urlscan.io logo urlscan.io
SecurityTrails logo

auth.demo.contech.pik.ru Open in urlscan Pro
84.201.185.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bank.demo.contech.pik.ru/
Effective URL: https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%...
Submission: On October 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 84.201.185.124, located in Russian Federation and belongs to YANDEXCLOUD, RU. The main domain is auth.demo.contech.pik.ru.
TLS certificate: Issued by R3 on October 16th 2021. Valid for: 3 months.
This is the only time auth.demo.contech.pik.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23 84.201.185.124 200350 (YANDEXCLOUD)
1 18.195.125.250 16509 (AMAZON-02)
22 2
Apex Domain
Subdomains		 Transfer
23 pik.ru
bank.demo.contech.pik.ru
auth.demo.contech.pik.ru
966 KB
1 ivideon.com
open.ivideon.com
1 KB
22 2
Domain Requested by
14 auth.demo.contech.pik.ru 2 redirects bank.demo.contech.pik.ru
auth.demo.contech.pik.ru
9 bank.demo.contech.pik.ru bank.demo.contech.pik.ru
1 open.ivideon.com bank.demo.contech.pik.ru
22 3

This site contains no links.

Subject Issuer Validity Valid
bank.demo.contech.pik.ru
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.ivideon.com
AlphaSSL CA - SHA256 - G2		 2021-08-09 -
2022-09-10		 a year crt.sh
auth.demo.contech.pik.ru
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548
Frame ID: 88BA0102C9498CBA2B64F4FC308A3B58
Requests: 21 HTTP requests in this frame

Frame: https://bank.demo.contech.pik.ru/silent-renew.html
Frame ID: 6777FAACEFAE76E5B8B35DC013DEC6CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ПИК Аутентификация

Page URL History Show full URLs

  1. https://bank.demo.contech.pik.ru/ Page URL
  2. https://auth.demo.contech.pik.ru/connect/authorize?client_id=bank_spa&redirect_uri=https%3A%2F%2Fbank.demo.co... HTTP 302
    https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank... Page URL

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

966 kB
Transfer

2185 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bank.demo.contech.pik.ru/ Page URL
  2. https://auth.demo.contech.pik.ru/connect/authorize?client_id=bank_spa&redirect_uri=https%3A%2F%2Fbank.demo.contech.pik.ru%2Fauth-callback&response_type=id_token%20token&scope=openid%20profile%20email%20offline_access%20bank_api&nonce=N0.202405730719952271634376721362&state=16343767212460.3709351075501548 HTTP 302
    https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://auth.demo.contech.pik.ru/connect/authorize?client_id=bank_spa&redirect_uri=https%3A%2F%2Fbank.demo.contech.pik.ru%2Fsilent-renew.html&response_type=id_token%20token&scope=openid%20profile%20email%20offline_access%20bank_api&nonce=N0.44576762611838781634376721246&state=16343767212460.3709351075501548&prompt=none HTTP 302
  • https://bank.demo.contech.pik.ru/silent-renew.html

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bank.demo.contech.pik.ru/ 		1 KB
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bank.demo.contech.pik.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
ee1dde803b621bb2bb6d6b80b4f4978355583a2f377303aa8135e6e7930f8de6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
bank.demo.contech.pik.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.17.10
date
Sat, 16 Oct 2021 09:32:00 GMT
content-type
text/html
last-modified
Tue, 23 Jun 2020 20:06:16 GMT
vary
Accept-Encoding
etag
W/"5ef260b8-4ca"
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
styles.596e624df99d01735e96.css
bank.demo.contech.pik.ru/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bank.demo.contech.pik.ru/styles.596e624df99d01735e96.css
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
d6c1137f0cbdc73f732d37775f2090f157ce98d88bb9fa4bf80eec5982153cfc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/styles.596e624df99d01735e96.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bank.demo.contech.pik.ru
referer
https://bank.demo.contech.pik.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank.demo.contech.pik.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 20:06:16 GMT
server
nginx/1.17.10
etag
W/"5ef260b8-6675"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2678400 public
strict-transport-security
max-age=15724800; includeSubDomains
expires
Tue, 16 Nov 2021 09:32:00 GMT
embedded.js
open.ivideon.com/embed/v2/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://open.ivideon.com/embed/v2/embedded.js
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.125.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-125-250.eu-central-1.compute.amazonaws.com
Software
IV Web Server /
Resource Hash
84f3331d2af16079fc43b638a488ae67ea1f4048fde0adffe2c7e00a994f8ef1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bank.demo.contech.pik.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:00 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 13:47:36 GMT
server
IV Web Server
etag
"3973699788"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
Connection
keep-alive
accept-ranges
bytes
Content-Length
667
runtime.054af26314463148f1b1.js
bank.demo.contech.pik.ru/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.demo.contech.pik.ru/runtime.054af26314463148f1b1.js
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
7f30b2543a3fa593d948f182701c8065fe8d9cbe7df06134d3f1e5c939e97ab1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/runtime.054af26314463148f1b1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bank.demo.contech.pik.ru
referer
https://bank.demo.contech.pik.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank.demo.contech.pik.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 20:06:16 GMT
server
nginx/1.17.10
etag
W/"5ef260b8-8b3"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
polyfills.7037a817a5bb670ed2ca.js
bank.demo.contech.pik.ru/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.demo.contech.pik.ru/polyfills.7037a817a5bb670ed2ca.js
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
1cae2e80a478f8c3aaa3988d0495b21ca579b7de2bdfcbef442650e53c0cf4db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/polyfills.7037a817a5bb670ed2ca.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bank.demo.contech.pik.ru
referer
https://bank.demo.contech.pik.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank.demo.contech.pik.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 20:06:16 GMT
server
nginx/1.17.10
etag
W/"5ef260b8-a40a"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
main.3d651ebf1d323f36aaff.js
bank.demo.contech.pik.ru/ 		1 MB
279 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.demo.contech.pik.ru/main.3d651ebf1d323f36aaff.js
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
b26ee63a7c761a55fa4aa863ef8f5b49427bb0d1beab8f24ea16d575d8748bef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/main.3d651ebf1d323f36aaff.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bank.demo.contech.pik.ru
referer
https://bank.demo.contech.pik.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank.demo.contech.pik.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:00 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 20:06:16 GMT
server
nginx/1.17.10
etag
W/"5ef260b8-114b9f"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
GraphikLCG-Regular.46be7bf2e2719ab2e00a.woff
bank.demo.contech.pik.ru/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bank.demo.contech.pik.ru/GraphikLCG-Regular.46be7bf2e2719ab2e00a.woff
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/styles.596e624df99d01735e96.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
6ccd02e0b457e96fb3bedd62cc76713d6175ae05be619174dfad96283e1d0616
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/GraphikLCG-Regular.46be7bf2e2719ab2e00a.woff
pragma
no-cache
origin
https://bank.demo.contech.pik.ru
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
bank.demo.contech.pik.ru
referer
https://bank.demo.contech.pik.ru/styles.596e624df99d01735e96.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bank.demo.contech.pik.ru/styles.596e624df99d01735e96.css
Origin
https://bank.demo.contech.pik.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
last-modified
Tue, 23 Jun 2020 20:06:16 GMT
server
nginx/1.17.10
etag
"5ef260b8-1054c"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/font-woff
accept-ranges
bytes
content-length
66892
/
bank.demo.contech.pik.ru/config/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bank.demo.contech.pik.ru/config/
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/polyfills.7037a817a5bb670ed2ca.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
70a909379d04379249dde7eeeb583abb82a73b0c8b5b07657d88fbc196f62ef7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/config/
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
bank.demo.contech.pik.ru
referer
https://bank.demo.contech.pik.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank.demo.contech.pik.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 11:28:28 GMT
server
nginx/1.17.10
etag
W/"60cc835c-14d6"
vary
Accept-Encoding
content-type
application/json
strict-transport-security
max-age=15724800; includeSubDomains
silent-renew.html
bank.demo.contech.pik.ru/ Frame 6777
Redirect Chain
  • https://auth.demo.contech.pik.ru/connect/authorize?client_id=bank_spa&redirect_uri=https%3A%2F%2Fbank.demo.contech.pik.ru%2Fsilent-renew.html&response_type=id_token%20token&scope=openid%20profile%2...
  • https://bank.demo.contech.pik.ru/silent-renew.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bank.demo.contech.pik.ru/silent-renew.html
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/main.3d651ebf1d323f36aaff.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
bank.demo.contech.pik.ru
:scheme
https
:path
/silent-renew.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bank.demo.contech.pik.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

server
nginx/1.17.10
date
Sat, 16 Oct 2021 09:32:01 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Tue, 23 Jun 2020 20:06:16 GMT
etag
W/"5ef260b8-293"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip

Redirect headers

server
nginx/1.17.10
date
Sat, 16 Oct 2021 09:32:01 GMT
content-length
0
location
https://bank.demo.contech.pik.ru/silent-renew.html#error=login_required&state=16343767212460.3709351075501548
cache-control
no-store, no-cache, max-age=0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
4.e3473d7e56944cecd30f.js
bank.demo.contech.pik.ru/ 		444 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.demo.contech.pik.ru/4.e3473d7e56944cecd30f.js
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/runtime.054af26314463148f1b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
002629cc4458c04755c00f818a6881cf9fe4bda923aef15864964dd014022243
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/4.e3473d7e56944cecd30f.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bank.demo.contech.pik.ru
referer
https://bank.demo.contech.pik.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bank.demo.contech.pik.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 20:06:16 GMT
server
nginx/1.17.10
etag
W/"5ef260b8-6f161"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
Primary Request Login
auth.demo.contech.pik.ru/Account/
Redirect Chain
  • https://auth.demo.contech.pik.ru/connect/authorize?client_id=bank_spa&redirect_uri=https%3A%2F%2Fbank.demo.contech.pik.ru%2Fauth-callback&response_type=id_token%20token&scope=openid%20profile%20ema...
  • https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26r...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548
Requested by
Host: bank.demo.contech.pik.ru
URL: https://bank.demo.contech.pik.ru/main.3d651ebf1d323f36aaff.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
10ce654c6c587df17d96ee816f7a84e99a14f7597f02270e2bff459189f44ae9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
auth.demo.contech.pik.ru
:scheme
https
:path
/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://bank.demo.contech.pik.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bank.demo.contech.pik.ru/

Response headers

server
nginx/1.17.10
date
Sat, 16 Oct 2021 09:32:01 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
pragma
no-cache
content-encoding
br
set-cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak; path=/; samesite=strict; httponly
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
x-content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';
referrer-policy
no-referrer
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

server
nginx/1.17.10
date
Sat, 16 Oct 2021 09:32:01 GMT
content-length
0
location
https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548
strict-transport-security
max-age=15724800; includeSubDomains
normalize.min.css
auth.demo.contech.pik.ru/css/ 		2 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.demo.contech.pik.ru/css/normalize.min.css
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
e4724ac8b600dccb4b8dde2f1f9cff6e101f0c9230c6301fcd61c6b2df16a132
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/css/normalize.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
auth.demo.contech.pik.ru
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
W/"1d730599756f223"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=15724800; includeSubDomains
main.min.css
auth.demo.contech.pik.ru/css/ 		1 KB
815 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.demo.contech.pik.ru/css/main.min.css
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
8a966d97d22b9529ce4df2fbf312bbed1d41cbd693e2390662e981009ea5e86d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/css/main.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
auth.demo.contech.pik.ru
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
W/"1d730599756f09a"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=15724800; includeSubDomains
direct-login.min.css
auth.demo.contech.pik.ru/css/login/ 		113 B
306 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.demo.contech.pik.ru/css/login/direct-login.min.css
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
0a31922416a1d5b0eff529545b0af9cfec42ae5c6873dff9faa47949afac1163
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/css/login/direct-login.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
auth.demo.contech.pik.ru
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
"1d730599756f571"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/css
accept-ranges
bytes
content-length
113
pik_franchise_logo.svg
auth.demo.contech.pik.ru/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.demo.contech.pik.ru/assets/images/pik_franchise_logo.svg
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
2e352747d21e513de12fab3383d65106ef9b458ffa00ef8e263d76f555105120
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/assets/images/pik_franchise_logo.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
auth.demo.contech.pik.ru
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
W/"1d730599756fb78"
vary
Accept-Encoding
content-type
image/svg+xml
strict-transport-security
max-age=15724800; includeSubDomains
pik-clock.js
auth.demo.contech.pik.ru/js/ 		790 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.demo.contech.pik.ru/js/pik-clock.js
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbank_spa%26redirect_uri%3Dhttps%253A%252F%252Fbank.demo.contech.pik.ru%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520bank_api%26nonce%3DN0.202405730719952271634376721362%26state%3D16343767212460.3709351075501548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
4e643deb1b6793e32e32c4e4eabf789d8fb485861b5a41588a5ad0beeef6291f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/js/pik-clock.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
auth.demo.contech.pik.ru
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
W/"1d730599756f616"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15724800; includeSubDomains
password.css
auth.demo.contech.pik.ru/css/login/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.demo.contech.pik.ru/css/login/password.css
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/css/login/direct-login.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
f58302e801303fdce488024c4a3ee9dd6af72db2de5f44cfdfb835c858780fa9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/css/login/password.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
auth.demo.contech.pik.ru
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
W/"1d730599756ffbe"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=15724800; includeSubDomains
logging.css
auth.demo.contech.pik.ru/css/login/ 		1 KB
781 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.demo.contech.pik.ru/css/login/logging.css
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/css/login/password.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
1037172fa88c61cb62bb23693dcb7ca808e9e76eb4b0b58065066c98b099eabe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/css/login/logging.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
auth.demo.contech.pik.ru
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
W/"1d730599756f0fd"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=15724800; includeSubDomains
back.jpg
auth.demo.contech.pik.ru/assets/images/ 		407 KB
408 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.demo.contech.pik.ru/assets/images/back.jpg
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/css/login/logging.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
2312b1f6deb592ce26268fd43d1ee476a32e3f55f274e9e6b56c7076f7a6550c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/assets/images/back.jpg
pragma
no-cache
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
auth.demo.contech.pik.ru
referer
https://auth.demo.contech.pik.ru/css/login/logging.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://auth.demo.contech.pik.ru/css/login/logging.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
"1d730599750af67"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
416359
login.svg
auth.demo.contech.pik.ru/assets/images/ 		1 KB
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.demo.contech.pik.ru/assets/images/login.svg
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/css/login/password.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
57c09ad29c92190168e9976250caef7e7a204441d63863cfbf55407fb264c178
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/assets/images/login.svg
pragma
no-cache
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
auth.demo.contech.pik.ru
referer
https://auth.demo.contech.pik.ru/css/login/password.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://auth.demo.contech.pik.ru/css/login/password.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
W/"1d730599756f03e"
vary
Accept-Encoding
content-type
image/svg+xml
strict-transport-security
max-age=15724800; includeSubDomains
invalid-name.svg
auth.demo.contech.pik.ru/assets/images/ 		478 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.demo.contech.pik.ru/assets/images/invalid-name.svg
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/css/login/password.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
cf268276fbf387274c4e1ed1c310e34392a7a55c97564c2c4ed9a8fbf49d23ee
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:path
/assets/images/invalid-name.svg
pragma
no-cache
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
auth.demo.contech.pik.ru
referer
https://auth.demo.contech.pik.ru/css/login/password.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://auth.demo.contech.pik.ru/css/login/password.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
content-encoding
gzip
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
W/"1d730599756f4de"
vary
Accept-Encoding
content-type
image/svg+xml
strict-transport-security
max-age=15724800; includeSubDomains
ProbaProRegular.otf
auth.demo.contech.pik.ru/assets/fonts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.demo.contech.pik.ru/assets/fonts/ProbaProRegular.otf
Requested by
Host: auth.demo.contech.pik.ru
URL: https://auth.demo.contech.pik.ru/css/main.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.201.185.124 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
a75a718adcb71ade3d837833848aa72313b1a67e3c7caa3da0fa077458653384
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://auth.demo.contech.pik.ru
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
.AspNetCore.Antiforgery.9TtSrW0hzOs=CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak
:path
/assets/fonts/ProbaProRegular.otf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
auth.demo.contech.pik.ru
referer
https://auth.demo.contech.pik.ru/css/main.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://auth.demo.contech.pik.ru/css/main.min.css
Origin
https://auth.demo.contech.pik.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 09:32:01 GMT
last-modified
Tue, 13 Apr 2021 11:38:58 GMT
server
nginx/1.17.10
etag
"1d730599757e608"
vary
Origin
content-type
font/otf
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
70408

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster number| serverTime number| localTime number| timeDiff function| showTime

1 Cookies

Domain/Path Name / Value
auth.demo.contech.pik.ru/ Name: .AspNetCore.Antiforgery.9TtSrW0hzOs
Value: CfDJ8CBWRzWrRGRFo36kBJPC0prUUxDNhoJ3jlGoV49D-k5JoE6FX6J7jLYZCB4FyVaZ0kAICz7uRN0xCeQDP706OriLN2m27H7WoUa_aBQicL6wPvMNiVy6dY50JAuLWRQBa0UZTZhxWRTveJsFvDT-Aak

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.demo.contech.pik.ru
bank.demo.contech.pik.ru
open.ivideon.com
18.195.125.250
84.201.185.124
002629cc4458c04755c00f818a6881cf9fe4bda923aef15864964dd014022243
0a31922416a1d5b0eff529545b0af9cfec42ae5c6873dff9faa47949afac1163
1037172fa88c61cb62bb23693dcb7ca808e9e76eb4b0b58065066c98b099eabe
10ce654c6c587df17d96ee816f7a84e99a14f7597f02270e2bff459189f44ae9
1cae2e80a478f8c3aaa3988d0495b21ca579b7de2bdfcbef442650e53c0cf4db
2312b1f6deb592ce26268fd43d1ee476a32e3f55f274e9e6b56c7076f7a6550c
2e352747d21e513de12fab3383d65106ef9b458ffa00ef8e263d76f555105120
4e643deb1b6793e32e32c4e4eabf789d8fb485861b5a41588a5ad0beeef6291f
57c09ad29c92190168e9976250caef7e7a204441d63863cfbf55407fb264c178
6ccd02e0b457e96fb3bedd62cc76713d6175ae05be619174dfad96283e1d0616
70a909379d04379249dde7eeeb583abb82a73b0c8b5b07657d88fbc196f62ef7
7f30b2543a3fa593d948f182701c8065fe8d9cbe7df06134d3f1e5c939e97ab1
84f3331d2af16079fc43b638a488ae67ea1f4048fde0adffe2c7e00a994f8ef1
8a966d97d22b9529ce4df2fbf312bbed1d41cbd693e2390662e981009ea5e86d
a75a718adcb71ade3d837833848aa72313b1a67e3c7caa3da0fa077458653384
b26ee63a7c761a55fa4aa863ef8f5b49427bb0d1beab8f24ea16d575d8748bef
cf268276fbf387274c4e1ed1c310e34392a7a55c97564c2c4ed9a8fbf49d23ee
d6c1137f0cbdc73f732d37775f2090f157ce98d88bb9fa4bf80eec5982153cfc
e4724ac8b600dccb4b8dde2f1f9cff6e101f0c9230c6301fcd61c6b2df16a132
ee1dde803b621bb2bb6d6b80b4f4978355583a2f377303aa8135e6e7930f8de6
f58302e801303fdce488024c4a3ee9dd6af72db2de5f44cfdfb835c858780fa9