halvacard.ru Open in urlscan Pro
78.155.198.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://halva.ru/
Effective URL:
https://halvacard.ru/
Submission: On October 25 via api (October 25th 2023, 10:43:39 pm UTC) from KZ — Scanned from DE

Summary HTTP 49 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 49 HTTP transactions. The main IP is 78.155.198.120, located in Russian Federation and belongs to SELECTEL-NSK, RU. The main domain is halvacard.ru. The Cisco Umbrella rank of the primary domain is 510738.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on April 3rd 2023. Valid for: a year.

This is the only time halvacard.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	78.155.198.120 78.155.198.120	61976 (SELECTEL-NSK) (SELECTEL-NSK)
5	91.217.180.117 91.217.180.117	197258 (SCB-AS) (SCB-AS)
1 2	2606:4700:20:... 2606:4700:20::681a:575	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	78.155.198.119 78.155.198.119	61976 (SELECTEL-NSK) (SELECTEL-NSK)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	152.199.22.228 152.199.22.228	15133 (EDGECAST) (EDGECAST)
2 2	45.8.111.118 45.8.111.118	48219 (THREEDATA-AS) (THREEDATA-AS)
1 5	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2	37.230.131.19 37.230.131.19	200197 (HYBRID-PO...) (HYBRID-POLAND)
1	2606:4700:20:... 2606:4700:20::681a:475	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.230.131.16 37.230.131.16	200197 (HYBRID-PO...) (HYBRID-POLAND)
49	11

15 78.155.198.120 (Russian Federation) 1 redirects

ASN61976 (SELECTEL-NSK, RU)

halva.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
halvacard.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.217.180.117 (Russian Federation)

ASN197258 (SCB-AS, RU)

api-app.sovcombank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:575 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

halvacard.push4site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 78.155.198.119 (Russian Federation)

ASN61976 (SELECTEL-NSK, RU)

api.halvacard.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.halvacard.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.22.228 (United States)

ASN15133 (EDGECAST, US)

cstatic.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.8.111.118 (Moscow, Russian Federation) 2 redirects

ASN48219 (THREEDATA-AS, RU)

wcm-ru.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

st.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.230.131.19 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dss.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:475 (United States)

ASN13335 (CLOUDFLARENET, US)

push4site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.16 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

emd.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	halvacard.ru halvacard.ru — Cisco Umbrella Rank: 510738 api.halvacard.ru s3.halvacard.ru	989 KB
6	weborama.fr 4 redirects cstatic.weborama.fr — Cisco Umbrella Rank: 24053 wcm-ru.frontend.weborama.fr — Cisco Umbrella Rank: 23345 redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14107	5 KB
5	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 6565	22 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6180	3 KB
5	sovcombank.ru api-app.sovcombank.ru	12 KB
4	hybrid.ai st.hybrid.ai — Cisco Umbrella Rank: 66417 dss.hybrid.ai — Cisco Umbrella Rank: 57075 emd.hybrid.ai — Cisco Umbrella Rank: 37784	6 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2472	70 KB
3	push4site.com 1 redirects halvacard.push4site.com push4site.com — Cisco Umbrella Rank: 183242	19 KB
1	halva.ru 1 redirects halva.ru	213 B
49	9

	Domain	Requested by
14	halvacard.ru	halvacard.ru
10	api.halvacard.ru	halvacard.ru
5	top-fwz1.mail.ru	1 redirects halvacard.ru top-fwz1.mail.ru
5	mc.yandex.com	3 redirects halvacard.ru
5	api-app.sovcombank.ru	halvacard.ru api-app.sovcombank.ru
4	s3.halvacard.ru	halvacard.ru
3	mc.yandex.ru	1 redirects halvacard.ru
2	dss.hybrid.ai	st.hybrid.ai halvacard.ru
2	redirect.frontend.weborama.fr	2 redirects
2	wcm-ru.frontend.weborama.fr	2 redirects
2	cstatic.weborama.fr	api-app.sovcombank.ru halvacard.ru
2	halvacard.push4site.com	1 redirects halvacard.ru
1	emd.hybrid.ai	st.hybrid.ai
1	push4site.com	halvacard.push4site.com
1	st.hybrid.ai	halvacard.ru
1	halva.ru	1 redirects
49	16

This site contains links to these domains. Also see Links.

Domain
prod-api.sovcombank.ru
halvaclub.ru
sovcombank.ru
pwa.sovcombank.ru
media.halvacard.ru
chasti.ru
vk.com
ok.ru
t.me

Subject Issuer	Validity	Valid
*.halvacard.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-04-03` - `2024-05-04`	a year	crt.sh
*.sovcombank.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-01` - `2024-04-01`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
cstatic.weborama.fr DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2023-09-14` - `2024-09-13`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://halvacard.ru/
Frame ID: FF17B069CFE0FEE6DD67AF4B4106CA61
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Карта рассрочки Халва - оформить карту рассрочки в Совкомбанке

Page URL History Show full URLs

http://halva.ru/ HTTP 301
https://halvacard.ru/ Page URL
https://halvacard.ru/ Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

49
Requests

88 %
HTTPS

31 %
IPv6

9
Domains

16
Subdomains

11
IPs

4
Countries

1119 kB
Transfer

2112 kB
Size

31
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://prod-api.sovcombank.ru/documents/2772
Title: Тарифы

Search URL Search Domain Scan URL

URL: https://halvaclub.ru/b2b
Title: Стать партнером

Search URL Search Domain Scan URL

URL: https://sovcombank.ru/apply/credit/vygodnaya-stavka/?utm_medium=Display&utm_source=halvacardru-main&utm_campaign=praimvygodnyj/
Title: Кредит просто песня! До 5 000 000 рублей на любые целиПодробнее

Search URL Search Domain Scan URL

URL: https://pwa.sovcombank.ru/

Search URL Search Domain Scan URL

URL: https://sovcombank.ru/office
Title: Отделения и банкоматы

Search URL Search Domain Scan URL

URL: https://media.halvacard.ru/
Title: Халва Медиа

Search URL Search Domain Scan URL

URL: https://chasti.ru/
Title: Оплата Частями

Search URL Search Domain Scan URL

URL: https://vk.com/halvacard

Search URL Search Domain Scan URL

URL: https://ok.ru/group/53179535065217

Search URL Search Domain Scan URL

URL: https://t.me/halvacard_official

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://halva.ru/ HTTP 301
https://halvacard.ru/ Page URL
https://halvacard.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://halva.ru/ HTTP 301
https://halvacard.ru/

Request Chain 6

https://halvacard.push4site.com/sdk HTTP 302
https://halvacard.push4site.com/Static/Script/halvacard.js?v=4

Request Chain 27

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10167.v-5MStzs9ycexlqyuqtKfDpjjnzUEe7GCEn9_W75MtqbcJwE6j3dIBEs2Q6FbgXx.Saq2jcOIxop9dxrUhL_rqHidBtA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10167.Fs89kamYciEHVRNoqovMvp_djcfMSbfd5SrqTRNzbKSqxwYjhOb0OJgbIAK-rj588OM6vSdWKtkSPEDwo2srslhBKjwvC6IukGPbpz24y2LExggYFGvgbm_jDQJIwPjSlEAf2NIjd-UUz4et-nNkqO4CmcfmNenb0rz8miJ-JjgG_uZ-yCoH7o53YmqkTr-TxhNeVGMNvuseOVTUHYTS1mHRDBT7AGDWYbF-W8QsXvc%2C.UE2NoyzpE3mzgmROfe4CNFC8avM%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10167.6BZFAJcGSiw9KWzVNlHipO7eD3KzpgHd3FHf_XlmVUNPS17-hftgCrtin_fIvPs9USb1lWRX4HSO93fr4FFyBJQJfpwcsx-hikvVaOOe9701bM6bd1Cm-QzhkpbSgm5rYKCW_Ldpbu4ZhEtN0tlMMYLYuWQYBOsqq879e5OLeD90sgAvk0vCmgNssi_d7Ev_qOK_pMQ3nM9DCBwnOJ2qJw%2C%2C.lFq2TaCXjfRwFVbMdqbWaPJNPIs%2C

Request Chain 31

https://wcm-ru.frontend.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=co&a.si=8947&a.cp=3&a.ct=d HTTP 302
https://wcm-ru.frontend.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=644193&a.A=co&a.si=8947&a.cp=3&a.ct=d HTTP 302
https://cstatic.weborama.fr/weborama/images/transp.gif

Request Chain 32

https://top-fwz1.mail.ru/counter?id=3278207;js=na HTTP 302
https://top-fwz1.mail.ru/counter2?id=3278207;js=na

Request Chain 35

https://redirect.frontend.weborama.fr/rd?key=sovkom&url=https%3A%2F%2Fapi-app.sovcombank.ru%2Fv2%2Fapp%2Fweb%2F%3Fwebouuid%3D%7BWEBO_ID%7D%26ymId=undefined HTTP 307
https://redirect.frontend.weborama.fr/rd?key=sovkom&url=https%3A%2F%2Fapi-app.sovcombank.ru%2Fv2%2Fapp%2Fweb%2F%3Fwebouuid%3D%7BWEBO_ID%7D%26ymId%3Dundefined&bounce=1&random=845192314 HTTP 302
https://api-app.sovcombank.ru/v2/app/web/?webouuid=-Io8Et1Ts0z8&ymId=undefined

Request Chain 36

https://mc.yandex.com/watch/42364859?wmode=7&page-url=https%3A%2F%2Fhalvacard.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1009%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A890800297098%3Ahid%3A848222405%3Az%3A120%3Ai%3A20231026004336%3Aet%3A1698273817%3Ac%3A1%3Arn%3A417432856%3Arqn%3A1%3Au%3A169827381783047341%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C667%2C6%2C1%2C0%2C%2C314%2C0%2C%2C%2C%2C1190%3Aco%3A0%3Acpf%3A1%3Ans%3A1698273815267%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698273817%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%A5%D0%B0%D0%BB%D0%B2%D0%B0%20-%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%B2%20%D0%A1%D0%BE%D0%B2%D0%BA%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(0)ti(2) HTTP 302
https://mc.yandex.com/watch/42364859/1?wmode=7&page-url=https%3A%2F%2Fhalvacard.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1009%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A890800297098%3Ahid%3A848222405%3Az%3A120%3Ai%3A20231026004336%3Aet%3A1698273817%3Ac%3A1%3Arn%3A417432856%3Arqn%3A1%3Au%3A169827381783047341%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C667%2C6%2C1%2C0%2C%2C314%2C0%2C%2C%2C%2C1190%3Aco%3A0%3Acpf%3A1%3Ans%3A1698273815267%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698273817%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%A5%D0%B0%D0%BB%D0%B2%D0%B0%20-%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%B2%20%D0%A1%D0%BE%D0%B2%D0%BA%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%282%29

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

401

/ Show response
halvacard.ru/
Redirect Chain

http://halva.ru/
https://halvacard.ru/

251 B
498 B

182ms
7ms

Document
text/html

78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL: https://halvacard.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 96efbef88888da3838f98153b29cf03fbd5351ca3dd34e7837eca266efc04537

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 251
content-type: text/html
date: Wed, 25 Oct 2023 22:43:34 GMT
etag: "649d3f20-fb"
expires: 0
pragma: no-cache
server: QRATOR

Redirect headers

Connection: keep-alive
Content-Length: 36
Content-Type: text/html
Date: Wed, 25 Oct 2023 22:43:34 GMT
Keep-Alive: timeout=15
Location: https://halvacard.ru/
Server: QRATOR

GET
H2 200 qauth_utm_v2_v7f9c.js Show response
halvacard.ru/__qrator/ 219 KB
220 KB 14ms
14ms Script
application/javascript 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL: https://halvacard.ru/__qrator/qauth_utm_v2_v7f9c.js
Requested by: Host: halvacard.ru
URL: https://halvacard.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: b0d464fd26fcae4c3b12c30f90c6fb57582eca9d40974dc7bed5b9f1696a5e37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:34 GMT
last-modified: Tue, 20 Jun 2023 08:25:52 GMT
server: QRATOR
etag: "64916290-36dd8"
content-type: application/javascript
cache-control: no-cache, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 224728
expires: 0

POST
H2 200 validate Show response
halvacard.ru/__qrator/ 0
204 B 26ms
25ms XHR
text/plain 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL: https://halvacard.ru/__qrator/validate?pow=114&nonce=1698273814.864.AWHqGxynHaaJD6Ai&qsessid=qg5bnh03v1susb61jdmtm6ags6ooh1et
Requested by: Host: halvacard.ru
URL: https://halvacard.ru/__qrator/qauth_utm_v2_v7f9c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:35 GMT
cache-control: no-cache, no-store, must-revalidate
server: QRATOR
content-length: 0
expires: 0

GET
H2 200 Primary Request / Show response
halvacard.ru/ 142 KB
45 KB 668ms
668ms Document
text/html 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL

https://halvacard.ru/

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/__qrator/qauth_utm_v2_v7f9c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

a57907438e40a3809e1161c917d8747e30363952ad6a40060ca9614bde48e772

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 22:43:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: QRATOR
strict-transport-security: max-age=15724800; includeSubDomains max-age=604800
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 7ec58f09dfb9089cab0a.css
halvacard.ru/assets/site/css/ 222 KB
38 KB 255ms
254ms Stylesheet
text/css 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL

https://halvacard.ru/assets/site/css/7ec58f09dfb9089cab0a.css

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

279a8d7614eb3be6a94201aa6fbb3f71b9af1b6d62d4c3c13e22e40234d96f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 18:32:19 GMT
server: QRATOR
content-encoding: gzip
etag: W/"652adeb3-3772b"
content-type: text/css
cache-control: max-age=691200
expires: Thu, 02 Nov 2023 22:43:36 GMT

GET
H/1.1 200
OK em.js Show response
api-app.sovcombank.ru/cdn/ 3 KB
3 KB 419ms
88ms Script
application/javascript 91.217.180.117
SCB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-app.sovcombank.ru/cdn/em.js

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.217.180.117 , Russian Federation, ASN197258 (SCB-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

aa0eb5a975084ae7af8e25b5c047dfca38f8466d55a9758ea60da627b9e54c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=604800
Last-Modified: Fri, 13 Oct 2023 17:23:44 GMT
Server: nginx
ETag: "65297d20-c09"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3081
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com

GET
H/1.1 200
OK gistfile.halva.1.3.0.min.js Show response
api-app.sovcombank.ru/cdn/ 4 KB
4 KB 239ms
86ms Script
application/javascript 91.217.180.117
SCB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-app.sovcombank.ru/cdn/gistfile.halva.1.3.0.min.js

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.217.180.117 , Russian Federation, ASN197258 (SCB-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

258389a3b38228530b5f5de416ffedca7a37a2272f4288befe3525f41610b141

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=604800
Last-Modified: Fri, 13 Oct 2023 17:23:46 GMT
Server: nginx
ETag: "65297d22-f42"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3906
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com

GET
H2

200

halvacard.js Show response
halvacard.push4site.com/Static/Script/
Redirect Chain

https://halvacard.push4site.com/sdk
https://halvacard.push4site.com/Static/Script/halvacard.js?v=4

73 KB
18 KB

17ms
16ms

Script
application/javascript

2606:4700:20::681a:575
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://halvacard.push4site.com/Static/Script/halvacard.js?v=4

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Server

2606:4700:20::681a:575 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b420737c2415594907485ab8a367a6132f36bc32220bfb0dee6de3ba10f8e596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1144
x-powered-by: ASP.NET
last-modified: Mon, 04 Sep 2023 11:33:29 GMT
server: cloudflare
etag: W/"69b560a023dfd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7v1Xu3oCbUHQjZb%2Fa7NTDAFxtLcPLf1bsZncSqf4HN5in45aiNHykBRXWD1XyCqrr6y2JhBTJ%2F5ifvnmOF2eXexFwxRATytoxr%2Fg4h5Fgh9SD5vd8%2BQK3ftfAFltkEKshPtFyE4NwbAzzKlY%2BOTnD3JWvbW%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 81bdfab7ea329217-FRA

Redirect headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nc6RY1lFjHsYFEh3bvR8YfBPL5cRA1mhc0EN459NCgUb%2BboIr%2FHJJM82GU4p9QU0ZCNQsvJ5ZpTYfpbB119vznjRvzTZPwrS2%2BYudt9GIOlz67%2BbfC%2BZQPMklpbF7fCsaf7K1%2Fyr5NN2ao8LILEl7jp6qNj"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://halvacard.push4site.com/Static/Script/halvacard.js?v=4
access-control-allow-origin: *
cf-ray: 81bdfab79a109217-FRA

GET
H/1.1 200
OK df2987a3-cc40-4e8c-a87c-914ed85ce80b.jpeg
api.halvacard.ru/public-api/files/ 55 KB
55 KB 628ms
527ms Image
image/jpeg 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/df2987a3-cc40-4e8c-a87c-914ed85ce80b.jpeg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

2c7e9534dc853329a3394ae17a24a5e10e103648d3ecbd30b3bd4a946e326e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK c0a44afc-6f2d-48c5-9959-d67ce7e2d930.jpeg
api.halvacard.ru/public-api/files/ 59 KB
59 KB 630ms
535ms Image
image/jpeg 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/c0a44afc-6f2d-48c5-9959-d67ce7e2d930.jpeg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

0f3b7d962fecf072ac2bd82ed6cfd55f29fef5652a7c1922d296711125c7f0ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK e27c6d49-c6d7-4dc2-a608-1520d5a7ec9a.jpeg
api.halvacard.ru/public-api/files/ 63 KB
63 KB 564ms
551ms Image
image/jpeg 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/e27c6d49-c6d7-4dc2-a608-1520d5a7ec9a.jpeg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

f615d8f3619d3478785d2761ab34bf2972c0320a9c5febb004667de05b200233

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK e06b8aa7-af8b-433b-bae7-1b83f7099f6b.jpeg
api.halvacard.ru/public-api/files/ 88 KB
89 KB 562ms
547ms Image
image/jpeg 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/e06b8aa7-af8b-433b-bae7-1b83f7099f6b.jpeg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

8fb0641c0fdab652821b8bcbf1a9140a4b292ba07d81c7bcb04434820212b759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK 51655f0a-2f19-42d3-af1b-1e1815663293.jpeg
api.halvacard.ru/public-api/files/ 45 KB
45 KB 554ms
526ms Image
image/jpeg 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/51655f0a-2f19-42d3-af1b-1e1815663293.jpeg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

e5770c9bd3fd816fa972f365308d68a730079bffb7a2923e9e221f61d9a13e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK d0ffa575-a16c-4394-af18-d6e82accaf7e.jpeg
api.halvacard.ru/public-api/files/ 56 KB
57 KB 583ms
544ms Image
image/jpeg 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/d0ffa575-a16c-4394-af18-d6e82accaf7e.jpeg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

8a2f831d61fc0cc4b37526608e6e3766e0c9abbc0bd2ca6628baf8b68a239a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK payment.png
s3.halvacard.ru/halvacardrucdn/img/cck/ 3 KB
3 KB 627ms
486ms Image
image/png 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.halvacard.ru/halvacardrucdn/img/cck/payment.png

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

069343289c24cfc696dd2421c625333452eb54e9d75890814c4cb38530d011c5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: null
x-amz-request-id: 17917B09D0A54933
x-amz-meta-sha256: 069343289c24cfc696dd2421c625333452eb54e9d75890814c4cb38530d011c5
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2594
x-xss-protection: 1; mode=block
last-modified: Sat, 02 Jul 2022 19:33:52 GMT
Server: QRATOR
etag: "13fbf387784056fcda644c800fea2263"
vary: Origin, Accept-Encoding
Content-Type: image/png
accept-ranges: bytes
Keep-Alive: timeout=15
x-amz-meta-s3b-last-modified: 20220702T192925Z

GET
H/1.1 200
OK 3d63d8d9-3011-ea68-f246-aba5267dfb47.svg
s3.halvacard.ru/halvacardrucdn/img/cck/ 2 KB
2 KB 685ms
582ms Image
image/svg+xml 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.halvacard.ru/halvacardrucdn/img/cck/3d63d8d9-3011-ea68-f246-aba5267dfb47.svg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

d697c468b67a2bb83a3cd92b5540087dec6b0b8ba2eeb572be4a6d48d57e1c2e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: null
x-amz-request-id: 17917B09D69EFC1C
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 1716
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Aug 2022 12:04:06 GMT
Server: QRATOR
etag: "1e02539ffa02306494e64b234b942606"
vary: Origin, Accept-Encoding
Content-Type: image/svg+xml
accept-ranges: bytes
Keep-Alive: timeout=15

GET
H/1.1 200
OK 17f605f3-3a51-aa11-539c-f4c203317924.svg
s3.halvacard.ru/halvacardrucdn/img/cck/ 30 KB
30 KB 705ms
600ms Image
image/svg+xml 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.halvacard.ru/halvacardrucdn/img/cck/17f605f3-3a51-aa11-539c-f4c203317924.svg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

db764cc9028df4621e55809a19a39b78866a91cae51aea3647814ef28815b263

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: null
x-amz-request-id: 17917B09D6969041
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 30389
x-xss-protection: 1; mode=block
last-modified: Sat, 02 Jul 2022 19:42:00 GMT
Server: QRATOR
etag: "5be75e09f34ff0b392ef96fc50dfc6af"
vary: Origin, Accept-Encoding
Content-Type: image/svg+xml
accept-ranges: bytes
Keep-Alive: timeout=15

GET
H2 200 partner-empty-v1.svg
halvacard.ru/img/svg/ 2 KB
1 KB 144ms
142ms Image
image/svg+xml 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halvacard.ru/img/svg/partner-empty-v1.svg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

94802c3f7f44028d1df0072f453be26b9fc500f38915eb9227c3fd3e91dacff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 18:33:11 GMT
server: QRATOR
content-encoding: gzip
etag: W/"652adee7-920"
content-type: image/svg+xml
cache-control: max-age=691200
expires: Thu, 02 Nov 2023 22:43:36 GMT

GET
H2 200 mall-empty.svg
halvacard.ru/img/svg/ 896 B
759 B 145ms
143ms Image
image/svg+xml 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halvacard.ru/img/svg/mall-empty.svg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

bfa20216b4740674fb5aa2dbbf93b90fae421b3c4b3cf935f685412e0ad2ab52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 18:32:20 GMT
server: QRATOR
content-encoding: gzip
etag: W/"652adeb4-380"
content-type: image/svg+xml
cache-control: max-age=691200
expires: Thu, 02 Nov 2023 22:43:36 GMT

GET
H2 200 halva-empty-v1.svg
halvacard.ru/img/svg/ 1 KB
851 B 143ms
141ms Image
image/svg+xml 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halvacard.ru/img/svg/halva-empty-v1.svg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

8b0acc3c2af826cbe3339dff99de668bcbeda94a4fcdd99b71cac724ae7bf364

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
last-modified: Sat, 14 Oct 2023 18:32:20 GMT
server: QRATOR
etag: W/"652adeb4-47b"
content-type: image/svg+xml
cache-control: max-age=691200
expires: Thu, 02 Nov 2023 22:43:36 GMT

GET
H2 200 skb-pwa.svg
halvacard.ru/img/halva_2/pwa/ 701 B
646 B 150ms
148ms Image
image/svg+xml 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://halvacard.ru/img/halva_2/pwa/skb-pwa.svg

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

07d7c912ebc0531507ed44d84a1b93baba41b50a27648ba643de4e0088264a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 18:32:20 GMT
server: QRATOR
etag: W/"652adeb4-2bd"
content-type: image/svg+xml
cache-control: max-age=691200
expires: Thu, 02 Nov 2023 22:43:36 GMT

GET
H2 200 7ec58f09dfb9089cab0a.js Show response
halvacard.ru/assets/site/js/ 688 KB
183 KB 439ms
437ms Script
application/javascript 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL

https://halvacard.ru/assets/site/js/7ec58f09dfb9089cab0a.js

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

b7226bab3ea1a5702648d312f362e11cd41c4e3272e27f62394767462b95ad5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
last-modified: Sat, 14 Oct 2023 18:33:10 GMT
server: QRATOR
etag: W/"652adee6-abf19"
content-type: application/javascript
cache-control: max-age=691200
expires: Thu, 02 Nov 2023 22:43:36 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
69 KB 257ms
138ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

56170d5dc5e437edf605f64d0effd274f3e628db747d75fc412bb95637092e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 24 Oct 2023 13:21:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6537c4ce-11140"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 69952
expires: Wed, 25 Oct 2023 23:43:36 GMT

GET
H/1.1 200
OK halva-mir-desktop.png
s3.halvacard.ru/halvacardrucdn/img/cck/ 23 KB
24 KB 716ms
603ms Image
image/png 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.halvacard.ru/halvacardrucdn/img/cck/halva-mir-desktop.png

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

0b9f3d85a08cc797ef3770083b29aae5eb26b54fec8e3ead801108f677ab7642

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-version-id: null
x-amz-request-id: 17917B09D7447500
x-amz-meta-sha256: 0b9f3d85a08cc797ef3770083b29aae5eb26b54fec8e3ead801108f677ab7642
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 23530
x-xss-protection: 1; mode=block
last-modified: Sat, 02 Jul 2022 19:40:04 GMT
Server: QRATOR
etag: "25fb69b6f3b2fa4a7d6301e37d865ff2"
vary: Origin, Accept-Encoding
Content-Type: image/png
accept-ranges: bytes
Keep-Alive: timeout=15
x-amz-meta-s3b-last-modified: 20220702T193935Z

GET
H2 200 BebasNeueBold.woff
halvacard.ru/fonts/bebas/ 19 KB
19 KB 250ms
250ms Font
font/woff 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL

https://halvacard.ru/fonts/bebas/BebasNeueBold.woff

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/assets/site/css/7ec58f09dfb9089cab0a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

c68da50c720b6f9af2634878b6ab7b6ef629c8976ed3d2053c4f3c2a3d3c2831

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://halvacard.ru/assets/site/css/7ec58f09dfb9089cab0a.css
Origin: https://halvacard.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 18:32:19 GMT
server: QRATOR
etag: "652adeb3-4ab4"
content-type: font/woff
cache-control: max-age=691200
accept-ranges: bytes
content-length: 19124
expires: Thu, 02 Nov 2023 22:43:36 GMT

GET
H2 200 BebasNeueRegular.woff
halvacard.ru/fonts/bebas/ 21 KB
21 KB 183ms
183ms Font
font/woff 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL

https://halvacard.ru/fonts/bebas/BebasNeueRegular.woff

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/assets/site/css/7ec58f09dfb9089cab0a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

13680bfc573e980065d462129f4a44ba2b00a05d1b0c1445824acb7fb1a0eb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://halvacard.ru/assets/site/css/7ec58f09dfb9089cab0a.css
Origin: https://halvacard.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
x-content-type-options: nosniff
last-modified: Sat, 14 Oct 2023 18:33:10 GMT
server: QRATOR
etag: "652adee6-529c"
content-type: font/woff
cache-control: max-age=691200
accept-ranges: bytes
content-length: 21148
expires: Thu, 02 Nov 2023 22:43:36 GMT

OPTIONS
H/1.1 204
No Content em
api-app.sovcombank.ru/ 0
0 255ms
83ms Preflight 91.217.180.117
SCB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-app.sovcombank.ru/em

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.217.180.117 , Russian Federation, ASN197258 (SCB-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://halvacard.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://halvacard.ru
Access-Control-Max-Age: 43200
Connection: keep-alive
Date: Wed, 25 Oct 2023 22:43:36 GMT
Server: nginx
Strict-Transport-Security: max-age=604800
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com
X-Frame-Options: SAMEORIGIN

POST
H/1.1 200
OK em Show response
api-app.sovcombank.ru/ 2 KB
3 KB 90ms
90ms Fetch
text/plain 91.217.180.117
SCB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-app.sovcombank.ru/em

Requested by

Host: api-app.sovcombank.ru
URL: https://api-app.sovcombank.ru/cdn/em.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.217.180.117 , Russian Federation, ASN197258 (SCB-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

09991d7d435923c25d5303999313ebd7df9daef9c83330ab319915aeaf7f99f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://halvacard.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=604800
Server: nginx
Transfer-Encoding: chunked
Vary: Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://halvacard.ru
X-Ratelimit-Remaining: 9999
X-Ratelimit-Reset: 1698273876
X-Ratelimit-Limit: 10000
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10167.v-5MStzs9ycexlqyuqtKfDpjjnzUEe7GCEn9_W75MtqbcJwE6j3dIBEs2Q6FbgXx.Saq2jcOIxop9dxrUhL_rqHidBtA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10167.Fs89kamYciEHVRNoqovMvp_djcfMSbfd5SrqTRNzbKSqxwYjhOb0OJgbIAK-rj588OM6vSdWKtkSPEDwo2srslhBKjwvC6IukGPbpz24y2LExggYFGvgbm_jDQJIwPjSlEAf2NIjd-...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10167.6BZFAJcGSiw9KWzVNlHipO7eD3KzpgHd3FHf_XlmVUNPS17-hftgCrtin_fIvPs9USb1lWRX4HSO93fr4FFyBJQJfpwcsx-hikvVaOOe9701b...

43 B
578 B

58ms
58ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10167.6BZFAJcGSiw9KWzVNlHipO7eD3KzpgHd3FHf_XlmVUNPS17-hftgCrtin_fIvPs9USb1lWRX4HSO93fr4FFyBJQJfpwcsx-hikvVaOOe9701bM6bd1Cm-QzhkpbSgm5rYKCW_Ldpbu4ZhEtN0tlMMYLYuWQYBOsqq879e5OLeD90sgAvk0vCmgNssi_d7Ev_qOK_pMQ3nM9DCBwnOJ2qJw%2C%2C.lFq2TaCXjfRwFVbMdqbWaPJNPIs%2C

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10167.6BZFAJcGSiw9KWzVNlHipO7eD3KzpgHd3FHf_XlmVUNPS17-hftgCrtin_fIvPs9USb1lWRX4HSO93fr4FFyBJQJfpwcsx-hikvVaOOe9701bM6bd1Cm-QzhkpbSgm5rYKCW_Ldpbu4ZhEtN0tlMMYLYuWQYBOsqq879e5OLeD90sgAvk0vCmgNssi_d7Ev_qOK_pMQ3nM9DCBwnOJ2qJw%2C%2C.lFq2TaCXjfRwFVbMdqbWaPJNPIs%2C
date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
474 B 78ms
77ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 24 Oct 2023 13:21:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6537c4ce-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 25 Oct 2023 23:43:36 GMT

POST
H2 200 info Show response
halvacard.ru/api/v1/promo/ 2 KB
2 KB 199ms
198ms XHR
application/json 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL

https://halvacard.ru/api/v1/promo/info

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/assets/site/js/7ec58f09dfb9089cab0a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

56a0cf2c0b02129c162e4db8e68338e12acf76c588d1090f27d33541d6ca42e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://halvacard.ru/
accept-language: de-DE,de;q=0.9
X-CLIENT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary2G99J8mB5GhsH1Vn

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
x-content-type-options: nosniff
server: QRATOR
content-type: application/json; charset=UTF-8

GET
H2 200 adperf_conversion.js Show response
cstatic.weborama.fr/js/advertiserv2/ 7 KB
2 KB 45ms
10ms Script
text/javascript 152.199.22.228
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/js/advertiserv2/adperf_conversion.js
Requested by: Host: api-app.sovcombank.ru
URL: https://api-app.sovcombank.ru/cdn/em.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.228 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/6756) /
Resource Hash: 2dae230f35a3bc6eee71b1ae60c74d1b9c70df96f655ebd546dd73956eb05d6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 09:34:27 GMT
server: ECAcc (frb/6756)
age: 570365
etag: "8943580+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2303
expires: Wed, 01 Nov 2023 22:43:36 GMT

GET
H2

200

transp.gif
cstatic.weborama.fr/weborama/images/
Redirect Chain

https://wcm-ru.frontend.weborama.fr/fcgi-bin/dispatch.fcgi?a.A=co&a.si=8947&a.cp=3&a.ct=d
https://wcm-ru.frontend.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=644193&a.A=co&a.si=8947&a.cp=3&a.ct=d
https://cstatic.weborama.fr/weborama/images/transp.gif

67 B
214 B

7ms
7ms

Image
image/gif

152.199.22.228
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cstatic.weborama.fr/weborama/images/transp.gif
Requested by: Host: halvacard.ru
URL: https://halvacard.ru/
Protocol: H2
Server: 152.199.22.228 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frb/677C) /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:37 GMT
last-modified: Thu, 19 Oct 2006 12:25:53 GMT
server: ECAcc (frb/677C)
age: 250656
etag: "4293337411"
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 67
expires: Wed, 01 Nov 2023 22:43:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:37 GMT
attribution-reporting-register-trigger: {"debug_reporting":true,"event_trigger_data":[{"trigger_data":"1"}],"aggregatable_trigger_data":[{"key_piece":"0x12345678","source_keys":["a_c"]}],"debug_key":"1698273817","aggregatable_values":{"a_c":1}}
last-modified: Wed, 25 Oct 2023 22:43:37 GMT
server: Apache
transfer-encoding: chunked
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
location: https://cstatic.weborama.fr/weborama/images/transp.gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=3278207;js=na
https://top-fwz1.mail.ru/counter2?id=3278207;js=na

43 B
960 B

48ms
48ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3278207;js=na

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:37 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Wed, 25 Oct 2023 22:43:36 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=3278207;js=na
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 txsp.js Show response
st.hybrid.ai/ 12 KB
5 KB 51ms
6ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://st.hybrid.ai/txsp.js
Requested by: Host: halvacard.ru
URL: https://halvacard.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: bbfbb56066d491b69c159d5b4c95ce99c1675c76d56f281bc7a49d7fdc31c659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 22:43:36 GMT
content-encoding: gzip
x-age-lb: 1627
x-77-cache: HIT
x-accel-date: 1698272189
x-77-nzt: ApySIYg3Nzf/WwYAANRmOJw3Nzf/AAAAAA
x-accel-expires: @1698275789
x-77-age: 1627
x-cache-lb: HIT
last-modified: Mon, 02 Oct 2023 07:46:31 GMT
server: CDN77-Turbo
etag: W/"651a7557-2ebd"
x-77-nzt-ray: f6587a1d3da2d460189a396551d5a233
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 43 KB
18 KB 207ms
94ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

1183dca41ca2d027993579ab5b3e86b7790f7482d998b6d4e79bf04b12bc37dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 25 Oct 2023 14:27:38 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"653925da-ac28"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Wed, 25 Oct 2023 23:43:36 GMT

GET
H/1.1

200
OK

/
api-app.sovcombank.ru/v2/app/web/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?key=sovkom&url=https%3A%2F%2Fapi-app.sovcombank.ru%2Fv2%2Fapp%2Fweb%2F%3Fwebouuid%3D%7BWEBO_ID%7D%26ymId=undefined
https://redirect.frontend.weborama.fr/rd?key=sovkom&url=https%3A%2F%2Fapi-app.sovcombank.ru%2Fv2%2Fapp%2Fweb%2F%3Fwebouuid%3D%7BWEBO_ID%7D%26ymId%3Dundefined&bounce=1&random=845192314
https://api-app.sovcombank.ru/v2/app/web/?webouuid=-Io8Et1Ts0z8&ymId=undefined

0
990 B

91ms
91ms

Image
text/plain

91.217.180.117
SCB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api-app.sovcombank.ru/v2/app/web/?webouuid=-Io8Et1Ts0z8&ymId=undefined

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

HTTP/1.1

Server

91.217.180.117 , Russian Federation, ASN197258 (SCB-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=604800
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:36 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains, max-age=604800
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-B3-TraceId: d61767fa-560a-4a15-87c2-38d1eb516431
Cross-Origin-Embedder-Policy: require-corp
Transfer-Encoding: chunked
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
X-XSS-Protection: 0
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Cross-Origin-Opener-Policy: same-origin
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-RateLimit-Remaining: 99
Origin-Agent-Cluster: ?1
X-B3-SpanId: d61767fa-560a-4a15-87c2-38d1eb516431
X-RateLimit-Reset: 1698273818
X-B3-Sampled: 1
X-RateLimit-Limit: 100
X-Content-Security-Policy: default-src 'self'; script-src 'self' https://ajax.googleapis.com; img-src 'self' https://ssl.google-analytics.com

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:36 GMT
via: 1.1 google
last-modified: Wed, 25 Oct 2023 22:43:36 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://api-app.sovcombank.ru/v2/app/web/?webouuid=-Io8Et1Ts0z8&ymId=undefined
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/42364859/
Redirect Chain

https://mc.yandex.com/watch/42364859?wmode=7&page-url=https%3A%2F%2Fhalvacard.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1009%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.com/watch/42364859/1?wmode=7&page-url=https%3A%2F%2Fhalvacard.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1009%3Afu%3A0%3Aen%3Autf...

472 B
564 B

57ms
56ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42364859/1?wmode=7&page-url=https%3A%2F%2Fhalvacard.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1009%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A890800297098%3Ahid%3A848222405%3Az%3A120%3Ai%3A20231026004336%3Aet%3A1698273817%3Ac%3A1%3Arn%3A417432856%3Arqn%3A1%3Au%3A169827381783047341%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C667%2C6%2C1%2C0%2C%2C314%2C0%2C%2C%2C%2C1190%3Aco%3A0%3Acpf%3A1%3Ans%3A1698273815267%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698273817%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%A5%D0%B0%D0%BB%D0%B2%D0%B0%20-%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%B2%20%D0%A1%D0%BE%D0%B2%D0%BA%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%282%29

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

07ab9e2e4a794eb4a62e499354b4b64ab5572d6ed68866e273685136339f2c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 25-Oct-2023 22:43:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://halvacard.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 472
x-xss-protection: 1; mode=block
expires: Wed, 25-Oct-2023 22:43:36 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:36 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 25-Oct-2023 22:43:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/42364859/1?wmode=7&page-url=https%3A%2F%2Fhalvacard.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aetku62lhayg6jvevqcsa7rv%3Afp%3A1009%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1142%3Acn%3A1%3Adp%3A0%3Als%3A890800297098%3Ahid%3A848222405%3Az%3A120%3Ai%3A20231026004336%3Aet%3A1698273817%3Ac%3A1%3Arn%3A417432856%3Arqn%3A1%3Au%3A169827381783047341%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C667%2C6%2C1%2C0%2C%2C314%2C0%2C%2C%2C%2C1190%3Aco%3A0%3Acpf%3A1%3Ans%3A1698273815267%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1698273817%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%A5%D0%B0%D0%BB%D0%B2%D0%B0%20-%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%B2%20%D0%A1%D0%BE%D0%B2%D0%BA%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%282%29
access-control-allow-origin: https://halvacard.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 25-Oct-2023 22:43:36 GMT

GET
H2 204 TrackTp Show response
dss.hybrid.ai/Pixel/ 0
239 B 49ms
12ms Script
text/plain 37.230.131.19
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://dss.hybrid.ai/Pixel/TrackTp?pid=625523d54d506ee3807e5bb2&foadh=&gapl=&cs=&pcs=&vcs=

Requested by

Host: st.hybrid.ai
URL: https://st.hybrid.ai/txsp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.19 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:36 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 517
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 Track2
dss.hybrid.ai/Pixel/ 0
238 B 49ms
13ms Image
text/plain 37.230.131.19
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dss.hybrid.ai/Pixel/Track2?pid=625523d54d506ee3807e5bb2&bobid=&evt=PageView&cost=&text=&ltm=false&cnt=&url=https%3A%2F%2Fhalvacard.ru%2F&rf=&lng=en-US&tz=-2&sw=1600&sh=1200&foadh=&gapl=&cs=&pcs=&vcs=&r=

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.19 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:36 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 518
x-xss-protection: 1; mode=block
expires: -1

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
1004 B 48ms
47ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3278207;u=https%3A//halvacard.ru/;st=1698273816256;pid=USER_ID;title=%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%A5%D0%B0%D0%BB%D0%B2%D0%B0%20-%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%B2%20%D0%A1%D0%BE%D0%B2%D0%BA%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%D0%B5;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=0b5b1c4f4939aaec;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1698273817038%3A1698273817041%3A1%3A62af631de987362a41c8286db05d9d0a;opts=dl%2Cjst-ym%2Cgl%3Du;visible=true;_=0.20325801791700937

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://halvacard.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 22:43:37 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://halvacard.ru
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://halvacard.ru
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://halvacard.ru
access-control-allow-headers: *

GET
H2 200 threads-data Show response
halvacard.ru/lk/api/account/ 4 B
261 B 170ms
170ms XHR
application/json 78.155.198.120
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to

Full URL

https://halvacard.ru/lk/api/account/threads-data

Requested by

Host: halvacard.ru
URL: https://halvacard.ru/assets/site/js/7ec58f09dfb9089cab0a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.120 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://halvacard.ru/
accept-language: de-DE,de;q=0.9
X-CLIENT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains, max-age=604800
x-content-type-options: nosniff
server: QRATOR
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
917 B 48ms
47ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3278207;u=https%3A//halvacard.ru/;st=1698273816256;pid=USER_ID;title=%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%A5%D0%B0%D0%BB%D0%B2%D0%B0%20-%20%D0%BE%D1%84%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D1%8C%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20%D1%80%D0%B0%D1%81%D1%81%D1%80%D0%BE%D1%87%D0%BA%D0%B8%20%D0%B2%20%D0%A1%D0%BE%D0%B2%D0%BA%D0%BE%D0%BC%D0%B1%D0%B0%D0%BD%D0%BA%D0%B5;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=0b5b1c4f4939aaec;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=1/0/1698273815267/673/673///0/0/0/0/0//1/669/675/676/989/1190/1190/1851/1853/1867;ni=10//4g/0/0/;lvid=1698273817038%3A1698273817135%3A2%3A62af631de987362a41c8286db05d9d0a;opts=dl%2Cjst-ym%2Cgl%3Dp;visible=true;_=0.32389365090941347;e=RT/load;et=1698273817134

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://halvacard.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 22:43:37 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://halvacard.ru
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://halvacard.ru
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://halvacard.ru
access-control-allow-headers: *

GET
H/1.1 200
OK 24983b4b-9d5e-40c4-8dd6-6349d436eec4.jpeg
api.halvacard.ru/public-api/files/ 4 KB
4 KB 189ms
188ms Image
image/jpeg 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/24983b4b-9d5e-40c4-8dd6-6349d436eec4.jpeg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

6f4047ab3348c9fa3f080573678ed6a8bdf3cc6cd46e7700351ffc529b339e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:37 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK 59aebcf2-bd41-413c-8f36-c759f2d481a8.png
api.halvacard.ru/public-api/files/ 6 KB
7 KB 187ms
186ms Image
image/png 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/59aebcf2-bd41-413c-8f36-c759f2d481a8.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

26622540730cff3de9deb6763bf703f37e89ee0f68b29d45ef16ec3dfe0c6494

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:37 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK e2a3bcc9-f456-420a-8e8b-870d33e396d0.PNG
api.halvacard.ru/public-api/files/ 14 KB
14 KB 168ms
167ms Image
image/png 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/e2a3bcc9-f456-420a-8e8b-870d33e396d0.PNG

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

ca69f3c262da565ed7d52342edfbe6ee3f5e243508c97c56582bbc0e1283625b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:37 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H/1.1 200
OK 0d088ac1-66d2-4f57-8be7-a6067e1456c2.jpeg
api.halvacard.ru/public-api/files/ 3 KB
3 KB 188ms
187ms Image
image/jpeg 78.155.198.119
SELECTEL-NSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.halvacard.ru/public-api/files/0d088ac1-66d2-4f57-8be7-a6067e1456c2.jpeg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

78.155.198.119 , Russian Federation, ASN61976 (SELECTEL-NSK, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

ba17b9368d67b6b026e3de32845792e72ad6441093fa88a8230448300f24dad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 22:43:37 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: QRATOR
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=15

GET
H2 200 WidgetDisplayed Show response
push4site.com/Sdk/ 16 B
523 B 68ms
49ms Fetch
application/json 2606:4700:20::681a:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://push4site.com/Sdk/WidgetDisplayed?siteToken=001b7cbea7cb4968b93dcda193d6cb0c&displayType=Native

Requested by

Host: halvacard.push4site.com
URL: https://halvacard.push4site.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 22:43:37 GMT
strict-transport-security: max-age=31536000
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHQZd0%2F31NwY6yxqjRqYlGK%2BYOzsA3iDxdzuXw3KKIFrllK5uO%2FJoT%2BP5D3qUxM9GyaaWpCVkZTR6oKxubcFB7ErEBIt92PrwDG0PVnvl6rOnmubDzyflr3Hns%2FCNJtpuNJoDGiGRxIpY%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
cf-ray: 81bdfabf5e3865af-FRA
content-length: 16

GET
H2 204 plgt.js Show response
emd.hybrid.ai/ 0
239 B 49ms
14ms Script
text/plain 37.230.131.16
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://emd.hybrid.ai/plgt.js?fbpid=625523d54d506ee3807e5bb2&foadh=&gapl=&cs=&pcs=&vcs=

Requested by

Host: st.hybrid.ai
URL: https://st.hybrid.ai/txsp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://halvacard.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 22:43:38 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 544
x-xss-protection: 1; mode=block
expires: -1

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.halvacard.ru/	1970-01-20 15:44:34	Name: qrator_jsr Value: 1698273814.864.AWHqGxynHaaJD6Ai-qg5bnh03v1susb61jdmtm6ags6ooh1et-00
.halvacard.ru/	1970-01-20 15:44:35	Name: qrator_jsid Value: 1698273814.864.AWHqGxynHaaJD6Ai-4dosn61b1j5bageqiaf35cokrn1u2kao
halvacard.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: up5nrk8029v2a5mp7att8nd5dm
halvacard.ru/	1970-01-21 01:20:33	Name: lk_terminal-id Value: 07234c34366ffdc09230bc2217786b477e1e89a0ae1dfcebb18291434c059c91a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22lk_terminal-id%22%3Bi%3A1%3Bs%3A36%3A%22cd594e5d-f3b7-4fb4-b662-68873139fcd3%22%3B%7D
halvacard.ru/	1970-01-21 00:30:09	Name: first_site_visit Value: 76119526bc3ad208ba6abad262657ac9bcb66359aff8372c2e36c64b2b148cdca%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22first_site_visit%22%3Bi%3A1%3Bi%3A1%3B%7D
halvacard.ru/	1969-12-31 23:59:59	Name: _csrf Value: f098f135faeb37ae0365f56d982c2616490ee667e78b37a4a361af747b910e85a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22tCMDczcmytzqWUQWVP32Oz5nplbA2QEk%22%3B%7D
.halvacard.ru/	1970-01-20 20:06:38	Name: halvascb Value: utmcsr%3D(direct)%7Cutmccn%3Ddirect%7Cutmcmd%3DDirect
.halvacard.ru/	1970-01-20 15:44:35	Name: __sovcom_sess Value: 1
.halvacard.ru/	1970-01-21 00:30:09	Name: _ym_uid Value: 169827381783047341
.halvacard.ru/	1970-01-21 00:30:09	Name: _ym_d Value: 1698273817
.mc.yandex.com/	1970-01-20 15:44:34	Name: sync_cookie_csrf Value: 3229890760fake
.yandex.com/	1970-01-21 01:20:33	Name: i Value: GH1Ztbzc4rthMjzvAzRtlqnJbphCkmANhn6csfEcMkQdjRzPHf45KgPvpS2umRdmga1bTocs9P7W5cd3y9XheQVrpY0=
.yandex.com/	1970-01-21 00:30:09	Name: yandexuid Value: 1438603021698273816
.halvacard.ru/	1970-01-20 15:45:45	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 15:44:34	Name: sync_cookie_csrf Value: 1986895483fake
.mc.yandex.com/	1970-01-20 15:46:00	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 01:20:33	Name: yandexuid Value: 1438603021698273816
.yandex.ru/	1970-01-21 01:20:33	Name: yuidss Value: 1438603021698273816
.yandex.ru/	1970-01-21 01:20:33	Name: i Value: GH1Ztbzc4rthMjzvAzRtlqnJbphCkmANhn6csfEcMkQdjRzPHf45KgPvpS2umRdmga1bTocs9P7W5cd3y9XheQVrpY0=
.yandex.ru/	1970-01-21 01:20:33	Name: yp Value: 1698360216.yu.372796111698273816
.yandex.ru/	1970-01-21 00:30:09	Name: ymex Value: 1700865816.oyu.372796111698273816
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1658652611698273816
.yandex.com/	1970-01-21 00:30:09	Name: yuidss Value: 1438603021698273816
.yandex.com/	1970-01-21 00:30:09	Name: ymex Value: 1729809816.yrts.1698273816
.yandex.com/	1970-01-21 00:30:09	Name: bh Value: KgI/MA==
.halvacard.ru/	1970-01-20 15:44:35	Name: _ym_visorc Value: b
.weborama.fr/	1970-01-21 01:10:29	Name: AFFICHE_W Value: RIOmoNfFTMtE90
.halvacard.ru/	1970-01-20 23:44:05	Name: tmr_lvid Value: 62af631de987362a41c8286db05d9d0a
.halvacard.ru/	1970-01-20 23:44:05	Name: tmr_lvidTS Value: 1698273817038
wcm-ru.frontend.weborama.fr/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.mail.ru/	1970-01-21 00:31:36	Name: VID Value: 0_nJ8E0VLd2K00000z1wT4YK:::0-0-0-a53f2d9-0:CAASECA5Yr4dd3mrcNae79mlwGUaYOApcvc-S9aUUz8NLauhsqsi7wOLXa6USjPbAYSTwiRAgjHlLBTK_MYT798poZ4CST23Ca29OrThUyGQML_jjFkgPvfYxxNSQSEaIi88-kK8kAQcDACVltC8zlPgy5pz_Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://halvacard.ru/ Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-app.sovcombank.ru
api.halvacard.ru
cstatic.weborama.fr
dss.hybrid.ai
emd.hybrid.ai
halva.ru
halvacard.push4site.com
halvacard.ru
mc.yandex.com
mc.yandex.ru
push4site.com
redirect.frontend.weborama.fr
s3.halvacard.ru
st.hybrid.ai
top-fwz1.mail.ru
wcm-ru.frontend.weborama.fr
152.199.22.228
2606:4700:20::681a:475
2606:4700:20::681a:575
2a02:6b8::1:119
2a02:6ea0:c700::17
35.190.24.218
37.230.131.16
37.230.131.19
45.8.111.118
78.155.198.119
78.155.198.120
91.217.180.117
95.163.52.67
069343289c24cfc696dd2421c625333452eb54e9d75890814c4cb38530d011c5
07ab9e2e4a794eb4a62e499354b4b64ab5572d6ed68866e273685136339f2c5e
07d7c912ebc0531507ed44d84a1b93baba41b50a27648ba643de4e0088264a21
09991d7d435923c25d5303999313ebd7df9daef9c83330ab319915aeaf7f99f4
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b9f3d85a08cc797ef3770083b29aae5eb26b54fec8e3ead801108f677ab7642
0f3b7d962fecf072ac2bd82ed6cfd55f29fef5652a7c1922d296711125c7f0ed
1183dca41ca2d027993579ab5b3e86b7790f7482d998b6d4e79bf04b12bc37dc
13680bfc573e980065d462129f4a44ba2b00a05d1b0c1445824acb7fb1a0eb81
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
258389a3b38228530b5f5de416ffedca7a37a2272f4288befe3525f41610b141
26622540730cff3de9deb6763bf703f37e89ee0f68b29d45ef16ec3dfe0c6494
279a8d7614eb3be6a94201aa6fbb3f71b9af1b6d62d4c3c13e22e40234d96f42
2c7e9534dc853329a3394ae17a24a5e10e103648d3ecbd30b3bd4a946e326e36
2dae230f35a3bc6eee71b1ae60c74d1b9c70df96f655ebd546dd73956eb05d6d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56170d5dc5e437edf605f64d0effd274f3e628db747d75fc412bb95637092e22
56a0cf2c0b02129c162e4db8e68338e12acf76c588d1090f27d33541d6ca42e5
6f4047ab3348c9fa3f080573678ed6a8bdf3cc6cd46e7700351ffc529b339e56
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
8a2f831d61fc0cc4b37526608e6e3766e0c9abbc0bd2ca6628baf8b68a239a45
8b0acc3c2af826cbe3339dff99de668bcbeda94a4fcdd99b71cac724ae7bf364
8fb0641c0fdab652821b8bcbf1a9140a4b292ba07d81c7bcb04434820212b759
94802c3f7f44028d1df0072f453be26b9fc500f38915eb9227c3fd3e91dacff3
96efbef88888da3838f98153b29cf03fbd5351ca3dd34e7837eca266efc04537
a57907438e40a3809e1161c917d8747e30363952ad6a40060ca9614bde48e772
aa0eb5a975084ae7af8e25b5c047dfca38f8466d55a9758ea60da627b9e54c6c
b0d464fd26fcae4c3b12c30f90c6fb57582eca9d40974dc7bed5b9f1696a5e37
b420737c2415594907485ab8a367a6132f36bc32220bfb0dee6de3ba10f8e596
b7226bab3ea1a5702648d312f362e11cd41c4e3272e27f62394767462b95ad5f
ba17b9368d67b6b026e3de32845792e72ad6441093fa88a8230448300f24dad7
bbfbb56066d491b69c159d5b4c95ce99c1675c76d56f281bc7a49d7fdc31c659
bfa20216b4740674fb5aa2dbbf93b90fae421b3c4b3cf935f685412e0ad2ab52
c68da50c720b6f9af2634878b6ab7b6ef629c8976ed3d2053c4f3c2a3d3c2831
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca69f3c262da565ed7d52342edfbe6ee3f5e243508c97c56582bbc0e1283625b
d697c468b67a2bb83a3cd92b5540087dec6b0b8ba2eeb572be4a6d48d57e1c2e
db764cc9028df4621e55809a19a39b78866a91cae51aea3647814ef28815b263
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5770c9bd3fd816fa972f365308d68a730079bffb7a2923e9e221f61d9a13e6e
f615d8f3619d3478785d2761ab34bf2972c0320a9c5febb004667de05b200233

halvacard.ru Open in urlscan Pro 78.155.198.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

88 %HTTPS

31 %IPv6

9 Domains

16 Subdomains

11 IPs

4 Countries

1119 kBTransfer

2112 kBSize

31 Cookies

10 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

halvacard.ru Open in urlscan Pro
78.155.198.120 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

88 %
HTTPS

31 %
IPv6

9
Domains

16
Subdomains

11
IPs

4
Countries

1119 kB
Transfer

2112 kB
Size

31
Cookies

49 HTTP transactions
0 data transactions