Hi Anton,
I think I see the problem...
All those websites use a protection service https://variti.com/ru-ru/
And for some reason, it blocks or tries to verify those transactions. Not sure why but to me it looks like a misbehaving from their side. I tested those 2 sites from different locations, directly and via WSA and most of times I'm getting responses with "Server: Variti/0.9.3a" HTTP header and JS in the payload.
Sometimes I was able to load the page. In those cases, Server header was set to Nginx and payload was in HTML.
I'd advise contacting Variti/Website owners to see why their protection service blocks those transactions.