gazprombank.investments Open in urlscan Pro
178.248.234.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gpbin.app/prem2022
Effective URL:
https://gazprombank.investments/login/
Submission: On January 27 via api (January 27th 2024, 6:55:59 am UTC) from RU — Scanned from DE

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 105 HTTP transactions. The main IP is 178.248.234.156, located in Russian Federation and belongs to HLL-AS, RU. The main domain is gazprombank.investments.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on February 19th 2023. Valid for: a year.

This is the only time gazprombank.investments was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	178.248.235.174 178.248.235.174	51115 (HLL-AS) (HLL-AS)
1 1	2a02:6b8::2:207 2a02:6b8::2:207	13238 (YANDEX) (YANDEX)
1 16	178.248.234.156 178.248.234.156	51115 (HLL-AS) (HLL-AS)
7	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5 14	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2 6	87.240.132.72 87.240.132.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
6	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1 4	195.209.108.39 195.209.108.39	52007 (ADRIVER) (ADRIVER)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
4	37.230.131.19 37.230.131.19	200197 (HYBRID-PO...) (HYBRID-POLAND)
2	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 8	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	37.230.131.21 37.230.131.21	200197 (HYBRID-PO...) (HYBRID-POLAND)
1	138.201.248.242 138.201.248.242	24940 (HETZNER-AS) (HETZNER-AS)
105	23

1 178.248.235.174 (Russian Federation) 1 redirects

ASN51115 (HLL-AS, RU)

gpbin.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::2:207 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

redirect.appmetrica.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 178.248.234.156 (Russian Federation) 1 redirects

ASN51115 (HLL-AS, RU)

gazprombank.investments	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.240.132.72 (Russian Federation) 2 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.209.108.39 (Russian Federation) 1 redirects

ASN52007 (ADRIVER, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

st.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.230.131.19 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dss.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

static.terratraf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 31.172.81.159 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

static.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.21 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

emd.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.248.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.248.201.138.clients.your-server.de

crtrgt.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gazprombank.investments 1 redirects gazprombank.investments	3 MB
11	yandex.com 5 redirects redirect.appmetrica.yandex.com — Cisco Umbrella Rank: 111259 mc.yandex.com — Cisco Umbrella Rank: 8747 Failed	6 KB
10	bumlam.com 1 redirects sync.bumlam.com — Cisco Umbrella Rank: 4420 static.bumlam.com — Cisco Umbrella Rank: 149375 crtrgt.bumlam.com — Cisco Umbrella Rank: 177297	7 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	633 KB
7	gstatic.com fonts.gstatic.com	91 KB
7	hybrid.ai st.hybrid.ai — Cisco Umbrella Rank: 95493 dss.hybrid.ai — Cisco Umbrella Rank: 99323 emd.hybrid.ai — Cisco Umbrella Rank: 47941	11 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	6 KB
6	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10239	42 KB
6	vk.com 2 redirects vk.com — Cisco Umbrella Rank: 7012	44 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	756 B
5	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982 an.yandex.ru — Cisco Umbrella Rank: 6258	143 KB
4	adriver.ru 1 redirects ad.adriver.ru — Cisco Umbrella Rank: 23884	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6518	578 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	456 B
2	terratraf.io static.terratraf.io — Cisco Umbrella Rank: 171056	18 KB
1	sniperlog.ru sync.sniperlog.ru — Cisco Umbrella Rank: 259212	264 B
1	gpbin.app 1 redirects gpbin.app	247 B
0	newton-technology.ru Failed glitchtip.newton-technology.ru Failed
105	19

	Domain	Requested by
16	gazprombank.investments	1 redirects gazprombank.investments
10	mc.yandex.com	mc.yandex.ru gazprombank.investments
8	sync.bumlam.com	1 redirects gazprombank.investments
8	www.googletagmanager.com	gazprombank.investments www.googletagmanager.com www.google-analytics.com
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	gazprombank.investments
6	top-fwz1.mail.ru	gazprombank.investments top-fwz1.mail.ru
6	vk.com	2 redirects gazprombank.investments
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com gazprombank.investments
4	dss.hybrid.ai	st.hybrid.ai gazprombank.investments
4	region1.analytics.google.com	www.googletagmanager.com
4	ad.adriver.ru	1 redirects gazprombank.investments
4	mc.yandex.ru	1 redirects gazprombank.investments
3	www.google.de	gazprombank.investments
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	static.terratraf.io	www.googletagmanager.com static.terratraf.io
2	st.hybrid.ai	gazprombank.investments
1	crtrgt.bumlam.com	gazprombank.investments
1	emd.hybrid.ai	st.hybrid.ai
1	an.yandex.ru	static.bumlam.com
1	static.bumlam.com	static.terratraf.io
1	sync.sniperlog.ru	gazprombank.investments
1	www.google.com	gazprombank.investments
1	redirect.appmetrica.yandex.com	1 redirects
1	gpbin.app	1 redirects
0	glitchtip.newton-technology.ru Failed	gazprombank.investments
105	26

This site contains no links.

Subject Issuer	Validity	Valid
www.gazprombank.investments GlobalSign GCC R3 DV TLS CA 2020	`2023-02-19` - `2024-03-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2023-09-14` - `2024-09-13`	a year	crt.sh
1698643472.rsc.cdn77.org R3	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.bumlam.com R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.sniperlog.ru R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh
1903820815.rsc.cdn77.org R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
crtrgt.bumlam.com R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://gazprombank.investments/login/
Frame ID: 2F8C597ED35CEDE7454AC3CF250142AF
Requests: 101 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: A83BE3FAFADBDB098D641B9953E8E519
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: DD95F69C63C632C5E66C6B327568950F
Requests: 1 HTTP requests in this frame

Frame: https://static.bumlam.com/pixel-new.html?ids=W10*&idsSsp=WyJhbllhbmRleCJd&uid=MWRkZGQyNjItYmNlMS0xMWVlLWJiYjEtMDAyNTkwYzgyNDM2IzE3MDYzMzg1NTQ*&uid3=&extra2=Z3AzLjEwMDAyNTU1LnB4bGVhZHZpc2l0Yzk1NTcudjk1NTc*&isAll=false&isAllSsp=false&CID=10002555
Frame ID: C0B78693C4661994A91CD6CD6DE810E4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Газпромбанк ИнвестицииМонтажная область 5Монтажная область 6notif_pict

Page URL History Show full URLs

http://gpbin.app/prem2022 HTTP 307
https://gpbin.app/prem2022 HTTP 301
https://redirect.appmetrica.yandex.com/serve/460116909367582929?source=premium HTTP 302
https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_i... Page URL
https://gazprombank.investments/login HTTP 301
http://gazprombank.investments/login/ HTTP 307
https://gazprombank.investments/login/ Page URL

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

105
Requests

85 %
HTTPS

58 %
IPv6

19
Domains

26
Subdomains

23
IPs

5
Countries

4184 kB
Transfer

12281 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gpbin.app/prem2022 HTTP 307
https://gpbin.app/prem2022 HTTP 301
https://redirect.appmetrica.yandex.com/serve/460116909367582929?source=premium HTTP 302
https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117 Page URL
https://gazprombank.investments/login HTTP 301
http://gazprombank.investments/login/ HTTP 307
https://gazprombank.investments/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gpbin.app/prem2022 HTTP 307
https://gpbin.app/prem2022 HTTP 301
https://redirect.appmetrica.yandex.com/serve/460116909367582929?source=premium HTTP 302
https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Request Chain 13

https://vk.com/js/api/openapi.js?169 HTTP 302
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169

Request Chain 15

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=225299&bt=62&loc=https%253A%252F%252Fgazprombank.investments%252Fapplink%253Freferrer%253Dappmetrica_tracking_id%25253D460116909367582929%252526ym_tracking_id%25253D4309627957231525117&rnd=946086&tail256=unknown HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=225299&bt=62&loc=https%253A%252F%252Fgazprombank.investments%252Fapplink%253Freferrer%253Dappmetrica_tracking_id%25253D460116909367582929%252526ym_tracking_id%25253D4309627957231525117&rnd=946086&tail256=unknown&tuid=-4763469105

Request Chain 36

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10261.W88hs0bAm_qEXT9lzbI58WI2ziq4UpSYx1_8ouWLt8u7AjUzYBeAZThOEVAcrsez.AqoQIgqXg7Qd9whtd5xMb1P3X0E%2C

Request Chain 60

https://vk.com/js/api/openapi.js?169 HTTP 302
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169

Request Chain 66

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10261.tDEcTsBnim0uxQbDCdpICTB9iumjSwv-LnoY-27EJuaFPdSvnH_gauLEb2XBYpUZ.sx5FttnKCKTPSleOUvtpXMnrzB0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10261.JZURKnA6TrsWFKMl_Db6WU4K3T1kGDGRlxhAHzj_kco7kDwrDram8shzM88dvUkjquvUni0aY_r2mYbHynVa3ig8DKP7xm4YMcQ3ujTeY_IZgd5J7pW8Wu_wJFWdGAbx4DYVxGruqA8L49_6SauCC1xvE0fW5Uan76E_hKEIBEMla18n9c3fH6tXHkqe-gOoUfDtInIT16eGpXSHTVprrPT8O3to8K-L5AvIW4h6sH4%2C.weETxs8zZeSIh85uMCpuYihh9S4%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10261.44_O5U-14hSGDj1bm0IHHwuriW7Cjflt5VAHgelDmFFAcgW0VZAzgfG0ADJwl7glynoYgtO3MADwEj9f6xQc692Huu0CTy0uD4X-yHRiuI7WESaaCoyohf77papeUYWJBrKbOBVsLIzgT8gE212D-HaEiU386tf3-aDbgcs7PN_UA93K_KTObRl3twljT5GYwSc859ZJ4a6e_Fr_BICIUg%2C%2C.0YvbdPIO52McdszoCB1qrZ8t9bo%2C

Request Chain 85

https://sync.bumlam.com/?src=etg1 HTTP 302
https://sync.bumlam.com/?src=etg1&s_data=CAIQARj60dKtBqIBEB3d0mK84RHuu7EAJZDIJDY*

Request Chain 96

https://mc.yandex.com/watch/68771620?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A1174885386356%3Ahid%3A895880396%3Az%3A60%3Ai%3A20240127075554%3Aet%3A1706338555%3Ac%3A1%3Arn%3A124743922%3Arqn%3A2%3Au%3A1706338555783582053%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C12%2C61%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1706338554525%3Agi%3AR0ExLjEuMjczMzMyMDg5LjE3MDYzMzg1NTQ%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706338555%3At%3A%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/68771620/1?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A1174885386356%3Ahid%3A895880396%3Az%3A60%3Ai%3A20240127075554%3Aet%3A1706338555%3Ac%3A1%3Arn%3A124743922%3Arqn%3A2%3Au%3A1706338555783582053%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C12%2C61%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1706338554525%3Agi%3AR0ExLjEuMjczMzMyMDg5LjE3MDYzMzg1NTQ%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706338555%3At%3A%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 97

https://mc.yandex.com/watch/76364110?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1089425036802%3Ahid%3A895880396%3Az%3A60%3Ai%3A20240127075554%3Aet%3A1706338555%3Ac%3A1%3Arn%3A809460033%3Arqn%3A2%3Au%3A1706338555783582053%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C12%2C61%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1706338554525%3Agi%3AR0ExLjEuMjczMzMyMDg5LjE3MDYzMzg1NTQ%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706338555%3At%3A%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/76364110/1?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1089425036802%3Ahid%3A895880396%3Az%3A60%3Ai%3A20240127075554%3Aet%3A1706338555%3Ac%3A1%3Arn%3A809460033%3Arqn%3A2%3Au%3A1706338555783582053%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C12%2C61%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1706338554525%3Agi%3AR0ExLjEuMjczMzMyMDg5LjE3MDYzMzg1NTQ%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706338555%3At%3A%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

applink Show response
gazprombank.investments/
Redirect Chain

http://gpbin.app/prem2022
https://gpbin.app/prem2022
https://redirect.appmetrica.yandex.com/serve/460116909367582929?source=premium
https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

295 KB
123 KB

340ms
106ms

Document
text/html

178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

6366c3f72f9cd9d7fd5b3cfd6e0f48919229c7a16ba7f656e410c73656058037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
access-control-max-age: 1728000
content-encoding: gzip
content-type: text/html
date: Sat, 27 Jan 2024 06:55:53 GMT
etag: W/"65b27937-49dbb"
last-modified: Thu, 25 Jan 2024 15:07:35 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0

Redirect headers

content-length: 0
date: Sat, 27 Jan 2024 06:55:53 GMT
location: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 15 KB
997 B 46ms
23ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700&subset=cyrillic-ext

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3de94fa6cd517504cab806b2ac44aae8b5cbbe1a57eb1864b484a94fb1f3ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 06:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 06:55:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 06:55:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 45ms
22ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a9b8ef144306155f7c6a57508a4b53f797a7b6b752c223a7cc0e528e472a996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 06:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 06:55:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 06:55:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
727 B 51ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ea51c9046aa9f6b1b1193ba533b8938735775374b3e2ca4cd670dc1636773a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 06:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 05:41:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 06:55:53 GMT

GET
H2 200 vendors.0e3971baa04dd3b20685.css
gazprombank.investments/css/ 16 KB
5 KB 82ms
81ms Stylesheet
text/css 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/css/vendors.0e3971baa04dd3b20685.css

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

69d01fa41897e484e5db29995abaa014aec7cb4d7ef925e390b97eb27c735fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 10:05:10 GMT
server: nginx
etag: W/"657ad356-403e"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: text/css
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 terminal.570b9393514fc735e7f4.css
gazprombank.investments/css/ 16 KB
4 KB 83ms
82ms Stylesheet
text/css 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/css/terminal.570b9393514fc735e7f4.css

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

2cf281a811169976ff874bfc1c24ac8be0ff7d68ee2ddbe061f50ce46078a08d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 10:05:10 GMT
server: nginx
etag: W/"657ad356-3eba"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: text/css
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
75 KB 56ms
34ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55FH74S

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffd58def2d55fd95884d693d9d64bfca64057ef8db59d3bf368706e0da36f9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76593
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jan 2024 06:55:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
76 KB 44ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8VLR4H

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b16c3953eb199d4b534559f6ddfddbd53d4ac4808fedab7c8912a4b18f7b798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77119
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jan 2024 06:55:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D63BVL7DM4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8VLR4H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50528efbb0307943e3ae195989398eba3a945dbf69d15b38a76844a51f4945a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86110
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jan 2024 06:55:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 60ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8VLR4H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 27 Jan 2024 05:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4065
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 27 Jan 2024 07:48:09 GMT

GET
H2 200 tag.js
mc.yandex.ru/metrika/ 204 KB
71 KB 309ms
172ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 26 Jan 2024 12:09:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65b3a10f-11840"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71744
expires: Sat, 27 Jan 2024 07:55:54 GMT

GET
H2 200 vendors.55151dd118bd428581ea.js Show response
gazprombank.investments/js/ 3 MB
1 MB 64ms
64ms Script
application/javascript 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/js/vendors.55151dd118bd428581ea.js

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

8bf38f58f7b7538de587b6b6389b4bb4bd0d4d6907718e7531d1934aca767c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 10:05:12 GMT
server: nginx
etag: W/"657ad358-34df44"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: application/javascript
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 terminal.1054f91f70703c98debe.js Show response
gazprombank.investments/js/ 2 MB
539 KB 62ms
62ms Script
application/javascript 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/js/terminal.1054f91f70703c98debe.js

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

443b33ff5d7249ff8cb77894ea01dab25280fc7cf9722ee579d10154323bf99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 10:05:11 GMT
server: nginx
etag: W/"657ad357-1c45ce"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: application/javascript
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2

200

openapi.917ca96d9331f956d945e39706791fde.js
vk.com/dist/public/api/
Redirect Chain

https://vk.com/js/api/openapi.js?169
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169

56 KB
21 KB

89ms
89ms

Script
application/x-javascript

87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
Protocol: H2
Server: 87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv72-132-240-87.vk.com
Software: kittenx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: DJZ-bUsFbXinylezIjPMHTJGvXOWuQ
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-frontend: front224205
last-modified: Mon, 23 Oct 2023 22:26:41 GMT
server: kittenx
etag: W/"6536f321-e147"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Wed, 31 Jan 2024 06:55:54 GMT

Redirect headers

x-trace-id: ScI0br-tr0qRxdfXjUyyxCecy1nlWw
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-frontend: front224205
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115664
content-type: text/html; charset=windows-1251
location: /dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 20

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 44 KB
19 KB 192ms
94ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

797d36c5083f2539d2db1a563ebfa9e7a0a81f33fbb5216a64b4ad0bb6b60fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Fri, 19 Jan 2024 17:48:45 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"65aab5fd-af43"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 27 Jan 2024 07:55:54 GMT

GET
H/1.1

200
OK

rle.cgi
ad.adriver.ru/cgi-bin/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=225299&bt=62&loc=https%253A%252F%252Fgazprombank.investments%252Fapplink%253Freferrer%253Dappmetrica_tracking_id%25253D460116909367582929%252526ym_tracking...
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=225299&bt=62&loc=https%253A%252F%252Fgazprombank.investments%252Fapplink%253Freferrer%253Dappmetrica_tracking_id%25253D460116909367582929%252526ym_tracking...

42 B
581 B

60ms
60ms

Image
image/gif

195.209.108.39
ADRIVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=225299&bt=62&loc=https%253A%252F%252Fgazprombank.investments%252Fapplink%253Freferrer%253Dappmetrica_tracking_id%25253D460116909367582929%252526ym_tracking_id%25253D4309627957231525117&rnd=946086&tail256=unknown&tuid=-4763469105
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
Protocol: HTTP/1.1
Server: 195.209.108.39 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Jan 2024 06:55:54 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: image/gif
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 27 Jan 2024 06:55:54 GMT
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Content-Type: text/html
Location: /cgi-bin/rle.cgi?sid=225299&bt=62&loc=https%253A%252F%252Fgazprombank.investments%252Fapplink%253Freferrer%253Dappmetrica_tracking_id%25253D460116909367582929%252526ym_tracking_id%25253D4309627957231525117&rnd=946086&tail256=unknown&tuid=-4763469105
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
260 B 45ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-D63BVL7DM4&gtm=45je41o0v871729910z8838825892&_p=1706338553880&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=273332089.1706338554&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706338554&sct=1&seg=0&dl=https%3A%2F%2Fgazprombank.investments%2Fapplink%3Freferrer%3Dappmetrica_tracking_id%253D460116909367582929%2526ym_tracking_id%253D4309627957231525117&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1301
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D63BVL7DM4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gazprombank.investments
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 55ms
19ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D63BVL7DM4&cid=273332089.1706338554&gtm=45je41o0v871729910z8838825892&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D63BVL7DM4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gazprombank.investments
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 43ms
19ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D63BVL7DM4&cid=273332089.1706338554&gtm=45je41o0v871729910z8838825892&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2044185016

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
228 B 15ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=670966108&t=pageview&_s=1&dl=https%3A%2F%2Fgazprombank.investments%2Fapplink%3Freferrer%3Dappmetrica_tracking_id%253D460116909367582929%2526ym_tracking_id%253D4309627957231525117&ul=en-us&de=UTF-8&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=686973689&gjid=1567778724&cid=273332089.1706338554&tid=UA-31919883-40&_gid=2107064843.1706338554&_r=1&_slc=1&gtm=45He41o0n81K8VLR4Hv838825892&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1399861973

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e1a6647ea3468d43076da204eae0ef3d8f7c2a3f2f029a837ee7615d9ef6a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gazprombank.investments/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gazprombank.investments
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-31919883-40&cid=273332089.1706338554&jid=686973689&gjid=1567778724&_gid=2107064843.1706338554&_u=YADAAEAAAAAAACAAI~&z=192163070

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gazprombank.investments/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 27 Jan 2024 06:55:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gazprombank.investments
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74CZSSMN1K&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

723faf28cd82ca4e280e4052c41402f6bf4909b3ddb9b236e3370319257fa63f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jan 2024 06:55:54 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 72ms
24ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31919883-40&cid=273332089.1706338554&jid=686973689&_u=YADAAEAAAAAAACAAI~&z=1411826436

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 21ms
19ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31919883-40&cid=273332089.1706338554&jid=686973689&_u=YADAAEAAAAAAACAAI~&z=1411826436

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 16ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-74CZSSMN1K&gtm=45je41o0v9133982523&_p=1706338553880&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=273332089.1706338554&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fgazprombank.investments%2Fapplink%3Freferrer%3Dappmetrica_tracking_id%253D460116909367582929%2526ym_tracking_id%253D4309627957231525117&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&sid=1706338554&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1396
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74CZSSMN1K&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gazprombank.investments
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 24ms
23ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-74CZSSMN1K&cid=273332089.1706338554&gtm=45je41o0v9133982523&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74CZSSMN1K&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gazprombank.investments
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 26ms
25ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74CZSSMN1K&cid=273332089.1706338554&gtm=45je41o0v9133982523&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=584003252

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
961 B 44ms
44ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.330105285183661;id=3272951;u=https%3A//gazprombank.investments/applink%3Freferrer%3Dappmetrica_tracking_id%253D460116909367582929%2526ym_tracking_id%253D4309627957231525117;pid=USER_ID;title=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=3413efe3095cb8be;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ct=1455/1458/1458/;gl=u;ni=10//4g/0/0/;lvid=1706338554195%3A1706338554200%3A1%3A2395b6cf2735a134c4443470726569a9;opts=dl%2Cjst-gtag-ga;visible=true;js=13

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-D63BVL7DM4&gtm=45je41o0v871729910&_p=1706338553880&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=273332089.1706338554&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1706338554&sct=1&seg=0&dl=https%3A%2F%2Fgazprombank.investments%2Fapplink%3Freferrer%3Dappmetrica_tracking_id%253D460116909367582929%2526ym_tracking_id%253D4309627957231525117&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&en=scroll&epn.percent_scrolled=90&_et=3&tfd=1769
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D63BVL7DM4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gazprombank.investments
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=670966108&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgazprombank.investments%2Fapplink%3Freferrer%3Dappmetrica_tracking_id%253D460116909367582929%2526ym_tracking_id%253D4309627957231525117&ul=en-us&de=UTF-8&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=start&ea=login&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=273332089.1706338554&tid=UA-31919883-40&_gid=2107064843.1706338554&gtm=45He41o0n81K8VLR4Hv838825892&cd1=273332089.1706338554&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=202670595

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 21:18:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34666
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rle.cgi
ad.adriver.ru/cgi-bin/ 42 B
581 B 59ms
59ms Image
image/gif 195.209.108.39
ADRIVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=225299&bt=62&sz=registration&gid1=GA1.2.273332089.1706338554&loc=https%253A%252F%252Fgazprombank.investments%252Fapplink%253Freferrer%253Dappmetrica_tracking_id%25253D460116909367582929%252526ym_tracking_id%25253D4309627957231525117&rnd=383100&tail256=unknown
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.39 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Jan 2024 06:55:54 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: image/gif
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rtrg
vk.com/ 49 B
398 B 50ms
50ms Image
image/gif 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-1615241-1tgaX&metatag_url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&metatag_title=%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv72-132-240-87.vk.com

Software

kittenx / KPHP/7.4.115664

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: _K6ahEL5oXLlJm-F9NB4hu_FDBx4uQ
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-frontend: front224205
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115664
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

POST /
glitchtip.newton-technology.ru/api/11/envelope/ 0
0

GET
H2

200

Primary Request / Show response
gazprombank.investments/login/
Redirect Chain

https://gazprombank.investments/login
http://gazprombank.investments/login/
https://gazprombank.investments/login/

295 KB
123 KB

62ms
62ms

Document
text/html

178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/login/

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/js/terminal.1054f91f70703c98debe.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

6424eb16064a81d926830a7094fc574fef77c922264e7e0d6c4a19eb64703542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gazprombank.investments/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
access-control-max-age: 1728000
content-encoding: gzip
content-type: text/html
date: Sat, 27 Jan 2024 06:55:54 GMT
etag: W/"65b27937-49dd4"
last-modified: Thu, 25 Jan 2024 15:07:35 GMT
server: nginx
strict-transport-security: max-age=31536000 max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://gazprombank.investments/login/
Non-Authoritative-Reason: HSTS

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=670966108&t=pageview&_s=1&dl=https%3A%2F%2Fgazprombank.investments%2Flogin&ul=en-us&de=UTF-8&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=273332089.1706338554&tid=UA-31919883-40&_gid=2107064843.1706338554&gtm=45He41o0n81K8VLR4Hv838825892&cd1=273332089.1706338554&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=826955724

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 21:18:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34666
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 preloader_logo_gpb.svg
gazprombank.investments/images/landing/attention_page/ 5 KB
6 KB 59ms
58ms Image
image/svg+xml 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gazprombank.investments/images/landing/attention_page/preloader_logo_gpb.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 18 Dec 2023 16:06:34 GMT
server: nginx
etag: "65806e0a-14dc"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: image/svg+xml
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
cache-control: no-cache
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 5340

GET
H2 200 txsp.js
st.hybrid.ai/ 12 KB
5 KB 58ms
7ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://st.hybrid.ai/txsp.js
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-age-lb: 2443
x-amz-request-id: tx0000070f71bb81a9ee74d-0065abaa99-2730a69-prg
x-77-cache: HIT
x-accel-date: 1706336111
x-77-nzt: A5ySIYg3Nzf/iwkAAIrHJcQ3Nzf/DwAAAFm7vKliHacA
x-accel-expires: @1706339711
x-77-age: 2458
x-cache-lb: HIT
last-modified: Fri, 15 Dec 2023 12:16:07 GMT
server: CDN77-Turbo
etag: W/"fe2045a0d12e8ed48d431d84f08c7fef"
x-77-nzt-ray: f6587a1df1a18fccfaa8b465b42ea722
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal

GET

sync_cookie_image_start
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10261.W88hs0bAm_qEXT9lzbI58WI2ziq4UpSYx1_8ouWLt8u7AjUzYBeAZThOEVAcrsez.AqoQIgqXg7Qd9whtd5xMb1P3X0E%2C

0
0

GET advert.gif
mc.yandex.com/metrika/ 0
0

GET
H2 204 TrackTp
dss.hybrid.ai/Pixel/ 0
239 B 55ms
15ms Script
text/plain 37.230.131.19
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://dss.hybrid.ai/Pixel/TrackTp?pid=6414860d4d506e4b58d3b844&foadh=&gapl=&cs=&pcs=&vcs=

Requested by

Host: st.hybrid.ai
URL: https://st.hybrid.ai/txsp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.19 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 557
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 Track2
dss.hybrid.ai/Pixel/ 0
238 B 56ms
16ms Image
text/plain 37.230.131.19
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dss.hybrid.ai/Pixel/Track2?pid=6414860d4d506e4b58d3b844&bobid=&evt=PageView&cost=&text=&ltm=false&cnt=&url=https%3A%2F%2Fgazprombank.investments%2Flogin&rf=&lng=en-US&tz=-1&sw=1600&sh=1200&foadh=&gapl=&cs=&pcs=&vcs=&r=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.19 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 556
x-xss-protection: 1; mode=block
expires: -1

GET metrika_match.html
mc.yandex.com/metrika/ Frame A83B 0
0

POST collect
region1.analytics.google.com/g/ 0
0

GET tracker
top-fwz1.mail.ru/ 0
0

POST /
glitchtip.newton-technology.ru/api/11/envelope/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700&subset=cyrillic-ext

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3de94fa6cd517504cab806b2ac44aae8b5cbbe1a57eb1864b484a94fb1f3ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 06:55:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 06:55:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
688 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,700&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a9b8ef144306155f7c6a57508a4b53f797a7b6b752c223a7cc0e528e472a996

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 06:55:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 06:55:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
727 B 27ms
26ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ea51c9046aa9f6b1b1193ba533b8938735775374b3e2ca4cd670dc1636773a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 05:18:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 06:55:54 GMT

GET
H2 200 vendors.0e3971baa04dd3b20685.css
gazprombank.investments/css/ 16 KB
5 KB 59ms
58ms Stylesheet
text/css 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/css/vendors.0e3971baa04dd3b20685.css

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

69d01fa41897e484e5db29995abaa014aec7cb4d7ef925e390b97eb27c735fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 10:05:10 GMT
server: nginx
etag: W/"657ad356-403e"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: text/css
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 landing.3c7f860f65f7515ca9ff.css
gazprombank.investments/css/ 18 KB
5 KB 60ms
59ms Stylesheet
text/css 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/css/landing.3c7f860f65f7515ca9ff.css

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

54c43f3a3281668e35832267a93c33fe94a30049a6b746b61c7581b04087d990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 10:05:10 GMT
server: nginx
etag: W/"657ad356-493d"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: text/css
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
75 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55FH74S

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f192b783c410587a1f123377399197a50f9d815cff097f986b1c1dfb2740ac33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76639
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jan 2024 06:55:54 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
75 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8VLR4H

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b16c3953eb199d4b534559f6ddfddbd53d4ac4808fedab7c8912a4b18f7b798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77119
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 27 Jan 2024 06:55:54 GMT

GET
H2 200 vendors.55151dd118bd428581ea.js Show response
gazprombank.investments/js/ 3 MB
1 MB 63ms
63ms Script
application/javascript 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/js/vendors.55151dd118bd428581ea.js

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

8bf38f58f7b7538de587b6b6389b4bb4bd0d4d6907718e7531d1934aca767c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 10:05:12 GMT
server: nginx
etag: W/"657ad358-34df44"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: application/javascript
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 landing.a8a8276db95efa4d7a46.js Show response
gazprombank.investments/js/ 160 KB
50 KB 62ms
62ms Script
application/javascript 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/js/landing.a8a8276db95efa4d7a46.js

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

782c9628d3e83c84a51b7d77079c18ca7aea0ea0321b1275cfaef35f329e5035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 10:05:12 GMT
server: nginx
etag: W/"657ad358-27f22"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: application/javascript
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D63BVL7DM4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8VLR4H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

421a90a4049b33bbf0ee4d1c8ab9c9783cae7a19dcf322fe572e89b864057c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86111
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jan 2024 06:55:54 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8VLR4H

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 27 Jan 2024 05:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4065
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 27 Jan 2024 07:48:09 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 95ms
94ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9c641fd8ad8fc0517d4ee8d937866e2542fe7e0b07761c710a5c9a423b269dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 26 Jan 2024 12:09:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65b3a10f-11840"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71744
expires: Sat, 27 Jan 2024 07:55:54 GMT

GET
H3 200 css
fonts.googleapis.com/ 4 KB
656 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400&subset=cyrillic

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/css/landing.3c7f860f65f7515ca9ff.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 06:40:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 06:55:54 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 20ms
20ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1608221193&t=pageview&_s=1&dl=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAACAAI~&jid=&gjid=&cid=273332089.1706338554&tid=UA-31919883-40&_gid=2107064843.1706338554&_slc=1&gtm=45He41o0n81K8VLR4Hv838825892&cd1=273332089.1706338554&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=861751165

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

09f51e2f185341ca211eca7d747c4cea9b148c5963a733084631bac9120942f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gazprombank.investments/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gazprombank.investments
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

openapi.917ca96d9331f956d945e39706791fde.js Show response
vk.com/dist/public/api/
Redirect Chain

https://vk.com/js/api/openapi.js?169
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169

56 KB
21 KB

92ms
92ms

Script
application/x-javascript

87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/login/
Protocol: H2
Server: 87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv72-132-240-87.vk.com
Software: kittenx /
Resource Hash: 8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: eBtDU5D-YWqBk8mCcAv89WMCRcJewA
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-frontend: front224205
last-modified: Mon, 23 Oct 2023 22:26:41 GMT
server: kittenx
etag: W/"6536f321-e147"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Wed, 31 Jan 2024 06:55:54 GMT

Redirect headers

x-trace-id: aSc12jm8A32KBLuzV80Z78Vu49wsqw
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-frontend: front224205
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115664
content-type: text/html; charset=windows-1251
location: /dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?169
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 20

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 44 KB
19 KB 65ms
64ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

797d36c5083f2539d2db1a563ebfa9e7a0a81f33fbb5216a64b4ad0bb6b60fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Fri, 19 Jan 2024 17:48:45 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"65aab5fd-af43"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 27 Jan 2024 07:55:54 GMT

GET
H2 200 GP.js Show response
static.terratraf.io/engine/ 4 KB
1 KB 112ms
8ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.terratraf.io/engine/GP.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55FH74S
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 780e37f11f3ff72a8ab658028e9633e6558c442eaccb97f83f55fd8a9e0f76f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-age-lb: 11296
x-77-cache: HIT
x-accel-date: 1706327258
x-77-nzt: EQwBw7WvJwH3ICwAAA
x-accel-expires: @1706341658
x-77-age: 11296
x-cache-lb: HIT
last-modified: Wed, 09 Aug 2023 14:33:04 GMT
server: CDN77-Turbo
etag: W/"64d3a3a0-e01"
x-77-nzt-ray: 25b021310d44b971faa8b46586997232
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK rle.cgi
ad.adriver.ru/cgi-bin/ 42 B
581 B 76ms
76ms Image
image/gif 195.209.108.39
ADRIVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=225299&bt=62&gid1=GA1.2.273332089.1706338554&yid1=1706338555783582053&loc=https%253A%252F%252Fgazprombank.investments%252Flogin%252F&rnd=53418&tail256=unknown
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/login/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.39 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Jan 2024 06:55:54 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: image/gif
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74CZSSMN1K&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7621b08c80bf1b0fee6f84af4f43a5c3e25dd6fbf2cffa658a01c932c14ed0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jan 2024 06:55:54 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 28ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-D63BVL7DM4&gtm=45je41o0v871729910z8838825892&_p=1706338554668&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=273332089.1706338554&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706338554&sct=1&seg=1&dl=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&en=page_view&tfd=242
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D63BVL7DM4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gazprombank.investments
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10261.tDEcTsBnim0uxQbDCdpICTB9iumjSwv-LnoY-27EJuaFPdSvnH_gauLEb2XBYpUZ.sx5FttnKCKTPSleOUvtpXMnrzB0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10261.JZURKnA6TrsWFKMl_Db6WU4K3T1kGDGRlxhAHzj_kco7kDwrDram8shzM88dvUkjquvUni0aY_r2mYbHynVa3ig8DKP7xm4YMcQ3ujTeY_IZgd5J7pW8Wu_wJFWdGAbx4DYVxGruqA...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10261.44_O5U-14hSGDj1bm0IHHwuriW7Cjflt5VAHgelDmFFAcgW0VZAzgfG0ADJwl7glynoYgtO3MADwEj9f6xQc692Huu0CTy0uD4X-yHRiuI7WE...

43 B
599 B

64ms
63ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10261.44_O5U-14hSGDj1bm0IHHwuriW7Cjflt5VAHgelDmFFAcgW0VZAzgfG0ADJwl7glynoYgtO3MADwEj9f6xQc692Huu0CTy0uD4X-yHRiuI7WESaaCoyohf77papeUYWJBrKbOBVsLIzgT8gE212D-HaEiU386tf3-aDbgcs7PN_UA93K_KTObRl3twljT5GYwSc859ZJ4a6e_Fr_BICIUg%2C%2C.0YvbdPIO52McdszoCB1qrZ8t9bo%2C

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:55 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10261.44_O5U-14hSGDj1bm0IHHwuriW7Cjflt5VAHgelDmFFAcgW0VZAzgfG0ADJwl7glynoYgtO3MADwEj9f6xQc692Huu0CTy0uD4X-yHRiuI7WESaaCoyohf77papeUYWJBrKbOBVsLIzgT8gE212D-HaEiU386tf3-aDbgcs7PN_UA93K_KTObRl3twljT5GYwSc859ZJ4a6e_Fr_BICIUg%2C%2C.0YvbdPIO52McdszoCB1qrZ8t9bo%2C
date: Sat, 27 Jan 2024 06:55:55 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
875 B 43ms
43ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.251906418488554;id=3272951;u=https%3A//gazprombank.investments/login/;pid=USER_ID;title=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=a165939ca47621dc;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ct=330/331/331/;gl=u;ni=10//4g/0/0/;lvid=1706338554195%3A1706338554856%3A3%3A2395b6cf2735a134c4443470726569a9;opts=dl%2Cjst-gtag-ga-ym;visible=true;js=13

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Proxima-Nova-Regular.woff2
gazprombank.investments/fonts/ 18 KB
19 KB 64ms
63ms Font
font/woff2 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/fonts/Proxima-Nova-Regular.woff2

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/css/landing.3c7f860f65f7515ca9ff.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

db7e340636fc1f997c7654d47b43139e8c56e0c00df425876aed4ba266191e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://gazprombank.investments/css/landing.3c7f860f65f7515ca9ff.css
Origin: https://gazprombank.investments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 14 Dec 2023 10:01:43 GMT
server: nginx
etag: W/"657ad287-4878"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: font/woff2
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
cache-control: no-cache
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gazprombank.investments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:27:17 GMT
x-content-type-options: nosniff
age: 286117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:27:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 57ms
32ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gazprombank.investments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:24:52 GMT
x-content-type-options: nosniff
age: 286262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:24:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 47ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gazprombank.investments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:16 GMT
x-content-type-options: nosniff
age: 285878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:31:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 48ms
23ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gazprombank.investments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 20:36:24 GMT
x-content-type-options: nosniff
age: 37170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 20:36:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 36ms
12ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gazprombank.investments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:10:14 GMT
x-content-type-options: nosniff
age: 337540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:10:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 46ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gazprombank.investments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:28:30 GMT
x-content-type-options: nosniff
age: 286044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:28:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 61ms
38ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700&subset=cyrillic-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gazprombank.investments
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:31:14 GMT
x-content-type-options: nosniff
age: 285880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:31:14 GMT

GET
H2 200 logo_gpb.svg
gazprombank.investments/images/landing/menu/top_menu/ 12 KB
12 KB 59ms
59ms Image
image/svg+xml 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gazprombank.investments/images/landing/menu/top_menu/logo_gpb.svg

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

f4e02df114db3eb7d53bbb975341810f441a436158e5f9529e04e2dc4156c8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 18 Dec 2023 16:06:36 GMT
server: nginx
etag: "65806e0c-2e63"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: image/svg+xml
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
cache-control: no-cache
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 11875

GET
H2 200 close.svg
gazprombank.investments/images/landing/menu/top_menu/ 1 KB
2 KB 60ms
59ms Image
image/svg+xml 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gazprombank.investments/images/landing/menu/top_menu/close.svg

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

7d5a5045a63e7e4142598ccfb5c6fdc80908e9eccc6ff0d7939355e810dd7018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Mon, 18 Dec 2023 16:06:36 GMT
server: nginx
etag: "65806e0c-5a0"
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: image/svg+xml
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
cache-control: no-cache
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 1440

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
435 B 80ms
79ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 26 Jan 2024 12:09:51 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65b3a10f-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 27 Jan 2024 07:55:54 GMT

GET
H2 200 dyn-goal-config.js Show response
top-fwz1.mail.ru/js/ 3 KB
2 KB 45ms
45ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3272951

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

90d4798cfeacb30022d6f8efb927da957733d8302ed75b0691a9c4afc8d9f15d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 27 Jan 2024 07:05:54 GMT

GET
H2 200 10002555.js Show response
static.terratraf.io/GP/ 49 KB
17 KB 10ms
10ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.terratraf.io/GP/10002555.js
Requested by: Host: static.terratraf.io
URL: https://static.terratraf.io/engine/GP.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5cd5a2a7f1f7cc6583f85b377840ac9de175880d57ce00b8e55414237c08f2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-age-lb: 12386
x-77-cache: HIT
x-accel-date: 1706326168
x-77-nzt: EgwBw7WvJwH3YjAAAAwBJRPCLgH3AgEAAA
x-accel-expires: @1706340568
x-77-age: 12644
x-cache-lb: HIT
last-modified: Fri, 26 Jan 2024 11:01:54 GMT
server: CDN77-Turbo
etag: W/"65b39122-c21e"
x-77-nzt-ray: 25b021310d44b971faa8b465da672c34
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 maintenance-messages Show response
gazprombank.investments/api/2.94.0/settings/ 2 B
618 B 142ms
140ms XHR
application/json 178.248.234.156
HLL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gazprombank.investments/api/2.94.0/settings/maintenance-messages?platform=web

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/js/vendors.55151dd118bd428581ea.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.248.234.156 , Russian Federation, ASN51115 (HLL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://gazprombank.investments/login/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json; charset=utf-8

Response headers

date: Sat, 27 Jan 2024 06:55:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-envoy-upstream-service-time: 69
x-request-id: 4f5d662b60c9d6194c2b4a938309355c
x-response-time: 1706338555.0377
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
content-type: application/json
access-control-expose-headers: *,x-response-version,x-request-id,x-response-time,x-total-count,x-request-time-left
x-response-version: 2
cache-control: no-cache, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow, nosnippet, noarchive
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 txsp.js Show response
st.hybrid.ai/ 12 KB
5 KB 7ms
7ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://st.hybrid.ai/txsp.js
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/applink?referrer=appmetrica_tracking_id%3D460116909367582929%26ym_tracking_id%3D4309627957231525117
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bbfbb56066d491b69c159d5b4c95ce99c1675c76d56f281bc7a49d7fdc31c659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-age-lb: 2443
x-amz-request-id: tx0000070f71bb81a9ee74d-0065abaa99-2730a69-prg
x-77-cache: HIT
x-accel-date: 1706336111
x-77-nzt: A5ySIYg3Nzf/iwkAAIrHJcQ3Nzf/DwAAAFm7vKliHacA
x-accel-expires: @1706339711
x-77-age: 2458
x-cache-lb: HIT
last-modified: Fri, 15 Dec 2023 12:16:07 GMT
server: CDN77-Turbo
etag: W/"fe2045a0d12e8ed48d431d84f08c7fef"
x-77-nzt-ray: f6587a1df1a18fccfaa8b465e17bf437
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame DD95 2 KB
2 KB 115ms
114ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gazprombank.investments/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 869
content-type: text/html
date: Sat, 27 Jan 2024 06:55:55 GMT
etag: "65b3a10f-365"
expires: Sat, 27 Jan 2024 07:55:55 GMT
last-modified: Fri, 26 Jan 2024 12:09:51 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 rtrg
vk.com/ 49 B
397 B 57ms
57ms Image
image/gif 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv72-132-240-87.vk.com

Software

kittenx / KPHP/7.4.115664

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: lXpNhfxpSJky_9_3Osyyk-dAjMon4A
date: Sat, 27 Jan 2024 06:55:54 GMT
content-encoding: gzip
x-frontend: front224205
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115664
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H/1.1

200
OK

/ Show response
sync.bumlam.com/
Redirect Chain

https://sync.bumlam.com/?src=etg1
https://sync.bumlam.com/?src=etg1&s_data=CAIQARj60dKtBqIBEB3d0mK84RHuu7EAJZDIJDY*

66 B
690 B

13ms
11ms

Fetch
application/javascript

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bumlam.com/?src=etg1&s_data=CAIQARj60dKtBqIBEB3d0mK84RHuu7EAJZDIJDY*
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/login/
Protocol: HTTP/1.1
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: c62e97b666f94a106a137a788df26be7e878bc67d3339a979ab7135c3c0ad605

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 06:55:54 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://gazprombank.investments
Content-Type: application/javascript
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 66

Redirect headers

Date: Sat, 27 Jan 2024 06:55:54 GMT
Server: nginx
ETag: 1dddd262-bce1-11ee-bbb1-002590c82436
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=etg1&s_data=CAIQARj60dKtBqIBEB3d0mK84RHuu7EAJZDIJDY*
Access-Control-Allow-Origin: https://gazprombank.investments
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 204 TrackTp Show response
dss.hybrid.ai/Pixel/ 0
238 B 16ms
16ms Script
text/plain 37.230.131.19
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://dss.hybrid.ai/Pixel/TrackTp?pid=6414860d4d506e4b58d3b844&foadh=&gapl=&cs=&pcs=&vcs=

Requested by

Host: st.hybrid.ai
URL: https://st.hybrid.ai/txsp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.19 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 573
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 Track2
dss.hybrid.ai/Pixel/ 0
238 B 17ms
17ms Image
text/plain 37.230.131.19
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dss.hybrid.ai/Pixel/Track2?pid=6414860d4d506e4b58d3b844&bobid=&evt=PageView&cost=&text=&ltm=false&cnt=&url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&rf=&lng=en-US&tz=-1&sw=1600&sh=1200&foadh=&gapl=&cs=&pcs=&vcs=&r=

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.19 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:54 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 554
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK / Show response
sync.bumlam.com/gp/ 2 B
264 B 9ms
8ms Fetch
application/json 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bumlam.com/gp/
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/js/vendors.55151dd118bd428581ea.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 06:55:55 GMT
Server: nginx
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://gazprombank.investments
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H/1.1 200
OK / Show response
sync.sniperlog.ru/gp/ 2 B
264 B 45ms
9ms Fetch
application/json 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.sniperlog.ru/gp/
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/js/vendors.55151dd118bd428581ea.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 06:55:55 GMT
Server: nginx
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://gazprombank.investments
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2

GET
H2 200 pixel-new.html Show response
static.bumlam.com/ Frame C0B7 4 KB
2 KB 61ms
11ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bumlam.com/pixel-new.html?ids=W10*&idsSsp=WyJhbllhbmRleCJd&uid=MWRkZGQyNjItYmNlMS0xMWVlLWJiYjEtMDAyNTkwYzgyNDM2IzE3MDYzMzg1NTQ*&uid3=&extra2=Z3AzLjEwMDAyNTU1LnB4bGVhZHZpc2l0Yzk1NTcudjk1NTc*&isAll=false&isAllSsp=false&CID=10002555
Requested by: Host: static.terratraf.io
URL: https://static.terratraf.io/GP/10002555.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f47ca79d697529eabeea77e58c5d5d2d1c2ef5c1a2a62998395561f1a9c79ff2

Request headers

Referer: https://gazprombank.investments/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 27 Jan 2024 06:55:55 GMT
etag: W/"65aa2cb0-1112"
last-modified: Fri, 19 Jan 2024 08:02:56 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: EggBw7WqEQFBCAGKxyXEAUE
x-77-nzt-ray: 4c156224fd2a495ffba8b46569707c03
x-77-pop: frankfurtDE
x-cache-lb: MISS

GET
H/1.1 200
OK /
sync.bumlam.com/ 43 B
654 B 18ms
12ms Image
image/gif 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=gp3&cid=10002555&cmp=10002555&act=fvd&r64=&data64=eyJhY3QiOiJmdmQifQ**&suuid3=1dddd262-bce1-11ee-bbb1-002590c82436_1706338554&ver=0.3.0eacc48&cb=0.7743903615805809&nr=1
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/login/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 06:55:55 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://gazprombank.investments
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200
OK /
sync.bumlam.com/ 43 B
654 B 34ms
12ms Image
image/gif 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=gp3&cid=10002555&cmp=10002555&act=fvc&r64=&data64=eyJhY3QiOiJmdmMifQ**&suuid3=1dddd262-bce1-11ee-bbb1-002590c82436_1706338554&ver=0.3.0eacc48&cb=0.18874273410284514&nr=1
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/login/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 06:55:55 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://gazprombank.investments
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200
OK /
sync.bumlam.com/ 43 B
654 B 14ms
14ms Image
image/gif 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=gp3&cid=10002555&cmp=pxleadvisitc9557&act=v9557&r64=&data64=eyJhY3QiOiJ2YyJ9&suuid3=1dddd262-bce1-11ee-bbb1-002590c82436_1706338554&ver=0.3.0eacc48&cb=0.826554088173481&nr=1
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/login/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 06:55:55 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://gazprombank.investments
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H/1.1 200
OK /
sync.bumlam.com/ 43 B
654 B 11ms
11ms Image
image/gif 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=gp3&cid=10002555&cmp=pxleadvisitc9557&act=v9557&r64=&suuid3=1dddd262-bce1-11ee-bbb1-002590c82436_1706338554&ver=0.3.0eacc48&cb=0.8899123589691247&nr=1
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/login/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 06:55:55 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://gazprombank.investments
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H2 200 1dddd262-bce1-11ee-bbb1-002590c82436
an.yandex.ru/mapuid/adsniperis/ Frame C0B7 43 B
573 B 176ms
56ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/1dddd262-bce1-11ee-bbb1-002590c82436

Requested by

Host: static.bumlam.com
URL: https://static.bumlam.com/pixel-new.html?ids=W10*&idsSsp=WyJhbllhbmRleCJd&uid=MWRkZGQyNjItYmNlMS0xMWVlLWJiYjEtMDAyNTkwYzgyNDM2IzE3MDYzMzg1NTQ*&uid3=&extra2=Z3AzLjEwMDAyNTU1LnB4bGVhZHZpc2l0Yzk1NTcudjk1NTc*&isAll=false&isAllSsp=false&CID=10002555

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sat, 27 Jan 2024 06:55:55 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 06:55:55 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/68771620/
Redirect Chain

https://mc.yandex.com/watch/68771620?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen...
https://mc.yandex.com/watch/68771620/1?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3A...

475 B
511 B

67ms
67ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/68771620/1?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A1174885386356%3Ahid%3A895880396%3Az%3A60%3Ai%3A20240127075554%3Aet%3A1706338555%3Ac%3A1%3Arn%3A124743922%3Arqn%3A2%3Au%3A1706338555783582053%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C12%2C61%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1706338554525%3Agi%3AR0ExLjEuMjczMzMyMDg5LjE3MDYzMzg1NTQ%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706338555%3At%3A%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

797ac2329db65f2ecfd3087c32c73689e1f4e23c747ea47fad795b0dd59c55d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 27-Jan-2024 06:55:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gazprombank.investments
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 475
x-xss-protection: 1; mode=block
expires: Sat, 27-Jan-2024 06:55:55 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:55 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 27-Jan-2024 06:55:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/68771620/1?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A2%3Adp%3A0%3Als%3A1174885386356%3Ahid%3A895880396%3Az%3A60%3Ai%3A20240127075554%3Aet%3A1706338555%3Ac%3A1%3Arn%3A124743922%3Arqn%3A2%3Au%3A1706338555783582053%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C12%2C61%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1706338554525%3Agi%3AR0ExLjEuMjczMzMyMDg5LjE3MDYzMzg1NTQ%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706338555%3At%3A%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://gazprombank.investments
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 27-Jan-2024 06:55:55 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/76364110/
Redirect Chain

https://mc.yandex.com/watch/76364110?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen...
https://mc.yandex.com/watch/76364110/1?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3A...

440 B
532 B

69ms
69ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/76364110/1?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1089425036802%3Ahid%3A895880396%3Az%3A60%3Ai%3A20240127075554%3Aet%3A1706338555%3Ac%3A1%3Arn%3A809460033%3Arqn%3A2%3Au%3A1706338555783582053%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C12%2C61%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1706338554525%3Agi%3AR0ExLjEuMjczMzMyMDg5LjE3MDYzMzg1NTQ%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706338555%3At%3A%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/login/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6b1172b360a3248fd9541711983dcfb0b98d55306636b28dad2eda0b0b437b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 27-Jan-2024 06:55:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gazprombank.investments
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 440
x-xss-protection: 1; mode=block
expires: Sat, 27-Jan-2024 06:55:55 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:55 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 27-Jan-2024 06:55:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/76364110/1?wmode=7&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1220%3Acn%3A1%3Adp%3A0%3Als%3A1089425036802%3Ahid%3A895880396%3Az%3A60%3Ai%3A20240127075554%3Aet%3A1706338555%3Ac%3A1%3Arn%3A809460033%3Arqn%3A2%3Au%3A1706338555783582053%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C62%2C12%2C61%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1706338554525%3Agi%3AR0ExLjEuMjczMzMyMDg5LjE3MDYzMzg1NTQ%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1706338555%3At%3A%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://gazprombank.investments
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 27-Jan-2024 06:55:55 GMT

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
875 B 43ms
43ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?_=0.7173993140197945;id=3272951;u=https%3A//gazprombank.investments/login/;st=1706338554871;pid=USER_ID;title=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=a165939ca47621dc;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1706338554525/////61/61/61/61/61//61/123/134/130/346/346/347/734/735/735;ct=330/331/331/331;gl=u;ni=10//4g/0/0/;lvid=1706338554195%3A1706338555260%3A4%3A2395b6cf2735a134c4443470726569a9;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;js=13;e=RT/load;et=1706338555260

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 06:55:55 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK /
sync.bumlam.com/ 43 B
654 B 31ms
31ms Image
image/gif 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=gp3&cid=10002555&cmp=10002555&sid=2793930350&act=hit&r64=&data64=eyJhY3QiOiJoaXQiLCJzY3JlZW5XIjoiMTYwMCIsInNjcmVlbkgiOiIxMjAwIiwic2MiOjEsImx0Ijp7ImQiOjM0NiwicCI6NzM1fX0*&suuid3=1dddd262-bce1-11ee-bbb1-002590c82436_1706338554&ver=0.3.0eacc48&cb=0.7893916761164868&nr=1&localUid=5c725e30-d6f9-4fca-8f1a-f6f3d2c193d3&pageID=6636e2d0-7721-4eea-a6e0-e37781287569
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 06:55:55 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://gazprombank.investments
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H2 204 plgt.js Show response
emd.hybrid.ai/ 0
239 B 57ms
17ms Script
text/plain 37.230.131.21
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://emd.hybrid.ai/plgt.js?fbpid=6414860d4d506e4b58d3b844&foadh=&gapl=&cs=&pcs=&vcs=

Requested by

Host: st.hybrid.ai
URL: https://st.hybrid.ai/txsp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:56 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 562
x-xss-protection: 1; mode=block
expires: -1

POST
H2 200 76364110
mc.yandex.com/webvisor/ 43 B
0 333ms
142ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/76364110?wv-part=1&wv-type=7&wmode=0&wv-hit=895880396&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&rn=968967773&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1706338558%3Aw%3A1600x1200%3Av%3A1220%3Az%3A60%3Ai%3A20240127075557%3Au%3A1706338555783582053%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Ast%3A1706338558&t=gdpr(14)ti(1)

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/js/vendors.55151dd118bd428581ea.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gazprombank.investments/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 27-Jan-2024 06:55:58 GMT
content-type: image/gif
access-control-allow-origin: https://gazprombank.investments
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Jan-2024 06:55:58 GMT

GET
H/1.1 200
OK / Show response
crtrgt.bumlam.com/time/ 21 B
314 B 46ms
12ms Fetch 138.201.248.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://crtrgt.bumlam.com/time/?localUid=5c725e30-d6f9-4fca-8f1a-f6f3d2c193d3&pageID=6636e2d0-7721-4eea-a6e0-e37781287569&time=3&cd=0.22034099805393925
Requested by: Host: gazprombank.investments
URL: https://gazprombank.investments/js/vendors.55151dd118bd428581ea.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.248.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.248.201.138.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: dfcd304f0d1239b795739a67c91476e8137dec5b0550f3f6eaf2ff5c438d0534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gazprombank.investments/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sat, 27 Jan 2024 06:55:58 GMT
Server: nginx/1.18.0 (Ubuntu)
X-SSP: 1
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: https://gazprombank.investments
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 21

POST
H2 200 76364110
mc.yandex.com/webvisor/ 43 B
0 67ms
67ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/76364110?wv-part=1&wv-type=7&wmode=0&wv-hit=895880396&page-url=https%3A%2F%2Fgazprombank.investments%2Flogin%2F&rn=492979816&browser-info=we%3A1%3Aet%3A1706338558%3Aw%3A1600x1200%3Av%3A1220%3Az%3A60%3Ai%3A20240127075558%3Au%3A1706338555783582053%3Avf%3A6lymxorwswbp5wtc63gz2swr%3Ast%3A1706338558&t=gdpr(14)ti(1)

Requested by

Host: gazprombank.investments
URL: https://gazprombank.investments/js/vendors.55151dd118bd428581ea.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gazprombank.investments/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 06:55:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 27-Jan-2024 06:55:58 GMT
content-type: image/gif
access-control-allow-origin: https://gazprombank.investments
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 27-Jan-2024 06:55:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: glitchtip.newton-technology.ru
URL: https://glitchtip.newton-technology.ru/api/11/envelope/?sentry_key=c944038c40514af58728ce4968f196f2&sentry_version=7&sentry_client=sentry.javascript.react%2F7.47.0

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10261.W88hs0bAm_qEXT9lzbI58WI2ziq4UpSYx1_8ouWLt8u7AjUzYBeAZThOEVAcrsez.AqoQIgqXg7Qd9whtd5xMb1P3X0E%2C

Domain: mc.yandex.com
URL: https://mc.yandex.com/metrika/advert.gif

Domain: mc.yandex.com
URL: https://mc.yandex.com/metrika/metrika_match.html

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-D63BVL7DM4&gtm=45je41o0v871729910z8838825892&_p=1706338553880&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=273332089.1706338554&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1706338554&sct=1&seg=0&dl=https%3A%2F%2Fgazprombank.investments%2Fapplink%3Freferrer%3Dappmetrica_tracking_id%253D460116909367582929%2526ym_tracking_id%253D4309627957231525117&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&en=login&ep.%D0%94%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B5=%D0%92%D1%85%D0%BE%D0%B4&_et=464&tfd=1912

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-74CZSSMN1K&gtm=45je41o0v9133982523&_p=1706338553880&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=273332089.1706338554&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&dl=https%3A%2F%2Fgazprombank.investments%2Fapplink%3Freferrer%3Dappmetrica_tracking_id%253D460116909367582929%2526ym_tracking_id%253D4309627957231525117&dt=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8&sid=1706338554&sct=1&seg=0&_s=2&tfd=1913

Domain: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/tracker?_=0.4081868063607854;id=3272951;u=https%3A//gazprombank.investments/login;st=1706338554525;pid=USER_ID;title=%D0%93%D0%B0%D0%B7%D0%BF%D1%80%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%98%D0%BD%D0%B2%D0%B5%D1%81%D1%82%D0%B8%D1%86%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=3413efe3095cb8be;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ct=1455/1458/1458/1464;gl=u;ni=10//4g/0/0/;lvid=1706338554195%3A1706338554652%3A2%3A2395b6cf2735a134c4443470726569a9;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;js=13;e=RT/unload;et=1706338554650;pvt=125;vtauto=457

Domain: glitchtip.newton-technology.ru
URL: https://glitchtip.newton-technology.ru/api/11/envelope/?sentry_key=c944038c40514af58728ce4968f196f2&sentry_version=7&sentry_client=sentry.javascript.react%2F7.47.0

Domain: glitchtip.newton-technology.ru
URL: https://glitchtip.newton-technology.ru/api/11/envelope/?sentry_key=c944038c40514af58728ce4968f196f2&sentry_version=7&sentry_client=sentry.javascript.react%2F7.47.0

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.appmetrica.yandex.com/	1970-01-20 18:13:22	Name: referrer Value: 3680851:appmetrica_tracking_id=460116909367582929&ym_tracking_id=4309627957231525117
.appmetrica.yandex.com/	1970-01-20 18:13:22	Name: deeplink Value: 3680851:
.gazprombank.investments/	1970-01-20 20:08:34	Name: _gcl_au Value: 1.1.602368437.1706338554
.gazprombank.investments/	1970-01-20 18:00:24	Name: _gid Value: GA1.2.2107064843.1706338554
.gazprombank.investments/	1970-01-20 17:58:58	Name: _gat_UA-31919883-40 Value: 1
.vk.com/	1970-01-21 02:45:06	Name: remixlang Value: 6
.vk.com/	1970-01-21 02:44:34	Name: remixstlid Value: 9106301333896244404_zFcnFkifQd0hZlywxrL96oSuWfxRr5uxlCfkwTr6748
.gazprombank.investments/	1970-01-21 01:58:29	Name: tmr_lvid Value: 2395b6cf2735a134c4443470726569a9
.gazprombank.investments/	1970-01-21 01:58:29	Name: tmr_lvidTS Value: 1706338554195
.adriver.ru/	1970-01-21 03:34:58	Name: cid Value: AFldGvld1sYOSphErekwsuw
.gazprombank.investments/	1970-01-21 02:44:34	Name: _ym_uid Value: 1706338555783582053
.gazprombank.investments/	1970-01-21 02:44:34	Name: _ym_d Value: 1706338555
.gazprombank.investments/	1970-01-21 03:34:58	Name: _ga Value: GA1.1.273332089.1706338554
.gazprombank.investments/	1970-01-21 03:34:58	Name: _ga_D63BVL7DM4 Value: GS1.1.1706338554.1.1.1706338554.60.0.0
.gazprombank.investments/	1970-01-21 03:34:58	Name: _ga_74CZSSMN1K Value: GS1.2.1706338554.1.1.1706338554.60.0.0
.mc.yandex.com/	1970-01-20 17:58:59	Name: sync_cookie_csrf Value: 3070171735fake
.gazprombank.investments/	1970-01-20 18:00:10	Name: _ym_isad Value: 2
.bumlam.com/	1970-01-21 03:34:58	Name: suuid3 Value: IiQxZGRkZDI2Mi1iY2UxLTExZWUtYmJiMS0wMDI1OTBjODI0MzY*
.mc.yandex.ru/	1970-01-20 17:58:59	Name: sync_cookie_csrf Value: 1724101200fake
.gazprombank.investments/	1970-01-21 02:37:22	Name: _gpVisits Value: {"isFirstVisitDomain":true,"idContainer":"10002555"}
.gazprombank.investments/	1970-01-20 18:00:06	Name: _gp10002555 Value: {"hits":1,"vc":1}
.yandex.com/	1970-01-21 03:34:58	Name: i Value: TZYT9UHbCiXEW//8Mkj8m3Lqpkdyg2LC/i7RX8MwjooqCDEFeJp2mp+uoKSFwZvO5MWUrXell8/FRgA/D+c4Lgs7wEY=
.yandex.com/	1970-01-21 02:44:34	Name: yandexuid Value: 2565074431706338554
.mc.yandex.com/	1970-01-20 18:00:24	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 03:34:58	Name: i Value: MlEx7/bdDPNPH+aZIFVj6cRbO2WjkRF1zAskffC37kXTocJj/8pAyMNLZhVXM1+w8hNFVkvw5MbYQszsmuo5PafAFOA=
.yandex.ru/	1970-01-21 03:34:58	Name: yp Value: 1706424955.yu.8155326351706338554
.yandex.ru/	1970-01-21 02:44:34	Name: ymex Value: 1708930555.oyu.8155326351706338554
.yandex.com/	1970-01-21 02:44:34	Name: yuidss Value: 2565074431706338554
.yandex.com/	1970-01-21 02:44:34	Name: ymex Value: 1737874555.yrts.1706338555
.yandex.com/	1970-01-21 02:44:34	Name: bh Value: KgI/MA==
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 649778471706338555
.yandex.ru/	1970-01-21 03:34:58	Name: yuidss Value: 8155326351706338554
.yandex.ru/	1970-01-21 03:34:58	Name: yandexuid Value: 8155326351706338554
.gazprombank.investments/	1970-01-20 17:59:00	Name: _ym_visorc Value: w
.mail.ru/	1970-01-21 02:46:00	Name: VID Value: 2dv2592Gz3oM00001F2UbCoM:::0-0-0-acf01ba-0:CAASEJKmKdnRB2psHapg_w5CEygaYF-uPjDZ77B1OeTtECDlQcgKP61JsD7nIBCqiPBv3FCQYB9cyNlXBu0HQa4UAlJjeoqlEd9RfFPhQYAatXdIyv3jDdnr18tj-O452Yzj66iqVITMdejkUMlIAfHmZiNr3A
gazprombank.investments/	1970-01-20 18:00:24	Name: tmr_detect Value: 0%7C1706338557190

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://glitchtip.newton-technology.ru/api/11/envelope/?sentry_key=c944038c40514af58728ce4968f196f2&sentry_version=7&sentry_client=sentry.javascript.react%2F7.47.0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adriver.ru
an.yandex.ru
crtrgt.bumlam.com
dss.hybrid.ai
emd.hybrid.ai
fonts.googleapis.com
fonts.gstatic.com
gazprombank.investments
glitchtip.newton-technology.ru
gpbin.app
mc.yandex.com
mc.yandex.ru
redirect.appmetrica.yandex.com
region1.analytics.google.com
st.hybrid.ai
static.bumlam.com
static.terratraf.io
stats.g.doubleclick.net
sync.bumlam.com
sync.sniperlog.ru
top-fwz1.mail.ru
vk.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
glitchtip.newton-technology.ru
mc.yandex.com
mc.yandex.ru
region1.analytics.google.com
top-fwz1.mail.ru
138.201.248.242
178.248.234.156
178.248.235.174
195.209.108.39
2001:4860:4802:32::36
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2008
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9a
2a02:6b8::1:119
2a02:6b8::2:207
2a02:6b8::90
2a02:6ea0:c700::11
2a02:6ea0:c700::17
2a02:6ea0:c700::19
31.172.81.158
31.172.81.159
37.230.131.19
37.230.131.21
87.240.132.72
95.163.52.67
09f51e2f185341ca211eca7d747c4cea9b148c5963a733084631bac9120942f3
0a9b8ef144306155f7c6a57508a4b53f797a7b6b752c223a7cc0e528e472a996
1ea51c9046aa9f6b1b1193ba533b8938735775374b3e2ca4cd670dc1636773a3
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2cf281a811169976ff874bfc1c24ac8be0ff7d68ee2ddbe061f50ce46078a08d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
421a90a4049b33bbf0ee4d1c8ab9c9783cae7a19dcf322fe572e89b864057c32
443b33ff5d7249ff8cb77894ea01dab25280fc7cf9722ee579d10154323bf99b
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50528efbb0307943e3ae195989398eba3a945dbf69d15b38a76844a51f4945a5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c43f3a3281668e35832267a93c33fe94a30049a6b746b61c7581b04087d990
5b16c3953eb199d4b534559f6ddfddbd53d4ac4808fedab7c8912a4b18f7b798
6366c3f72f9cd9d7fd5b3cfd6e0f48919229c7a16ba7f656e410c73656058037
6424eb16064a81d926830a7094fc574fef77c922264e7e0d6c4a19eb64703542
69d01fa41897e484e5db29995abaa014aec7cb4d7ef925e390b97eb27c735fee
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b1172b360a3248fd9541711983dcfb0b98d55306636b28dad2eda0b0b437b95
723faf28cd82ca4e280e4052c41402f6bf4909b3ddb9b236e3370319257fa63f
7621b08c80bf1b0fee6f84af4f43a5c3e25dd6fbf2cffa658a01c932c14ed0ab
780e37f11f3ff72a8ab658028e9633e6558c442eaccb97f83f55fd8a9e0f76f9
782c9628d3e83c84a51b7d77079c18ca7aea0ea0321b1275cfaef35f329e5035
797ac2329db65f2ecfd3087c32c73689e1f4e23c747ea47fad795b0dd59c55d7
797d36c5083f2539d2db1a563ebfa9e7a0a81f33fbb5216a64b4ad0bb6b60fd9
7d5a5045a63e7e4142598ccfb5c6fdc80908e9eccc6ff0d7939355e810dd7018
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bf38f58f7b7538de587b6b6389b4bb4bd0d4d6907718e7531d1934aca767c98
8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e
90d4798cfeacb30022d6f8efb927da957733d8302ed75b0691a9c4afc8d9f15d
9c641fd8ad8fc0517d4ee8d937866e2542fe7e0b07761c710a5c9a423b269dd9
9df4ea0c8c25b6c96ccb4ef96780a7b074ee266972670f2572d38a961f1b481f
9e1a6647ea3468d43076da204eae0ef3d8f7c2a3f2f029a837ee7615d9ef6a7f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bbfbb56066d491b69c159d5b4c95ce99c1675c76d56f281bc7a49d7fdc31c659
c3de94fa6cd517504cab806b2ac44aae8b5cbbe1a57eb1864b484a94fb1f3ee9
c62e97b666f94a106a137a788df26be7e878bc67d3339a979ab7135c3c0ad605
d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c
db7e340636fc1f997c7654d47b43139e8c56e0c00df425876aed4ba266191e3e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfcd304f0d1239b795739a67c91476e8137dec5b0550f3f6eaf2ff5c438d0534
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cd5a2a7f1f7cc6583f85b377840ac9de175880d57ce00b8e55414237c08f2e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f192b783c410587a1f123377399197a50f9d815cff097f986b1c1dfb2740ac33
f47ca79d697529eabeea77e58c5d5d2d1c2ef5c1a2a62998395561f1a9c79ff2
f4e02df114db3eb7d53bbb975341810f441a436158e5f9529e04e2dc4156c8b7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ffd58def2d55fd95884d693d9d64bfca64057ef8db59d3bf368706e0da36f9bf

gazprombank.investments Open in urlscan Pro 178.248.234.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

85 %HTTPS

58 %IPv6

19 Domains

26 Subdomains

23 IPs

5 Countries

4184 kBTransfer

12281 kBSize

36 Cookies

0 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gazprombank.investments Open in urlscan Pro
178.248.234.156 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

85 %
HTTPS

58 %
IPv6

19
Domains

26
Subdomains

23
IPs

5
Countries

4184 kB
Transfer

12281 kB
Size

36
Cookies

105 HTTP transactions
0 data transactions