online.savingsim.ru Open in urlscan Pro
2.63.205.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://online.savingsim.ru/
Effective URL:
https://online.savingsim.ru/auth/
Submission: On April 03 via automatic, source certstream-suspicious (April 3rd 2023, 2:12:38 pm UTC) — Scanned from DE

Summary HTTP 21 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2.63.205.11, located in Russian Federation and belongs to ROSTELECOM-AS, RU. The main domain is online.savingsim.ru.
TLS certificate: Issued by R3 on January 9th 2023. Valid for: 3 months.

This is the only time online.savingsim.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 13	2.63.205.11 2.63.205.11	12389 (ROSTELECO...) (ROSTELECOM-AS)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	52.30.201.205 52.30.201.205	16509 (AMAZON-02) (AMAZON-02)
21	4

13 2.63.205.11 (Russian Federation) 3 redirects

ASN12389 (ROSTELECOM-AS, RU)

online.savingsim.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.201.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-201-205.eu-west-1.compute.amazonaws.com

bitrix.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	savingsim.ru 3 redirects online.savingsim.ru	1 MB
5	gstatic.com www.gstatic.com	548 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	29 KB
2	bitrix.info bitrix.info — Cisco Umbrella Rank: 43370	4 KB
21	4

	Domain	Requested by
13	online.savingsim.ru	3 redirects online.savingsim.ru
5	www.gstatic.com	www.google.com
4	www.google.com	online.savingsim.ru www.gstatic.com www.google.com
2	bitrix.info	online.savingsim.ru bitrix.info
21	4

This site contains links to these domains. Also see Links.

Domain
www.savingsim.ru
www.savingim.ru
agent.savingsim.ru

Subject Issuer	Validity	Valid
online.savingsim.ru R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.bitrix.info Go Daddy Secure Certificate Authority - G2	`2023-03-17` - `2024-04-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://online.savingsim.ru/auth/
Frame ID: 35FA70F7FC3EC3F5AFB0F2F789F829FC
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyBrIZAAAAANOaqmVUbHk2MCEiPTXDROt_p1L5&co=aHR0cHM6Ly9vbmxpbmUuc2F2aW5nc2ltLnJ1OjQ0Mw..&hl=ru&v=NZrMWHVy58-S9gVvad9HVGxk&size=normal&cb=e032c9jwsncm
Frame ID: 598EE989075F0C9DFA423A151A7F0C60
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfyBrIZAAAAANOaqmVUbHk2MCEiPTXDROt_p1L5
Frame ID: 1DFF47D290C61075CD200EFF378129E6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Вход в личный кабинет

Page URL History Show full URLs

https://online.savingsim.ru/ HTTP 302
https://online.savingsim.ru/auth/ Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

21
Requests

90 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1651 kB
Transfer

2634 kB
Size

4
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.savingsim.ru/ru/pif/spisok/
Title: Пункты продаж

Search URL Search Domain Scan URL

URL: http://www.savingim.ru/ru/about/rekvisits/
Title: Контакты

Search URL Search Domain Scan URL

URL: https://agent.savingsim.ru/
Title: Вход для агентов

Search URL Search Domain Scan URL

URL: http://www.savingsim.ru/
Title: Основной сайт

Search URL Search Domain Scan URL

URL: https://www.savingsim.ru/
Title: www.savingsim.ru

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://online.savingsim.ru/ HTTP 302
https://online.savingsim.ru/auth/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://online.savingsim.ru/local/ajax/ajax.survey.check.php HTTP 302
https://online.savingsim.ru/auth/

Request Chain 16

https://online.savingsim.ru/local/ajax/ajax.modal.check.php HTTP 302
https://online.savingsim.ru/auth/

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
online.savingsim.ru/auth/
Redirect Chain

https://online.savingsim.ru/
https://online.savingsim.ru/auth/

32 KB
9 KB

131ms
131ms

Document
text/html

2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.savingsim.ru/auth/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

ec647122fceb3ca8d668d353958cb4e61acccfacee3d8044d30b4107d54631b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Apr 2023 14:12:32 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Apr 2023 14:12:32 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://online.savingsim.ru/auth/
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK page_44b823aa84e67ff5f92ca8f8aeef3eb1_v1.css
online.savingsim.ru/bitrix/cache/css/s3/sim/page_44b823aa84e67ff5f92ca8f8aeef3eb1/ 2 KB
2 KB 58ms
58ms Stylesheet
text/css 2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.savingsim.ru/bitrix/cache/css/s3/sim/page_44b823aa84e67ff5f92ca8f8aeef3eb1/page_44b823aa84e67ff5f92ca8f8aeef3eb1_v1.css?16786944611940

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/auth/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

5e67a027a18cb8d7363e0d70d984f7452a6eaf0c57dbde86e159f55bf382cad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.savingsim.ru/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 14:12:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Last-Modified: Mon, 13 Mar 2023 08:01:01 GMT
Server: nginx
ETag: "794-5f6c38317169a"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1940

GET
H/1.1 200
OK template_3220eed85acea06037f207ed9f93a588_v1.css
online.savingsim.ru/bitrix/cache/css/s3/sim/template_3220eed85acea06037f207ed9f93a588/ 224 KB
224 KB 115ms
56ms Stylesheet
text/css 2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.savingsim.ru/bitrix/cache/css/s3/sim/template_3220eed85acea06037f207ed9f93a588/template_3220eed85acea06037f207ed9f93a588_v1.css?1678694461229164

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/auth/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

8b65ef840279793be79ecc4862f85bfbf2f1b24023233c312785fd8cbc823f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.savingsim.ru/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 14:12:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Last-Modified: Mon, 13 Mar 2023 08:01:01 GMT
Server: nginx
ETag: "37f2c-5f6c383172e0a"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 229164

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
877 B 37ms
15ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=ru

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d52579675a0b9dd17e790a77a1e04a0b71383c590282d1a5ff00d3ab8d2e28d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.savingsim.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 14:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Mon, 03 Apr 2023 14:12:32 GMT

GET
H/1.1 200
OK template_b05fcaad039dfdb73617913cd4f552f1_v1.js Show response
online.savingsim.ru/bitrix/cache/js/s3/sim/template_b05fcaad039dfdb73617913cd4f552f1/ 603 KB
603 KB 200ms
101ms Script
application/javascript 2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.savingsim.ru/bitrix/cache/js/s3/sim/template_b05fcaad039dfdb73617913cd4f552f1/template_b05fcaad039dfdb73617913cd4f552f1_v1.js?1678694461617183

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/auth/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

c5e435684cae35a81be30051275f3f9791b8aa40b7b3ca72c9bb562b49a603c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.savingsim.ru/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 14:12:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Last-Modified: Mon, 13 Mar 2023 08:01:01 GMT
Server: nginx
ETag: "96adf-5f6c3831768a2"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 617183

GET
H/1.1 200
OK page_0577775a4edba11859278ab76bc5477c_v1.js Show response
online.savingsim.ru/bitrix/cache/js/s3/sim/page_0577775a4edba11859278ab76bc5477c/ 154 KB
154 KB 219ms
108ms Script
application/javascript 2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.savingsim.ru/bitrix/cache/js/s3/sim/page_0577775a4edba11859278ab76bc5477c/page_0577775a4edba11859278ab76bc5477c_v1.js?1678694461157499

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/auth/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

1a0f94e9bba1b1329f50a515ae38b6f754649b1172a9a7b552000fa9707648fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.savingsim.ru/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 14:12:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Last-Modified: Mon, 13 Mar 2023 08:01:01 GMT
Server: nginx
ETag: "2673b-5f6c383175902"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 157499

GET
H2 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ 441 KB
167 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__ru.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f17ac44b10b56abb3bc7c4aa3dd5784273a5a8de9fc67efd1946d44113205cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://online.savingsim.ru/
Origin: https://online.savingsim.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170550
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:27:40 GMT

GET
H2 200 ba.js Show response
bitrix.info/ 7 KB
3 KB 99ms
32ms Script
application/javascript 52.30.201.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.info/ba.js

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/auth/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.201.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-201-205.eu-west-1.compute.amazonaws.com

Software

nginx/1.10.1 /

Resource Hash

897c58672b375fd206d4df4ccd71a3fa3e29f739f4db5251b94895ad015f9710

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.savingsim.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 14:12:33 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Wed, 19 May 2021 09:38:44 GMT
server: nginx/1.10.1
etag: W/"60a4dca4-1a03"
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=172800
expires: Wed, 05 Apr 2023 14:12:33 GMT

GET
H/1.1 200
OK logo-sberejeniya-color-black.png
online.savingsim.ru/local/templates/sim/markup/dist/img/ 11 KB
11 KB 52ms
51ms Image
image/png 2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.savingsim.ru/local/templates/sim/markup/dist/img/logo-sberejeniya-color-black.png

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/bitrix/cache/css/s3/sim/template_3220eed85acea06037f207ed9f93a588/template_3220eed85acea06037f207ed9f93a588_v1.css?1678694461229164

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

4fc7f2521104401b02728a42fe3cc9bdbec639d6e614e939d3de6adf00d40c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.savingsim.ru/bitrix/cache/css/s3/sim/template_3220eed85acea06037f207ed9f93a588/template_3220eed85acea06037f207ed9f93a588_v1.css?1678694461229164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 14:12:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Last-Modified: Sun, 07 Aug 2022 12:01:23 GMT
Server: nginx
ETag: "2b27-5e5a5754df48b"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11047

GET
H/1.1 200
OK MetaPro-Medium.woff2
online.savingsim.ru/local/templates/sim/markup/dist/fonts/MetaPro/ 42 KB
42 KB 56ms
55ms Font
application/octet-stream 2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.savingsim.ru/local/templates/sim/markup/dist/fonts/MetaPro/MetaPro-Medium.woff2

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/bitrix/cache/css/s3/sim/template_3220eed85acea06037f207ed9f93a588/template_3220eed85acea06037f207ed9f93a588_v1.css?1678694461229164

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

225d0bd17c19db1ff3c9205bb5bb3a4022dc5feb611b829f9e651da8db0f3aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://online.savingsim.ru/bitrix/cache/css/s3/sim/template_3220eed85acea06037f207ed9f93a588/template_3220eed85acea06037f207ed9f93a588_v1.css?1678694461229164
Origin: https://online.savingsim.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 14:12:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Last-Modified: Sun, 07 Aug 2022 12:01:23 GMT
Server: nginx
ETag: "a85c-5e5a5754dc1c3"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43100

GET
H/1.1 200
OK custom-icon.ttf
online.savingsim.ru/local/templates/sim/markup/dist/fonts/custom-icon/ 7 KB
7 KB 53ms
53ms Font
application/font-sfnt 2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.savingsim.ru/local/templates/sim/markup/dist/fonts/custom-icon/custom-icon.ttf?fcvw9n

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/bitrix/cache/css/s3/sim/template_3220eed85acea06037f207ed9f93a588/template_3220eed85acea06037f207ed9f93a588_v1.css?1678694461229164

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

43ea195a19a8c63bcffedf0280cd1a16ad2f29d43c323ddf6c8f0420c979e5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://online.savingsim.ru/bitrix/cache/css/s3/sim/template_3220eed85acea06037f207ed9f93a588/template_3220eed85acea06037f207ed9f93a588_v1.css?1678694461229164
Origin: https://online.savingsim.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 03 Apr 2023 14:12:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Last-Modified: Sun, 07 Aug 2022 12:01:23 GMT
Server: nginx
ETag: "1b44-5e5a5754de4eb"
X-Frame-Options: SAMEORIGIN
Content-Type: application/font-sfnt
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6980

GET
H/1.1

200
OK

/ Show response
online.savingsim.ru/auth/
Redirect Chain

https://online.savingsim.ru/local/ajax/ajax.survey.check.php
https://online.savingsim.ru/auth/

32 KB
8 KB

143ms
142ms

XHR
text/html

2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.savingsim.ru/auth/

Requested by

Host: online.savingsim.ru
URL: https://online.savingsim.ru/auth/

Protocol

HTTP/1.1

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

eaeb5b5fb6d4f000ef487ef2e3757f4c40dfc2a59412d2dd40658a02f4a2a74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.savingsim.ru/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 14:12:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 14:12:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Server: nginx
X-Frame-Options: SAMEORIGIN
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type: text/html; charset=UTF-8
Location: https://online.savingsim.ru/auth/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 598E 49 KB
27 KB 28ms
27ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyBrIZAAAAANOaqmVUbHk2MCEiPTXDROt_p1L5&co=aHR0cHM6Ly9vbmxpbmUuc2F2aW5nc2ltLnJ1OjQ0Mw..&hl=ru&v=NZrMWHVy58-S9gVvad9HVGxk&size=normal&cb=e032c9jwsncm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__ru.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fe95c1f05a24b819085d07f625db3aa9fc59f4a1d6ab81d8f43d88a115b080a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u4s8ZYHgmIILKy617qf5JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://online.savingsim.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27315
content-security-policy: script-src 'report-sample' 'nonce-u4s8ZYHgmIILKy617qf5JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 14:12:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 598E 55 KB
24 KB 33ms
7ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyBrIZAAAAANOaqmVUbHk2MCEiPTXDROt_p1L5&co=aHR0cHM6Ly9vbmxpbmUuc2F2aW5nc2ltLnJ1OjQ0Mw..&hl=ru&v=NZrMWHVy58-S9gVvad9HVGxk&size=normal&cb=e032c9jwsncm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 13:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 13:40:22 GMT

GET
H3 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 598E 441 KB
167 KB 38ms
12ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__ru.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f17ac44b10b56abb3bc7c4aa3dd5784273a5a8de9fc67efd1946d44113205cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170550
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:27:40 GMT

POST
H2 200 bx_stat Show response
bitrix.info/ 42 B
384 B 35ms
34ms XHR
application/javascript 52.30.201.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bitrix.info/bx_stat
Requested by: Host: bitrix.info
URL: https://bitrix.info/ba.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.201.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-201-205.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.1 /
Resource Hash: f944d27e660a0d83956f6aa61c38123dc1b135795760a2988495f1ebf611d6f2

Request headers

Referer: https://online.savingsim.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://online.savingsim.ru
date: Mon, 03 Apr 2023 14:12:33 GMT
access-control-allow-credentials: true
content-type: application/javascript
server: nginx/1.10.1
etag: 8f083b4f023e465473a909335ded0c5f
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 598E 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=ru&v=NZrMWHVy58-S9gVvad9HVGxk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c6c749c6ddf86f65ab2443fd2fa9ddcc60b886abaec30640b3a4e12150a8f49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyBrIZAAAAANOaqmVUbHk2MCEiPTXDROt_p1L5&co=aHR0cHM6Ly9vbmxpbmUuc2F2aW5nc2ltLnJ1OjQ0Mw..&hl=ru&v=NZrMWHVy58-S9gVvad9HVGxk&size=normal&cb=e032c9jwsncm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 14:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 03 Apr 2023 14:12:33 GMT

GET
H/1.1

200
OK

/ Show response
online.savingsim.ru/auth/
Redirect Chain

https://online.savingsim.ru/local/ajax/ajax.modal.check.php
https://online.savingsim.ru/auth/

32 KB
8 KB

132ms
132ms

XHR
text/html

2.63.205.11
ROSTELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.savingsim.ru/auth/

Protocol

HTTP/1.1

Server

2.63.205.11 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

eaeb5b5fb6d4f000ef487ef2e3757f4c40dfc2a59412d2dd40658a02f4a2a74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.savingsim.ru/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 14:12:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 03 Apr 2023 14:12:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Server: nginx
X-Frame-Options: SAMEORIGIN
P3P: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type: text/html; charset=UTF-8
Location: https://online.savingsim.ru/auth/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1DFF 7 KB
1 KB 22ms
21ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=ru&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfyBrIZAAAAANOaqmVUbHk2MCEiPTXDROt_p1L5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__ru.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

414247e59cc5b1ccf151d00d16b5be51abb00691509482dad69d596a6124c442

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e1PINK_bpnP9wK2nzWbCXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://online.savingsim.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1121
content-security-policy: script-src 'report-sample' 'nonce-e1PINK_bpnP9wK2nzWbCXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Apr 2023 14:12:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 1DFF 55 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfyBrIZAAAAANOaqmVUbHk2MCEiPTXDROt_p1L5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 13:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 13:40:22 GMT

GET
H3 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/ Frame 1DFF 441 KB
167 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__ru.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=NZrMWHVy58-S9gVvad9HVGxk&k=6LfyBrIZAAAAANOaqmVUbHk2MCEiPTXDROt_p1L5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f17ac44b10b56abb3bc7c4aa3dd5784273a5a8de9fc67efd1946d44113205cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170550
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 00:02:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 09:27:40 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.online.savingsim.ru/	1969-12-31 23:59:59	Name: BSESSID Value: ge95LMldMKoU7oXih03wAvg7iLd8ha8X
online.savingsim.ru/	1969-12-31 23:59:59	Name: AUTH_TYPE Value: mobile
.bitrix.info/	1970-01-20 20:24:51	Name: bx_user_id Value: 8f083b4f023e465473a909335ded0c5f
online.savingsim.ru/	1970-01-20 20:24:51	Name: BX_USER_ID Value: 8f083b4f023e465473a909335ded0c5f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bitrix.info
online.savingsim.ru
www.google.com
www.gstatic.com
2.63.205.11
2a00:1450:4001:811::2003
2a00:1450:4001:831::2004
52.30.201.205
1a0f94e9bba1b1329f50a515ae38b6f754649b1172a9a7b552000fa9707648fc
1c6c749c6ddf86f65ab2443fd2fa9ddcc60b886abaec30640b3a4e12150a8f49
225d0bd17c19db1ff3c9205bb5bb3a4022dc5feb611b829f9e651da8db0f3aab
414247e59cc5b1ccf151d00d16b5be51abb00691509482dad69d596a6124c442
43ea195a19a8c63bcffedf0280cd1a16ad2f29d43c323ddf6c8f0420c979e5ac
4fc7f2521104401b02728a42fe3cc9bdbec639d6e614e939d3de6adf00d40c96
4fe95c1f05a24b819085d07f625db3aa9fc59f4a1d6ab81d8f43d88a115b080a
5e67a027a18cb8d7363e0d70d984f7452a6eaf0c57dbde86e159f55bf382cad3
6d52579675a0b9dd17e790a77a1e04a0b71383c590282d1a5ff00d3ab8d2e28d
897c58672b375fd206d4df4ccd71a3fa3e29f739f4db5251b94895ad015f9710
8b65ef840279793be79ecc4862f85bfbf2f1b24023233c312785fd8cbc823f7b
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
c5e435684cae35a81be30051275f3f9791b8aa40b7b3ca72c9bb562b49a603c4
eaeb5b5fb6d4f000ef487ef2e3757f4c40dfc2a59412d2dd40658a02f4a2a74d
ec647122fceb3ca8d668d353958cb4e61acccfacee3d8044d30b4107d54631b9
f17ac44b10b56abb3bc7c4aa3dd5784273a5a8de9fc67efd1946d44113205cd2
f944d27e660a0d83956f6aa61c38123dc1b135795760a2988495f1ebf611d6f2

online.savingsim.ru Open in urlscan Pro 2.63.205.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1651 kBTransfer

2634 kBSize

4 Cookies

5 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

online.savingsim.ru Open in urlscan Pro
2.63.205.11 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1651 kB
Transfer

2634 kB
Size

4
Cookies

21 HTTP transactions
0 data transactions