urlscan.io logo urlscan.io
SecurityTrails logo

esplus.ru Open in urlscan Pro
195.26.178.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://esplus.ru/
Effective URL: https://esplus.ru/
Submission Tags: tranco_l324
Submission: On November 06 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 195.26.178.117, located in Russian Federation and belongs to Moscow, Russia, RU. The main domain is esplus.ru.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 13th 2021. Valid for: a year.
This is the only time esplus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    195.26.178.117 (Russian Federation)

ASN8507 (Moscow, Russia, RU)
PTR: site.esplus.ru
esplus.ru
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    178.208.148.7 (Russian Federation)

ASN8732 (COMCOR-AS Moscow, RU)
nccchat.esplus.ru
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
7 esplus.ru 1 redirects esplus.ru
4 fonts.gstatic.com fonts.googleapis.com
3 nccchat.esplus.ru esplus.ru
nccchat.esplus.ru
2 www.facebook.com esplus.ru
2 connect.facebook.net esplus.ru
connect.facebook.net
2 fonts.googleapis.com esplus.ru
20 6
Subject Issuer Validity Valid
*.esplus.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-01-13 -
2022-02-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-15 -
2021-11-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://esplus.ru/
Frame ID: F265176F2DD7571BA1F78A15456C8A6B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ЭнергосбыТ Плюс - объединенная энергосбытовая компания Группы "Т Плюс"

Page URL History Show full URLs

  1. http://esplus.ru/ HTTP 301
    https://esplus.ru/ Page URL

Page Statistics

20
Requests

95 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

553 kB
Transfer

1890 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://esplus.ru/ HTTP 301
    https://esplus.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
esplus.ru/
Redirect Chain
  • http://esplus.ru/
  • https://esplus.ru/
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://esplus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.26.178.117 , Russian Federation, ASN8507 (Moscow, Russia, RU),
Reverse DNS
site.esplus.ru
Software
nginx/1.12.2 / PHP/7.1.33
Resource Hash
3faa0047af45badf4cfc0ac9deddd84abf1fc0b16a05814bc6750d83dc651b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.12.2
date
Sat, 06 Nov 2021 10:54:32 GMT
content-type
text/html; charset=UTF-8
vary
HTTPS
x-powered-by
PHP/7.1.33
p3p
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms
Bitrix Site Manager (55796e5b5817de26204e260cd84a929b)
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-encoding
gzip

Redirect headers

Server
nginx/1.12.2
Date
Sat, 06 Nov 2021 10:54:31 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
300
Connection
keep-alive
Location
https://esplus.ru/
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
kernel_main_v1.css
esplus.ru/bitrix/cache/css/s1/template/kernel_main/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esplus.ru/bitrix/cache/css/s1/template/kernel_main/kernel_main_v1.css?163247712732682
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.26.178.117 , Russian Federation, ASN8507 (Moscow, Russia, RU),
Reverse DNS
site.esplus.ru
Software
nginx/1.12.2 /
Resource Hash
874ad5c481c2eda6c9e1a2dafea853680bac9743fbfe4dc19f7ef806d474b3cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 10:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Sep 2021 09:52:07 GMT
server
nginx/1.12.2
etag
W/"614d9fc7-7faa"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
expires
Mon, 06 Dec 2021 10:54:32 GMT
css
fonts.googleapis.com/ 		10 KB
859 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&subset=cyrillic
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
451575204ff8e8fb6a42a669185d8480a461132285ebf960c9368513f910457f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 06 Nov 2021 10:39:48 GMT
server
ESF
date
Sat, 06 Nov 2021 10:54:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sat, 06 Nov 2021 10:54:32 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro&subset=cyrillic
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89217528ff779a9d3836efde9904ba13979c9cd01666796dabbb1ba533b1126a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 06 Nov 2021 10:45:51 GMT
server
ESF
date
Sat, 06 Nov 2021 10:54:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sat, 06 Nov 2021 10:54:32 GMT
template_0c876fb51a55447f14c7339df054ef9c_v1.css
esplus.ru/bitrix/cache/css/s1/template/template_0c876fb51a55447f14c7339df054ef9c/ 		372 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esplus.ru/bitrix/cache/css/s1/template/template_0c876fb51a55447f14c7339df054ef9c/template_0c876fb51a55447f14c7339df054ef9c_v1.css?1635174388380762
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.26.178.117 , Russian Federation, ASN8507 (Moscow, Russia, RU),
Reverse DNS
site.esplus.ru
Software
nginx/1.12.2 /
Resource Hash
abe878c37aff6d93fdd40ac25e2f122d214a29fac1501069ef6994c5bf90417b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 10:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Oct 2021 15:06:28 GMT
server
nginx/1.12.2
etag
W/"6176c7f4-5cf5a"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
expires
Mon, 06 Dec 2021 10:54:32 GMT
popup.css
esplus.ru/bitrix/panel/main/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esplus.ru/bitrix/panel/main/popup.css?151379729923084
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.26.178.117 , Russian Federation, ASN8507 (Moscow, Russia, RU),
Reverse DNS
site.esplus.ru
Software
nginx/1.12.2 /
Resource Hash
5f79e7394ccd9c8d990e177ba8fe5e3d8362b52f7a99e28ddce021e0972d7142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 10:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Dec 2017 19:14:59 GMT
server
nginx/1.12.2
etag
W/"5a3ab6b3-5a2c"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
expires
Mon, 06 Dec 2021 10:54:32 GMT
kernel_main_v1.js
esplus.ru/bitrix/cache/js/s1/template/kernel_main/ 		452 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esplus.ru/bitrix/cache/js/s1/template/kernel_main/kernel_main_v1.js?1632567364463045
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.26.178.117 , Russian Federation, ASN8507 (Moscow, Russia, RU),
Reverse DNS
site.esplus.ru
Software
nginx/1.12.2 /
Resource Hash
74d95858dc044fa20883d6854c72e49dd4ebcfd9112c03f36c83820fa09f7946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 10:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 25 Sep 2021 10:56:04 GMT
server
nginx/1.12.2
etag
W/"614f0044-710c5"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Mon, 06 Dec 2021 10:54:32 GMT
template_d75f7ac28536c604a6dd0922d9a52a55_v1.js
esplus.ru/bitrix/cache/js/s1/template/template_d75f7ac28536c604a6dd0922d9a52a55/ 		323 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esplus.ru/bitrix/cache/js/s1/template/template_d75f7ac28536c604a6dd0922d9a52a55/template_d75f7ac28536c604a6dd0922d9a52a55_v1.js?1632477122330660
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.26.178.117 , Russian Federation, ASN8507 (Moscow, Russia, RU),
Reverse DNS
site.esplus.ru
Software
nginx/1.12.2 /
Resource Hash
4c5c2e015cc4457f3290a9195526f21dc52ac14d9992c71de30fa8f82af73d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 10:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Sep 2021 09:52:02 GMT
server
nginx/1.12.2
etag
W/"614d9fc2-50ba4"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
expires
Mon, 06 Dec 2021 10:54:32 GMT
client.js
nccchat.esplus.ru/chatlib/ 		206 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccchat.esplus.ru/chatlib/client.js
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.208.148.7 , Russian Federation, ASN8732 (COMCOR-AS Moscow, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b9c1d5ebcc1e69ed0af7fe711f3307da2e794182f8beb49ff00f68b71b86b21e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 06 Nov 2021 10:53:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Oct 2021 11:02:30 GMT
Server
nginx/1.16.1
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
vladimir.js
nccchat.esplus.ru/js/ 		653 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nccchat.esplus.ru/js/vladimir.js
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.208.148.7 , Russian Federation, ASN8732 (COMCOR-AS Moscow, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
cd55b42719f88d69000bc78fe916c391df196cac9ac64ab194162dd8e863fa0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 06 Nov 2021 10:53:45 GMT
Last-Modified
Thu, 12 Mar 2020 16:02:03 GMT
Server
nginx/1.16.1
ETag
"5e6a5cfb-28d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
653
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://esplus.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 16:40:33 GMT
x-content-type-options
nosniff
age
238439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9500
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 03 Nov 2022 16:40:33 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://esplus.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 08:15:23 GMT
x-content-type-options
nosniff
age
95949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 05 Nov 2022 08:15:23 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://esplus.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 04 Nov 2021 22:46:25 GMT
x-content-type-options
nosniff
age
130087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 04 Nov 2022 22:46:25 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://esplus.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 08:58:25 GMT
x-content-type-options
nosniff
age
93367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 05 Nov 2022 08:58:25 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
C+ZkDRXWopCQPZnnYQ396qQzFVyFKQ/Ua+XIv8nbhUFHvfocYfGigeEFyoegE5Mv1GOSs6azytZIT4WvipAjUg==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 06 Nov 2021 10:54:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
553211391995457
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/553211391995457?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f7993baf655f2ce1b1052e945c7179d399946624d030a607baca4b8cab66bc88
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
88862
x-xss-protection
0
pragma
public
x-fb-debug
qHbNZH6454Ni0WvNHR3bZF0/W4AeH5sr/p3zi407prvlRenjYEw+3BmfP8jkdCFokPhw6IZ7vm7g3btjAl1W/g==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 06 Nov 2021 10:54:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
data
nccchat.esplus.ru/visitor/involve/568/ 		0
0
568
nccchat.esplus.ru/visitor/css/external/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nccchat.esplus.ru/visitor/css/external/568?jsoncallback=jQuery2240031497923317902465_1636196072558&_=1636196072559
Requested by
Host: nccchat.esplus.ru
URL: https://nccchat.esplus.ru/chatlib/client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.208.148.7 , Russian Federation, ASN8732 (COMCOR-AS Moscow, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
b3821e8d324610b1991706deec99d278a6199b1b796eb6df7acb93dffd40cf20
Security Headers
Name Value
Content-Security-Policy font-src 'self' data:; media-src 'self' data:; img-src 'self' data:

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 06 Nov 2021 10:53:46 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
vary
accept-encoding
Access-Control-Allow-Methods
GET, POST, PATCH, DELETE
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
Transfer-Encoding
chunked
Content-Security-Policy
font-src 'self' data:; media-src 'self' data:; img-src 'self' data:
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, X-XSRF-TOKEN
/
www.facebook.com/tr/ 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=553211391995457&ev=PageView&dl=https%3A%2F%2Fesplus.ru%2F&rl=&if=false&ts=1636196072599&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636196072597.1027408872&it=1636196072529&coo=false&exp=p0&rqm=GET
Requested by
Host: esplus.ru
URL: https://esplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 10:54:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 06 Nov 2021 10:54:32 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=553211391995457&ev=Microdata&dl=https%3A%2F%2Fesplus.ru%2F&rl=&if=false&ts=1636196074107&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%AD%D0%BD%D0%B5%D1%80%D0%B3%D0%BE%D1%81%D0%B1%D1%8B%D0%A2%20%D0%9F%D0%BB%D1%8E%D1%81%20-%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%B4%D0%B8%D0%BD%D0%B5%D0%BD%D0%BD%D0%B0%D1%8F%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%BE%D1%81%D0%B1%D1%8B%D1%82%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%D0%93%D1%80%D1%83%D0%BF%D0%BF%D1%8B%20%5C%22%D0%A2%20%D0%9F%D0%BB%D1%8E%D1%81%5C%22%22%2C%22meta%3Adescription%22%3A%22%D0%90%D0%9E%20%5C%22%D0%AD%D0%BD%D0%B5%D1%80%D0%B3%D0%BE%D1%81%D0%B1%D1%8B%D0%A2%20%D0%9F%D0%BB%D1%8E%D1%81%5C%22%20%E2%80%93%20%D0%BE%D0%B1%D1%8A%D0%B5%D0%B4%D0%B8%D0%BD%D0%B5%D0%BD%D0%BD%D0%B0%D1%8F%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%BE%D1%81%D0%B1%D1%8B%D1%82%D0%BE%D0%B2%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%D0%93%D1%80%D1%83%D0%BF%D0%BF%D1%8B%20%5C%22%D0%A2%20%D0%9F%D0%BB%D1%8E%D1%81%5C%22%20%D1%81%20%D1%84%D0%B8%D0%BB%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D1%82%D1%8C%D1%8E%20%D0%B8%D0%B7%2014%20%D1%80%D0%B5%D0%B3%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D1%84%D0%B8%D0%BB%D0%B8%D0%B0%D0%BB%D0%BE%D0%B2%20%D0%BD%D0%B0%20%D1%82%D0%B5%D1%80%D1%80%D0%B8%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B9%D1%81%D0%BA%D0%BE%D0%B9%20%D0%A4%D0%B5%D0%B4%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D0%B8.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636196072597.1027408872&it=1636196072529&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 10:54:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 06 Nov 2021 10:54:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nccchat.esplus.ru
URL
https://nccchat.esplus.ru/visitor/involve/568/data

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| BX function| CBXSession object| bxSession object| phpVars object| jsUtils function| JCFloatDiv object| jsFloatDiv function| BXHint function| WaitOnKeyPress function| ShowWaitWindow function| CloseWaitWindow object| jsSelectUtils function| BXInputPopup object| jsCalendar object| OptimalGroup object| Material function| authCallback function| authCallbackInline function| onloadCallback function| $ function| jQuery function| inputmask function| EvEmitter function| imagesLoaded function| fbq function| _fbq function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ function| ChatClient string| staticHeaderHtml object| options object| client

4 Cookies

Domain/Path Name / Value
esplus.ru/ Name: PHPSESSID
Value: 6f7ae0b255fa1ec2bf0785afcd73765b
esplus.ru/ Name: INVOLVE_SESSION_MONITOR
Value: 1
.esplus.ru/ Name: _fbp
Value: fb.1.1636196072597.1027408872
.facebook.com/ Name: fr
Value: 0f6iV7Y5VxdBur5S1..Bhhl7o...1.0.Bhhl7o.

2 Console Messages

Source Level URL
Text
javascript error URL: https://esplus.ru/
Message:
Access to XMLHttpRequest at 'https://nccchat.esplus.ru/visitor/involve/568/data' from origin 'https://esplus.ru' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value ''.
network error URL: https://nccchat.esplus.ru/visitor/involve/568/data
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
esplus.ru
fonts.googleapis.com
fonts.gstatic.com
nccchat.esplus.ru
www.facebook.com
nccchat.esplus.ru
178.208.148.7
195.26.178.117
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3faa0047af45badf4cfc0ac9deddd84abf1fc0b16a05814bc6750d83dc651b9d
451575204ff8e8fb6a42a669185d8480a461132285ebf960c9368513f910457f
4c5c2e015cc4457f3290a9195526f21dc52ac14d9992c71de30fa8f82af73d2b
5f79e7394ccd9c8d990e177ba8fe5e3d8362b52f7a99e28ddce021e0972d7142
74d95858dc044fa20883d6854c72e49dd4ebcfd9112c03f36c83820fa09f7946
874ad5c481c2eda6c9e1a2dafea853680bac9743fbfe4dc19f7ef806d474b3cb
89217528ff779a9d3836efde9904ba13979c9cd01666796dabbb1ba533b1126a
abe878c37aff6d93fdd40ac25e2f122d214a29fac1501069ef6994c5bf90417b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3821e8d324610b1991706deec99d278a6199b1b796eb6df7acb93dffd40cf20
b9c1d5ebcc1e69ed0af7fe711f3307da2e794182f8beb49ff00f68b71b86b21e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cd55b42719f88d69000bc78fe916c391df196cac9ac64ab194162dd8e863fa0c
f7993baf655f2ce1b1052e945c7179d399946624d030a607baca4b8cab66bc88
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e