urlscan.io logo urlscan.io
SecurityTrails logo

test.banks-off.ru Open in urlscan Pro
185.22.235.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.test.banks-off.ru/
Effective URL: https://test.banks-off.ru/
Submission: On October 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 21 domains to perform 83 HTTP transactions. The main IP is 185.22.235.178, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is test.banks-off.ru.
TLS certificate: Issued by R3 on August 11th 2021. Valid for: 3 months.
This is the only time test.banks-off.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 185.22.235.178 210079 (EUROBYTE ...)
3 142.250.181.232 15169 (GOOGLE)
5 185.151.241.28 49505 (SELECTEL)
7 142.250.185.98 15169 (GOOGLE)
3 104.16.18.94 13335 (CLOUDFLAR...)
4 12 77.88.21.119 13238 (YANDEX)
5 217.69.133.145 47764 (MAILRU-AS...)
2 157.240.20.19 32934 (FACEBOOK)
1 172.217.23.106 15169 (GOOGLE)
5 142.250.185.163 15169 (GOOGLE)
7 142.250.184.226 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
3 142.250.185.142 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
1 142.250.184.194 15169 (GOOGLE)
2 74.125.71.157 15169 (GOOGLE)
1 5 142.250.186.132 15169 (GOOGLE)
2 157.240.20.35 32934 (FACEBOOK)
7 142.250.185.225 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
4 104.21.74.94 13335 (CLOUDFLAR...)
1 1 188.124.36.8 49505 (SELECTEL)
1 1 88.212.201.210 39134 (UNITEDNET)
1 104.21.80.87 13335 (CLOUDFLAR...)
1 1 80.64.106.149 20764 (RASCOM-AS...)
3 31.44.80.202 29226 (MASTERTEL...)
83 25
7    185.22.235.178 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: hosted-by.ihc.ru
www.test.banks-off.ru
test.banks-off.ru
3    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
5    185.151.241.28 (Russian Federation)

ASN49505 (SELECTEL, RU)
cfv4.com
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
3    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    77.88.21.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
5    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
2    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
1    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f10.1e100.net
fonts.googleapis.com
5    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
fonts.gstatic.com
7    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
3    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
adservice.google.com
2    74.125.71.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f157.1e100.net
stats.g.doubleclick.net
5    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
2    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
7    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googletagservices.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
4    104.21.74.94 (None, )

ASN13335 (CLOUDFLARENET, US)
mdeploy.andata.ru
1    188.124.36.8 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
integration.cfv4.com
1    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
1    104.21.80.87 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.one
1    80.64.106.149 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru
andata-sync.rutarget.ru
3    31.44.80.202 (Moscow, Russian Federation)

ASN29226 (MASTERTEL-AS Moscow, Russia, RU)
PTR: 31-44-80-202.in-addr.mastertelecom.ru
gt.andata.ru
Domain Requested by
10 mc.yandex.com 3 redirects test.banks-off.ru
mc.yandex.ru
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.googleadservices.com
googleads.g.doubleclick.net
7 pagead2.googlesyndication.com test.banks-off.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 test.banks-off.ru test.banks-off.ru
5 www.google.com 1 redirects test.banks-off.ru
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
5 top-fwz1.mail.ru test.banks-off.ru
top-fwz1.mail.ru
5 cfv4.com test.banks-off.ru
cfv4.com
4 mdeploy.andata.ru cfv4.com
mdeploy.andata.ru
3 gt.andata.ru mdeploy.andata.ru
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 cdnjs.cloudflare.com test.banks-off.ru
3 www.googletagmanager.com test.banks-off.ru
www.googletagmanager.com
2 www.facebook.com test.banks-off.ru
2 stats.g.doubleclick.net www.google-analytics.com
2 connect.facebook.net test.banks-off.ru
connect.facebook.net
2 mc.yandex.ru 1 redirects test.banks-off.ru
1 andata-sync.rutarget.ru 1 redirects
1 dmp.one
1 counter.yadro.ru 1 redirects
1 integration.cfv4.com 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.googleapis.com test.banks-off.ru
1 www.test.banks-off.ru 1 redirects
83 29

This site contains links to these domains. Also see Links.

Domain
mc.yandex.com
pagead2.googlesyndication.com
cfv4.com
symfony.com
Subject Issuer Validity Valid
test.banks-off.ru
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.cfv4.com
AlphaSSL CA - SHA256 - G2		 2020-11-03 -
2021-12-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.andata.ru
R3		 2021-10-08 -
2022-01-06		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://test.banks-off.ru/
Frame ID: 7A35294517183DCCEEA58B7EFB9FD735
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211006/r20190131/zrt_lookup.html
Frame ID: 2AA0FB8E04C9E97050B5740D91A6234A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Frame ID: 284EDE96A4C70E936C0F7304480951FA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&adk=1812271804&adf=3025194257&lmt=1633867256&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftest.banks-off.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256737&bpp=1&bdt=175&idt=148&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&nras=1&correlator=6349530829931&frm=20&pv=1&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=152
Frame ID: 00581D02ABE9EA9FC562A35987706B46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 418EFA1CE3E686648B137E0DFCE353FA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Frame ID: F450F7A12AF9E4A3943190DEB39A2B03
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3C1FFBE3629EA5E606FEEA3B11028C33
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 81521E5819FA942E772A96383B4786A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Твой кредитный помощник

Page URL History Show full URLs

  1. https://www.test.banks-off.ru/ HTTP 301
    https://test.banks-off.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:<div class="sf-toolbar[^>]+?>[^]+<span class="sf-toolbar-value">([\d.])+|<div id="sfwdt[^"]+" class="[^"]*sf-toolbar)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

100 %
HTTPS

0 %
IPv6

21
Domains

29
Subdomains

25
IPs

4
Countries

939 kB
Transfer

2471 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.test.banks-off.ru/ HTTP 301
    https://test.banks-off.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9422.KRMXOtp1hWM1tyOAa8SebUK4nUaugaLDMsYTOIajCZTKTcKjpw5XwjET7sCyWknG.YOtsnxaIEDz6aCn3XIFp-jZlejY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9422.MMToQ9sGCD6rrsgVXzQs-cz6FL-UvHHLsIdC6DBmiH2ADz8NUl7sSImtXbsvA3oVgM31YePN8vxPQxVEgOtYHQ%2C%2C.YQLv3UD9JxJY_9kfCD2KU58pyuk%2C
Request Chain 50
  • https://mc.yandex.com/watch/46114182?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A804531185979%3Ahid%3A172597965%3Az%3A0%3Ai%3A2021010010120056%3Aet%3A1633867257%3Ac%3A1%3Arn%3A1017672267%3Arqn%3A1%3Au%3A1633867257810515168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633867255978%3Ads%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C116%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C119%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633867257%3At%3A%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA HTTP 302
  • https://mc.yandex.com/watch/46114182/1?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A804531185979%3Ahid%3A172597965%3Az%3A0%3Ai%3A2021010010120056%3Aet%3A1633867257%3Ac%3A1%3Arn%3A1017672267%3Arqn%3A1%3Au%3A1633867257810515168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633867255978%3Ads%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C116%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C119%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633867257%3At%3A%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA
Request Chain 51
  • https://mc.yandex.com/watch/41479804?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A795649595441%3Ahid%3A172597965%3Az%3A0%3Ai%3A2021010010120056%3Aet%3A1633867257%3Ac%3A1%3Arn%3A170487999%3Arqn%3A1%3Au%3A1633867257810515168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633867255978%3Ads%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C116%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C119%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633867257%3At%3A%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA HTTP 302
  • https://mc.yandex.com/watch/41479804/1?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A795649595441%3Ahid%3A172597965%3Az%3A0%3Ai%3A2021010010120056%3Aet%3A1633867257%3Ac%3A1%3Arn%3A170487999%3Arqn%3A1%3Au%3A1633867257810515168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633867255978%3Ads%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C116%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C119%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633867257%3At%3A%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA
Request Chain 62
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 80
  • https://integration.cfv4.com/api/pixel?mapperId=996834f3-7575-477f-9fff-e66349bd78be&subscriberId=112318e5-0aea-4ac4-8ee9-6abb34b98c7f&needPhone=1&needEmail=1 HTTP 301
  • https://counter.yadro.ru/id/finmed.gif?id=996834f3-7575-477f-9fff-e66349bd78be&tid=3e887e91-d0f7-4438-80cf-60eb2abf8b66 HTTP 302
  • https://dmp.one/pb-data/liveinternet?id=996834f3-7575-477f-9fff-e66349bd78be&tid=3e887e91-d0f7-4438-80cf-60eb2abf8b66&p=0&e=0
Request Chain 83
  • https://andata-sync.rutarget.ru/sync HTTP 302
  • https://gt.andata.ru/i?&e=pv&tna=hZUZ1-qwSkvR

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
test.banks-off.ru/
Redirect Chain
  • https://www.test.banks-off.ru/
  • https://test.banks-off.ru/
56 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.22.235.178 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
hosted-by.ihc.ru
Software
nginx /
Resource Hash
e092387e0fa701675f5a81dbd3405b21c56a951f01390b87cc7d07ae7dacd67b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
test.banks-off.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=de45bbb7ad9ce927cb88c962fa3959d8; path=/; secure; HttpOnly; SameSite=lax
x-debug-token
a393c4
x-debug-token-link
https://test.banks-off.ru/_profiler/a393c4
x-robots-tag
noindex
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubDomains; preload
referrer-policy
no-referrer-when-downgrade
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
date
Sun, 10 Oct 2021 12:00:56 GMT
x-page-speed
Powered By ngx_pagespeed
cache-control
max-age=0, no-cache
content-encoding
gzip

Redirect headers

server
nginx
date
Sun, 10 Oct 2021 12:00:56 GMT
content-type
text/html
content-length
162
location
https://test.banks-off.ru/
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-75434248-15
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
279e1b74d1cb13f3a6ad431ef3a3a67595bafc26bc9cdfc26100ba79a8bca751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39151
x-xss-protection
0
expires
Sun, 10 Oct 2021 12:00:56 GMT
A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
test.banks-off.ru/banks-off.ru/styles/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://test.banks-off.ru/banks-off.ru/styles/A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.22.235.178 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
hosted-by.ihc.ru
Software
nginx /
Resource Hash
6186df1b164155bd237dada6c671d06aad0b20aa486e753e171ddc8a6a5cf1b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/banks-off.ru/styles/A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
pragma
no-cache
cookie
PHPSESSID=de45bbb7ad9ce927cb88c962fa3959d8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
test.banks-off.ru
referer
https://test.banks-off.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-original-content-length
11235
date
Thu, 15 Oct 2020 13:00:57 GMT
content-length
2184
x-xss-protection
1; mode=block
x-page-speed
Powered By ngx_pagespeed
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Oct 2020 13:00:57 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 15 Oct 2021 13:00:57 GMT
matcher.js
cfv4.com/v2/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfv4.com/v2/matcher.js?apiToken=48955688-1139-4430-b00c-45641711acb7&correlation_id=2e7a7de9-5c31-533d-a42c-e30227a7f4a1
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
2026c007eeed6f0bc64b63a50f933f4da21b36fb8210794635467f897f6432ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 12:00:58 GMT
content-encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
ETag
W/"3292-1W5F5ACjHZvq54cWjqjw7jN79q8"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://test.banks-off.ru
X-XSS-Protection
1; mode=block
Connection
keep-alive
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=31536000
Content-Length
12946
control-cache
max-age=300
X-Content-Type-Options
nosniff
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
0960e7660f108ee79518c4182e076f50145d1b2d91a53917802c05a4c15e91e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51347
x-xss-protection
0
server
cafe
etag
16729299027061701486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 12:00:56 GMT
xreqblack.png.pagespeed.ic.xeuUgC7Ccz.webp
test.banks-off.ru/banks-off.ru/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://test.banks-off.ru/banks-off.ru/images/xreqblack.png.pagespeed.ic.xeuUgC7Ccz.webp
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.22.235.178 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
hosted-by.ihc.ru
Software
nginx /
Resource Hash
800ebe406d03c148151b0acd3418b90e81f84a22f62fc4122c6103f0ecb3962d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/banks-off.ru/images/xreqblack.png.pagespeed.ic.xeuUgC7Ccz.webp
pragma
no-cache
cookie
PHPSESSID=de45bbb7ad9ce927cb88c962fa3959d8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
test.banks-off.ru
referer
https://test.banks-off.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-original-content-length
4454
date
Thu, 15 Oct 2020 13:00:56 GMT
content-length
3944
x-xss-protection
1; mode=block
x-page-speed
Powered By ngx_pagespeed
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Oct 2020 13:00:56 GMT
server
nginx
etag
W/"0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://test.banks-off.ru/banks-off.ru/images/reqblack.png>; rel="canonical"
expires
Fri, 15 Oct 2021 13:00:56 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2826960
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27748
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBeLw%2BEV5IovobYEJYebvoCBJk236%2F5GJAzN%2B9FajhUB3rCcbqn5xGLNnIKoQp9ERtBGVAE4eiJl7orxGeZrXc%2FV4LBY%2B2wepF9svovNFE258%2F79eAqYDpiI3r4brPGD3hErWUSE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69bfb0f1c8484ee5-FRA
expires
Fri, 30 Sep 2022 12:00:56 GMT
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/jquery.validate.min.js
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2365972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6929
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-5f38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ya0QWJ6wO1Y6vS7jLSuGcqw5d9Go0LMPr2eA8cqy0888NhSHJmZa3F1Hr7p6VlVL4OJ8QMcRaIi9M84U1S3lONMOOfqqyoTT5XuYsbf%2F1gn5gCw0cG%2FUYUuWO1i6ejVeuhL7MQlr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69bfb0f1c84c4ee5-FRA
expires
Fri, 30 Sep 2022 12:00:56 GMT
step1.js
test.banks-off.ru/banks-off.ru/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://test.banks-off.ru/banks-off.ru/scripts/step1.js
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.22.235.178 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
hosted-by.ihc.ru
Software
nginx /
Resource Hash
a729780e3df67e4a4abfb6d9c064638a62554cc969757cbeb273ff4e6a27bf2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/banks-off.ru/scripts/step1.js
pragma
no-cache
cookie
PHPSESSID=de45bbb7ad9ce927cb88c962fa3959d8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
test.banks-off.ru
referer
https://test.banks-off.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
vary
Accept-Encoding
x-original-content-length
5550
date
Thu, 15 Oct 2020 13:00:57 GMT
content-length
1650
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"5e9864df-15ae"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options
nosniff
expires
Fri, 15 Oct 2021 13:00:57 GMT
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
br
last-modified
Fri, 08 Oct 2021 08:33:42 GMT
etag
"615fd836-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Sun, 10 Oct 2021 13:00:56 GMT
code.js
top-fwz1.mail.ru/js/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Thu, 15 Jul 2021 18:35:46 GMT
server
nginx
etag
W/"60f08002-64db"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 10 Oct 2021 13:00:56 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25967
x-xss-protection
0
pragma
public
x-fb-debug
bU0m1LSmOadAOu2mDlXtHn9jBe6yBU5qQwx6G5xYPkul+P+ayB2jHvaBWp3v8Vsmy1o/fWGQUYM4ZDJRyxBs/w==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sun, 10 Oct 2021 12:00:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2de03f92c36e2e8ee295ee5b4cdabc755cb874e2df6a80b868b17897fbbf1649

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		462 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
870327cf9104bc7295010af76a39c69ee66fcf6c704515665b73b5bf995c3c46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		444 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
deab4417defe817fc78b47ebed8fe4bf292a88a77e7638cd4e1314f5751e4a2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		564 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
587ecb86bf444b0518e732adb6585254721f7f72708a8bd92deb9e6489d124cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		428 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a2e132c3b26d93ff0fcbf6393484a935910bf95d335b746b1f11dfbf3b1074c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
024a4530343994565d9e2dec0aed60dadec9530127f4db0207495ad6dab6c271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		396 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b4c4f75ae2888d70252db3b18695548d80cf68948ccec40b28683aeb0d7dc51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
259502504636251
connect.facebook.net/signals/config/ 		490 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/259502504636251?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
1adb47c6df6d1c3a410ed46a3d7f3727f947ab81c0cacb4e0e50481e376c2783
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
/10+8smWkvOpm1KJx/PWkIIy6/cA1BlR5B/aD1BK/ovsSyOY0fwJa9rrnUXbGvLSvMM4FVcWby+j2gYfKxNPvQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 10 Oct 2021 12:00:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ 		2 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/banks-off.ru/styles/A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/banks-off.ru/styles/A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1529795
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
633
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdngcUOOQjKKebPPu395pYh5C2y2A5kJO7FbpglbbySU6rmfRD%2BVAksKgrwYtOGs8Eq9BtwzYYqw7iU3r36aePDH7J56%2FU3Zp47KYba1AW5GYu5fJM4vvYU%2F%2FVZGGp8un6HsU4PP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69bfb0f1f88f4ee5-FRA
expires
Fri, 30 Sep 2022 12:00:56 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/banks-off.ru/styles/A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/banks-off.ru/styles/A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 10 Oct 2021 11:32:12 GMT
server
ESF
date
Sun, 10 Oct 2021 12:00:56 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 10 Oct 2021 12:00:56 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-875465403&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75434248-15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9dda3877bd5e6d808c2d53488525a95e6ba708d3cff2ccbdb8d221e50ffc7d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39495
x-xss-protection
0
expires
Sun, 10 Oct 2021 12:00:56 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-75434248-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75434248-15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
384ecdde9a305bbfdb85b5d7b9b9c2da0b68574bfd2176681b448711e26cf8d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39248
x-xss-protection
0
expires
Sun, 10 Oct 2021 12:00:56 GMT
a393c4
test.banks-off.ru/_wdt/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.banks-off.ru/_wdt/a393c4
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.22.235.178 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
hosted-by.ihc.ru
Software
nginx /
Resource Hash
4ac6501877dc32633163ead4fea3dab5205ded86a74929fa6e379bf591e36dd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
PHPSESSID=de45bbb7ad9ce927cb88c962fa3959d8
:path
/_wdt/a393c4
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
test.banks-off.ru
referer
https://test.banks-off.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://test.banks-off.ru/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-page-speed
Powered By ngx_pagespeed
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
nginx
date
Sun, 10 Oct 2021 12:00:56 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-xss-protection
1; mode=block
xpreview-image.png.pagespeed.ic.i9I7SIH86a.webp
test.banks-off.ru/banks-off.ru/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://test.banks-off.ru/banks-off.ru/images/xpreview-image.png.pagespeed.ic.i9I7SIH86a.webp
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/banks-off.ru/styles/A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.22.235.178 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
hosted-by.ihc.ru
Software
nginx /
Resource Hash
a94013461cf3eaca312ceaf191e059d8d1426a6b471ba7caf6821a9ad54e836f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/banks-off.ru/images/xpreview-image.png.pagespeed.ic.i9I7SIH86a.webp
pragma
no-cache
cookie
PHPSESSID=de45bbb7ad9ce927cb88c962fa3959d8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
test.banks-off.ru
referer
https://test.banks-off.ru/banks-off.ru/styles/A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/banks-off.ru/styles/A.base.css+index.css,Mcc.ExzwjSUaaC.css.pagespeed.cf.Va9yvS08UX.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-original-content-length
37349
date
Thu, 15 Oct 2020 13:00:57 GMT
content-length
33454
x-xss-protection
1; mode=block
x-page-speed
Powered By ngx_pagespeed
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Oct 2020 13:00:57 GMT
server
nginx
etag
W/"0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://test.banks-off.ru/banks-off.ru/images/preview-image.png>; rel="canonical"
expires
Fri, 15 Oct 2021 13:00:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://test.banks-off.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
498799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 04 Oct 2022 17:27:37 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://test.banks-off.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 16:40:33 GMT
x-content-type-options
nosniff
age
328823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 16:40:33 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://test.banks-off.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 16:31:40 GMT
x-content-type-options
nosniff
age
329356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 16:31:40 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://test.banks-off.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 16:38:41 GMT
x-content-type-options
nosniff
age
328935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 16:38:41 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://test.banks-off.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 16:33:20 GMT
x-content-type-options
nosniff
age
329256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 06 Oct 2022 16:33:20 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 		272 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js?bust=31063075
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef54f27db8aec61e8d6011e5df2b60c74ac9d8b732d91d88911abe538a47cfa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99713
x-xss-protection
0
server
cafe
etag
15811017220461043969
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 12:00:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211006/r20190131/ Frame 2AA0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211006/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211006/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://test.banks-off.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 09 Oct 2021 16:43:31 GMT
expires
Sat, 23 Oct 2021 16:43:31 GMT
content-type
text/html; charset=UTF-8
etag
10398570473303663775
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4601
x-xss-protection
0
age
69445
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-875465403&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14399
x-xss-protection
0
server
cafe
etag
3154747477907843336
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Oct 2021 12:00:56 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75434248-15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4439
date
Sun, 10 Oct 2021 10:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 10 Oct 2021 12:46:57 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9422.KRMXOtp1hWM1tyOAa8SebUK4nUaugaLDMsYTOIajCZTKTcKjpw5XwjET7sCyWknG.YOtsnxaIEDz6aCn3XIFp-jZlejY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9422.MMToQ9sGCD6rrsgVXzQs-cz6FL-UvHHLsIdC6DBmiH2ADz8NUl7sSImtXbsvA3oVgM31YePN8vxPQxVEgOtYHQ%2C%2C.YQLv3UD9JxJY_9kfCD2KU58pyuk%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9422.MMToQ9sGCD6rrsgVXzQs-cz6FL-UvHHLsIdC6DBmiH2ADz8NUl7sSImtXbsvA3oVgM31YePN8vxPQxVEgOtYHQ%2C%2C.YQLv3UD9JxJY_9kfCD2KU58pyuk%2C
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9422.MMToQ9sGCD6rrsgVXzQs-cz6FL-UvHHLsIdC6DBmiH2ADz8NUl7sSImtXbsvA3oVgM31YePN8vxPQxVEgOtYHQ%2C%2C.YQLv3UD9JxJY_9kfCD2KU58pyuk%2C
date
Sun, 10 Oct 2021 12:00:56 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
last-modified
Fri, 08 Oct 2021 08:33:42 GMT
etag
"615fd836-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 10 Oct 2021 13:00:56 GMT
counter
top-fwz1.mail.ru/ 		43 B
1009 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2844858;u=https%3A//test.banks-off.ru/;st=1633867256678;userid=%3C%3F%3D%24_SESSION%5B%27mailUserId%27%5D%3F%3E;title=%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=f273c854b558b77a;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1633867256818%3A1633867256827%3A1%3Ae6643f407007e9ec0256eb09b22702d2;opts=dl;visible=true;_=0.2508660355050776
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://test.banks-off.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://test.banks-off.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://test.banks-off.ru
access-control-allow-headers
*
counter
top-fwz1.mail.ru/ 		43 B
1009 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2936825;u=https%3A//test.banks-off.ru/;st=1633867256678;userid=%3C%3F%3D%24_SESSION%5B%27mailUserId%27%5D%3F%3E;title=%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=f273c854b558b77a;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1633867256818%3A1633867256828%3A2%3Ae6643f407007e9ec0256eb09b22702d2;opts=sec%2Cdl;visible=true;_=0.5668467442459253
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://test.banks-off.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://test.banks-off.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://test.banks-off.ru
access-control-allow-headers
*
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=444400841&t=pageview&_s=1&dl=https%3A%2F%2Ftest.banks-off.ru%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=779793629&gjid=1430963138&cid=771801603.1633867257&tid=UA-75434248-15&_gid=1344192247.1633867257&_r=1&gtm=2oua60&z=1441491092
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://test.banks-off.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=444400841&t=pageview&_s=1&dl=https%3A%2F%2Ftest.banks-off.ru%2F&ul=en-us&de=UTF-8&dt=%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=351545068&gjid=1130788118&cid=771801603.1633867257&tid=UA-75434248-2&_gid=1344192247.1633867257&_r=1&gtm=2oua60&z=899292305
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://test.banks-off.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		250 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=test.banks-off.ru&callback=_gfp_s_&client=ca-pub-5355365794099152&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js?bust=31063075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
b8613912b8db2de05236e90c6800fe55f7347d0a842c4ae95fac3b10e494fe45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
208
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=test.banks-off.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js?bust=31063075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 284E 		83 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js?bust=31063075
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5943e4426d5be107f0b8b1ade4849cb2fa5f4edb51d2ef25207eb3720f6d038e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://test.banks-off.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 10 Oct 2021 12:00:57 GMT
server
cafe
content-length
28582
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 10-Oct-2021 12:15:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 10 Oct 2021 12:00:57 GMT
cache-control
private
collect
stats.g.doubleclick.net/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-75434248-15&cid=771801603.1633867257&jid=779793629&gjid=1430963138&_gid=1344192247.1633867257&_u=YEBAAUAAAAAAAC~&z=1032265869
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 10 Oct 2021 12:00:56 GMT
content-type
text/plain
access-control-allow-origin
https://test.banks-off.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0058 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&adk=1812271804&adf=3025194257&lmt=1633867256&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftest.banks-off.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256737&bpp=1&bdt=175&idt=148&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&nras=1&correlator=6349530829931&frm=20&pv=1&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js?bust=31063075
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ee3dedbd21114261c72b760a7f3d8d4651f284b19fc56c05b3de0a256bf42e27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5355365794099152&output=html&adk=1812271804&adf=3025194257&lmt=1633867256&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftest.banks-off.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256737&bpp=1&bdt=175&idt=148&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&nras=1&correlator=6349530829931&frm=20&pv=1&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=152
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://test.banks-off.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 10 Oct 2021 12:00:57 GMT
server
cafe
content-length
4044
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 10-Oct-2021 12:15:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 10 Oct 2021 12:00:57 GMT
cache-control
private
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/875465403/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875465403/?random=1633867256891&cv=9&fst=1633867256891&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftest.banks-off.ru%2F&tiba=%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9c3843f26ed5991a96fe675ee222a7bd293832538c3630bdfd0de1d029123bd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1048
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-75434248-2&cid=771801603.1633867257&jid=351545068&gjid=1130788118&_gid=1344192247.1633867257&_u=YEDAAUABAAAAAC~&z=138985152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 10 Oct 2021 12:00:56 GMT
content-type
text/plain
access-control-allow-origin
https://test.banks-off.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/875465403/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/875465403/?random=1633867256891&cv=9&fst=1633867200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftest.banks-off.ru%2F&tiba=%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA&async=1&fmt=3&is_vtc=1&random=3539847975&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-75434248-2&cid=771801603.1633867257&jid=351545068&_u=YEDAAUABAAAAAC~&z=954080999
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-75434248-15&cid=771801603.1633867257&jid=779793629&_u=YEBAAUAAAAAAAC~&z=1554356584
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/46114182/
Redirect Chain
  • https://mc.yandex.com/watch/46114182?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Al...
  • https://mc.yandex.com/watch/46114182/1?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3...
350 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/46114182/1?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A804531185979%3Ahid%3A172597965%3Az%3A0%3Ai%3A2021010010120056%3Aet%3A1633867257%3Ac%3A1%3Arn%3A1017672267%3Arqn%3A1%3Au%3A1633867257810515168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633867255978%3Ads%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C116%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C119%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633867257%3At%3A%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
6d6aebd6a19b840551e511d4ec468b3a3a1b7f2ed765a7f81428ba218edd1fd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 10-Oct-2021 12:00:57 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://test.banks-off.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sun, 10-Oct-2021 12:00:57 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:56 GMT
last-modified
Sun, 10-Oct-2021 12:00:56 GMT
location
/watch/46114182/1?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A2%3Adp%3A0%3Als%3A804531185979%3Ahid%3A172597965%3Az%3A0%3Ai%3A2021010010120056%3Aet%3A1633867257%3Ac%3A1%3Arn%3A1017672267%3Arqn%3A1%3Au%3A1633867257810515168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633867255978%3Ads%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C116%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C119%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633867257%3At%3A%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA
strict-transport-security
max-age=31536000
access-control-allow-origin
https://test.banks-off.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 10-Oct-2021 12:00:56 GMT
1
mc.yandex.com/watch/41479804/
Redirect Chain
  • https://mc.yandex.com/watch/41479804?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Al...
  • https://mc.yandex.com/watch/41479804/1?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3...
350 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/41479804/1?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A795649595441%3Ahid%3A172597965%3Az%3A0%3Ai%3A2021010010120056%3Aet%3A1633867257%3Ac%3A1%3Arn%3A170487999%3Arqn%3A1%3Au%3A1633867257810515168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633867255978%3Ads%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C116%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C119%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633867257%3At%3A%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
45e24d30aa45f729ef32b9d7c9ee28f78fabda0bd608dae7f3023186d6d84a78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 10-Oct-2021 12:00:57 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://test.banks-off.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sun, 10-Oct-2021 12:00:57 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:56 GMT
last-modified
Sun, 10-Oct-2021 12:00:56 GMT
location
/watch/41479804/1?wmode=7&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A736%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A795649595441%3Ahid%3A172597965%3Az%3A0%3Ai%3A2021010010120056%3Aet%3A1633867257%3Ac%3A1%3Arn%3A170487999%3Arqn%3A1%3Au%3A1633867257810515168%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633867255978%3Ads%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C116%2C0%2C%2C%2C%2C700%3Adsn%3A0%2C0%2C129%2C1%2C450%2C0%2C%2C119%2C0%2C%2C%2C%2C700%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633867257%3At%3A%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA
strict-transport-security
max-age=31536000
access-control-allow-origin
https://test.banks-off.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 10-Oct-2021 12:00:56 GMT
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=259502504636251&ev=PageView&dl=https%3A%2F%2Ftest.banks-off.ru%2F&rl=&if=false&ts=1633867257001&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633867257000.982627414&it=1633867256620&coo=false&rqm=GET
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 10 Oct 2021 12:00:57 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 284E 		1 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
837
x-xss-protection
0
server
cafe
etag
7640065535275194769
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 11:53:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 284E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 11:58:43 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 284E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 12:00:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 284E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 11:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6219
x-xss-protection
0
server
cafe
etag
4041254270185007295
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Oct 2021 11:59:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 284E 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Oct 2021 12:00:57 GMT
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame 284E 		26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 10:35:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 18:12:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 03 Jan 2022 10:35:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 284E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgYAX-NViYa3TN5CRtgfXiZ3ADdjD9tdj0aXNvocO5t7WtYsOEAEg85OaJGDJBqABh6PS3gPIAQGpAnpg2hlg56o-qAMByAPDBKoE2gFP0K2vjPaebsFu4iErORGqocdJQBdB-fm_w_LWE-iVoOmV9nioxBjRysnIjLUXI3RcJuYqXiAYpcZq7YIJ_s-RD3P1OlcaurP3GoeAu88CHEcgDRRDJ6JfOfR8Nb_YKQl0cnCpRaC1gFgTs9e16govAPntSm87imm48IeJiMx6ta2wrNb924-E7QA6MHY7qnCu2gPSY-1QuEERVxrLqe3rsi5tw1BbrBP_Ku6yT9kaz3SHop4n8u4reMrSGumfP44IiWmKN-oYmFfzQQQOZoGf9-TT0FlnR13jzMAE7Pr4uckDkgUECAQYAZIFBAgFGASgBlGAB-HcrSGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEELmLLNIIBwiAYRABGF-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNTM1NTM2NTc5NDA5OTE1MhgA&sigh=pHOpuwvapYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 10 Oct 2021 12:00:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 10 Oct 2021 12:00:57 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 418E 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 10 Oct 2021 12:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
42
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 284E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f84c2dca55d1ac841af70fdeb43e71f406a75b06bd2898cd8da4b0220dd6c0c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 418E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkjbEyFY3vGb4Zf7HbpSWup1U5-hlwO0DnfHxEi1RsFyEYTm0vtuhXVgQMdE7w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 10 Oct 2021 12:00:57 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 10-Oct-2021 13:00:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 10 Oct 2021 12:00:57 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 10 Oct 2021 12:00:57 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4968462478950817263
tpc.googlesyndication.com/daca_images/simgad/ Frame 284E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/4968462478950817263?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
cdf05a702fa6855b2766617b6325689f714ae22fc58653db2e3f2e94498e9ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 22:10:06 GMT
x-content-type-options
nosniff
age
568251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17847
x-xss-protection
0
last-modified
Tue, 29 Aug 2017 18:23:39 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Oct 2021 22:10:06 GMT
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame F450 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5355365794099152&output=html&h=200&slotname=3011410374&adk=2297817625&adf=1602281170&pi=t.ma~as.3011410374&w=1200&fwrn=4&lmt=1633867256&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2Ftest.banks-off.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633867256725&bpp=3&bdt=164&idt=135&shv=r20211006&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=6349530829931&frm=20&pv=2&ga_vid=771801603.1633867257&ga_sid=1633867257&ga_hid=444400841&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1&ady=2310&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062370%2C31063075&oid=2&pvsid=3960910637776633&pem=987&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=KFczGbjhjQ&p=https%3A//test.banks-off.ru&dtd=147
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 16:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 09 Oct 2022 16:17:44 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=259502504636251&ev=Microdata&dl=https%3A%2F%2Ftest.banks-off.ru%2F&rl=&if=false&ts=1633867258504&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%BD%D0%B8%D0%BA%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633867257000.982627414&it=1633867256620&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: test.banks-off.ru
URL: https://test.banks-off.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 10 Oct 2021 12:00:58 GMT
tracker
top-fwz1.mail.ru/ 		43 B
923 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=2844858;u=https%3A//test.banks-off.ru/;st=1633867256678;userid=%3C%3F%3D%24_SESSION%5B%27mailUserId%27%5D%3F%3E;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=f273c854b558b77a;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1633867255978/////450/450/450/450/450//451/580/581/584/700/700/700/2706/2706/;ni=10//4g/0/0/;lvid=1633867256818%3A1633867258685%3A3%3Ae6643f407007e9ec0256eb09b22702d2;opts=dl;visible=true;_=0.04278276623032662;e=RT/load;et=1633867258684
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 10 Oct 2021 12:00:58 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://test.banks-off.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://test.banks-off.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://test.banks-off.ru
access-control-allow-headers
*
tracker
top-fwz1.mail.ru/ 		43 B
922 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=2936825;u=https%3A//test.banks-off.ru/;st=1633867256678;userid=%3C%3F%3D%24_SESSION%5B%27mailUserId%27%5D%3F%3E;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=f273c854b558b77a;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1633867255978/////450/450/450/450/450//451/580/581/584/700/700/700/2706/2706/;ni=10//4g/0/0/;lvid=1633867256818%3A1633867258686%3A4%3Ae6643f407007e9ec0256eb09b22702d2;opts=sec%2Cdl;visible=true;_=0.5630289420576711;e=RT/load;et=1633867258684
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 10 Oct 2021 12:00:58 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://test.banks-off.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://test.banks-off.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://test.banks-off.ru
access-control-allow-headers
*
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211006&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js?bust=31063075
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
556c7bad4156a0f13e0fa714adf8bdc967eeede446acbe6e2b8268743f1121f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 10 Oct 2021 12:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8490
x-xss-protection
0
options.json
cfv4.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cfv4.com/v2/options.json?apiToken=48955688-1139-4430-b00c-45641711acb7&correlation_id=2e7a7de9-5c31-533d-a42c-e30227a7f4a1
Protocol
HTTP/1.1
Server
185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-session-id
Origin
https://test.banks-off.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Sun, 10 Oct 2021 12:00:58 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://test.banks-off.ru
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Vary
Access-Control-Request-Headers
Access-Control-Allow-Headers
x-session-id
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload max-age=31536000
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
options.json
cfv4.com/v2/ 		559 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cfv4.com/v2/options.json?apiToken=48955688-1139-4430-b00c-45641711acb7&correlation_id=2e7a7de9-5c31-533d-a42c-e30227a7f4a1
Requested by
Host: cfv4.com
URL: https://cfv4.com/v2/matcher.js?apiToken=48955688-1139-4430-b00c-45641711acb7&correlation_id=2e7a7de9-5c31-533d-a42c-e30227a7f4a1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
733b60fd58136956b1e0fc9ac7548ad7606e05e7964570697bc6f61e89ce505b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://test.banks-off.ru/
X-Session-ID
ea5d0037-e71d-4750-8d05-3cf8c9d1994f
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 10 Oct 2021 12:00:58 GMT
Referrer-Policy
no-referrer-when-downgrade
ETag
691dc347-a665-429e-8d23-10fa29e6a3e0
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://test.banks-off.ru
cache-control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=31536000
Content-Length
559
X-XSS-Protection
1; mode=block
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js?bust=31063075
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 10 Oct 2021 12:00:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3C1F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://test.banks-off.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 10 Oct 2021 09:34:42 GMT
expires
Mon, 10 Oct 2022 09:34:42 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8776
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8152 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
e3f040e375d7fec8311a64f5ce1428f98fb25a66a06149b9d4eabf64f3f7a7d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xycf13oJFmClAVm8qtX3mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://test.banks-off.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 10 Oct 2021 12:00:58 GMT
date
Sun, 10 Oct 2021 12:00:58 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-xycf13oJFmClAVm8qtX3mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
pagead2.googlesyndication.com/bg/ Frame 3C1F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 16:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13306
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 09 Oct 2022 16:17:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8152 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211006&jk=3960910637776633&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211006&jk=3960910637776633&bg=!QkGlQQXNAAbGFvHlxhY7ACkAdvg8Wv3USiu-j6KWZ-zjvyRX8w_8YMOK8dHwgKR_8AfgzyXzAMF9ZwIAAABaUgAAAApoAQcKAAfuqe361BTpmQLJZl2JObag3Ji4G4H3xeqhMOa4nV6OuKJxowoCYAX3d76Dvf7DvOODDNTenboC2MQkTN3nqxD53ZULKqzjyyTx08bGpeV04-fS3nD3hYkIqQrrZmE1F34CnsXEz5oL6OKOUHi7x98kH3G_ZV3o44fjg3fvZo6eIrNuHfjasstPgWGGJblDofLc73LVqzvssU5rzJuU91gIB9qP17h5QUoRyTfpc9gw9At5I5GtjyUYDXuguKo0yz6YPkMXN8xOifGFvB6XRcXYnZWnUww9se7r3NeFyNP5ilIt3_LkrUd7vMdvQBMa_pJ95pjkmQApYGyYTq0Bqsg4mFs1QpSRbdzUxkk_Wh0mCoTWfO9An0XyEHzcEvaxj6LyUi4RrCOIFuvt6cIYjODqLmJWs8wshuHNxjgUGFbGDnndyM9aH3nga6fCaAlQXkpIbMWVXwEBw5of_7d4PRo6XyCJID6gGo8932bCVI-wxkyZ7X9coJR_-yyDtqIlkLnjCl6R1v35MxD332IJ58wDZFR-cs6bTITldXcHbm_OH2q6G5hqNdZR58JR4dRiHvE1_NV-ayBSMOhC6UZyd0KLTemCczZTxDgZ4DtRltck5UiKVfCPGyMauKMKNJe4jlvGxpDmsKIohuXgg9t3uemGpAZjexcNasiV0s3RMB2ruJYZx_uq275iuKzflxorG_MHmZhp_JLFWztECNKbUUqPGx73eHwMY1tqc7BnTbBA7WUrDtsIcUzes7I64cXHLL2R1MEX2f6NM7pXzdSf-Lxs_A6-okQiPc5zPrfqoJEyeYq98uLdpJImuF47iYaM4i33HzrcrFByW8wn-RlMQ_zy7jLjY0unu0_X-65cVhJ4lTV_hLPThdKjBAUW3-ZQR26fH4ISGWrrO9GAcAnfxFc0XTJlu0TajwnGLOsQvxKDxGffsmbPl2xhFHaMcbCfv1JQNv8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit
cfv4.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cfv4.com/v2/visit?apiToken=48955688-1139-4430-b00c-45641711acb7&correlation_id=2e7a7de9-5c31-533d-a42c-e30227a7f4a1
Protocol
HTTP/1.1
Server
185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-session-id
Origin
https://test.banks-off.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Sun, 10 Oct 2021 12:00:59 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://test.banks-off.ru
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Vary
Access-Control-Request-Headers
Access-Control-Allow-Headers
content-type,x-session-id
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload max-age=31536000
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
visit
cfv4.com/v2/ 		45 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cfv4.com/v2/visit?apiToken=48955688-1139-4430-b00c-45641711acb7&correlation_id=2e7a7de9-5c31-533d-a42c-e30227a7f4a1
Requested by
Host: cfv4.com
URL: https://cfv4.com/v2/matcher.js?apiToken=48955688-1139-4430-b00c-45641711acb7&correlation_id=2e7a7de9-5c31-533d-a42c-e30227a7f4a1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
c956aa168099280b6d903a4f88e804b7bf8b1677649601dbb1d826dfa82c9ab9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://test.banks-off.ru/
X-Session-ID
ea5d0037-e71d-4750-8d05-3cf8c9d1994f
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Sun, 10 Oct 2021 12:00:59 GMT
Referrer-Policy
no-referrer-when-downgrade
ETag
W/"2d-NwzoDmxI8ltT7ZJnRZQqgdbJve4"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://test.banks-off.ru
Connection
keep-alive
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=31536000
Content-Length
45
X-XSS-Protection
1; mode=block
dp.js
mdeploy.andata.ru/i/_auto/leadgid-ru_oza/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdeploy.andata.ru/i/_auto/leadgid-ru_oza/dp.js?mapper_id=b8c09ee1-572a-4353-9c55-83ce7e0eae71
Requested by
Host: cfv4.com
URL: https://cfv4.com/v2/matcher.js?apiToken=48955688-1139-4430-b00c-45641711acb7&correlation_id=2e7a7de9-5c31-533d-a42c-e30227a7f4a1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.74.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac7d7519463aa181bfd10f5f4c1e051c04d7da07ffc6f8ca50d5ee3f61a311a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 16 Apr 2021 09:39:20 GMT
server
cloudflare
etag
W/"1dee-5c013c1176200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcTru7m0d3qRD8mLsygZWfxfdpPLl9YSj6m5mawCPgUp%2B6bbGzGELphLG9cNVvqrhFw6q1ImrHjlY7bXx8Geg9vyyTNYR8lYf6Ky5T9tE9bS7V3j79gbiCVItLST52Y3JFi58g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000
cf-ray
69bfb101b812f9d2-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
liveinternet
dmp.one/pb-data/
Redirect Chain
  • https://integration.cfv4.com/api/pixel?mapperId=996834f3-7575-477f-9fff-e66349bd78be&subscriberId=112318e5-0aea-4ac4-8ee9-6abb34b98c7f&needPhone=1&needEmail=1
  • https://counter.yadro.ru/id/finmed.gif?id=996834f3-7575-477f-9fff-e66349bd78be&tid=3e887e91-d0f7-4438-80cf-60eb2abf8b66
  • https://dmp.one/pb-data/liveinternet?id=996834f3-7575-477f-9fff-e66349bd78be&tid=3e887e91-d0f7-4438-80cf-60eb2abf8b66&p=0&e=0
0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.one/pb-data/liveinternet?id=996834f3-7575-477f-9fff-e66349bd78be&tid=3e887e91-d0f7-4438-80cf-60eb2abf8b66&p=0&e=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u30sdq0fHs6orxSmJ%2BsPi1OJwD4kjykilho5l%2FN3JZb5mkEmMi%2BrMUNbeCgPBpIKsQ7sSpzdcoHoMheqieIwTVIqZuwRNAN4nqJPsLEuLwS8a4TCje3ac%2BHf"}],"group":"cf-nel","max_age":604800}
cf-ray
69bfb104ee964108-PRG

Redirect headers

Location
https://dmp.one/pb-data/liveinternet?id=996834f3-7575-477f-9fff-e66349bd78be&tid=3e887e91-d0f7-4438-80cf-60eb2abf8b66&p=0&e=0
Date
Sun, 10 Oct 2021 12:00:59 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
402
Strict-Transport-Security
max-age=86400
Content-Type
text/html; charset=iso-8859-1
41479804
mc.yandex.com/webvisor/ 		43 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/41479804?wmode=0&wv-part=1&wv-hit=172597965&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&rn=485043294&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1633867259%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A2021010010120059%3Au%3A1633867257810515168%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633867259
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:59 GMT
last-modified
Sun, 10-Oct-2021 12:00:59 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://test.banks-off.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 10-Oct-2021 12:00:59 GMT
cuid.min.js
mdeploy.andata.ru/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdeploy.andata.ru/cuid.min.js
Requested by
Host: mdeploy.andata.ru
URL: https://mdeploy.andata.ru/i/_auto/leadgid-ru_oza/dp.js?mapper_id=b8c09ee1-572a-4353-9c55-83ce7e0eae71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.74.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b27c78e684c7cf6fad9383930201ac22dce5709a0fe7601151e5616dd277488
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4226
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 17 Jun 2020 09:19:19 GMT
server
cloudflare
etag
W/"81f-5a8442796f3c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K25oHlhx4zzH4arqZ6VglgNOGMMWlqtFb3yLVmhh%2FJPk0jYUz97oSi7jPM8NKfkSElgFVjj%2FdFu9yQvEJSrDLtjNdjB%2B3H0zoZ%2BOMlquIHP42ckRtxkkTXYtKmkkcwirxRzObg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800
cf-ray
69bfb1036cf74113-PRG
i
gt.andata.ru/
Redirect Chain
  • https://andata-sync.rutarget.ru/sync
  • https://gt.andata.ru/i?&e=pv&tna=hZUZ1-qwSkvR
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gt.andata.ru/i?&e=pv&tna=hZUZ1-qwSkvR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.44.80.202 Moscow, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
31-44-80-202.in-addr.mastertelecom.ru
Software
akka-http/10.1.10 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 12:00:59 GMT
Server
akka-http/10.1.10
Strict-Transport-Security
max-age=15552000
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
image/gif
Content-Length
43

Redirect headers

Location
https://gt.andata.ru/i?&e=pv&tna=hZUZ1-qwSkvR
Date
Sun, 10 Oct 2021 12:00:59 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
gt.min.js
mdeploy.andata.ru/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdeploy.andata.ru/gt.min.js
Requested by
Host: mdeploy.andata.ru
URL: https://mdeploy.andata.ru/i/_auto/leadgid-ru_oza/dp.js?mapper_id=b8c09ee1-572a-4353-9c55-83ce7e0eae71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.74.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e79329b8d601cecfc900b08a5c6c081d4114512fdd70432e2216d2d1b1daa571
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2618
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 18 Jun 2020 08:47:12 GMT
server
cloudflare
etag
W/"1881c-5a857d292a400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BXKvl0k2GFCJlLoXIj8oLRLG0bI3WwCOzf2R9QWpTL5zVjKORGIze%2FPyvbNe4ao9fSEXwBk2zcM69xbsosWLvIFQdA3FZfqBBVIYly5x08UzbueZqQ%2B3mvxIZ3Ep31o%2B9rY0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800
cf-ray
69bfb1039d0d4113-PRG
forms.js
mdeploy.andata.ru/i/_auto/leadgid-ru_oza/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdeploy.andata.ru/i/_auto/leadgid-ru_oza/forms.js?ver1.0
Requested by
Host: mdeploy.andata.ru
URL: https://mdeploy.andata.ru/i/_auto/leadgid-ru_oza/dp.js?mapper_id=b8c09ee1-572a-4353-9c55-83ce7e0eae71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.74.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faf8706e20c1510930ea7fddbba302629dccda5afa1333153c91e01cf15a0b22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://test.banks-off.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 12:00:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=8121
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 20 Oct 2020 13:01:28 GMT
server
cloudflare
etag
W/"1fb9-5b219d4393a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FOjDYoH5u7iz4855QWlOWOoMqiBmsivbVKp9bt5GNKbvUnsSd24sSKLs5kFKqaYtlagh7u1x7VOnCsW45Ysh47aRuKtyWvXKWl5kJ0Oxok%2BEehPooM%2FjJxp6C2yXxzX5WFXLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800
cf-ray
69bfb1039d0f4113-PRG
cf-bgj
minify
tp2
gt.andata.ru/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gt.andata.ru/com.snowplowanalytics.snowplow/tp2
Protocol
HTTP/1.1
Server
31.44.80.202 Moscow, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
31-44-80-202.in-addr.mastertelecom.ru
Software
akka-http/10.1.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://test.banks-off.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
https://test.banks-off.ru
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Max-Age
10
Server
akka-http/10.1.10
Date
Sun, 10 Oct 2021 12:00:59 GMT
Content-Length
0
Strict-Transport-Security
max-age=15552000
tp2
gt.andata.ru/com.snowplowanalytics.snowplow/ 		2 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gt.andata.ru/com.snowplowanalytics.snowplow/tp2
Requested by
Host: mdeploy.andata.ru
URL: https://mdeploy.andata.ru/gt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.44.80.202 Moscow, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
31-44-80-202.in-addr.mastertelecom.ru
Software
akka-http/10.1.10 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sun, 10 Oct 2021 12:00:59 GMT
Server
akka-http/10.1.10
Strict-Transport-Security
max-age=15552000
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
https://test.banks-off.ru
Access-Control-Allow-Credentials
true
Content-Type
text/plain; charset=UTF-8
Content-Length
2
41479804
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/41479804?wmode=0&wv-part=1&wv-hit=172597965&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&rn=101174129&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1633867260%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A2021010010120059%3Au%3A1633867257810515168%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633867260
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:00:59 GMT
last-modified
Sun, 10-Oct-2021 12:00:59 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://test.banks-off.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 10-Oct-2021 12:00:59 GMT
41479804
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/41479804?wmode=0&wv-part=2&wv-hit=172597965&page-url=https%3A%2F%2Ftest.banks-off.ru%2F&rn=111500613&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1633867261%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A2021010010120101%3Au%3A1633867257810515168%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633867261
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://test.banks-off.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Oct 2021 12:01:01 GMT
last-modified
Sun, 10-Oct-2021 12:01:01 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://test.banks-off.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 10-Oct-2021 12:01:01 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer function| ym object| _tmr function| fbq function| _fbq object| google_tag_manager object| adsbygoogle function| $ function| jQuery object| Sfjs object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga object| Ya object| yaCounter41479804 object| yaCounter46114182 object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| regeneratorRuntime object| JSON3 object| googletag object| platform object| GoogleGcLKhOms object| google_image_requests string| andataVersion string| andataHost object| img function| cuid string| ubtcuid object| GlobalAndataTrackingNamespace function| globalid function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow

33 Cookies

Domain/Path Name / Value
test.banks-off.ru/ Name: PHPSESSID
Value: de45bbb7ad9ce927cb88c962fa3959d8
.banks-off.ru/ Name: _gcl_au
Value: 1.1.2019750143.1633867257
.banks-off.ru/ Name: _ym_uid
Value: 1633867257810515168
.banks-off.ru/ Name: _ym_d
Value: 1633867257
.banks-off.ru/ Name: tmr_lvid
Value: e6643f407007e9ec0256eb09b22702d2
.banks-off.ru/ Name: tmr_lvidTS
Value: 1633867256818
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1943884162fake
.banks-off.ru/ Name: _ga
Value: GA1.2.771801603.1633867257
.banks-off.ru/ Name: _gid
Value: GA1.2.1344192247.1633867257
.banks-off.ru/ Name: _gat_gtag_UA_75434248_15
Value: 1
.banks-off.ru/ Name: _gat_gtag_UA_75434248_2
Value: 1
.banks-off.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1103102328fake
.banks-off.ru/ Name: __gads
Value: ID=9b756ae7ca616eb3-2250bd96eeca0051:T=1633867256:RT=1633867256:S=ALNI_MaJLY0LsCmqlfdc5NPqYKFfNcNs2Q
.banks-off.ru/ Name: __gpi
Value: 00000000-0000-0000-0000-000000000000
.yandex.com/ Name: ymex
Value: 1665403256.yrts.1633867256#1665403256.yrtsi.1633867256
.yandex.com/ Name: yandexuid
Value: 4833434881633867256
.yandex.com/ Name: yuidss
Value: 4833434881633867256
mc.yandex.com/ Name: yabs-sid
Value: 1630896121633867256
.yandex.com/ Name: i
Value: ZyJSvpTO0KtwdUqubU1dYuqBTA299+YFZE7MnAoss4OVvHL3BBr+YSKZlL3p2rPyc/gJJlgHh1epoMvGcxRcDHeNKqg=
.banks-off.ru/ Name: _fbp
Value: fb.1.1633867257000.982627414
.banks-off.ru/ Name: _ym_visorc
Value: w
.doubleclick.net/ Name: IDE
Value: AHWqTUkjbEyFY3vGb4Zf7HbpSWup1U5-hlwO0DnfHxEi1RsFyEYTm0vtuhXVgQMdE7w
.doubleclick.net/ Name: DSID
Value: NO_DATA
.banks-off.ru/ Name: tmr_reqNum
Value: 4
.mail.ru/ Name: VID
Value: 2NTMbG2c332500000W10H425:::0-0-0-67d2eb8:CAASEN7eXjrOdjTpGX79YnWVOeMaYKHZ-liFbOCVSXdtRnMf-iFi4hsBumgJD3sa_x2oQFsdCIHg4A_0tel_4odF6F9BFbYfvUlDvErUTIi0_fsMkX4CP9cidjpuNmhNuPWcRh05Jq_VhYVPyltOn4t_8Tdr1g
cfv4.com/ Name: device_id
Value: bb27a636-7b86-416c-8124-3304b33b8c04
test.banks-off.ru/ Name: tmr_detect
Value: 0%7C1633867259110
test.banks-off.ru/ Name: _ubtcuid
Value: ckul6dpva00003a7jiktmf6qw
test.banks-off.ru/ Name: _sp_ses.05f6
Value: *
test.banks-off.ru/ Name: _sp_id.05f6
Value: 3736a4a6-5803-4451-9f26-6807c5b0aa4c.1633867260.1.1633867260.1633867260.28ebd550-6bfc-457f-97e1-5aae94b1d04a
.rutarget.ru/ Name: userId
Value: hZUZ1-qwSkvR
gt.andata.ru/ Name: sp
Value: 7c94fcaf-c7d4-41ba-a593-5e91d47adcb9

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9422.MMToQ9sGCD6rrsgVXzQs-cz6FL-UvHHLsIdC6DBmiH2ADz8NUl7sSImtXbsvA3oVgM31YePN8vxPQxVEgOtYHQ%2C%2C.YQLv3UD9JxJY_9kfCD2KU58pyuk%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
andata-sync.rutarget.ru
cdnjs.cloudflare.com
cfv4.com
connect.facebook.net
counter.yadro.ru
dmp.one
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gt.andata.ru
integration.cfv4.com
mc.yandex.com
mc.yandex.ru
mdeploy.andata.ru
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
test.banks-off.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.test.banks-off.ru
104.16.18.94
104.21.74.94
104.21.80.87
142.250.181.232
142.250.184.194
142.250.184.226
142.250.185.142
142.250.185.163
142.250.185.225
142.250.185.226
142.250.185.66
142.250.185.98
142.250.186.132
142.250.186.162
142.250.186.67
157.240.20.19
157.240.20.35
172.217.23.106
185.151.241.28
185.22.235.178
188.124.36.8
217.69.133.145
31.44.80.202
74.125.71.157
77.88.21.119
80.64.106.149
88.212.201.210
024a4530343994565d9e2dec0aed60dadec9530127f4db0207495ad6dab6c271
03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0960e7660f108ee79518c4182e076f50145d1b2d91a53917802c05a4c15e91e0
0a2e132c3b26d93ff0fcbf6393484a935910bf95d335b746b1f11dfbf3b1074c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb47c6df6d1c3a410ed46a3d7f3727f947ab81c0cacb4e0e50481e376c2783
2026c007eeed6f0bc64b63a50f933f4da21b36fb8210794635467f897f6432ec
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
279e1b74d1cb13f3a6ad431ef3a3a67595bafc26bc9cdfc26100ba79a8bca751
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2de03f92c36e2e8ee295ee5b4cdabc755cb874e2df6a80b868b17897fbbf1649
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
384ecdde9a305bbfdb85b5d7b9b9c2da0b68574bfd2176681b448711e26cf8d6
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
45e24d30aa45f729ef32b9d7c9ee28f78fabda0bd608dae7f3023186d6d84a78
4ac6501877dc32633163ead4fea3dab5205ded86a74929fa6e379bf591e36dd0
4b27c78e684c7cf6fad9383930201ac22dce5709a0fe7601151e5616dd277488
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
556c7bad4156a0f13e0fa714adf8bdc967eeede446acbe6e2b8268743f1121f3
587ecb86bf444b0518e732adb6585254721f7f72708a8bd92deb9e6489d124cb
5943e4426d5be107f0b8b1ade4849cb2fa5f4edb51d2ef25207eb3720f6d038e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6186df1b164155bd237dada6c671d06aad0b20aa486e753e171ddc8a6a5cf1b7
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
6d6aebd6a19b840551e511d4ec468b3a3a1b7f2ed765a7f81428ba218edd1fd6
733b60fd58136956b1e0fc9ac7548ad7606e05e7964570697bc6f61e89ce505b
7b4c4f75ae2888d70252db3b18695548d80cf68948ccec40b28683aeb0d7dc51
800ebe406d03c148151b0acd3418b90e81f84a22f62fc4122c6103f0ecb3962d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
870327cf9104bc7295010af76a39c69ee66fcf6c704515665b73b5bf995c3c46
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
9c3843f26ed5991a96fe675ee222a7bd293832538c3630bdfd0de1d029123bd0
9dda3877bd5e6d808c2d53488525a95e6ba708d3cff2ccbdb8d221e50ffc7d0c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a729780e3df67e4a4abfb6d9c064638a62554cc969757cbeb273ff4e6a27bf2a
a94013461cf3eaca312ceaf191e059d8d1426a6b471ba7caf6821a9ad54e836f
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b8613912b8db2de05236e90c6800fe55f7347d0a842c4ae95fac3b10e494fe45
c956aa168099280b6d903a4f88e804b7bf8b1677649601dbb1d826dfa82c9ab9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cac7d7519463aa181bfd10f5f4c1e051c04d7da07ffc6f8ca50d5ee3f61a311a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
cdf05a702fa6855b2766617b6325689f714ae22fc58653db2e3f2e94498e9ce7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deab4417defe817fc78b47ebed8fe4bf292a88a77e7638cd4e1314f5751e4a2d
e092387e0fa701675f5a81dbd3405b21c56a951f01390b87cc7d07ae7dacd67b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f040e375d7fec8311a64f5ce1428f98fb25a66a06149b9d4eabf64f3f7a7d4
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
e79329b8d601cecfc900b08a5c6c081d4114512fdd70432e2216d2d1b1daa571
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
ee3dedbd21114261c72b760a7f3d8d4651f284b19fc56c05b3de0a256bf42e27
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef54f27db8aec61e8d6011e5df2b60c74ac9d8b732d91d88911abe538a47cfa9
f84c2dca55d1ac841af70fdeb43e71f406a75b06bd2898cd8da4b0220dd6c0c8
faf8706e20c1510930ea7fddbba302629dccda5afa1333153c91e01cf15a0b22
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62