cl.vtb.ru Open in urlscan Pro
185.179.146.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vtbcredit.ru/
Effective URL:
https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08...
Submission: On January 05 via api (January 5th 2024, 7:37:55 pm UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 15 domains to perform 46 HTTP transactions. The main IP is 185.179.146.29, located in Russian Federation and belongs to VTB-BANK-AS, RU. The main domain is cl.vtb.ru.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on February 27th 2023. Valid for: a year.

This is the only time cl.vtb.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.193.180.124 91.193.180.124	12722 (RECONN) (RECONN)
1 2	37.1.218.193 37.1.218.193	58061 (SCALAXY-AS) (SCALAXY-AS)
1 1	185.26.99.247 185.26.99.247	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	5.178.86.67 5.178.86.67	49505 (SELECTEL) (SELECTEL)
5	185.179.146.29 185.179.146.29	24823 (VTB-BANK-AS) (VTB-BANK-AS)
3	88.212.232.65 88.212.232.65	39134 (UNITEDNET) (UNITEDNET)
2	185.15.175.146 185.15.175.146	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	130.193.52.39 130.193.52.39	200350 (YANDEXCLOUD) (YANDEXCLOUD)
5 18	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
10	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1 3	87.240.132.72 87.240.132.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	91.215.42.230 91.215.42.230	57724 (DDOS-GUARD) (DDOS-GUARD)
5 6	185.15.175.148 185.15.175.148	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	89.248.204.154 89.248.204.154	49505 (SELECTEL) (SELECTEL)
3	2a00:ab00:501... 2a00:ab00:501:14b::2	49505 (SELECTEL) (SELECTEL)
2 2	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
46	14

1 91.193.180.124 (Moscow, Russian Federation) 1 redirects

ASN12722 (RECONN, RU)

vtbcredit.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.1.218.193 (Meppel, Netherlands) 1 redirects

ASN58061 (SCALAXY-AS, LV)

financelife.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.26.99.247 (Frankfurt am Main, Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde430-2.fornex.org

sgkaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.178.86.67 (St Petersburg, Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

unicom24.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.179.146.29 (Russian Federation)

ASN24823 (VTB-BANK-AS, RU)

cl.vtb.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.232.65 (Russian Federation)

ASN39134 (UNITEDNET, RU)

vtb.api.flocktory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.146 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.52.39 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

api.flocktory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.132.72 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.215.42.230 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)

pixel.kbki.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.175.148 (Russian Federation) 5 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.248.204.154 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)

spb01-static.juicyscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:ab00:501:14b::2 (Russian Federation)

ASN49505 (SELECTEL, RU)

spb01-static.juicyscore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.172 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 6227	8 KB
11	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 6150 ad.mail.ru — Cisco Umbrella Rank: 6579	29 KB
8	digitaltarget.ru 5 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 79752 dmg.digitaltarget.ru — Cisco Umbrella Rank: 15901	23 KB
5	juicyscore.com spb01-static.juicyscore.com	77 KB
5	vtb.ru cl.vtb.ru	3 MB
4	flocktory.com vtb.api.flocktory.com api.flocktory.com — Cisco Umbrella Rank: 63800	77 KB
3	vk.com 1 redirects vk.com — Cisco Umbrella Rank: 3529	22 KB
2	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 6608	1 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2266	71 KB
2	financelife.ru 1 redirects financelife.ru	1 KB
1	kbki.ru pixel.kbki.ru
1	unicom24.ru 1 redirects unicom24.ru	572 B
1	sgkaa.com 1 redirects sgkaa.com	552 B
1	vtbcredit.ru 1 redirects vtbcredit.ru	377 B
0	rt.ru Failed fnc.rt.ru Failed
46	15

	Domain	Requested by
16	mc.yandex.com	4 redirects cl.vtb.ru mc.yandex.ru
10	top-fwz1.mail.ru	cl.vtb.ru top-fwz1.mail.ru
6	dmg.digitaltarget.ru	5 redirects
5	spb01-static.juicyscore.com	financelife.ru spb01-static.juicyscore.com
5	cl.vtb.ru	cl.vtb.ru
3	vk.com	1 redirects cl.vtb.ru
3	vtb.api.flocktory.com	cl.vtb.ru vtb.api.flocktory.com
2	sync.bumlam.com	2 redirects
2	mc.yandex.ru	1 redirects cl.vtb.ru
2	tag.digitaltarget.ru	cl.vtb.ru tag.digitaltarget.ru
2	financelife.ru	1 redirects
1	ad.mail.ru
1	pixel.kbki.ru	financelife.ru
1	api.flocktory.com	vtb.api.flocktory.com
1	unicom24.ru	1 redirects
1	sgkaa.com	1 redirects
1	vtbcredit.ru	1 redirects
0	fnc.rt.ru Failed
46	18

This site contains links to these domains. Also see Links.

Domain
www.vtb.ru
vtb.ru

Subject Issuer	Validity	Valid
cl.vtb.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-02-27` - `2024-03-30`	a year	crt.sh
vtb.api.flocktory.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
*.digitaltarget.ru R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.flocktory.com R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
*.kbki.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-05-12` - `2024-06-12`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
*.juicyscore.com GlobalSign RSA OV SSL CA 2018	`2023-03-16` - `2024-04-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
Frame ID: 4598CD449E4B65CD51F1BF9B00EECB98
Requests: 49 HTTP requests in this frame

Frame: https://api.flocktory.com/v2/provider/provider.html
Frame ID: BAF76470C580753A515EA1F500D9738E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Заявка на кредит наличными ВТБ. Оформите кредит наличными онлайн через интернет

Page URL History Show full URLs

https://vtbcredit.ru/ HTTP 302
http://financelife.ru/company/vtb.ru?r=n7o35tdi35phgt13nnzfjcidnufhgbba39qi4t1cn5qdwbi8s6hdrsbix5q... HTTP 302
http://financelife.ru/company/vtb.ru Page URL
https://sgkaa.com/g/9q7skj02ftbd0332044aeb1925566b/?erid=25H8d7vbP8SRTvG5CvuVeP&subid=d&subid1... HTTP 302
https://unicom24.ru/offer/rs/sbevuovfo83u?partner=16673&sub_id1=bc3263df91efa4a8cb0dd2feb5d54173... HTTP 302
https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_20645... Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

46
Requests

78 %
HTTPS

18 %
IPv6

15
Domains

18
Subdomains

14
IPs

3
Countries

3564 kB
Transfer

4055 kB
Size

35
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vtb.ru/

Search URL Search Domain Scan URL

URL: https://vtb.ru/about/agreement/
Title: Условиями обработки пользовательских данных.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vtbcredit.ru/ HTTP 302
http://financelife.ru/company/vtb.ru?r=n7o35tdi35phgt13nnzfjcidnufhgbba39qi4t1cn5qdwbi8s6hdrsbix5qd5nd7sykdj46hx8oisnij9tmfeti6szgiwne537hd4uijert9x8h84bdiez1f4ycxe87x4nofwocw3yhjst1ys68f5s6ux5tiz46i HTTP 302
http://financelife.ru/company/vtb.ru Page URL
https://sgkaa.com/g/9q7skj02ftbd0332044aeb1925566b/?erid=25H8d7vbP8SRTvG5CvuVeP&subid=d&subid1=29893 HTTP 302
https://unicom24.ru/offer/rs/sbevuovfo83u?partner=16673&sub_id1=bc3263df91efa4a8cb0dd2feb5d54173&sub_id5=206454&sub_id3=eb1925566b HTTP 302
https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://vtbcredit.ru/ HTTP 302
http://financelife.ru/company/vtb.ru?r=n7o35tdi35phgt13nnzfjcidnufhgbba39qi4t1cn5qdwbi8s6hdrsbix5qd5nd7sykdj46hx8oisnij9tmfeti6szgiwne537hd4uijert9x8h84bdiez1f4ycxe87x4nofwocw3yhjst1ys68f5s6ux5tiz46i HTTP 302
http://financelife.ru/company/vtb.ru

Request Chain 12

https://vk.com/js/api/openapi.js?168 HTTP 302
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168

Request Chain 17

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10239.gcFYc7j8i4B38t5xBl4EZZnk2ZjcskHC0_DU33MpwNnrFIpOwO68P7_wxvEGyNNR.C6zlASKmT-shRlqlcYIDwXjpvJM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10239.OYdJ8P9uxhPM4alPucRFrdczPKr2L5US7x-X9tY23Cfl81TnwXJsE5tc6XpXYsGKHPhFhaDBHJzi6jpo4bVi4whPnbLIrgWHpCYrAGW_nAtsa0OjwGj1Xhrj2a9pOLyfiFQsnDbNYWV8LNfYH5z0cxkbRibsF1wHAEavovOaqjJW6Nhx8pbDoazlxGSNa-OYKevGIYDzJyvumDRIvsAX0IEIsXKvG-6enVETZUaAQQM%2C.kx3pTO5qq_twKTTt9ymSkqEBlUE%2C

Request Chain 20

https://dmg.digitaltarget.ru/1/7322/i/i?i=987518822807632.679377311009913&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.dn:cl__vtb__ru.dn:vtb__ru.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7322/i/i?call_source=awg&ts=1704483450814&i=987518822807632.679377311009913&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.dn:cl__vtb__ru.dn:vtb__ru.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=o2eTvWhkkNaKDI07BaqC

Request Chain 21

https://dmg.digitaltarget.ru/1/7322/i/i?i=987518822807632.462663879677098&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.dn:cl__vtb__ru.dn:vtb__ru.adcm:hit.tg:psp_25%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7322/i/i?call_source=awg&ts=1704483450803&i=987518822807632.462663879677098&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.dn:cl__vtb__ru.dn:vtb__ru.adcm:hit.tg:psp_25%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=o2eTvWhkkNaKDN07BaDC

Request Chain 23

https://mc.yandex.com/watch/47142057?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A0%3Als%3A540081555056%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A217305454%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr(14%2C14)mc(h-3)clc(0-0-0)rqnt(1)aw(1)rcm(1)ecs(0)ti(1) HTTP 302
https://mc.yandex.com/watch/47142057/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A0%3Als%3A540081555056%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A217305454%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr%2814%2C14%29mc%28h-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29

Request Chain 24

https://mc.yandex.com/watch/75707491?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A3%3Adp%3A0%3Als%3A664769232517%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A550505647%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr(14%2C14%2C14)mc(h-3)clc(0-0-0)rqnt(1)aw(1)rcm(1)ecs(0)ti(1) HTTP 302
https://mc.yandex.com/watch/75707491/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A3%3Adp%3A0%3Als%3A664769232517%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A550505647%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr%2814%2C14%2C14%29mc%28h-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29

Request Chain 25

https://mc.yandex.com/watch/1087008?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A706843778390%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A19440635%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr(14)mc(h-3)clc(0-0-0)rqnt(1)aw(1)rcm(1)ecs(0)ti(1) HTTP 302
https://mc.yandex.com/watch/1087008/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A706843778390%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A19440635%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr%2814%29mc%28h-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29

Request Chain 39

https://dmg.digitaltarget.ru/1/7322/i/i?i=987518822807632.317796517345661&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.es:5.dn:cl__vtb__ru.dn:vtb__ru.adcm:hit.tg:adcmjs_noorient HTTP 307
https://sync.bumlam.com/?src=mt2 HTTP 302
https://sync.bumlam.com/?src=mt2&s_data=CAIQARiAteGsBqIBEOC8rbKsARHuhuAAJZDAZHw* HTTP 302
https://ad.mail.ru/cm.gif?p=155&id=e0bcadb2-ac01-11ee-86e0-002590c0647c

Request Chain 42

https://dmg.digitaltarget.ru/1/7322/i/i?i=987518822807632.104885510626092&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.es:10.dn:cl__vtb__ru.dn:vtb__ru.adcm:hit.tg:adcmjs_noorient HTTP 307
https://fnc.rt.ru/1/6532/i/i?i=oN68GSskBir6ABR77nrk&c=tg:rds_7322

46 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

vtb.ru
financelife.ru/company/
Redirect Chain

https://vtbcredit.ru/
http://financelife.ru/company/vtb.ru?r=n7o35tdi35phgt13nnzfjcidnufhgbba39qi4t1cn5qdwbi8s6hdrsbix5qd5nd7sykdj46hx8oisnij9tmfeti6szgiwne537hd4uijert9x8h84bdiez1f4ycxe87x4nofwocw3yhjst1ys68f5s6ux5tiz46i
http://financelife.ru/company/vtb.ru

360 B
824 B

43ms
43ms

Document
text/html

37.1.218.193
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://financelife.ru/company/vtb.ru
Protocol: HTTP/1.1
Server: 37.1.218.193 Meppel, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
Software: nginx / PHP/7.2.7
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Jan 2024 19:40:18 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.7

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 05 Jan 2024 19:40:18 GMT
Location: http://financelife.ru/company/vtb.ru
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.7

GET
H/1.1

200
OK

Primary Request / Show response
cl.vtb.ru/
Redirect Chain

https://sgkaa.com/g/9q7skj02ftbd0332044aeb1925566b/?erid=25H8d7vbP8SRTvG5CvuVeP&subid=d&subid1=29893
https://unicom24.ru/offer/rs/sbevuovfo83u?partner=16673&sub_id1=bc3263df91efa4a8cb0dd2feb5d54173&sub_id5=206454&sub_id3=eb1925566b
https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

9 KB
9 KB

548ms
84ms

Document
text/html

185.179.146.29
VTB-BANK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.146.29 , Russian Federation, ASN24823 (VTB-BANK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f0a4b8740b70ba39bf133e8c80d3786851747ca5719ea174e27a2db4e33493ec

Request headers

Referer: http://financelife.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 9295
Content-Type: text/html
Date: Fri, 05 Jan 2024 19:37:26 GMT
ETag: "6581e968-244f"
Last-Modified: Tue, 19 Dec 2023 19:05:12 GMT
Server: nginx

Redirect headers

cache-control: no-cache
content-language: ru
content-length: 845
content-type: text/html; charset=utf-8
date: Fri, 05 Jan 2024 19:37:29 GMT
expires: Fri, 05 Jan 2024 19:37:28 GMT
location: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
request-id: 3b7d50ceca53d075602a112ef2ae44a6
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Language, Cookie
x-frame-options: ALLOWALL

GET
H2 200 loader.js Show response
vtb.api.flocktory.com/v2/ 168 KB
61 KB 287ms
84ms Script
application/javascript 88.212.232.65
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://vtb.api.flocktory.com/v2/loader.js?site_id=2813
Requested by: Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.232.65 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: ycalb /
Resource Hash: a5f3209fff1a3463050a06a0ad615adf4826409e6d08d5dea1707eb264734728

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:26 GMT
content-encoding: gzip
last-modified: Mon, 16 Oct 2023 08:34:33 GMT
server: ycalb
x-amz-meta-s3cmd-attrs: atime:1697445076/ctime:1697445176/gid:0/gname:root/md5:91eee3f56e2eb9d188d15e598850ae23/mode:33188/mtime:1697445076/uid:0/uname:root
x-amz-request-id: 8e073fddd3ea49ec9cee48de80bdea65
etag: W/"91eee3f56e2eb9d188d15e598850ae23"
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
expires: Fri, 05 Jan 2024 19:37:25 GMT

GET
H/1.1 200
OK main.6e2175867a5dfc201102.css
cl.vtb.ru/ 1016 KB
1016 KB 78ms
77ms Stylesheet
text/css 185.179.146.29
VTB-BANK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.vtb.ru/main.6e2175867a5dfc201102.css
Requested by: Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.146.29 , Russian Federation, ASN24823 (VTB-BANK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2e8da48f3141fbf051273bada54d0b32ea21d437a1990189e8e83a959771015a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 19:37:26 GMT
Last-Modified: Tue, 19 Dec 2023 19:05:12 GMT
Server: nginx
ETag: "6581e968-fde90"
Content-Type: text/css
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1040016

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ 3 KB
3 KB 299ms
74ms Script
application/javascript 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 19:37:27 GMT
Last-Modified: Fri, 05 Jan 2024 19:34:24 GMT
Server: nginx
ETag: "659859c0-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H/1.1 200
OK runtime~main.6e2175867a5dfc201102.js Show response
cl.vtb.ru/ 3 KB
3 KB 226ms
81ms Script
application/javascript 185.179.146.29
VTB-BANK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.vtb.ru/runtime~main.6e2175867a5dfc201102.js
Requested by: Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.146.29 , Russian Federation, ASN24823 (VTB-BANK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 07e5f31f750be25a2d6974f2ea2a5c970a24701a4613defdd0647b2a509b3f88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 19:37:26 GMT
Last-Modified: Tue, 19 Dec 2023 19:05:59 GMT
Server: nginx
ETag: "6581e997-c69"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3177

GET
H/1.1 200
OK vendors~main.6e2175867a5dfc201102.js Show response
cl.vtb.ru/ 2 MB
2 MB 300ms
155ms Script
application/javascript 185.179.146.29
VTB-BANK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.vtb.ru/vendors~main.6e2175867a5dfc201102.js
Requested by: Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.146.29 , Russian Federation, ASN24823 (VTB-BANK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 36fecb4b0814ca587daf48b8cb7a9d6a80d319716e9d7793a3abc893369a0201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 19:37:26 GMT
Last-Modified: Tue, 19 Dec 2023 19:05:12 GMT
Server: nginx
ETag: "6581e968-1a0e57"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1707607

GET
H/1.1 200
OK main.6e2175867a5dfc201102.js Show response
cl.vtb.ru/ 451 KB
451 KB 246ms
87ms Script
application/javascript 185.179.146.29
VTB-BANK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.vtb.ru/main.6e2175867a5dfc201102.js
Requested by: Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.179.146.29 , Russian Federation, ASN24823 (VTB-BANK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f4cd24e95598709c589e0f2b86c1a773427ca09aee561b524c920e02b3336ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 19:37:26 GMT
Last-Modified: Tue, 19 Dec 2023 19:05:59 GMT
Server: nginx
ETag: "6581e997-70ad7"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 461527

GET
H2 200 provider.html Show response
api.flocktory.com/v2/provider/ Frame BAF7 38 KB
14 KB 396ms
154ms Document
text/html 130.193.52.39
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flocktory.com/v2/provider/provider.html
Requested by: Host: vtb.api.flocktory.com
URL: https://vtb.api.flocktory.com/v2/loader.js?site_id=2813
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.193.52.39 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: ycalb /
Resource Hash: 779d22ca76e46b710cb397b13e619b9476d56539c528886d512a621b527a49d3

Request headers

Referer: https://cl.vtb.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: max-age=15552000,max-age=604800,public, must-revalidate, proxy-revalidate
content-encoding: gzip
content-type: text/html
date: Fri, 05 Jan 2024 19:37:27 GMT
etag: W/"657aaeca-9838"
expires: Wed, 03 Jul 2024 19:37:27 GMT
last-modified: Thu, 14 Dec 2023 07:29:14 GMT
pragma: public
server: ycalb
vary: Accept-Encoding

GET
H2 200 setup-api.js Show response
vtb.api.flocktory.com/u_shaman/ 1 KB
1 KB 102ms
102ms Script
application/javascript 88.212.232.65
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL

https://vtb.api.flocktory.com/u_shaman/setup-api.js?body=%7B%22siteId%22%3A%222813%22%2C%22utm%22%3A%7B%22source%22%3A%22unicom24%22%2C%22medium%22%3A%22cpa%22%2C%22campaign%22%3A%22cpa_kn_unicom24_16673_206454%22%2C%22term%22%3A%22%22%2C%22content%22%3A%2255ee08925a74fff0329f4c40f40e0ccf%22%7D%2C%22site-session-id%22%3A%22a45b6b15-2ed0-4baf-bea7-e7aadc07cb75-4%22%7D&callback=flock_jsonp_1

Requested by

Host: vtb.api.flocktory.com
URL: https://vtb.api.flocktory.com/v2/loader.js?site_id=2813

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.212.232.65 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

ycalb /

Resource Hash

d92af9979a9b82315ced3936bd88933ceaeda086820049c4c3ff447f59abf37c

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
Strict-Transport-Security	max-age=31536000; includeSubdomains, max-age=0;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 Jan 2024 19:37:27 GMT
x-envoy-decorator-operation: site-api.production.svc.cluster.local:80/*
server: ycalb
strict-transport-security: max-age=31536000; includeSubdomains, max-age=0;
x-permitted-cross-domain-policies: none
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
content-length: 565
x-xss-protection: 1; mode=block

GET
H2 200 ultimate.js
vtb.api.flocktory.com/underworld/tracks/ 33 B
33 B 85ms
85ms Image
application/javascript 88.212.232.65
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vtb.api.flocktory.com/underworld/tracks/ultimate.js?body=%7B%22data%22%3A%7B%22action%22%3A%22session.page_visit%22%2C%22payload%22%3A%7B%22resolution%22%3A%221600x1200%22%2C%22ga%22%3A%7B%22utmcsr%22%3A%22unicom24%22%2C%22utmccn%22%3A%22cpa_kn_unicom24_16673_206454%22%2C%22utmcmd%22%3A%22cpa%22%2C%22h_utmcsr%22%3A%22unicom24%22%2C%22h_utmccn%22%3A%22cpa_kn_unicom24_16673_206454%22%2C%22h_utmcmd%22%3A%22cpa%22%7D%2C%22url%22%3A%22https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf%22%7D%2C%22links%22%3A%7B%22site%22%3A2813%7D%7D%2C%22site-session-id%22%3A%22a45b6b15-2ed0-4baf-bea7-e7aadc07cb75-4%22%7D&callback=flock_jsonp_9999

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.212.232.65 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

ycalb /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:27 GMT
content-encoding: gzip
x-envoy-decorator-operation: tracks-general.production.svc.cluster.local:80/*
strict-transport-security: max-age=0;
server: ycalb
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
content-length: 51

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 336ms
166ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Fri, 05 Jan 2024 20:37:28 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 44 KB
19 KB 462ms
171ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

797d36c5083f2539d2db1a563ebfa9e7a0a81f33fbb5216a64b4ad0bb6b60fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 12 Dec 2023 14:12:54 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"65786a66-af43"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 05 Jan 2024 20:37:30 GMT

GET
H2

200

openapi.917ca96d9331f956d945e39706791fde.js Show response
vk.com/dist/public/api/
Redirect Chain

https://vk.com/js/api/openapi.js?168
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168

56 KB
21 KB

146ms
146ms

Script
application/x-javascript

87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168
Requested by: Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf
Protocol: H2
Server: 87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv72-132-240-87.vk.com
Software: kittenx /
Resource Hash: 8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-trace-id: ijtam6S_GWfVkjeEZECiZrewvoT_vw
date: Fri, 05 Jan 2024 19:37:30 GMT
content-encoding: gzip
x-frontend: front224204
last-modified: Mon, 23 Oct 2023 22:26:41 GMT
server: kittenx
etag: W/"6536f321-e147"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Tue, 09 Jan 2024 19:37:30 GMT

Redirect headers

x-trace-id: 7nvGvODMwTOfi0GrjpUZQvlTbEeKfQ
date: Fri, 05 Jan 2024 19:37:30 GMT
content-encoding: gzip
x-frontend: front224204
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115466
content-type: text/html; charset=windows-1251
location: /dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 20

GET
H2 403 pixel.js
pixel.kbki.ru/ 0
0 243ms
46ms Script
text/html 91.215.42.230
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.kbki.ru/pixel.js
Requested by: Host: financelife.ru
URL: http://financelife.ru/company/vtb.ru
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.215.42.230 , Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 39 KB
39 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b689d7c70b66d07e23a6284549d4791305ba5cfb0b8e4970a674575471d58acb

Request headers

Referer
Origin: https://cl.vtb.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 39 KB
39 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49d39af2689c62558b54c56a30f191cb9b2b125054384e5889eebbb9fc0ab5aa

Request headers

Referer
Origin: https://cl.vtb.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 521380181ef0c188eca315ec2e5f83cead10006712ed053ce1071043ee5bc155

Request headers

Referer
Origin: https://cl.vtb.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10239.gcFYc7j8i4B38t5xBl4EZZnk2ZjcskHC0_DU33MpwNnrFIpOwO68P7_wxvEGyNNR.C6zlASKmT-shRlqlcYIDwXjpvJM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10239.OYdJ8P9uxhPM4alPucRFrdczPKr2L5US7x-X9tY23Cfl81TnwXJsE5tc6XpXYsGKHPhFhaDBHJzi6jpo4bVi4whPnbLIrgWHpCYrAGW_nAtsa0OjwGj1Xhrj2a9pOLyfiFQsnDbNYW...

43 B
675 B

88ms
88ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10239.OYdJ8P9uxhPM4alPucRFrdczPKr2L5US7x-X9tY23Cfl81TnwXJsE5tc6XpXYsGKHPhFhaDBHJzi6jpo4bVi4whPnbLIrgWHpCYrAGW_nAtsa0OjwGj1Xhrj2a9pOLyfiFQsnDbNYWV8LNfYH5z0cxkbRibsF1wHAEavovOaqjJW6Nhx8pbDoazlxGSNa-OYKevGIYDzJyvumDRIvsAX0IEIsXKvG-6enVETZUaAQQM%2C.kx3pTO5qq_twKTTt9ymSkqEBlUE%2C

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10239.OYdJ8P9uxhPM4alPucRFrdczPKr2L5US7x-X9tY23Cfl81TnwXJsE5tc6XpXYsGKHPhFhaDBHJzi6jpo4bVi4whPnbLIrgWHpCYrAGW_nAtsa0OjwGj1Xhrj2a9pOLyfiFQsnDbNYWV8LNfYH5z0cxkbRibsF1wHAEavovOaqjJW6Nhx8pbDoazlxGSNa-OYKevGIYDzJyvumDRIvsAX0IEIsXKvG-6enVETZUaAQQM%2C.kx3pTO5qq_twKTTt9ymSkqEBlUE%2C
date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
522 B 83ms
83ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 05 Jan 2024 20:37:30 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ 16 KB
16 KB 147ms
147ms Script
application/javascript 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=853829277520571
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 19:37:30 GMT
Last-Modified: Fri, 05 Jan 2024 19:34:25 GMT
Server: nginx
ETag: "659859c1-3e23"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15907

GET
H2

200

counter
top-fwz1.mail.ru/
Redirect Chain

https://dmg.digitaltarget.ru/1/7322/i/i?i=987518822807632.679377311009913&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.dn:cl__vtb__ru.dn:vtb__ru...
https://dmg.digitaltarget.ru/awg/custom/7322/i/i?call_source=awg&ts=1704483450814&i=987518822807632.679377311009913&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn...
https://top-fwz1.mail.ru/counter?id=3210372;pid=o2eTvWhkkNaKDI07BaqC

43 B
875 B

85ms
85ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=o2eTvWhkkNaKDI07BaqC

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:30 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Fri, 05 Jan 2024 19:37:30 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=o2eTvWhkkNaKDI07BaqC
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

counter
top-fwz1.mail.ru/
Redirect Chain

https://dmg.digitaltarget.ru/1/7322/i/i?i=987518822807632.462663879677098&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.dn:cl__vtb__ru.dn:vtb__ru...
https://dmg.digitaltarget.ru/awg/custom/7322/i/i?call_source=awg&ts=1704483450803&i=987518822807632.462663879677098&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn...
https://top-fwz1.mail.ru/counter?id=3210372;pid=o2eTvWhkkNaKDN07BaDC

43 B
875 B

86ms
86ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=o2eTvWhkkNaKDN07BaDC

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:30 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Fri, 05 Jan 2024 19:37:30 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=o2eTvWhkkNaKDN07BaDC
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 rtrg
vk.com/ 49 B
397 B 84ms
84ms Image
image/gif 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-906800-hpGNs&metatag_url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&metatag_title=%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv72-132-240-87.vk.com

Software

kittenx / KPHP/7.4.115466

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-trace-id: LzNN-rfc4GAn6etCRyNb66MwszQTrg
date: Fri, 05 Jan 2024 19:37:30 GMT
content-encoding: gzip
x-frontend: front224204
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115466
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2

200

1 Show response
mc.yandex.com/watch/47142057/
Redirect Chain

https://mc.yandex.com/watch/47142057?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a7...
https://mc.yandex.com/watch/47142057/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925...

484 B
520 B

90ms
90ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47142057/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A0%3Als%3A540081555056%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A217305454%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr%2814%2C14%29mc%28h-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

eba4a2ed1dce5c35d6016b6798c54f6f6162b60e58a5e86c3e1167fe0724f5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 05-Jan-2024 19:37:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 484
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 19:37:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/47142057/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A0%3Als%3A540081555056%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A217305454%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr%2814%2C14%29mc%28h-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:30 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/75707491/
Redirect Chain

https://mc.yandex.com/watch/75707491?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a7...
https://mc.yandex.com/watch/75707491/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925...

430 B
522 B

88ms
88ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/75707491/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A3%3Adp%3A0%3Als%3A664769232517%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A550505647%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr%2814%2C14%2C14%29mc%28h-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e86c36443f6bb51ec5622095c0936312f652e4c03874f698804c431996f8fd26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 05-Jan-2024 19:37:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 430
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 19:37:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/75707491/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A3%3Adp%3A0%3Als%3A664769232517%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A550505647%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr%2814%2C14%2C14%29mc%28h-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:30 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/1087008/
Redirect Chain

https://mc.yandex.com/watch/1087008?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74...
https://mc.yandex.com/watch/1087008/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a...

465 B
501 B

83ms
83ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1087008/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A706843778390%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A19440635%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr%2814%29mc%28h-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

532874b4fa46fcd0c8bc8553284513740341dbb6459c8549d14c93b80838a72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 05-Jan-2024 19:37:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 465
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 19:37:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/1087008/1?wmode=7&page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A706843778390%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483450%3Ac%3A1%3Arn%3A19440635%3Arqn%3A1%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C229%2C84%2C1%2C1060%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr%2814%29mc%28h-3%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ecs%280%29ti%281%29
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:30 GMT

GET
H2 200 dyn-goal-config.js Show response
top-fwz1.mail.ru/js/ 2 KB
2 KB 89ms
88ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=2958737

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

489b36c66d89d768b386541c192b3e8e00f5f562236f2e89834fe8269a6e2797

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 05 Jan 2024 19:47:30 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
961 B 87ms
87ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.05210102728905963;id=2958737;u=https%3A//cl.vtb.ru/%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf;r=http%3A//financelife.ru/;st=1704483450453;title=%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=c23da4c1d299bbb5;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ct=5620/5627/5627/;gl=u;ni=10//4g/0/0/;lvid=1704483450767%3A1704483450775%3A1%3Ab7f50e501091d7c6452d22983ec026c9;opts=jst-ym-vk;visible=true;js=13

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:30 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 sync_cookie_image_check
mc.yandex.com/ 43 B
79 B 89ms
88ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_check

Requested by

Host: cl.vtb.ru
URL: https://cl.vtb.ru/?utm_source=unicom24&utm_medium=cpa&utm_campaign=cpa_kn_unicom24_16673_206454&utm_content=55ee08925a74fff0329f4c40f40e0ccf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:30 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H2 200 1087008
mc.yandex.com/watch/ 43 B
0 84ms
84ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1087008?page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1704483450_3fe446dd7d981976215cc38de79728bff705b3573ec5d300b0f64aadf3cab1ec&browser-info=pv%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A706843778390%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483451%3Ac%3A1%3Arn%3A1002568847%3Arqn%3A2%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C3703%2C1%2C%2C%2C%2C5313%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1704483445140%3Afp%3A5333%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr(14%2C14%2C14%2C14)mc(h-3)clc(0-0-0)rqnt(2)lt(210500)aw(1)rcm(1)ecs(0)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 19:37:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:31 GMT

GET
H2 200 47142057
mc.yandex.com/watch/ 43 B
0 86ms
86ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47142057?page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1704483450_8668d1fd4db14c16d605448c25045f57a537f0b09adc3063d6111c0a11a9998c&browser-info=pv%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A540081555056%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483451%3Ac%3A1%3Arn%3A766755332%3Arqn%3A2%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C3703%2C1%2C%2C%2C%2C5313%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1704483445140%3Afp%3A5333%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr(14%2C14%2C14%2C14%2C14)mc(h-3)clc(0-0-0)rqnt(2)lt(210500)aw(1)rcm(1)ecs(0)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 19:37:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:31 GMT

GET
H2 200 75707491
mc.yandex.com/watch/ 43 B
0 90ms
90ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/75707491?page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&page-ref=http%3A%2F%2Ffinancelife.ru%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1704483450_ebaa07046093d4a22d54889bec3c7e77d7192ca0f2637876ecad1c41e82a9dc1&browser-info=pv%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A3%3Adp%3A1%3Als%3A664769232517%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203730%3Aet%3A1704483451%3Ac%3A1%3Arn%3A439710408%3Arqn%3A2%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C3703%2C1%2C%2C%2C%2C5313%3Aco%3A0%3Acpf%3A1%3Ans%3A1704483445140%3Afp%3A5333%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483451%3At%3A%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82&t=gdpr(14%2C14%2C14%2C14%2C14%2C14)mc(h-3)clc(0-0-0)rqnt(2)lt(210500)aw(1)rcm(1)ecs(0)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 19:37:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:31 GMT

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
876 B 86ms
85ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?_=0.0303049990377815;id=2958737;u=https%3A//cl.vtb.ru/%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf;r=http%3A//financelife.ru/;st=1704483450453;title=%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=c23da4c1d299bbb5;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1704483445140/////1060/1296/1296/1296/1525/1371/1525/1609/1610/1611/5313/5313/5314/5886/5886/5886;ct=5620/5627/5627/5636;gl=u;ni=10//4g/0/0/;lvid=1704483450767%3A1704483451027%3A2%3Ab7f50e501091d7c6452d22983ec026c9;opts=jst-ym-vk;visible=true;js=13;e=RT/load;et=1704483451026

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:31 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 js.js Show response
spb01-static.juicyscore.com/static/ 254 KB
74 KB 3194ms
90ms Script
application/javascript 89.248.204.154
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://spb01-static.juicyscore.com/static/js.js
Requested by: Host: financelife.ru
URL: http://financelife.ru/company/vtb.ru
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.248.204.154 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 642b18ff7c21faca25997dbf58de034094f28d817f372c30c5eacfd699f66745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://cl.vtb.ru
date: Fri, 05 Jan 2024 19:37:35 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript

GET
H2 200 dyn-goal-config.js Show response
top-fwz1.mail.ru/js/ 2 KB
2 KB 3041ms
3041ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3077857

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

489b36c66d89d768b386541c192b3e8e00f5f562236f2e89834fe8269a6e2797

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 05 Jan 2024 19:47:34 GMT

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bf8ad409460689286bdad956018fd74622408f814c2499304776799d2a2863c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
877 B 3031ms
3030ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.8663637047909256;id=3077857;u=https%3A//cl.vtb.ru/%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf;r=http%3A//financelife.ru/;st=1704483450453;title=%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=c23da4c1d299bbb5;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ct=5620/5627/5627/5636;gl=u;ni=10//4g/0/0/;lvid=1704483450767%3A1704483451909%3A3%3Ab7f50e501091d7c6452d22983ec026c9;opts=sec%2Cjst-ym-vk;visible=true;js=13

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:34 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 p.json Show response
spb01-static.juicyscore.com/static/ 1 KB
1 KB 66ms
66ms Fetch
application/json 89.248.204.154
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://spb01-static.juicyscore.com/static/p.json
Requested by: Host: spb01-static.juicyscore.com
URL: https://spb01-static.juicyscore.com/static/js.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.248.204.154 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: a95d578c4275dd7abf69eb64921945258ac3e77325b9f7a740dc8dcdab0b4e84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:35 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cl.vtb.ru
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
content-length: 1062

POST
H2 200 / Show response
spb01-static.juicyscore.com/data/ 90 B
652 B 231ms
85ms Fetch
application/json 2a00:ab00:501:14b::2
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://spb01-static.juicyscore.com/data/?juicyLabsSession=w.20240105193735e045b88a-ac01-11ee-847b-2ec474d5d1e5.C&ver=js-15.10.0
Requested by: Host: spb01-static.juicyscore.com
URL: https://spb01-static.juicyscore.com/static/js.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:ab00:501:14b::2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 181d4f2ed1c18d916cbff8e150b47cd155761078e6606fc579532c088c416f61

Request headers

Referer: https://cl.vtb.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryqE2LFPVZxZklivoj

Response headers

date: Fri, 05 Jan 2024 19:37:35 GMT
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
js-response-time: 0.015
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cl.vtb.ru
js-request-content-length: 7115
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
content-length: 90

GET
H/1.1

200
OK

cm.gif
ad.mail.ru/
Redirect Chain

https://dmg.digitaltarget.ru/1/7322/i/i?i=987518822807632.317796517345661&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.es:5.dn:cl__vtb__ru.dn:vt...
https://sync.bumlam.com/?src=mt2
https://sync.bumlam.com/?src=mt2&s_data=CAIQARiAteGsBqIBEOC8rbKsARHuhuAAJZDAZHw*
https://ad.mail.ru/cm.gif?p=155&id=e0bcadb2-ac01-11ee-86e0-002590c0647c

43 B
452 B

286ms
80ms

Image
image/gif

2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=155&id=e0bcadb2-ac01-11ee-86e0-002590c0647c
Protocol: HTTP/1.1
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 19:37:36 GMT
Last-Modified: Fri, 05 Jan 2024 19:37:36 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sat, 06 Jan 2024 01:37:36 GMT

Redirect headers

Date: Fri, 05 Jan 2024 19:37:36 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ad.mail.ru/cm.gif?p=155&id=e0bcadb2-ac01-11ee-86e0-002590c0647c
Access-Control-Allow-Origin: https://cl.vtb.ru
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

POST
H2 200 / Show response
spb01-static.juicyscore.com/data/ 90 B
651 B 83ms
82ms Fetch
application/json 2a00:ab00:501:14b::2
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://spb01-static.juicyscore.com/data/?juicyLabsSession=w.20240105193735e045b88a-ac01-11ee-847b-2ec474d5d1e5.C&sid=e045b88a-ac01-11ee-847b-2ec474d5d1e5&ver=js-15.10.0
Requested by: Host: spb01-static.juicyscore.com
URL: https://spb01-static.juicyscore.com/static/js.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:ab00:501:14b::2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 181d4f2ed1c18d916cbff8e150b47cd155761078e6606fc579532c088c416f61

Request headers

Referer: https://cl.vtb.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary2W5BfqSJ1N9UE5xq

Response headers

date: Fri, 05 Jan 2024 19:37:36 GMT
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
js-response-time: 0.012
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://cl.vtb.ru
js-request-content-length: 1984
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
content-length: 90

POST
H2 200 / Show response
spb01-static.juicyscore.com/event/ 90 B
378 B 237ms
91ms Fetch
application/json 2a00:ab00:501:14b::2
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://spb01-static.juicyscore.com/event/?juicyLabsSession=w.20240105193735e045b88a-ac01-11ee-847b-2ec474d5d1e5.C&sid=e045b88a-ac01-11ee-847b-2ec474d5d1e5&ver=js-15.10.0
Requested by: Host: spb01-static.juicyscore.com
URL: https://spb01-static.juicyscore.com/static/js.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:ab00:501:14b::2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 181d4f2ed1c18d916cbff8e150b47cd155761078e6606fc579532c088c416f61

Request headers

Referer: https://cl.vtb.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarygOwooOm2SGPEqc5q

Response headers

date: Fri, 05 Jan 2024 19:37:39 GMT
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Downlink
js-response-time: 0.018
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
js-request-content-length: 1379
content-length: 90

GET

i
fnc.rt.ru/1/6532/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7322/i/i?i=987518822807632.104885510626092&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.es:10.dn:cl__vtb__ru.dn:v...
https://fnc.rt.ru/1/6532/i/i?i=oN68GSskBir6ABR77nrk&c=tg:rds_7322

0
0

POST
H2 200 1
mc.yandex.com/watch/1087008/ 43 B
74 B 90ms
90ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1087008/1?page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&charset=utf-8&hittoken=1704483450_3fe446dd7d981976215cc38de79728bff705b3573ec5d300b0f64aadf3cab1ec&browser-info=nb%3A1%3Acl%3A457%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A706843778390%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203745%3Aet%3A1704483465%3Ac%3A1%3Arn%3A545879172%3Arqn%3A3%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5886%2C5886%2C0%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483465&t=gdpr(14%2C14%2C14%2C14%2C14%2C14)mc(h-3)clc(0-0-0)rqnt(3)lt(252600)aw(1)rcm(1)ecs(0)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct.e%22%3A%22ns%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:45 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 19:37:45 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:45 GMT

POST
H2 200 1
mc.yandex.com/watch/47142057/ 43 B
146 B 85ms
85ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47142057/1?page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&charset=utf-8&hittoken=1704483450_8668d1fd4db14c16d605448c25045f57a537f0b09adc3063d6111c0a11a9998c&browser-info=nb%3A1%3Acl%3A465%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A540081555056%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203745%3Aet%3A1704483465%3Ac%3A1%3Arn%3A143305760%3Arqn%3A3%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5886%2C5886%2C0%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483465&t=gdpr(14%2C14%2C14%2C14%2C14%2C14)mc(h-3)clc(0-0-0)rqnt(3)lt(252600)aw(1)rcm(1)ecs(0)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct.e%22%3A%22ns%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:45 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 19:37:45 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:45 GMT

POST
H2 200 1
mc.yandex.com/watch/75707491/ 43 B
74 B 86ms
86ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/75707491/1?page-url=https%3A%2F%2Fcl.vtb.ru%2F%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf&charset=utf-8&hittoken=1704483450_ebaa07046093d4a22d54889bec3c7e77d7192ca0f2637876ecad1c41e82a9dc1&browser-info=nb%3A1%3Acl%3A449%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A3%3Adp%3A1%3Als%3A664769232517%3Ahid%3A790521041%3Az%3A60%3Ai%3A20240105203745%3Aet%3A1704483465%3Ac%3A1%3Arn%3A466961348%3Arqn%3A3%3Au%3A1704483450760072152%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5886%2C5886%2C0%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1704483445140%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704483465&t=gdpr(14%2C14%2C14%2C14%2C14%2C14)mc(h-3)clc(0-0-0)rqnt(3)lt(252600)aw(1)rcm(1)ecs(0)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct.e%22%3A%22ns%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 19:37:45 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05-Jan-2024 19:37:45 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://cl.vtb.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Jan-2024 19:37:45 GMT

GET
H/1.1 200
OK i
dmg.digitaltarget.ru/1/7322/i/ 49 B
555 B 84ms
84ms Image
image/gif 185.15.175.148
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7322/i/i?i=987518822807632.233940461686921&pref=http%3A%2F%2Ffinancelife.ru%2F&c=xdua:duMt5QMFF7Jh3lmmVbfEToPv.xps:xpsAMniwn1KI65gofBxz8r8XA.dn:cl__vtb__ru.dn:vtb__ru.adcm:hit.tg:nobounce%20adcmjs_noorient

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.15.175.148 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 19:37:45 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
875 B 86ms
85ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?_=0.5685226823456055;id=2958737;u=https%3A//cl.vtb.ru/%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf;r=http%3A//financelife.ru/;st=1704483450453;title=%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=c23da4c1d299bbb5;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ct=5620/5627/5627/5636;gl=u;ni=10//4g/0/0/;detect=0;lvid=1704483450767%3A1704483466028%3A4%3Ab7f50e501091d7c6452d22983ec026c9;opts=jst-ym-vk;visible=true;js=13;e=PVT/15

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
874 B 87ms
87ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?_=0.1103798999260448;id=3077857;u=https%3A//cl.vtb.ru/%3Futm_source%3Dunicom24%26utm_medium%3Dcpa%26utm_campaign%3Dcpa_kn_unicom24_16673_206454%26utm_content%3D55ee08925a74fff0329f4c40f40e0ccf;r=http%3A//financelife.ru/;st=1704483450453;title=%D0%97%D0%B0%D1%8F%D0%B2%D0%BA%D0%B0%20%D0%BD%D0%B0%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%92%D0%A2%D0%91.%20%D0%9E%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%BC%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D1%87%D0%B5%D1%80%D0%B5%D0%B7%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=c23da4c1d299bbb5;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ct=5620/5627/5627/5636;gl=u;ni=10//4g/0/0/;detect=0;lvid=1704483450767%3A1704483466028%3A5%3Ab7f50e501091d7c6452d22983ec026c9;opts=sec%2Cjst-ym-vk;visible=true;js=13;e=PVT/15

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cl.vtb.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:37:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fnc.rt.ru
URL: https://fnc.rt.ru/1/6532/i/i?i=oN68GSskBir6ABR77nrk&c=tg:rds_7322

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
unicom24.ru/	1969-12-31 23:59:59	Name: redirect_hash Value: 55ee08925a74fff0329f4c40f40e0ccf
unicom24.ru/	1969-12-31 23:59:59	Name: rid Value: 89745599
unicom24.ru/	1970-01-20 21:55:53	Name: sessionid Value: 669k2707d97ltdwglbx144ngdlkbg5rt
cl.vtb.ru/	1970-01-21 01:27:34	Name: flocktory-uuid Value: a45b6b15-2ed0-4baf-bea7-e7aadc07cb75-4
.flocktory.com/	1970-01-21 03:04:03	Name: __flocktory-web_session2 Value: 97a5adff-22ff-4681-95f1bae81e169ec2
.yandex.ru/	1970-01-21 03:04:03	Name: i Value: 1bJOXFHe/8JzLpdzGaVoKYU6pukHpAfY3B0sYm+DOI/JnNFxXWHO2yLfXXX9konaEYXH0AXneLQSvr5+6C9MAxPNgVs=
.yandex.ru/	1970-01-21 03:04:03	Name: yandexuid Value: 2928208701704483448
.vtb.ru/	1970-01-20 17:28:21	Name: client_source Value: {"utmSource":"unicom24","utmMedium":"cpa","utmCampaign":"cpa_kn_unicom24_16673_206454","utmTerm":"(not set)","utmContent":"55ee08925a74fff0329f4c40f40e0ccf","utmGa":"","actionId":""}
cl.vtb.ru/	1969-12-31 23:59:59	Name: utm_source Value: unicom24
cl.vtb.ru/	1969-12-31 23:59:59	Name: utm_medium Value: cpa
cl.vtb.ru/	1969-12-31 23:59:59	Name: utm_campaign Value: cpa_kn_unicom24_16673_206454
cl.vtb.ru/	1969-12-31 23:59:59	Name: utm_term Value: (not%20set)
cl.vtb.ru/	1969-12-31 23:59:59	Name: utm_content Value: 55ee08925a74fff0329f4c40f40e0ccf
.vtb.ru/	1970-01-21 02:13:39	Name: _ym_uid Value: 1704483450760072152
.vtb.ru/	1970-01-21 02:13:39	Name: _ym_d Value: 1704483450
.vk.com/	1970-01-21 02:17:31	Name: remixlang Value: 6
.vk.com/	1970-01-21 02:13:39	Name: remixstlid Value: 9105314316374135554_YY1KYZcVBYOwGZzuvandMQ0woFYsJExlRtWl5GyqL8H
.mc.yandex.com/	1970-01-20 17:28:04	Name: sync_cookie_csrf Value: 118521143fake
.vtb.ru/	1970-01-20 17:29:15	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:28:04	Name: sync_cookie_csrf Value: 4103945398fake
.yandex.com/	1970-01-21 02:13:39	Name: yandexuid Value: 2928208701704483448
.yandex.com/	1970-01-21 02:13:39	Name: yuidss Value: 2928208701704483448
.yandex.com/	1970-01-21 03:04:03	Name: i Value: 1bJOXFHe/8JzLpdzGaVoKYU6pukHpAfY3B0sYm+DOI/JnNFxXWHO2yLfXXX9konaEYXH0AXneLQSvr5+6C9MAxPNgVs=
.yandex.com/	1970-01-21 03:04:03	Name: yp Value: 1704569850.yu.4786581571704483450
.mc.yandex.com/	1970-01-20 17:29:29	Name: sync_cookie_ok Value: synced
.vtb.ru/	1970-01-21 01:27:34	Name: tmr_lvid Value: b7f50e501091d7c6452d22983ec026c9
.vtb.ru/	1970-01-21 01:27:34	Name: tmr_lvidTS Value: 1704483450767
.yandex.com/	1970-01-21 02:13:39	Name: ymex Value: 1707075450.oyu.4786581571704483450#1736019450.yrts.1704483450
.yandex.com/	1970-01-21 02:13:39	Name: bh Value: KgI/MA==
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 805771621704483450
.dmg.digitaltarget.ru/	1970-01-21 03:04:03	Name: viuserid Value: o2eTvWhkkNaKDI07BaqC
.vtb.ru/	1970-01-20 17:28:05	Name: _ym_visorc Value: b
cl.vtb.ru/	1970-01-20 17:29:29	Name: tmr_detect Value: 0%7C1704483453029
.bumlam.com/	1970-01-21 03:04:03	Name: suuid3 Value: IiRlMGJjYWRiMi1hYzAxLTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.mail.ru/	1970-01-21 02:15:05	Name: VID Value: 31qBxF2K7iYM00001B2MbCIM:::0-0-0-ab2b33a-0:CAASEFVhMN-iL_rWCdzykGDQP1caYGfnBds4JiIVof25rrlW-IVrqEYJBfFNF3JYoF7odZdsMDc0_C7rHGm_r8b5NlR9nfeclBW4oUdB_Lnjgnqk7aNlvAwKA9PXiGfLqMoKxCj4iqsYe79a_6DQA1JhoS1qKg

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pixel.kbki.ru/pixel.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://spb01-static.juicyscore.com/static/js.js(Line 4) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
rendering	warning	URL: https://spb01-static.juicyscore.com/static/js.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://spb01-static.juicyscore.com/static/js.js(Line 4) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
api.flocktory.com
cl.vtb.ru
dmg.digitaltarget.ru
financelife.ru
fnc.rt.ru
mc.yandex.com
mc.yandex.ru
pixel.kbki.ru
sgkaa.com
spb01-static.juicyscore.com
sync.bumlam.com
tag.digitaltarget.ru
top-fwz1.mail.ru
unicom24.ru
vk.com
vtb.api.flocktory.com
vtbcredit.ru
fnc.rt.ru
130.193.52.39
185.15.175.146
185.15.175.148
185.179.146.29
185.26.99.247
2a00:1148:db00::17
2a00:ab00:501:14b::2
2a02:6b8::1:119
31.172.81.172
37.1.218.193
5.178.86.67
87.240.132.72
88.212.232.65
89.248.204.154
91.193.180.124
91.215.42.230
95.163.52.67
07e5f31f750be25a2d6974f2ea2a5c970a24701a4613defdd0647b2a509b3f88
181d4f2ed1c18d916cbff8e150b47cd155761078e6606fc579532c088c416f61
1bf8ad409460689286bdad956018fd74622408f814c2499304776799d2a2863c
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2e8da48f3141fbf051273bada54d0b32ea21d437a1990189e8e83a959771015a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
36fecb4b0814ca587daf48b8cb7a9d6a80d319716e9d7793a3abc893369a0201
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
489b36c66d89d768b386541c192b3e8e00f5f562236f2e89834fe8269a6e2797
49d39af2689c62558b54c56a30f191cb9b2b125054384e5889eebbb9fc0ab5aa
521380181ef0c188eca315ec2e5f83cead10006712ed053ce1071043ee5bc155
532874b4fa46fcd0c8bc8553284513740341dbb6459c8549d14c93b80838a72c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a
642b18ff7c21faca25997dbf58de034094f28d817f372c30c5eacfd699f66745
779d22ca76e46b710cb397b13e619b9476d56539c528886d512a621b527a49d3
797d36c5083f2539d2db1a563ebfa9e7a0a81f33fbb5216a64b4ad0bb6b60fd9
8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
a5f3209fff1a3463050a06a0ad615adf4826409e6d08d5dea1707eb264734728
a95d578c4275dd7abf69eb64921945258ac3e77325b9f7a740dc8dcdab0b4e84
b689d7c70b66d07e23a6284549d4791305ba5cfb0b8e4970a674575471d58acb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d92af9979a9b82315ced3936bd88933ceaeda086820049c4c3ff447f59abf37c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86c36443f6bb51ec5622095c0936312f652e4c03874f698804c431996f8fd26
eba4a2ed1dce5c35d6016b6798c54f6f6162b60e58a5e86c3e1167fe0724f5e2
f0a4b8740b70ba39bf133e8c80d3786851747ca5719ea174e27a2db4e33493ec
f4cd24e95598709c589e0f2b86c1a773427ca09aee561b524c920e02b3336ea9
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

cl.vtb.ru Open in urlscan Pro 185.179.146.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

78 %HTTPS

18 %IPv6

15 Domains

18 Subdomains

14 IPs

3 Countries

3564 kBTransfer

4055 kBSize

35 Cookies

2 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

cl.vtb.ru Open in urlscan Pro
185.179.146.29 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

78 %
HTTPS

18 %
IPv6

15
Domains

18
Subdomains

14
IPs

3
Countries

3564 kB
Transfer

4055 kB
Size

35
Cookies

46 HTTP transactions
4 data transactions