 15:20:10 GMT
Server: nginx
ETag: "5e8f3d2a-1c0"
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 448
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK pic.gif
kansk.4-krasnoyarsk.ru/foto/ 6 KB
7 KB 72ms
19ms Image
image/gif 195.245.112.76
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kansk.4-krasnoyarsk.ru/foto/pic.gif
Requested by: Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.245.112.76 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: failc749.vds
Software: nginx /
Resource Hash: fd9d44124d40e98c2270d721d4c4f1d4b8f838ef8a34a885c274b5e0be74e546

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Last-Modified: Thu, 09 Apr 2020 15:19:44 GMT
Server: nginx
ETag: "5e8f3d10-198b"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 6539
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1.gif
kansk.4-krasnoyarsk.ru/foto/ 49 B
376 B 67ms
17ms Image
image/gif 195.245.112.76
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kansk.4-krasnoyarsk.ru/foto/1.gif
Requested by: Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.245.112.76 Dronten, Netherlands, ASN21100 (ITLDC-NL, UA),
Reverse DNS: failc749.vds
Software: nginx /
Resource Hash: 3efdc17b38de1e83e0de98e28e2b1633209c886a6bdcacc044bfbc5bc6f410fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Last-Modified: Thu, 09 Apr 2020 15:19:34 GMT
Server: nginx
ETag: "5e8f3d06-31"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 49
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK neothai5.gif
neothai.ru/adv/ 16 KB
17 KB 140ms
40ms Image
image/gif 37.1.223.207
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neothai.ru/adv/neothai5.gif
Requested by: Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.1.223.207 Meppel, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 81ac63595fa583548d138f300a0cc8387f28f920a770faf5fdb769a11bc48dcc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:43 GMT
Last-Modified: Sat, 21 Sep 2019 15:20:20 GMT
Server: nginx/1.22.0
ETag: "5d863fb4-419a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16794

GET
H/1.1 200
OK 1_white.ru.png
info.weather.yandex.net/11307/ 7 KB
7 KB 248ms
76ms Image
image/png 2a02:6b8::17f
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info.weather.yandex.net/11307/1_white.ru.png?domain=ru
Requested by: Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::17f Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 14bfe7029fefcb81a155cda627079c1b24edd0a787878eaa5fd0f4f76a1a76e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
X-Req-Id: 1665324345453083-1935056137779671544
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
Ok pix.gif
clck.yandex.ru/click/dtype=stred/pid=7/cid=1227/*https://img.yandex.ru/i/ 43 B
571 B 221ms
70ms Image
image/gif 2a02:6b8::14
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clck.yandex.ru/click/dtype=stred/pid=7/cid=1227/*https://img.yandex.ru/i/pix.gif

Requested by

Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::14 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Cache-Control: no-cache
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Content-Type: image/gif

GET
H/1.1 200
OK style.min.css
web.gainnet.ru/widget-builds-gainnet/ 39 KB
7 KB 198ms
49ms Stylesheet
text/css 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.gainnet.ru/widget-builds-gainnet/style.min.css

Requested by

Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx /

Resource Hash

b11f2bc2e484ffc452400b85fa619f052b441bc1f2941cc253242de8824452c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 06 Oct 2022 08:26:09 GMT
Server: nginx
ETag: W/"633e9121-9b26"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 203233 Show response
web.gainnet.ru/api/v1/script/new/ 176 KB
59 KB 262ms
117ms Script
application/javascript 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.gainnet.ru/api/v1/script/new/203233

Requested by

Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

3417bc250a60829b6d2a03268bd8011af44475edcb86887b11a9057d5b2a6470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: http://kansk.4-krasnoyarsk.ru/
Origin: http://kansk.4-krasnoyarsk.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 06 Oct 2022 08:26:09 GMT
Server: nginx
X-Powered-By: PHP/7.4.30
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Cache-Control: public
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t14.4;r;s1600*1200*24;uhttp%3A//kansk.4-krasnoyarsk.ru/;0.391074909349336
https://counter.yadro.ru/hit?t14.4;r;s1600*1200*24;uhttp%3A//kansk.4-krasnoyarsk.ru/;0.391074909349336
https://counter.yadro.ru/hit?q;t14.4;r;s1600*1200*24;uhttp%3A//kansk.4-krasnoyarsk.ru/;0.391074909349336

185 B
671 B

53ms
52ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t14.4;r;s1600*1200*24;uhttp%3A//kansk.4-krasnoyarsk.ru/;0.391074909349336

Requested by

Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

c6181254ad966eaba80015b955294d3fabf4810e8559de916fa25ea1fa84e186

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 185
Expires: Fri, 08 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t14.4;r;s1600*1200*24;uhttp%3A//kansk.4-krasnoyarsk.ru/;0.391074909349336
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 08 Oct 2021 21:00:00 GMT

GET
H/1.1 200
OK style.min.css
web.gainnet.ru/widget-builds/ 39 KB
7 KB 204ms
56ms Stylesheet
text/css 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.gainnet.ru/widget-builds/style.min.css

Requested by

Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx /

Resource Hash

a5d435783606148d6cc199993690f9140f0fda4bcbf384c4d714d3f7656a0049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 06 Oct 2022 08:26:09 GMT
Server: nginx
ETag: W/"633e9121-9ad8"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 203232 Show response
web.gainnet.ru/api/v1/script/ 176 KB
59 KB 257ms
124ms Script
application/javascript 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.gainnet.ru/api/v1/script/203232

Requested by

Host: kansk.4-krasnoyarsk.ru
URL: http://kansk.4-krasnoyarsk.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

5c25a55915f73e2d666682a416da530b2247f056689e2a31df1108f72f291c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: http://kansk.4-krasnoyarsk.ru/
Origin: http://kansk.4-krasnoyarsk.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 06 Oct 2022 08:26:09 GMT
Server: nginx
X-Powered-By: PHP/7.4.30
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Cache-Control: public
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 103ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Requested by

Host: web.gainnet.ru
URL: https://web.gainnet.ru/widget-builds-gainnet/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe4ded55789f78204754a353d124951e36b60128ca671450e55b5f328927f786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web.gainnet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Oct 2022 14:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 13:03:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Oct 2022 14:05:45 GMT

OPTIONS
H/1.1 204
No Content 19909607
web.gainnet.ru/api/v1/out/promo/default/203233/ 0
0 64ms
64ms Preflight
text/html 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.gainnet.ru/api/v1/out/promo/default/203233/19909607

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin
Access-Control-Request-Method: GET
Origin: http://kansk.4-krasnoyarsk.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-control-allow-origin
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 09 Oct 2022 14:05:45 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Powered-By: PHP/7.4.30
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 19909607 Show response
web.gainnet.ru/api/v1/out/promo/default/203233/ 6 KB
2 KB 82ms
81ms XHR
application/json 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.gainnet.ru/api/v1/out/promo/default/203233/19909607

Requested by

Host: web.gainnet.ru
URL: https://web.gainnet.ru/api/v1/script/new/203233

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

6177291c64cbd30455615304ddcd1b5ea9cb9533905121d0fba67b123a992897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: http://kansk.4-krasnoyarsk.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.30
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 19909607 Show response
onenet.ru/api/v1/out/promo/default/203232/ 16 KB
3 KB 172ms
76ms XHR
application/json 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onenet.ru/api/v1/out/promo/default/203232/19909607

Requested by

Host: web.gainnet.ru
URL: https://web.gainnet.ru/api/v1/script/203232

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

031834e478388b7e1f6c1f38cb6b610be133795163fd4acfe9ae7544f40aab60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: http://kansk.4-krasnoyarsk.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.30
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Cache-Control: private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block
expires: -1

OPTIONS
H/1.1 204
No Content 19909607
onenet.ru/api/v1/out/promo/default/203232/ 0
0 190ms
71ms Preflight
text/html 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onenet.ru/api/v1/out/promo/default/203232/19909607

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin
Access-Control-Request-Method: GET
Origin: http://kansk.4-krasnoyarsk.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-control-allow-origin
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 09 Oct 2022 14:05:45 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Powered-By: PHP/7.4.30
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 203 Show response
web.gainnet.ru/api/v1/out/promo/avatar/ 300 B
654 B 70ms
70ms XHR
application/json 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.gainnet.ru/api/v1/out/promo/avatar/203

Requested by

Host: web.gainnet.ru
URL: https://web.gainnet.ru/api/v1/script/new/203233

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

ee019662834f9f636ac60359f449b7838dfd3943eb0c66f143e791aa3d97c3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: http://kansk.4-krasnoyarsk.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.30
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 204
No Content 203
web.gainnet.ru/api/v1/out/promo/avatar/ 0
0 64ms
64ms Preflight
text/html 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://web.gainnet.ru/api/v1/out/promo/avatar/203

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin
Access-Control-Request-Method: GET
Origin: http://kansk.4-krasnoyarsk.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-control-allow-origin
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 09 Oct 2022 14:05:45 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Powered-By: PHP/7.4.30
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 3002.webp
web.gainnet.ru/img/avatars/ 763 KB
763 KB 110ms
110ms Image
image/webp 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.gainnet.ru/img/avatars/3002.webp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx /

Resource Hash

87ab03c4e1d5e18563304e8e03ed97f5b245f9b912131c235d48f425e881d360

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 06 Oct 2022 08:26:09 GMT
Server: nginx
ETag: "633e9121-bea9c"
Content-Type: image/webp
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 780956
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

flag.png
web.gainnet.ru/widget-builds/assets/
Redirect Chain

https://onenet.ru/widget-builds/assets/flag.png
https://web.gainnet.ru/widget-builds/assets/flag.png

8 KB
9 KB

48ms
48ms

Image
image/png

94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.gainnet.ru/widget-builds/assets/flag.png

Protocol

HTTP/1.1

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx /

Resource Hash

da9d204ec3ca7ddd1c891ebd4372870472ff48ecc337bd74278fee6ed9aecf05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://kansk.4-krasnoyarsk.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 14:05:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Thu, 06 Oct 2022 08:26:09 GMT
Server: nginx
ETag: "633e9121-21ff"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8703
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://web.gainnet.ru/widget-builds/assets/flag.png
Date: Sun, 09 Oct 2022 14:05:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 21 KB
21 KB 117ms
64ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://kansk.4-krasnoyarsk.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 19:04:01 GMT
x-content-type-options: nosniff
age: 586904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21276
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 19:04:01 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 83ms
31ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://kansk.4-krasnoyarsk.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 217463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 01:41:22 GMT

OPTIONS
H/1.1 204
No Content 203
onenet.ru/api/v1/out/promo/avatar/ 0
0 71ms
70ms Preflight
text/html 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onenet.ru/api/v1/out/promo/avatar/203

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin
Access-Control-Request-Method: GET
Origin: http://kansk.4-krasnoyarsk.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: access-control-allow-origin
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 09 Oct 2022 14:05:46 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Powered-By: PHP/7.4.30
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 203 Show response
onenet.ru/api/v1/out/promo/avatar/ 300 B
692 B 70ms
70ms XHR
application/json 94.228.127.144
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onenet.ru/api/v1/out/promo/avatar/203

Requested by

Host: web.gainnet.ru
URL: https://web.gainnet.ru/api/v1/script/203232

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

94.228.127.144 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

da21146.timeweb.ru

Software

nginx / PHP/7.4.30

Resource Hash

ee019662834f9f636ac60359f449b7838dfd3943eb0c66f143e791aa3d97c3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Allow-Origin: *
Accept: application/json, text/plain, */*
Referer: http://kansk.4-krasnoyarsk.ru/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 09 Oct 2022 14:05:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.30
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: http://kansk.4-krasnoyarsk.ru
Cache-Control: private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-XSS-Protection: 1; mode=block
expires: -1

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kansk.4-krasnoyarsk.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8db8ef91b9036f8705ac01fb0c4fd7cf
.yandex.ru/	1970-01-20 16:11:24	Name: i Value: xQGU65zPj2ke2cH4AsxwrKiw8AqPc8N0bTKENkdBQiENY5zdf8oiGPwpnNqDbW2NHLi2woVwaGBF9CEkd7xkYnOlf5Q=
.yadro.ru/	1970-01-20 15:19:58	Name: FTID Value: 1ZGjKv1csruQ1ZGjKv001Hw0
.yadro.ru/	1970-01-20 15:19:58	Name: VID Value: 286FBD2DP2OQ1ZGjKv001HwG

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clck.yandex.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
info.weather.yandex.net
kansk.4-krasnoyarsk.ru
neothai.ru
onenet.ru
web.gainnet.ru
195.245.112.76
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a02:6b8::14
2a02:6b8::17f
37.1.223.207
88.212.201.198
94.228.127.144
031834e478388b7e1f6c1f38cb6b610be133795163fd4acfe9ae7544f40aab60
14bfe7029fefcb81a155cda627079c1b24edd0a787878eaa5fd0f4f76a1a76e9
3417bc250a60829b6d2a03268bd8011af44475edcb86887b11a9057d5b2a6470
3efdc17b38de1e83e0de98e28e2b1633209c886a6bdcacc044bfbc5bc6f410fc
5c25a55915f73e2d666682a416da530b2247f056689e2a31df1108f72f291c65
6177291c64cbd30455615304ddcd1b5ea9cb9533905121d0fba67b123a992897
68cd6b0e20481f3a8b13329f6036e7df8e061b2b3f39dce3b6b21cb53834ffb3
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
81ac63595fa583548d138f300a0cc8387f28f920a770faf5fdb769a11bc48dcc
87ab03c4e1d5e18563304e8e03ed97f5b245f9b912131c235d48f425e881d360
a5d435783606148d6cc199993690f9140f0fda4bcbf384c4d714d3f7656a0049
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b11f2bc2e484ffc452400b85fa619f052b441bc1f2941cc253242de8824452c8
c6181254ad966eaba80015b955294d3fabf4810e8559de916fa25ea1fa84e186
da9d204ec3ca7ddd1c891ebd4372870472ff48ecc337bd74278fee6ed9aecf05
e987a80abe8716e68f47b078ff6eca4337876e97d74233b736b797145b8c6fd7
ee019662834f9f636ac60359f449b7838dfd3943eb0c66f143e791aa3d97c3fa
fd9d44124d40e98c2270d721d4c4f1d4b8f838ef8a34a885c274b5e0be74e546
fe4ded55789f78204754a353d124951e36b60128ca671450e55b5f328927f786

kansk.4-krasnoyarsk.ru Open in urlscan Pro 195.245.112.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

88 %HTTPS

50 %IPv6

9 Domains

9 Subdomains

8 IPs

3 Countries

1000 kBTransfer

1320 kBSize

4 Cookies

3 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

4 Cookies

Indicators

kansk.4-krasnoyarsk.ru Open in urlscan Pro
195.245.112.76 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

88 %
HTTPS

50 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

1000 kB
Transfer

1320 kB
Size

4
Cookies

25 HTTP transactions
0 data transactions