urlscan.io logo urlscan.io
SecurityTrails logo

riforma.su Open in urlscan Pro
194.88.139.236  Public Scan

Go To Rescan Add Verdict Report
URL: http://riforma.su:8888/
Submission Tags: l4ing ports su rf ru h8 Search All
Submission: On May 08 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 42 HTTP transactions. The main IP is 194.88.139.236, located in Russian Federation and belongs to LOGIX-AS, RU. The main domain is riforma.su.
This is the only time riforma.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    194.88.139.236 (Russian Federation)

ASN35780 (LOGIX-AS, RU)
riforma.su
8    2a13:1ec0::1037 (Armenia)

ASN201589 (EDGEAMLLC, AM)
code.jivosite.com
5    92.118.67.1 (Russian Federation)

ASN49031 (CALLTOUCH-AS, RU)
PTR: ct-mod-front01.calltouch.net
mod.calltouch.ru
4    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
6    2a02:6b8::274 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
api-maps.yandex.ru
1    57.128.74.65 (France)

ASN16276 (OVH, FR)
PTR: ns3227025.ip-57-128-74.eu
node-ya-2.jivosite.com
1    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
1    87.240.132.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-132-240-87.vk.com
vk.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
9 jivosite.com
code.jivosite.com — Cisco Umbrella Rank: 33163
node-ya-2.jivosite.com — Cisco Umbrella Rank: 183700
357 KB
7 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3863
api-maps.yandex.ru — Cisco Umbrella Rank: 45364
73 KB
5 calltouch.ru
mod.calltouch.ru — Cisco Umbrella Rank: 111357
50 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 368
201 KB
4 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10492
17 KB
4 riforma.su
riforma.su
485 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
ssl.google-analytics.com — Cisco Umbrella Rank: 425
38 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 150
114 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6386
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
486 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 74
381 B
1 vk.com
vk.com — Cisco Umbrella Rank: 5878
576 B
1 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6830
675 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
45 KB
42 15
Domain Requested by
8 code.jivosite.com riforma.su
code.jivosite.com
6 api-maps.yandex.ru 1 redirects riforma.su
5 mod.calltouch.ru riforma.su
mod.calltouch.ru
www.googletagmanager.com
4 maps.googleapis.com riforma.su
maps.googleapis.com
4 top-fwz1.mail.ru riforma.su
4 riforma.su riforma.su
2 www.facebook.com riforma.su
2 www.google-analytics.com 1 redirects riforma.su
2 connect.facebook.net riforma.su
connect.facebook.net
1 www.google.de riforma.su
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 vk.com riforma.su
1 yastatic.net api-maps.yandex.ru
1 node-ya-2.jivosite.com code.jivosite.com
1 www.googletagmanager.com riforma.su
1 ssl.google-analytics.com riforma.su
1 mc.yandex.ru riforma.su
42 18

This site contains links to these domains. Also see Links.

Domain
www.jivo.ru
Subject Issuer Validity Valid
*.calltouch.ru
GlobalSign RSA OV SSL CA 2018		 2023-01-24 -
2024-02-25		 a year crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-11-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-14 -
2023-05-15		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2022-05-26 -
2023-06-04		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-02-01 -
2023-08-01		 6 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2023-03-16 -
2024-02-20		 a year crt.sh
api-maps.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2023-01-01 -
2023-06-27		 6 months crt.sh

This page contains 1 frames:

Primary Page: http://riforma.su:8888/
Frame ID: CD8BBC069898774A48D10C0D9ED680E5
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

42
Requests

69 %
HTTPS

72 %
IPv6

15
Domains

18
Subdomains

17
IPs

5
Countries

2056 kB
Transfer

6587 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=AJYCt1wBAAAAQQ5BCgIAuhaPOvH1s6LwnjBCvEqZ40MgkcAAAAAAAAAAAAB-i6HJhl795ZBh94EmPq9Zr6u1zw== HTTP 302
  • https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=AJYCt1wBAAAAQQ5BCgIAuhaPOvH1s6LwnjBCvEqZ40MgkcAAAAAAAAAAAAB-i6HJhl795ZBh94EmPq9Zr6u1zw==
Request Chain 24
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1901764649&utmhn=riforma.su&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=613200648&utmr=-&utmp=%2F&utmht=1683558636622&utmac=UA-106148229-1&utmgtm=45He3530n81WQB63X3&utmcc=__utma%3D72769552.1080476604.1683558637.1683558637.1683558637.1%3B%2B__utmz%3D72769552.1683558637.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=394430937&utmredir=1&utmu=qmAgAABAAAGBAAAAAgABAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1901764649&utmhn=riforma.su&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=613200648&utmr=-&utmp=%2F&utmht=1683558636622&utmac=UA-106148229-1&utmgtm=45He3530n81WQB63X3&utmcc=__utma%3D72769552.1080476604.1683558637.1683558637.1683558637.1%3B%2B__utmz%3D72769552.1683558637.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=394430937&utmredir=1&utmu=qmAgAABAAAGBAAAAAgABAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106148229-1&cid=1080476604.1683558637&jid=394430937&_v=5.7.2&z=1901764649 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106148229-1&cid=1080476604.1683558637&jid=394430937&_v=5.7.2&z=1901764649 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106148229-1&cid=1080476604.1683558637&jid=394430937&_v=5.7.2&z=1901764649&slf_rd=1&random=4083604291

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
riforma.su/ 		484 KB
484 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://riforma.su:8888/
Protocol
HTTP/1.1
Server
194.88.139.236 , Russian Federation, ASN35780 (LOGIX-AS, RU),
Reverse DNS
Software
/
Resource Hash
f8d35435c5c92a0df86e2b5466c91f090952fc8fa2d738d25a8fe5a2a53ae2dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers
SRUZecF549
code.jivosite.com/script/widget/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jivosite.com/script/widget/SRUZecF549
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
HTTP/1.1
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
fc13548c175db4901febb73709b6529b834ea0396d28e753a94c221eb91f330d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-ID
fr5-up-gc15
Date
Mon, 08 May 2023 15:10:26 GMT
Content-Encoding
gzip
Via
1.1 sharxy
X-Cached-Since
2023-05-08T15:10:22+00:00
Connection
keep-alive
X-Geo-Shard
ya
Content-Length
6848
Last-Modified
Mon, 17 Apr 2023 12:43:13 GMT
Server
nginx
Etag
"643d3ee1-1ac0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Cache
HIT
Accept-Ranges
bytes
Expires
Mon, 08 May 2023 17:10:22 GMT
d_client_new.js
mod.calltouch.ru/ 		1 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mod.calltouch.ru/d_client_new.js?param;client_id1571839107.1683310721;ya_client_id1565577085690334179;ref;urlhttp%3A%2F%2Friforma.su%2Fundefined%2F;cook&mod_id=9recps9q&script_session_id=187fbe32f8c.c4c&ctObject=ct&uniq_req_id=168355818279528473&ctClientGlobalId=
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
ct-mod-front01.calltouch.net
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 15:10:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-ct-fe
ct-mod-front01a
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers
DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
-1
code.js
top-fwz1.mail.ru/js/ 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
5b9b5b9e92ca410c2b2c97c9bf53d51ebf533520c4737698ae96ea3897685313
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Tue, 21 Mar 2023 13:41:37 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"6419b411-85fb"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Mon, 08 May 2023 16:10:36 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 08 May 2023 15:10:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
yawYSmhWXZQhg+UQDsdVmygFToylDKirCvs0E6njhr8LTuIiFFALvNURKrRMwzUkvylw0aAw/BnKcxwBO3jy9w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
watch.js
mc.yandex.ru/metrika/ 		164 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 05 May 2023 15:14:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6454f31f-e583"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
58755
expires
Mon, 08 May 2023 16:10:36 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 14:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2097
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 08 May 2023 16:35:39 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 08 May 2023 15:09:31 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
65
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Mon, 08 May 2023 17:09:31 GMT
gtm.js
www.googletagmanager.com/ 		119 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQB63X3
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2314cfb69b27fba98b3ed578c8a0895140aadf7b4eec85563ffaa97a3fd97f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45389
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 08 May 2023 15:10:36 GMT
style.css
riforma.su/css/ 		145 B
164 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://riforma.su:8888/css/style.css?1529904339
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
HTTP/1.1
Server
194.88.139.236 , Russian Federation, ASN35780 (LOGIX-AS, RU),
Reverse DNS
Software
/
Resource Hash
14c61f5e18356b4f708785bc02d6a06b56582cca0c232e5529d8c9c167847a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
js
maps.googleapis.com/maps/api/ 		188 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://maps.googleapis.com/maps/api/js?key=AIzaSyCGj91pCeOMfA3moOdKx06deJxNa9Ai_x0
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
1c7666c674b0a580c6a8f826253452e27236df96ecb20de142ba5240a882d796
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 15:10:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
scaffolding on HTTPServer2
Vary
Accept-Language, Origin, X-Origin, Referer
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=1800
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
63825
X-XSS-Protection
0
/
api-maps.yandex.ru/2.1/
Redirect Chain
  • http://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=AJYCt1wBAAAAQQ5BCgIAuhaPOvH1s6LwnjBCvEqZ40MgkcAAAAAAAAAAAAB-i6HJhl795ZBh94EmPq9Zr6u1zw==
  • https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=AJYCt1wBAAAAQQ5BCgIAuhaPOvH1s6LwnjBCvEqZ40MgkcAAAAAAAAAAAAB-i6HJhl795ZBh94EmPq9Zr6u1zw==
34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=AJYCt1wBAAAAQQ5BCgIAuhaPOvH1s6LwnjBCvEqZ40MgkcAAAAAAAAAAAAB-i6HJhl795ZBh94EmPq9Zr6u1zw==
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Server
2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
b2fd0c7fc90535ee1b9ee0eee96dfa0738d4b21043122310252fe4f7be973fd6
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
content-disposition
attachment; filename=json.txt
timing-allow-origin
*
x-xss-protection
1; mode=block

Redirect headers

Location
https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=AJYCt1wBAAAAQQ5BCgIAuhaPOvH1s6LwnjBCvEqZ40MgkcAAAAAAAAAAAAB-i6HJhl795ZBh94EmPq9Zr6u1zw==
Content-Length
0
placemark.js
riforma.su/js/ 		39 B
58 B 		Script
General
Check archive.org
Download Go to
Full URL
http://riforma.su:8888/js/placemark.js
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
HTTP/1.1
Server
194.88.139.236 , Russian Federation, ASN35780 (LOGIX-AS, RU),
Reverse DNS
Software
/
Resource Hash
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
app.js
riforma.su/js/ 		145 B
164 B 		Script
General
Check archive.org
Download Go to
Full URL
http://riforma.su:8888/js/app.js?1529904339
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
HTTP/1.1
Server
194.88.139.236 , Russian Federation, ASN35780 (LOGIX-AS, RU),
Reverse DNS
Software
/
Resource Hash
14c61f5e18356b4f708785bc02d6a06b56582cca0c232e5529d8c9c167847a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
SRUZecF549
code.jivosite.com/script/widget/config/ 		2 KB
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/SRUZecF549
Requested by
Host: code.jivosite.com
URL: http://code.jivosite.com/script/widget/SRUZecF549
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
15268ac990d85c685eba4d365a08d580f6f368212b7593931279ff94ad025c7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Mon, 08 May 2023 15:10:27 GMT
content-encoding
gzip
via
1.1 sharxy
server
nginx
vary
Accept-Encoding
x-cached-since
2023-05-08T15:10:27+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
x-geo-shard
ya
content-length
783
expires
Mon, 08 May 2023 17:10:27 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/53/2/intl/ru_ALL/ 		273 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://maps.googleapis.com/maps-api-v3/api/js/53/2/intl/ru_ALL/common.js
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cabf359664bd6572b93465a03a24ddc3f74daa92673d05cd18f28e7e3cdeb44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sat, 06 May 2023 06:06:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
205421
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy
cross-origin
Content-Length
77455
X-XSS-Protection
0
Last-Modified
Wed, 03 May 2023 01:13:11 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="maps-api-js"
Vary
Accept-Encoding, Origin
Report-To
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Sun, 05 May 2024 06:06:45 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/53/2/intl/ru_ALL/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://maps.googleapis.com/maps-api-v3/api/js/53/2/intl/ru_ALL/util.js
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af3236301a11df27e0ff8c6249b377e5941498658a4a38303f9f0314a5e1d638
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Sat, 06 May 2023 03:48:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
213700
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy
cross-origin
Content-Length
62027
X-XSS-Protection
0
Last-Modified
Wed, 03 May 2023 01:13:11 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="maps-api-js"
Vary
Accept-Encoding, Origin
Report-To
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Sun, 05 May 2024 03:48:46 GMT
init.js
mod.calltouch.ru/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mod.calltouch.ru/init.js?id=9recps9q
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
ct-mod-front01.calltouch.net
Software
nginx /
Resource Hash
c764cfbe60cfafc34015ffcd95a0bf058a15b77a2759d5b41e5a6103a06e7f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 15:10:26 GMT
content-encoding
gzip
last-modified
Monday, 08-May-2023 15:10:26 GMT
server
nginx
etag
W/"64534de9-11d9d"
vary
Accept-Encoding
x-ct-fe
ct-mod-front01a
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers
DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
-1
SRUZecF549
node-ya-2.jivosite.com/widget/status/574107/ 		80 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-ya-2.jivosite.com/widget/status/574107/SRUZecF549?rnd=0.7958648179960224
Requested by
Host: code.jivosite.com
URL: http://code.jivosite.com/script/widget/SRUZecF549
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
57.128.74.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3227025.ip-57-128-74.eu
Software
nginx /
Resource Hash
a4534a88ad184f1df71026f2c8e0747f5f65ddeaa7bd3a3627dd486c30665210
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 15:10:27 GMT
Content-Security-Policy
frame-ancestors 'none';
Server
nginx
X-Botmode
no
X-Geoip
DE;HE;Frankfurt am Main
X-Frame-Options
DENY
Content-Type
application/json; charset=utf-8;
Access-Control-Allow-Origin
http://riforma.su:8888
Access-Control-Expose-Headers
X-Geoip, X-Botmode
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Max-Age
1728000
Content-Length
80
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: http://maps.googleapis.com/maps/api/js?key=AIzaSyCGj91pCeOMfA3moOdKx06deJxNa9Ai_x0
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 15:10:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
scaffolding on HTTPServer2
Vary
Origin, X-Origin, Referer
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
http://riforma.su:8888
Access-Control-Expose-Headers
vary,vary,vary,content-encoding,date,server,content-length
Cache-Control
private
Content-Length
23
X-XSS-Protection
0
full-4f66b8183ca86244a65c4d7cd4348b0d8bad24ab.js
yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-11301402/build/release/ 		3 MB
675 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-11301402/build/release/full-4f66b8183ca86244a65c4d7cd4348b0d8bad24ab.js
Requested by
Host: api-maps.yandex.ru
URL: http://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=AJYCt1wBAAAAQQ5BCgIAuhaPOvH1s6LwnjBCvEqZ40MgkcAAAAAAAAAAAAB-i6HJhl795ZBh94EmPq9Zr6u1zw==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
12e37f03743917b1fae66d7b0ea36d49ce7bafc8e5d824070f75fb49e59fac0d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Mon, 24 Apr 2023 09:12:32 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"1b5681b9ad943d9d59f28e7ed5e8c179"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
d7bc78a912dd04fa
timing-allow-origin
*
expires
Tue, 07 May 2024 20:58:59 GMT
rtrg
vk.com/ 		49 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-233275-9age2
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv72-132-240-87.vk.com
Software
kittenx / KPHP/7.4.113791
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
content-encoding
gzip
x-frontend
front220206
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113791
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
d_client_new.js
mod.calltouch.ru/ 		1 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mod.calltouch.ru/d_client_new.js?param;;ref;urlhttp%3A%2F%2Friforma.su%3A8888%2F;cook&mod_id=9recps9q&script_session_id=187fbea1c19.74c&ctObject=ct&uniq_req_id=168355863656333590&ctClientGlobalId=
Requested by
Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=9recps9q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
ct-mod-front01.calltouch.net
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 15:10:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-ct-fe
ct-mod-front01a
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers
DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
-1
582467695466999
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/582467695466999?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
febd522d3fb6664114662e234868912bc582663ca45ee66a54d245e97d150b45
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 08 May 2023 15:10:36 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87940
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
EStSguI23iH7AupQf7BgQHKVYFDesyHKxeoMI2Nr4F7oF1d8nSGvhsVaGNq3y4PPwV4JTe8r1ur8uwHyJ1A6jA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
init.js
mod.calltouch.ru/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mod.calltouch.ru/init.js?id=9recps9q
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQB63X3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
ct-mod-front01.calltouch.net
Software
nginx /
Resource Hash
c764cfbe60cfafc34015ffcd95a0bf058a15b77a2759d5b41e5a6103a06e7f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 15:10:36 GMT
content-encoding
gzip
last-modified
Monday, 08-May-2023 15:10:36 GMT
server
nginx
etag
W/"64534de9-11d9d"
vary
Accept-Encoding
x-ct-fe
ct-mod-front01a
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers
DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
-1
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1901764649&utmhn=riforma.su&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=613200648...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1901764649&utmhn=riforma.su&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=61320064...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106148229-1&cid=1080476604.1683558637&jid=394430937&_v=5.7.2&z=1901764649
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106148229-1&cid=1080476604.1683558637&jid=394430937&_v=5.7.2&z=1901764649
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106148229-1&cid=1080476604.1683558637&jid=394430937&_v=5.7.2&z=1901764649&slf_rd=1&random=4083604291
42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106148229-1&cid=1080476604.1683558637&jid=394430937&_v=5.7.2&z=1901764649&slf_rd=1&random=4083604291
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 15:10:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 15:10:36 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106148229-1&cid=1080476604.1683558637&jid=394430937&_v=5.7.2&z=1901764649&slf_rd=1&random=4083604291
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=582467695466999&ev=PageView&dl=http%3A%2F%2Friforma.su%3A8888%2F&rl=&if=false&ts=1683558636643&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1683558636642.241100301&it=1683558636578&coo=false&rqm=GET
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 08 May 2023 15:10:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
counter
top-fwz1.mail.ru/ 		43 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3066075;u=http%3A//riforma.su%3A8888/;st=1683558636563;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=b5eb40eabb204b4a;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1683558636676%3A1683558636694%3A1%3A43e6d3d868ab4d6fb7d7cf49e8e91e53;opts=dl%2Cjst-gtag-ga;visible=true;_=0.5614670127982375
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
counter
top-fwz1.mail.ru/ 		43 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3066075;u=http%3A//riforma.su%3A8888/;st=1683558636563;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=b5eb40eabb204b4a;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1683558636676%3A1683558636695%3A2%3A43e6d3d868ab4d6fb7d7cf49e8e91e53;opts=dl%2Cjst-gtag-ga;visible=true;_=0.7818255674174686
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
d_client_new.js
mod.calltouch.ru/ 		1 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mod.calltouch.ru/d_client_new.js?param;client_id1080476604.1683558637;fbpfb.1.1683558636642.241100301;ref;urlhttp%3A%2F%2Friforma.su%3A8888%2F;cook&mod_id=9recps9q&script_session_id=187fbea1d0e.54b&ctObject=ct&uniq_req_id=168355863680839806&ctClientGlobalId=
Requested by
Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=9recps9q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
ct-mod-front01.calltouch.net
Software
nginx /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 15:10:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-ct-fe
ct-mod-front01a
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-headers
DNT,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
-1
grab.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 		326 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grab.cur
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
last-modified
Mon, 24 Apr 2023 09:13:17 GMT
etag
"6446482d-146"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
326
expires
Thu, 31 Dec 2037 23:55:55 GMT
grabbing.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 		326 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grabbing.cur
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
last-modified
Mon, 24 Apr 2023 09:13:17 GMT
etag
"6446482d-146"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
326
expires
Thu, 31 Dec 2037 23:55:55 GMT
help.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 		326 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/help.cur
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
last-modified
Mon, 24 Apr 2023 09:13:17 GMT
etag
"6446482d-146"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
326
expires
Thu, 31 Dec 2037 23:55:55 GMT
zoom_in.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 		326 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/zoom_in.cur
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:36 GMT
last-modified
Mon, 24 Apr 2023 09:13:17 GMT
etag
"6446482d-146"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
326
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=582467695466999&ev=Microdata&dl=http%3A%2F%2Friforma.su%3A8888%2F&rl=&if=false&ts=1683558637146&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22http%3A%2F%2Friforma.su%2F%22%2C%22og%3Atitle%22%3A%22Riforma.%20%D0%94%D0%B8%D0%B2%D0%B0%D0%BD%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D1%81%D1%87%D0%B0%D1%81%D1%82%D1%8C%D1%8F%22%2C%22og%3Adescription%22%3A%22%D0%9A%D0%BE%D0%B3%D0%B4%D0%B0%20%D1%82%D1%8B%20%D1%87%D0%B5%D0%B3%D0%BE-%D1%82%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D0%B8%D0%B3%D0%B0%D0%B5%D1%88%D1%8C%20%E2%80%93%20%D1%82%D1%8B%20%D1%83%D1%87%D0%B8%D1%88%D1%8C%D1%81%D1%8F%20%D0%BD%D0%B0%D1%81%D0%BB%D0%B0%D0%B6%D0%B4%D0%B0%D1%82%D1%8C%D1%81%D1%8F%20%D0%BA%D0%B0%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%BE%D0%BC%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%20%D0%B8%20%D0%B4%D0%B5%D0%BB%D0%B8%D1%82%D1%8C%D1%81%D1%8F%20%D1%8D%D1%82%D0%B8%D0%BC%20%D1%81%20%D0%B1%D0%BB%D0%B8%D0%B7%D0%BA%D0%B8%D0%BC%D0%B8%20%D0%BB%D1%8E%D0%B4%D1%8C%D0%BC%D0%B8.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Friforma.su%2Fimages%2Fshare%2Fshare.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1683558636642.241100301&it=1683558636578&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 08 May 2023 15:10:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
bundle_ru_RU.js
code.jivosite.com/js/ 		1 MB
263 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/js/bundle_ru_RU.js?rand=1681824649
Requested by
Host: code.jivosite.com
URL: http://code.jivosite.com/script/widget/SRUZecF549
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
bf7b27803d5fbcefb0aa23d13802665722ef717d2057eacbdb170e4843a88829

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Mon, 08 May 2023 15:10:37 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2023-05-08T05:16:05+00:00
x-geo-shard
ya
content-length
269161
last-modified
Mon, 17 Apr 2023 12:44:27 GMT
server
nginx
etag
"643d3f2b-41b69"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
SRUZecF549
code.jivosite.com/script/widget/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jivosite.com/script/widget/SRUZecF549
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
HTTP/1.1
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
fc13548c175db4901febb73709b6529b834ea0396d28e753a94c221eb91f330d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-ID
fr5-up-gc15
Date
Mon, 08 May 2023 15:10:37 GMT
Content-Encoding
gzip
Via
1.1 sharxy
X-Cached-Since
2023-05-08T15:10:22+00:00
Connection
keep-alive
X-Geo-Shard
ya
Content-Length
6848
Last-Modified
Mon, 17 Apr 2023 12:43:13 GMT
Server
nginx
Etag
"643d3ee1-1ac0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Cache
HIT
Accept-Ranges
bytes
Expires
Mon, 08 May 2023 17:10:22 GMT
tracker
top-fwz1.mail.ru/ 		43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3066075;u=http%3A//riforma.su%3A8888/;st=1683558636563;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=b5eb40eabb204b4a;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1683558616459/////0/2/2/2/43//43/9331/9587/9376/20104/20104/20111/20696/20696/;ni=10//4g/0/0/;lvid=1683558636676%3A1683558637158%3A3%3A43e6d3d868ab4d6fb7d7cf49e8e91e53;opts=dl%2Cjst-gtag-ga;visible=true;_=0.17603684546037046;e=RT/load;et=1683558637156
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 15:10:37 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
widget.css
code.jivosite.com/css/49222e1/ 		226 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://code.jivosite.com/css/49222e1/widget.css
Requested by
Host: riforma.su
URL: http://riforma.su:8888/
Protocol
HTTP/1.1
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
2edc92c362204adbefdae48b93cd29765a83ad343695b3173b740cb44fa7a0b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-ID
fr5-up-gc15
Date
Mon, 08 May 2023 15:10:37 GMT
Content-Encoding
gzip
Via
1.1 sharxy
X-Cached-Since
2023-05-01T11:23:40+00:00
Connection
keep-alive
X-Geo-Shard
ya
Content-Length
64019
Last-Modified
Mon, 17 Apr 2023 12:44:08 GMT
Server
nginx
Etag
"643d3f18-fa13"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=864000
Cache
HIT
Accept-Ranges
bytes
Expires
Mon, 01 May 2023 11:23:34 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2210b7e6d726c9d273fbb76890845c5054bdcc03ce803fe9b153ac7dac1dd646

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		447 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73bf539607e4d9d8458749de455df2c77487d27a518a073ae5cfaeb2484268b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://riforma.su:8888/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivosite.com/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
http://riforma.su:8888/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc15
date
Mon, 08 May 2023 15:10:37 GMT
via
1.1 sharxy
x-cached-since
2023-04-19T05:15:36+00:00
Content-Range
bytes 0-3759/3760
x-geo-shard
ya
Content-Length
3760
last-modified
Mon, 17 Apr 2023 12:42:38 GMT
server
nginx
etag
"643d3ebe-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Fri, 19 May 2023 05:15:36 GMT
notification.mp3
code.jivosite.com/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
http://riforma.su:8888/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc15
date
Mon, 08 May 2023 15:10:37 GMT
via
1.1 sharxy
x-cached-since
2023-04-19T05:15:21+00:00
Content-Range
bytes 0-5807/5808
x-geo-shard
ya
Content-Length
5808
last-modified
Mon, 17 Apr 2023 12:42:38 GMT
server
nginx
etag
"643d3ebe-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Fri, 19 May 2023 05:15:21 GMT
outgoing_message.mp3
code.jivosite.com/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
http://riforma.su:8888/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc15
date
Mon, 08 May 2023 15:10:37 GMT
via
1.1 sharxy
x-cached-since
2023-04-19T05:15:41+00:00
Content-Range
bytes 0-5013/5014
x-geo-shard
ya
Content-Length
5014
last-modified
Mon, 17 Apr 2023 12:42:38 GMT
server
nginx
etag
"643d3ebe-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Fri, 19 May 2023 05:15:41 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| dataLayer function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config object| google function| reactiveElementPolyfillSupport object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| ymaps string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _tmr object| webpackChunkcalltouch_client function| ct function| ct_create_session function| ct_goal function| ct_set_attrs object| _gat object| _gaq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| Ya string| jivo_version object| jivo_api

17 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: gfnO2QEPdS32kQlQDJvfhF4EFY6OyBQsuvpOGCVo3eQg8h/Y/TJ2c2DqWBnyCUjKGapV8Uv0wyYmy6jlDNzxkzoOMeM=
.yandex.ru/ Name: yandexuid
Value: 7253146811683558626
.riforma.su/ Name: _ga
Value: GA1.2.1080476604.1683558637
.riforma.su/ Name: _gid
Value: GA1.2.1624504295.1683558637
.vk.com/ Name: remixlang
Value: 6
.vk.com/ Name: remixstlid
Value: 9074994094075472377_a1wafgQOciJaa2NRW9SPqdjfiZpTIvR6YOlssBfdbND
.riforma.su/ Name: __utma
Value: 72769552.1080476604.1683558637.1683558637.1683558637.1
.riforma.su/ Name: __utmc
Value: 72769552
.riforma.su/ Name: __utmz
Value: 72769552.1683558637.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.riforma.su/ Name: __utmt_UA-106148229-1
Value: 1
.riforma.su/ Name: __utmb
Value: 72769552.1.10.1683558637
.riforma.su/ Name: _fbp
Value: fb.1.1683558636642.241100301
.riforma.su/ Name: tmr_lvid
Value: 43e6d3d868ab4d6fb7d7cf49e8e91e53
.riforma.su/ Name: tmr_lvidTS
Value: 1683558636676
riforma.su/ Name: cted
Value: modId%3D9recps9q%3Bclient_id%3D1080476604.1683558637%3Bfbp%3Dfb.1.1683558636642.241100301
.mail.ru/ Name: VID
Value: 0PNf6V0s2XoH00000r1gP4YH:::0-0-0-97369ac:CAASEBTYo-8agPXZhUHQTslGZeIaYHVKTM5qXEk46N7Zs9iWFOP_jYqTVPN4JdTokPxID6SlvN2lO3uWV30ujgz072w9HAM4z_6PIPEvHTRWWWc1Jv39exHxkQQwmFbrZhsfOzdflOnrgI1E21GZLinSYnSI4Q
riforma.su/ Name: tmr_detect
Value: 0%7C1683558639368

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-maps.yandex.ru
code.jivosite.com
connect.facebook.net
maps.googleapis.com
mc.yandex.ru
mod.calltouch.ru
node-ya-2.jivosite.com
riforma.su
ssl.google-analytics.com
stats.g.doubleclick.net
top-fwz1.mail.ru
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
yastatic.net
194.88.139.236
2a00:1450:4001:808::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::2008
2a00:1450:4001:828::2004
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9b
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::274
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a13:1ec0::1037
57.128.74.65
87.240.132.72
92.118.67.1
95.163.52.67
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0cabf359664bd6572b93465a03a24ddc3f74daa92673d05cd18f28e7e3cdeb44
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
12e37f03743917b1fae66d7b0ea36d49ce7bafc8e5d824070f75fb49e59fac0d
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
14c61f5e18356b4f708785bc02d6a06b56582cca0c232e5529d8c9c167847a54
15268ac990d85c685eba4d365a08d580f6f368212b7593931279ff94ad025c7d
1c7666c674b0a580c6a8f826253452e27236df96ecb20de142ba5240a882d796
2210b7e6d726c9d273fbb76890845c5054bdcc03ce803fe9b153ac7dac1dd646
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2edc92c362204adbefdae48b93cd29765a83ad343695b3173b740cb44fa7a0b9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
5b9b5b9e92ca410c2b2c97c9bf53d51ebf533520c4737698ae96ea3897685313
73bf539607e4d9d8458749de455df2c77487d27a518a073ae5cfaeb2484268b6
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
a4534a88ad184f1df71026f2c8e0747f5f65ddeaa7bd3a3627dd486c30665210
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
af3236301a11df27e0ff8c6249b377e5941498658a4a38303f9f0314a5e1d638
b2314cfb69b27fba98b3ed578c8a0895140aadf7b4eec85563ffaa97a3fd97f7
b2fd0c7fc90535ee1b9ee0eee96dfa0738d4b21043122310252fe4f7be973fd6
bf7b27803d5fbcefb0aa23d13802665722ef717d2057eacbdb170e4843a88829
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5
c764cfbe60cfafc34015ffcd95a0bf058a15b77a2759d5b41e5a6103a06e7f0b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a064c22678f5fa467eee7007b6a94da9413abe446a4bcbfbcf2387c90a0a65
f8d35435c5c92a0df86e2b5466c91f090952fc8fa2d738d25a8fe5a2a53ae2dc
fc13548c175db4901febb73709b6529b834ea0396d28e753a94c221eb91f330d
febd522d3fb6664114662e234868912bc582663ca45ee66a54d245e97d150b45
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43