urlscan.io logo urlscan.io
SecurityTrails logo

www.alfabank.by Open in urlscan Pro
178.172.160.72  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.alfabank.by/business/partners/
Submission: On December 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 25 HTTP transactions. The main IP is 178.172.160.72, located in Minsk, Belarus and belongs to BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY. The main domain is www.alfabank.by.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on April 8th 2024. Valid for: a year.
This is the only time www.alfabank.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 178.172.160.72 6697 (BELPAK-AS...)
2 185.179.80.206 6697 (BELPAK-AS...)
1 2a02:6ea0:c70... 60068 (CDN77 Dat...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
25 5
20    178.172.160.72 (Minsk, Belarus)

ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY)
PTR: 178-172-160-72.hosterby.com
www.alfabank.by
2    185.179.80.206 (Belarus)

ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY)
PTR: 185-179-80-206.hosterby.com
matomo.alfabank.by
1    2a02:6ea0:c700::112 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
web.webpushs.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
22 alfabank.by
www.alfabank.by
matomo.alfabank.by
1 MB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
118 KB
1 webpushs.com
web.webpushs.com — Cisco Umbrella Rank: 91901
37 KB
25 4
Domain Requested by
20 www.alfabank.by www.alfabank.by
web.webpushs.com
2 matomo.alfabank.by www.alfabank.by
matomo.alfabank.by
1 cdnjs.cloudflare.com www.alfabank.by
1 www.googletagmanager.com www.alfabank.by
1 web.webpushs.com www.alfabank.by
25 5
Subject Issuer Validity Valid
*.alfabank.by
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-08 -
2025-05-10		 a year crt.sh
web.webpushs.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-16		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.alfabank.by/business/partners/
Frame ID: 4ED54E2D881198CDC637A6137EE51627
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Станьте партнёром | Альфа-Банк в Беларуси

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

25
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1412 kB
Transfer

5194 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.alfabank.by/business/partners/ 		226 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
f3af4b09f9d45d0b59650dad1ff11e63688550f8b5e7b7730762864357768069
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=15552000
content-encoding
gzip
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 02:09:36 GMT
expires
Sat, 31 May 2025 02:09:36 GMT
p3p
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
server
HosterGuard
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-cms
Bitrix Site Manager (cc8d01f5ad12b203a49151133c631811)
x-xss-protection
1; mode=block
bundle-styles.cb0039cc409d52ca95f9.css
www.alfabank.by/new_alfa/local/assets/build/ 		879 KB
135 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/new_alfa/local/assets/build/bundle-styles.cb0039cc409d52ca95f9.css
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
01cd398fefaa41ccddf50cec3ff7dcdaac528adba89e98a9cd93a1df0afc35b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
content-encoding
gzip
etag
W/"67498252-dbd46"
expires
Sat, 31 May 2025 02:09:37 GMT
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
text/css
last-modified
Fri, 29 Nov 2024 08:58:58 GMT
server
HosterGuard
x-xss-protection
1; mode=block
style.css
www.alfabank.by/local/props/depositSetting/ 		293 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/local/props/depositSetting/style.css
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
ea7421260060579311d597c017046c9ff87aab17470995041fcd2d2cfffd9cf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
content-encoding
gzip
etag
W/"64d9ffd3-125"
expires
Sat, 31 May 2025 02:09:37 GMT
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
text/css
last-modified
Mon, 14 Aug 2023 10:20:03 GMT
server
HosterGuard
x-xss-protection
1; mode=block
container_8xHlWB1o.js
matomo.alfabank.by/js/ 		107 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.alfabank.by/js/container_8xHlWB1o.js
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.179.80.206 , Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
185-179-80-206.hosterby.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6484843a4a35b14d4fb56c39b630f0829e7725dee9fb1422a752901bf526883b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/

Response headers

Cache-Control
max-age=315360000
ETag
"674d14b5-1ab72"
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges
bytes
Content-Length
109426
Date
Mon, 02 Dec 2024 02:09:37 GMT
Content-Type
application/javascript
Last-Modified
Mon, 02 Dec 2024 02:00:21 GMT
Server
nginx/1.18.0 (Ubuntu)
voznagr.webp
www.alfabank.by/upload/resize_cache/webp/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.alfabank.by/upload/resize_cache/webp/images/voznagr.webp
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
15f6f243f19eeb8cc0cef0080e90819fd481144a84c47e56f74bcb44b142355d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
etag
"6411119e-4bd8"
expires
Sat, 31 May 2025 02:09:37 GMT
accept-ranges
bytes
content-length
19416
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
image/webp
last-modified
Wed, 15 Mar 2023 00:30:22 GMT
server
HosterGuard
x-xss-protection
1; mode=block
menager.webp
www.alfabank.by/upload/resize_cache/webp/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.alfabank.by/upload/resize_cache/webp/images/menager.webp
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
6b9bea7ea9a39779947f368d8f435105ea1356244c5dd76c65c6eca6adc023db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
etag
"6411119e-2cc8"
expires
Sat, 31 May 2025 02:09:37 GMT
accept-ranges
bytes
content-length
11464
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
image/webp
last-modified
Wed, 15 Mar 2023 00:30:22 GMT
server
HosterGuard
x-xss-protection
1; mode=block
cervisi.webp
www.alfabank.by/upload/resize_cache/webp/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.alfabank.by/upload/resize_cache/webp/images/cervisi.webp
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
e04b32fb169519553a9c178b78cd938ce73e14bcba0a05d48da28bbadb4033f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
etag
"6411119e-40fc"
expires
Sat, 31 May 2025 02:09:37 GMT
accept-ranges
bytes
content-length
16636
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
image/webp
last-modified
Wed, 15 Mar 2023 00:30:22 GMT
server
HosterGuard
x-xss-protection
1; mode=block
core.min.js
www.alfabank.by/bitrix/js/main/core/ 		220 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/bitrix/js/main/core/core.min.js?1725901999225422
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
e3359b617096fb77b59c9be39dfdebe93c9cb545ce46ce95dd9743d64eb3aad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
content-encoding
gzip
etag
W/"66df2caf-3708e"
expires
Sat, 31 May 2025 02:09:37 GMT
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/javascript
last-modified
Mon, 09 Sep 2024 17:13:19 GMT
server
HosterGuard
x-xss-protection
1; mode=block
scriptLoading.js
www.alfabank.by/local/props/depositSetting/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/local/props/depositSetting/scriptLoading.js
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
e6259384e18046cb6fe8ac2b43d72c853d6d6aa36f91cdd87ba16dfb1cc6dd14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
content-encoding
gzip
etag
W/"64da022b-23bb"
expires
Sat, 31 May 2025 02:09:37 GMT
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/javascript
last-modified
Mon, 14 Aug 2023 10:30:03 GMT
server
HosterGuard
x-xss-protection
1; mode=block
1ec18d31749604897a2ba81bfa5a2fba_1.js
web.webpushs.com/js/push/ 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.webpushs.com/js/push/1ec18d31749604897a2ba81bfa5a2fba_1.js?v=RANDOM_VERSION
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::112 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6b2ea0eb35e56949120bdc6aeee359f67a9738fb1476ffe60991fcc83c48555f
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua https://google.com/pay *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com dl-media.viber.com *.braintree-api.com vk.com api.telegram.org *.goentri.com *.webformscr.com *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.cdninstagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.sppopups.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org *.2checkout.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/

Response headers

content-encoding
gzip
etag
W/"1dcc6-62366b7f49600"
x-sp-ma
sp-ma-0
x-77-cache
HIT
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 05:56:28 GMT
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding,User-Agent
x-77-nzt-ray
15b3c7113b33ec69e1164d67acca1e19
last-modified
Tue, 01 Oct 2024 09:12:20 GMT
x-77-nzt
EgwBqZb/tgH3tbMHAAwBw7WvAgG3XhYAAA
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua https://google.com/pay *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com dl-media.viber.com *.braintree-api.com vk.com api.telegram.org *.goentri.com *.webformscr.com *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.cdninstagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.sppopups.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org *.2checkout.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
cache-control
max-age=604800
x-sp-pr
lpr-06
access-control-allow-origin
*
x-77-pop
frankfurtDE
x-xss-protection
1; mode=block
x-77-age
504757
server
CDN77-Turbo
script.js
www.alfabank.by/local/js/ 		1 KB
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/local/js/script.js?v1733105376
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
d3190a8db58fd8931ade2ef9c24e0cfd26db661840390edaf7387a7f2d2afa1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
content-encoding
gzip
etag
W/"645d07a2-458"
expires
Sat, 31 May 2025 02:09:37 GMT
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/javascript
last-modified
Thu, 11 May 2023 15:20:02 GMT
server
HosterGuard
x-xss-protection
1; mode=block
bundle-app.5e6275f490dd0577a2fb.js
www.alfabank.by/new_alfa/local/assets/build/ 		3 MB
621 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/new_alfa/local/assets/build/bundle-app.5e6275f490dd0577a2fb.js
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
efb77e03b415426590470d07b5d7d1e9574c80ffdf21d500768abde8db38ceee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
content-encoding
gzip
etag
W/"67498252-2c23b4"
expires
Sat, 31 May 2025 02:09:37 GMT
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/javascript
last-modified
Fri, 29 Nov 2024 08:58:58 GMT
server
HosterGuard
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		532 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVHJQPPP
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5cf0570d124a25924f7f8a558ece2659f58a3e3ded40bd0ef69ae4d96dc72be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/

Response headers

content-encoding
gzip
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 02 Dec 2024 02:09:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
120252
x-xss-protection
0
server
Google Tag Manager
bg-1.webp
www.alfabank.by/upload/resize_cache/webp/uf/494/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.alfabank.by/upload/resize_cache/webp/uf/494/bg-1.webp
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
b4ea47ce978bc8f8befb47e6eafb5dcdf99381b8aa574da73d93791aa4039997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
etag
"6411119e-25e0"
expires
Sat, 31 May 2025 02:09:37 GMT
accept-ranges
bytes
content-length
9696
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
image/webp
last-modified
Wed, 15 Mar 2023 00:30:22 GMT
server
HosterGuard
x-xss-protection
1; mode=block
GloberSemiBold.ttf
www.alfabank.by/new_alfa/local/assets/fonts/GloberWeb/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/new_alfa/local/assets/fonts/GloberWeb/GloberSemiBold.ttf
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/new_alfa/local/assets/build/bundle-styles.cb0039cc409d52ca95f9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
ae07713f689dac6a714157e12b9e8bf7b28741100fb05eff096911315a7b464d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.alfabank.by
Referer
https://www.alfabank.by/new_alfa/local/assets/build/bundle-styles.cb0039cc409d52ca95f9.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
etag
"64191e0d-c2a8"
expires
Sat, 31 May 2025 02:09:37 GMT
accept-ranges
bytes
content-length
49832
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/octet-stream
last-modified
Tue, 21 Mar 2023 03:01:33 GMT
server
HosterGuard
x-xss-protection
1; mode=block
GloberBold.ttf
www.alfabank.by/new_alfa/local/assets/fonts/GloberWeb/ 		49 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/new_alfa/local/assets/fonts/GloberWeb/GloberBold.ttf
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/new_alfa/local/assets/build/bundle-styles.cb0039cc409d52ca95f9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
57c60154e333e6049ecaa15860f79c4c418c4be05738997432a03a878cddc3e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.alfabank.by
Referer
https://www.alfabank.by/new_alfa/local/assets/build/bundle-styles.cb0039cc409d52ca95f9.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
etag
"64191e0d-c2e4"
expires
Sat, 31 May 2025 02:09:37 GMT
accept-ranges
bytes
content-length
49892
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/octet-stream
last-modified
Tue, 21 Mar 2023 03:01:33 GMT
server
HosterGuard
x-xss-protection
1; mode=block
GloberRegular.ttf
www.alfabank.by/new_alfa/local/assets/fonts/GloberWeb/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/new_alfa/local/assets/fonts/GloberWeb/GloberRegular.ttf
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/new_alfa/local/assets/build/bundle-styles.cb0039cc409d52ca95f9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
0a0b8ed8261fb0551eae8bda4615efcd5808ff628c114bf45b311f6df7fb8f86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.alfabank.by
Referer
https://www.alfabank.by/new_alfa/local/assets/build/bundle-styles.cb0039cc409d52ca95f9.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
etag
"64191e0d-bea8"
expires
Sat, 31 May 2025 02:09:37 GMT
accept-ranges
bytes
content-length
48808
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/octet-stream
last-modified
Tue, 21 Mar 2023 03:01:33 GMT
server
HosterGuard
x-xss-protection
1; mode=block
znak1.webp
www.alfabank.by/upload/resize_cache/webp/iblock/c06/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.alfabank.by/upload/resize_cache/webp/iblock/c06/znak1.webp
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
351883fe6d17cbf8df2c8c12ce95194af63abb3186c4f17c8b707076a1138c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
etag
"6411119a-4f0c"
expires
Sat, 31 May 2025 02:09:37 GMT
accept-ranges
bytes
content-length
20236
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
image/webp
last-modified
Wed, 15 Mar 2023 00:30:18 GMT
server
HosterGuard
x-xss-protection
1; mode=block
matomo.php
matomo.alfabank.by/ 		0
214 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.alfabank.by/matomo.php?action_name=%D0%A1%D1%82%D0%B0%D0%BD%D1%8C%D1%82%D0%B5%20%D0%BF%D0%B0%D1%80%D1%82%D0%BD%D1%91%D1%80%D0%BE%D0%BC%20%7C%20%D0%90%D0%BB%D1%8C%D1%84%D0%B0-%D0%91%D0%B0%D0%BD%D0%BA%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8&idsite=1&rec=1&r=701985&h=3&m=9&s=37&url=https%3A%2F%2Fwww.alfabank.by%2Fbusiness%2Fpartners%2F&_id=&_idn=1&send_image=0&_refts=0&pv_id=VPe2Vt&pf_net=199&pf_srv=321&pf_tfr=132&pf_dm1=435&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: matomo.alfabank.by
URL: https://matomo.alfabank.by/js/container_8xHlWB1o.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.179.80.206 , Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
185-179-80-206.hosterby.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://www.alfabank.by/

Response headers

Access-Control-Allow-Origin
https://www.alfabank.by
Date
Mon, 02 Dec 2024 02:09:37 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Access-Control-Allow-Credentials
true
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/business/partners/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.alfabank.by
Referer
https://www.alfabank.by/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e2d-bb78"
age
320359
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEr30Qse0qnwKq5pwb4HswO49L7IEnVQhaUSekJxNQNDY0IFwdzuJZ%2BrLhb8Yns8UZmWEuiOKe9ixLO%2FfS2BT103Qmw1P2XyMFvgWkg3U3NQp8Dj8jK%2BKf8%2F%2BA5YvQ%2F4LDLDg53H"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 02:09:37 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 02 Dec 2024 02:09:37 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:09:17 GMT
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8eb7c6a2de3d65df-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
14107
server
cloudflare
bundle-styles.d294339c0f331493c04a.css
www.alfabank.by/new_alfa/local/assets/build/ 		1 KB
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/new_alfa/local/assets/build/bundle-styles.d294339c0f331493c04a.css
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/new_alfa/local/assets/build/bundle-app.5e6275f490dd0577a2fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
b501dee0f47afe9a418b72aaf03f8690069493cf37f920f5cbe415161164d84c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
content-encoding
gzip
etag
W/"6703c813-5c4"
expires
Sat, 31 May 2025 02:09:39 GMT
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:39 GMT
content-type
text/css
last-modified
Mon, 07 Oct 2024 11:37:55 GMT
server
HosterGuard
x-xss-protection
1; mode=block
chunk-4838.86a107ad93c16410ba08.js
www.alfabank.by/new_alfa/local/assets/build/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/new_alfa/local/assets/build/chunk-4838.86a107ad93c16410ba08.js
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/new_alfa/local/assets/build/bundle-app.5e6275f490dd0577a2fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
93d52251b10271756a14f08f3fcb02e11f4bd3d73849e436e832a03c86417160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
content-encoding
gzip
etag
W/"6718fd51-93a"
expires
Sat, 31 May 2025 02:09:39 GMT
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:39 GMT
content-type
application/javascript
last-modified
Wed, 23 Oct 2024 13:42:41 GMT
server
HosterGuard
x-xss-protection
1; mode=block
getCookieByLocalstorage.php
www.alfabank.by/api/cookies/ 		66 B
380 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/api/cookies/getCookieByLocalstorage.php
Requested by
Host: www.alfabank.by
URL: https://www.alfabank.by/new_alfa/local/assets/build/bundle-app.5e6275f490dd0577a2fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
81be61b14b705a6170b3775989ef3c913d2733b0c999467708ee2a2494f0b782
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryJRKbuWANirfZi8R6
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self';
cache-control
max-age=15552000
content-encoding
gzip
pragma
no-cache
x-powered-cms
Bitrix Site Manager (cc8d01f5ad12b203a49151133c631811)
expires
Sat, 31 May 2025 02:09:39 GMT
p3p
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-length
84
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:39 GMT
content-type
application/json
x-xss-protection
1; mode=block
server
HosterGuard
x-frame-options
SAMEORIGIN
sp-push-worker-fb.js
www.alfabank.by/ 		72 B
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/sp-push-worker-fb.js
Requested by
Host: web.webpushs.com
URL: https://web.webpushs.com/js/push/1ec18d31749604897a2ba81bfa5a2fba_1.js?v=RANDOM_VERSION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
2a719f91d199b250a3e0748fa579d15ae2384c8fc2062268e18561708ac60281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
content-encoding
gzip
etag
W/"64191ec9-48"
expires
Sat, 31 May 2025 02:09:39 GMT
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:39 GMT
content-type
application/javascript
last-modified
Tue, 21 Mar 2023 03:04:41 GMT
server
HosterGuard
x-xss-protection
1; mode=block
favicon.ico
www.alfabank.by/local/images/ 		4 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.alfabank.by/local/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.160.72 Minsk, Belarus, ASN6697 (BELPAK-AS Republican Unitary Telecommunication Enterprise Beltelecom, BY),
Reverse DNS
178-172-160-72.hosterby.com
Software
HosterGuard /
Resource Hash
51776cb76a8308218378e217a6d7fd00d405536c3680cdabddc18a5668960f02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.alfabank.by/business/partners/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=15552000
etag
"641110f2-10be"
expires
Sat, 31 May 2025 02:09:39 GMT
accept-ranges
bytes
content-length
4286
content-security-poicy
script-src 'self' 'unsafe-inline' 'unsafe-eval' wss: *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.mail.ru https://yandex.ru https://yandex.by https://yandex.net https://mcd-sdk.playbuzz.com https://oss.maxcdn.com https://www.youtube.com https://core-renderer-tiles.maps.yandex.net https://connect.facebook.net https://embed.ex.co https://wtrfall.com https://oprosso.net https://oprosso.ru https://cdn.matomo.cloud https://code.jquery.com https://sys.datadrivenpromotion.com https://www.clarity.ms https://analytics.tiktok.com https://x01.aidata.io https://websdk.appsflyer.com https://www.googletagmanager.com https://sys.refocus.ru https://matomo.alfabank.by https://vk.com https://cdnjs.cloudflare.com https://web.webpushs.com https://bitrix.info https://yastatic.net https://dev.visualwebsiteoptimizer.com https://embed.playbuzz.com https://public.flourish.studio https://static.ex.co https://matomojs.trackify.info https://public.tableau.com; style-src 'self' 'unsafe-inline' *.yandex.ru *.yandex.by *.yandex.net *.alfabank.by *.vwo.com *.visualwebsiteoptimizer.com https://static.ex.co https://fonts.googleapis.com https://oprosso.net https://oprosso.ru https://cdn.jsdelivr.net https://web.webpushs.com https://yandex.ru https://yandex.by https://yandex.net; frame-src 'self' *.alfabank.by *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com *.radarpayment.online *.soundcloud.com https://yandex.ru https://yandex.by https://yandex.net https://oprosso.net https://oprosso.ru https://public.tableau.com https://www.youtube.com https://flo.uri.sh https://www.googletagmanager.com https://embed.ex.co; default-src 'self' 'unsafe-inline' wss: *.alfabank.by *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.vwo.com *.visualwebsiteoptimizer.com https://yandex.ru https://yandex.by https://yandex.net data: blob:; connect-src 'self' 'unsafe-inline' wss: *.google.com *.googleadservices.com *.alfabank.by *.a.run.app *.mail.ru *.yandex.ru *.yandex.by *.yandex.net *.clarity.ms *.vwo.com *.mradx.net *.visualwebsiteoptimizer.com https://google.com https://googletagmanager.com https://www.googleadservices.com https://adservice.google.com https://r.mradx.net https://yandex.ru https://yandex.by https://yandex.net https://ads.playbuzz.com https://prd-collector-anon.playbuzz.com https://pixel.ex.co https://x01.aidata.io https://embed.playbuzz.com https://sys.datadrivenpromotion.com https://wa.onelink.me https://wa.appsflyer.com https://bitrix.info https://analytics.tiktok.com https://embed.ex.co https://prd-collector-platform.ex.co https://alfabank.by; frame-ancestors 'self'; font-src 'self' *.alfabank.by https://cdn.jsdelivr.net https://fonts.gstatic.com https://yastatic.net https://static.ex.co data:; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: *; worker-src 'self' blob: *; object-src 'self'
date
Mon, 02 Dec 2024 02:09:39 GMT
content-type
image/x-icon
last-modified
Wed, 15 Mar 2023 00:27:30 GMT
server
HosterGuard
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _mtm object| dataLayer function| BX object| babelHelpers object| regeneratorRuntime function| setImmediate function| clearImmediate boolean| _main_polyfill_core string| gtmState function| createSpan function| createButton function| createInput function| createSelect function| getDivCurrency function| changeName function| getDiv function| getDivDeposit function| getDivRate function| getDivCommonCurrency object| oSpPOptions function| oPromptPush object| oSpP object| core object| firebase function| UAParser object| MatomoTagManager object| _paq object| matomoPluginAsyncInit object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| CryptoJS object| webpackChunkalfabank function| requestAnimFrame object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| jQuery function| $ number| heightToSkip boolean| isDesktop string| eventType object| words-slider object| AJAX_PAGE_STATE

3 Cookies

Domain/Path Name / Value
www.alfabank.by/ Name: hg-client-security
Value: 2pdoaS85UdU7mCMSfqr3z6FqIJT
.alfabank.by/ Name: PHPSESSID
Value: LxP27E2wNJZL1xgDmHfrvahxrRQM7Y8T
www.alfabank.by/ Name: BITRIX_SM_READ_ARTICLES
Value: W10%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
matomo.alfabank.by
web.webpushs.com
www.alfabank.by
www.googletagmanager.com
104.17.25.14
178.172.160.72
185.179.80.206
2a00:1450:4001:831::2008
2a02:6ea0:c700::112
01cd398fefaa41ccddf50cec3ff7dcdaac528adba89e98a9cd93a1df0afc35b7
0a0b8ed8261fb0551eae8bda4615efcd5808ff628c114bf45b311f6df7fb8f86
15f6f243f19eeb8cc0cef0080e90819fd481144a84c47e56f74bcb44b142355d
2a719f91d199b250a3e0748fa579d15ae2384c8fc2062268e18561708ac60281
351883fe6d17cbf8df2c8c12ce95194af63abb3186c4f17c8b707076a1138c89
51776cb76a8308218378e217a6d7fd00d405536c3680cdabddc18a5668960f02
57c60154e333e6049ecaa15860f79c4c418c4be05738997432a03a878cddc3e8
5cf0570d124a25924f7f8a558ece2659f58a3e3ded40bd0ef69ae4d96dc72be6
6484843a4a35b14d4fb56c39b630f0829e7725dee9fb1422a752901bf526883b
6b2ea0eb35e56949120bdc6aeee359f67a9738fb1476ffe60991fcc83c48555f
6b9bea7ea9a39779947f368d8f435105ea1356244c5dd76c65c6eca6adc023db
81be61b14b705a6170b3775989ef3c913d2733b0c999467708ee2a2494f0b782
93d52251b10271756a14f08f3fcb02e11f4bd3d73849e436e832a03c86417160
ae07713f689dac6a714157e12b9e8bf7b28741100fb05eff096911315a7b464d
b4ea47ce978bc8f8befb47e6eafb5dcdf99381b8aa574da73d93791aa4039997
b501dee0f47afe9a418b72aaf03f8690069493cf37f920f5cbe415161164d84c
d3190a8db58fd8931ade2ef9c24e0cfd26db661840390edaf7387a7f2d2afa1e
e04b32fb169519553a9c178b78cd938ce73e14bcba0a05d48da28bbadb4033f5
e3359b617096fb77b59c9be39dfdebe93c9cb545ce46ce95dd9743d64eb3aad0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6259384e18046cb6fe8ac2b43d72c853d6d6aa36f91cdd87ba16dfb1cc6dd14
ea7421260060579311d597c017046c9ff87aab17470995041fcd2d2cfffd9cf4
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
efb77e03b415426590470d07b5d7d1e9574c80ffdf21d500768abde8db38ceee
f3af4b09f9d45d0b59650dad1ff11e63688550f8b5e7b7730762864357768069