urlscan.io logo urlscan.io
SecurityTrails logo

promo-vtb.press Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://promo-vtb.press/
Submission: On June 04 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 28 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is promo-vtb.press.
TLS certificate: Issued by GTS CA 1P5 on June 1st 2024. Valid for: 3 months.
This is the only time promo-vtb.press was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 188.114.97.3 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 193.28.44.8 31174 (RBRU-AS)
4 2a00:1450:400... 15169 (GOOGLE)
28 5
Apex Domain
Subdomains		 Transfer
19 promo-vtb.press
promo-vtb.press
131 KB
4 gstatic.com
fonts.gstatic.com
40 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 101
31 KB
1 raiffeisen.ru
www.raiffeisen.ru — Cisco Umbrella Rank: 260223
56 KB
0 ecorpay.com Failed
ecorpay.com Failed
28 5
Domain Requested by
19 promo-vtb.press promo-vtb.press
4 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com promo-vtb.press
1 www.raiffeisen.ru promo-vtb.press
0 ecorpay.com Failed promo-vtb.press
28 5

This site contains no links.

Subject Issuer Validity Valid
promo-vtb.press
GTS CA 1P5		 2024-06-01 -
2024-08-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
www.raiffeisen.ru
GlobalSign RSA OV SSL CA 2018		 2023-08-03 -
2024-09-03		 a year crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://promo-vtb.press/
Frame ID: A83E4443ED30FD0B287B608946AF7FAF
Requests: 24 HTTP requests in this frame

Frame: https://promo-vtb.press/inexar_files/saved_resource.html
Frame ID: 73EC2C32DEBF5BBBD47AEB3E3A04E2EE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ОТП Банк: «PREMIUM»

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

28
Requests

93 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

257 kB
Transfer

1086 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promo-vtb.press/ 		420 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7d80217c44a9d38f6e31143f87efc0d863f805e8cc465017755db54900b967

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88e83da9ee5a9290-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 04 Jun 2024 13:24:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EsqMz7DTdexOgUknjM7vZ9HgaMJf8dZIeJcxQ0H54Bbfrt6HUxvq1Uui8GgWWb1phE0T8z3lNHuN4JjUz6mpmyuANuDeKQ%2BYhzaOHobdaT12mBMH%2Bq3gWsPfelDAUzTYaig%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
tag.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/tag.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FXM9cXYSixw852B8exU3AyjiebB3Gj7pCEoq4XyJBjE2Cx8RFaVdTvDIufOVAfpY4JYnj66zAqTQf55S1g%2BWH20mbkHbn8QfHazpTmoKHX6c1VJqskmy6JqH7dfA16BiBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83daae8249290-FRA
alt-svc
h3=":443"; ma=86400
chatra.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/chatra.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQopPBX7wVZLCojPdoy8UNvZLbLgkwISrnoZvho4iSpPE8pDvW7T1UIlb%2FSxx1Od11jw9nDhiDHbRadT2Qa%2FnWBfeT%2FWrBKKM%2F347p0rKkmGqJ22N%2FVe2VWHIkqFQYiztr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83daae8279290-FRA
alt-svc
h3=":443"; ma=86400
chatra(1).js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/chatra(1).js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDJZvrvOzRexiito6LfKCVZ46AaDKucxmqM8ggC4I4QWKfysrF3uyB5R%2BzzFfIpxRaOFUFMjW%2BCJpys43Kqe9Tg0qBxWWl0d9zfYfrG4JE4ntvMRNlmJc1pR30HK3LzUxSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83db109299290-FRA
alt-svc
h3=":443"; ma=86400
be52eb1.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/be52eb1.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fs83oQ2RNpQPNgfkrTA8A7W%2FO7jBfz%2BI422IgNQ3nihBRwsrBK7iIcNTSECu2aU7gi9ipQv7VCzDc7MTXyxmxNnvLyspAwUQCEmrwBHMN3LVcsfty9a%2Bgb7ivLj1%2BHYQyO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83daae82a9290-FRA
alt-svc
h3=":443"; ma=86400
1a133c0.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/1a133c0.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yU5y494rE42f%2FwVcVXIFfKP9hXREuwZRqcmEgWN01yF1AZGBGqojAuf8w6TALSbj4FwDW1sRfeLIE1%2BHukUWpujtygFOh8XgSZX3cAAe3CUUX7IzmAzqDoayZPT7yslwuzU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83daae82c9290-FRA
alt-svc
h3=":443"; ma=86400
756dcd3.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/756dcd3.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4uojU67nDjHtRrCYE%2BUev9UzSATdqNALdL5vXf9pBOHune4d9BBp8j4Qt0B2zKqJ%2BcPbgM30x68CIsa%2FFM9sVrUCX9gucf0lejLrDRpsMLCQV%2Bdd%2BAMpvEHYtKqs%2FJfaOA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83daae82e9290-FRA
alt-svc
h3=":443"; ma=86400
8821ce6.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/8821ce6.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8dv4qW1y7hdPcOwabXwiTqwDUBlxzj1VkshGtBYKsQSKY%2BTb79ye4UXiTAgMhWqC0BbqCevvXlkPrgshP1zUw2AVtLiSGEW3oEQ7kHRUaukWszUB0HY7T9qGp1MUALjKHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83daae8319290-FRA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		119 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@300..700&family=Exo+2:ital,wght@0,100..900;1,100..900&family=Poiret+One&family=Zen+Kaku+Gothic+Antique&display=swap
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b807b9ae4d543629aa777ab2f007b1e21599c3f39e81a2e0b2c84b1077077e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 13:24:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 13:24:02 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Scada:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7baa368d80d0799af99b9354148483fa2a9b48116388a70ce8cb710c2fc61853
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 13:24:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 13:24:02 GMT
9e9c04a.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/9e9c04a.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MaQEmBzNobIiOu8k2RsuWpLEX3C7jsX%2FxAtmMl3qLnrkb86WlBwgHEsmwZeCskASUHh3bT%2Byb4Leh8Bsqk0RXV8wMgugwAjDRnxZTvx0%2FqUHSIUaF0HBqrW0TK2a4Id59hA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83dab18809290-FRA
alt-svc
h3=":443"; ma=86400
f4f071a.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/f4f071a.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXkZkwvIDi%2FCARMmkLRVG1VDzM6ghijd8XFwOjxS%2FfftHOspveCyXfy7tDPIipp5Dfzx98miFx55iYCCL4S1vVJhXo3E%2FuvFksodeZefw1MXj7g3orul8DyXtjmqb0qPr9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83dab18829290-FRA
alt-svc
h3=":443"; ma=86400
css
promo-vtb.press/inexar_files/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/css
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebOv61HCY6P%2BTQX1fAz%2B%2B4L6FkQ3aPmjL2l0ODCchzphCwBI3HAjPIOYNYhfCH9wsijDOVc2moj8OqV0eTNWpZ6CDFLlxlzSmrUFzAIsdnWuWMpO98LjBU3DCpTpPgqFUfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83dab18859290-FRA
alt-svc
h3=":443"; ma=86400
materialdesignicons.min.css
promo-vtb.press/inexar_files/ 		339 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/materialdesignicons.min.css
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc5aa951db9360e2d13d2f0f58322dbc893af8af43f0f5b419ceefa9e7aa527

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
54409
last-modified
Sat, 01 Jun 2024 17:48:58 GMT
server
cloudflare
etag
"54a77-619d7b6f5d3a2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gq5JAnhS%2FSwnIrY0Nzfg5QUf8osvxADHcjYUaWxEiBud0xAVI188BrVWOpkSdp0CixhxXestLmer4bX6X%2BuMgOULQsSutzodXg4DVH9lDVOPMoeSPQWv5hLhjAqqqHnVLwM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88e83dab18879290-FRA
d151c49.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/d151c49.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XMr1GNGQD%2FpD5qnHGBjPpNVU%2BCBggKTuyU1cqnAVcp1Fy1Asaxwy9u7VXdssnbGOmYwDw83AzXUBFmBQ2dlaJ5Ny9dA9bKfNQ6P%2F%2FI8zoHZ%2B762zi5fCf%2Fg1X3rM%2FZXqiaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83dab18899290-FRA
alt-svc
h3=":443"; ma=86400
4f05777.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/4f05777.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QX95fPX6gizgMo1fFfZYRbc7WjZtomWaBl36GhOIOKynrMF6IWQQOZl9bcR1jd%2FR9VczsvrIksdMPbGJQrEeYlLjjxDOt9vsKWzqB6wsMepHgNGS1GGM8d7U1ZOYK6pq0j8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83dab188b9290-FRA
alt-svc
h3=":443"; ma=86400
waiter.webp
www.raiffeisen.ru/static/common/initial/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.raiffeisen.ru/static/common/initial/waiter.webp
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.28.44.8 , Russian Federation, ASN31174 (RBRU-AS, RU),
Reverse DNS
www.raiffeisen.ru
Software
nginx /
Resource Hash
2ff2ee27c48b187aa243e24caf9264b1418fde1e416338f6d70e66cd76a44d3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 13:24:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'none'
Last-Modified
Thu, 12 Oct 2023 06:45:35 GMT
Server
nginx
X-Amz-Request-Id
17D5CFEB70F104C9
ETag
"3851fa7867dfaef360b301adf73aa31d"
Vary
Origin, Accept-Encoding
Content-Type
image/webp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56310
X-Amz-Id-2
56f65d73b5ffce4006b7b8bc10aacf53a71a309c0599b13bd818ced1b3439dfc
X-Xss-Protection
1; mode=block
saved_resource.html
promo-vtb.press/inexar_files/ Frame 73EC 		26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/saved_resource.html
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cf1b49c1ec4f9f76a617b9b8b942a82a27ffeebb173941be5b90fc35b1b9011

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-vtb.press/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88e83db25b379290-FRA
content-encoding
br
content-type
text/html
date
Tue, 04 Jun 2024 13:24:03 GMT
last-modified
Sat, 01 Jun 2024 17:49:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wppp8oZVKiV90ktm5jPrISvSZ2qyG8LbSFzS6tJxYWCejtvHh9iW0kw20itpU3g8bGsGw1v1c%2FuHkvEiAw4IYH%2FttI6ptRjczNq3vGw4ePOHxizTEW7eIULPqScGyTNRlYU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
RLpxK5Pv5qumeVJrzTQYbg.woff2
fonts.gstatic.com/s/scada/v15/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/scada/v15/RLpxK5Pv5qumeVJrzTQYbg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Scada:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9656c589e31937c11b13bf8eb432e198ec37e7946273c067526fc5017f70d362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://promo-vtb.press
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 04:33:26 GMT
x-content-type-options
nosniff
age
291037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10464
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:45:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 04:33:26 GMT
RLpxK5Pv5qumeVJvzTQ.woff2
fonts.gstatic.com/s/scada/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/scada/v15/RLpxK5Pv5qumeVJvzTQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Scada:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09c610897e9810c7c89fdb5fe97d19ba27f60ca0087cdea03d6f253235f232d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://promo-vtb.press
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 31 May 2024 19:12:29 GMT
x-content-type-options
nosniff
age
324694
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15204
x-xss-protection
0
last-modified
Tue, 02 May 2023 17:00:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 May 2025 19:12:29 GMT
6qLQKYkHvh-nlUpKPAdoVFBtfxDzIn1eCzpB22-j1xOTcw.woff2
fonts.gstatic.com/s/zenkakugothicantique/v15/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/zenkakugothicantique/v15/6qLQKYkHvh-nlUpKPAdoVFBtfxDzIn1eCzpB22-j1xOTcw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@300..700&family=Exo+2:ital,wght@0,100..900;1,100..900&family=Poiret+One&family=Zen+Kaku+Gothic+Antique&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df579cb252f13e9fd770248de1e7b4d26a5d49b41bd30d8f7a42e91f8d45ef50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://promo-vtb.press
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 20:48:08 GMT
x-content-type-options
nosniff
age
59755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4596
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:32:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jun 2025 20:48:08 GMT
6qLQKYkHvh-nlUpKPAdoVFBtfxDzIn1eCzpB22-n1xM.woff2
fonts.gstatic.com/s/zenkakugothicantique/v15/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/zenkakugothicantique/v15/6qLQKYkHvh-nlUpKPAdoVFBtfxDzIn1eCzpB22-n1xM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@300..700&family=Exo+2:ital,wght@0,100..900;1,100..900&family=Poiret+One&family=Zen+Kaku+Gothic+Antique&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7154cdf161271d7debc06489577bb3ccd2ea1697d58c85c022939b6f1a3137cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://promo-vtb.press
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 02:57:23 GMT
x-content-type-options
nosniff
age
296800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9672
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:31:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 02:57:23 GMT
Golos-Text_Regular.b1395e9.woff
ecorpay.com/_nuxt/fonts/ 		0
0
Rubik-Regular.4743dae.woff
ecorpay.com/_nuxt/fonts/ 		0
0
0f4b36301fb51872f1b179a76dbf2e28b4b4a818.css
promo-vtb.press/inexar_files/ Frame 73EC 		81 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/0f4b36301fb51872f1b179a76dbf2e28b4b4a818.css
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/inexar_files/saved_resource.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9735d0a41f5a59d268962a94fda8c90d047fdc9d2409109f29a63e67c56b420f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/inexar_files/saved_resource.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:03 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14246
last-modified
Sat, 01 Jun 2024 17:48:45 GMT
server
cloudflare
etag
"1441a-619d7b632d1d9-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3d9aT8w3AY5bcINaW6LXT4asXtRocbQ49TbTj0ZVjKLs6%2FvH9V0LQQXOD5oMh8QmnCBkPSsTkWq3U%2FHIfMpZQRXIOHS2O4ToNH9%2B%2FPANG1JgoE%2FooDeTGr3Ahe0mtM4D%2B7s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88e83db2fc029290-FRA
meteor_runtime_config.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ Frame 73EC 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/meteor_runtime_config.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/inexar_files/saved_resource.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/inexar_files/saved_resource.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZfI1%2Fk6EZxvcQS0q1xaAB5smfyEKtEjEIuJP32Ar2V9ufEAn0zU%2FGEi8cRydqLjhQZJR3Gr0uHt7az9z2r6qJnLqwOP4pGFTRfKEIi%2F00qrTY6%2BL2gxdkYzJIVTWPf7K8U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83db2fc059290-FRA
alt-svc
h3=":443"; ma=86400
f7419f03daa62a5d32aee05220d347e051ad1590.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
promo-vtb.press/inexar_files/ Frame 73EC 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/inexar_files/f7419f03daa62a5d32aee05220d347e051ad1590.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Requested by
Host: promo-vtb.press
URL: https://promo-vtb.press/inexar_files/saved_resource.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/inexar_files/saved_resource.html
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2Br0xTNKqAluUwLBPvZT0emaaAOIypCK5dM7DHokcEiOSjdkpTHlAvgcVVIkrBeTD%2BkOyqBxJt1lWqtZ0U4rr9TORvyvW26T9xZVcGShyWpGz5WeSJvYFOu76LUks7WsiKU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88e83db2fc079290-FRA
alt-svc
h3=":443"; ma=86400
1ic.png
promo-vtb.press/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://promo-vtb.press/1ic.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71999a819a328ff6e1155cdc769449e54b12bea6a0cd3ab7589cc711084a7334

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://promo-vtb.press/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 13:24:03 GMT
cf-cache-status
MISS
last-modified
Tue, 04 Jun 2024 03:56:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62a-61a086f79d326"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GC5y4AWd5yrHtrLtLIO%2Fwh%2BICD24qv4CdjiiIneIcXgqwQILg%2F9IIoAmuuK0%2FKftHt0Hjvf5GpI1jlm2P8KF70XN2vZiTavjeW68xM2TUWoTMagGZt959rb4Ot9ZuxV7DAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88e83db3ed159290-FRA
alt-svc
h3=":443"; ma=86400
content-length
1578

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ecorpay.com
URL
https://ecorpay.com/_nuxt/fonts/Golos-Text_Regular.b1395e9.woff
Domain
ecorpay.com
URL
https://ecorpay.com/_nuxt/fonts/Rubik-Regular.4743dae.woff

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __NUXT__

0 Cookies

18 Console Messages

Source Level URL
Text
network error URL: https://promo-vtb.press/inexar_files/chatra.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/756dcd3.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/1a133c0.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/8821ce6.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/tag.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/be52eb1.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/9e9c04a.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/d151c49.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/4f05777.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/chatra(1).js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/f4f071a.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/f7419f03daa62a5d32aee05220d347e051ad1590.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-vtb.press/inexar_files/meteor_runtime_config.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://promo-vtb.press/
Message:
Access to font at 'https://ecorpay.com/_nuxt/fonts/Golos-Text_Regular.b1395e9.woff' from origin 'https://promo-vtb.press' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecorpay.com/_nuxt/fonts/Golos-Text_Regular.b1395e9.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://promo-vtb.press/
Message:
Access to font at 'https://ecorpay.com/_nuxt/fonts/Rubik-Regular.4743dae.woff' from origin 'https://promo-vtb.press' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ecorpay.com/_nuxt/fonts/Rubik-Regular.4743dae.woff
Message:
Failed to load resource: net::ERR_FAILED