urlscan.io logo urlscan.io
SecurityTrails logo

halykbank.com Open in urlscan Pro
193.93.56.81  Public Scan

Go To Rescan Add Verdict Report
URL: https://halykbank.com/
Submission: On July 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 36 HTTP transactions. The main IP is 193.93.56.81, located in Almaty, Kazakhstan and belongs to KAZCOMBANK-AS, KZ. The main domain is halykbank.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on July 31st 2023. Valid for: a year.
This is the only time halykbank.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 193.93.56.81 39433 (KAZCOMBAN...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
36 6
30    193.93.56.81 (Almaty, Kazakhstan)

ASN39433 (KAZCOMBANK-AS, KZ)
halykbank.com
backend.halykbank.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
30 halykbank.com
halykbank.com
backend.halykbank.com
1 MB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
100 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832
18 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
30 KB
36 5
Domain Requested by
27 halykbank.com halykbank.com
3 backend.halykbank.com halykbank.com
3 cdnjs.cloudflare.com halykbank.com
1 www.googletagmanager.com halykbank.com
1 maxcdn.bootstrapcdn.com halykbank.com
1 ajax.googleapis.com halykbank.com
36 6

This site contains links to these domains. Also see Links.

Domain
halykfinance.kz
www.google.com
ibecsystems.com
Subject Issuer Validity Valid
*.halykbank.com
GeoTrust TLS RSA CA G1		 2023-07-31 -
2024-08-06		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://halykbank.com/
Frame ID: E090BE00C9B8997F242F0DAA10DBDC2C
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Halyk Bank Investor Relations

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1326 kB
Transfer

3890 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
halykbank.com/ 		357 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
846c51743aa08c27197686110de89b1c772c1592763e7aa4da32c9547b82d3f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Type
text/html
Date
Mon, 29 Jul 2024 05:34:28 GMT
ETag
W/"66a376ae-593e0"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=(); fullscreen=(self),geolocation=*, camera=()
Referrer-Policy
no-referrer same-origin
Server
nginx/1.14.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 05:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
460014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2695
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-31fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enneJOXmkvY1sRtE4zWwdXM%2BJfUyYhZPxr80XjTDTTInv%2FbmxmI2bDkxW4p4jB%2FUngD9UMwUPA1vbeVEFY0yyaci4S2DEKJ0Sr38huxLp%2BIqbEO9vxKu6qpaMtoF23TLf9Z0yHSM2XHpD5FHTKZ4LC7Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8aaabd738b065c38-FRA
expires
Sat, 19 Jul 2025 05:34:28 GMT
bvi.min.css
halykbank.com/template/static/library/ 		77 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/template/static/library/bvi.min.css
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
84959013a112f5ff3485b31f648ac47142e6b258b206c5fdfc87f6e4ad59db7e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-13395"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30433
x-xss-protection
0
last-modified
Wed, 17 May 2023 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:00:00 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 05:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
389097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6696
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-5309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P84yj0b2pvg33fTbpPeGZ%2BhbtAJL9Kubez%2Bx%2B7QUEjaH9u9NxzACrP9B0AhBGN3QSzn9mLKO4aGo0v22PCTdKrmL2A%2F3toEJcco8wcaVJaLlj35gXTtBE9VvdCdUjdCmRbBHKq7w56LBzDYCLiBeErt%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8aaabd74bbc85c38-FRA
expires
Sat, 19 Jul 2025 05:34:28 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 05:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1049
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7546740
cdn-cachedat
03/18/2024 12:12:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"61f338f870fcd0ff46362ef109d28533"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
404ad4ff604e543a04af840ad6a2d396
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8aaabd74ef362bce-FRA
cdn-requestpullsuccess
True
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 05:34:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
390677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19249
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-10a9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sB%2BzXIt985StvZzIuuAkWAGlfje83ERm2CsPAOqIxhfhRFSLbLsUHoDe%2FszPSgwStTBWcUbx5TDoWa%2BJoFiF7vphj2iaLTQHddFVoRvvz%2F6vEooBB8HaU5M5yh9AYKyB0fGwz1kjTq8pGAdFXSyUx9%2Bs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8aaabd74bbc95c38-FRA
expires
Sat, 19 Jul 2025 05:34:28 GMT
bvi.min.js
halykbank.com/template/static/library/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/template/static/library/bvi.min.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c02f362bd3016af003a65dd690ada8c104768e7c78f4cd3975147dde6d3d1c31
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-9608"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
93dd792.js
halykbank.com/_nuxt/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/93dd792.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5575d4feed1e2f11e6027dcb3c8544a41617fbf0c0ab363d16315fe49b5ca432
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-a78"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
644be06.js
halykbank.com/_nuxt/ 		194 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/644be06.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
48116dd7778af040feb97ae0f6d4cdcc5e8a2cd83951b65192d52c2a4a1f8f2d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-307fb"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
f42cba9.js
halykbank.com/_nuxt/ 		1 MB
355 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/f42cba9.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
50977ebba97a50a35741de36883c23d4c76f24d62abae6077d6fa51d69049c34
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-17f4d6"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
a778873.js
halykbank.com/_nuxt/ 		491 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/a778873.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f2da322d68009f003f0d2eec29e5dc6c6baffd833ccf6b0df705f3df1f4d65fb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-7ac2e"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
c2ab091.js
halykbank.com/_nuxt/ 		45 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/c2ab091.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6022f6538ac773446958efe18179ec143c8d2f5c8702b94ab69a18b4492e0130
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-b47c"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
6dbab2f.js
halykbank.com/_nuxt/ 		222 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/6dbab2f.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e77f2a9839998dfcfb51ffe5d9610d17c3381b3e8d2b6eacd6727175052ac5a8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
222
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-de"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		299 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=G-1HJZ4QBLGW
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afa148e09773d87f0da128aa6c2e87c16ff9705574087a27e53cda35a0a15bdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 05:34:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101940
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jul 2024 05:34:28 GMT
logo.d39dd7a.svg
halykbank.com/_nuxt/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halykbank.com/_nuxt/img/logo.d39dd7a.svg
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d765233613bf4cdbc5d38eb3ecb2610101204ce00e5335dbfa0fd756f1072d34
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-131b"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
truncated
/ 		341 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ae051a775913ab953273d0903b120c7d6116e6b44e5eda27811e1d20fc23c07

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		174 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37703e3a1f20daa2b599578b2c49ccb930ab0c16e66fe6ea3879a7cf115fa8d5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
MuseoSansCyrl-500.a1afd4f.woff
halykbank.com/_nuxt/fonts/ 		67 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/fonts/MuseoSansCyrl-500.a1afd4f.woff
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6a125e901fa4aac8fd06329ae7d215dc35c82e440298e9b558990e2e955c38c7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
Origin
https://halykbank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
68776
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-10ca8"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
MuseoSansCyrl-300.5b72d4e.woff
halykbank.com/_nuxt/fonts/ 		67 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/fonts/MuseoSansCyrl-300.5b72d4e.woff
Requested by
Host: halykbank.com
URL: https://halykbank.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d2f2d0b8963add598e90b052e2e7f59838d8124d86aa681b95f4bb4b218986eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
Origin
https://halykbank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
68892
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-10d1c"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
menu
backend.halykbank.com/api/v1/ 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://backend.halykbank.com/api/v1/menu
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/644be06.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f72fbe1be3e0559ce94c4e6d29e74199d0811ff63f13dc83e854f194dcd90afc

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://halykbank.com
Cache-Control
no-cache, private
X-RateLimit-Limit
60
Connection
keep-alive
X-RateLimit-Remaining
59
homepage
backend.halykbank.com/api/v1/ 		25 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://backend.halykbank.com/api/v1/homepage
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/644be06.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
08aa88086eaf41fd86861f75dffc57a03b0596f8f9c4277d3e177e4bc47fa4f7

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://halykbank.com
Cache-Control
no-cache, private
X-RateLimit-Limit
60
Connection
keep-alive
X-RateLimit-Remaining
59
truncated
/ 		689 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d1c7ca8b307103bf423a1f12f37cba3b043098a993970c87e439ee7d8c84016

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.png
halykbank.com/ 		931 B
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
98b6537e7a913cc7a7555c39a2ab24cfb22e5ad0867b3e4e4065890889b9f709
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
931
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-3a3"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
digital
backend.halykbank.com/api/v1/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://backend.halykbank.com/api/v1/digital
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/644be06.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6a5b723d24cc318d83c2d9c7ea7c995b2f05f52e350d3330c939bb41f458ba28

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://halykbank.com
Cache-Control
no-cache, private
X-RateLimit-Limit
60
Connection
keep-alive
X-RateLimit-Remaining
58
truncated
/ 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6dc7b1ca3d1c65672e250cdf3986a1d12d878f4e436ec6f1a6288e71376d16d4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
link-arrow.svg
halykbank.com/template/static/img/icons/ 		589 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halykbank.com/template/static/img/icons/link-arrow.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
110dc85755b7021f0a12f0384be98c4a27a796661ecc82a7747794ac4569bf85
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
589
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-24d"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
MuseoSansCyrl-700.37ed782.woff
halykbank.com/_nuxt/fonts/ 		67 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/fonts/MuseoSansCyrl-700.37ed782.woff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
44595f63ffd74ebcdcf476139bef8f811b7b17caf6a73a9ca2c4396d572a8573
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
Origin
https://halykbank.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
69008
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-10d90"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
cloud2-2.png
halykbank.com/template/static/img/main/ 		108 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halykbank.com/template/static/img/main/cloud2-2.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d0ea7748177faa282c01ab2b37dcf85b2f98e7c37542d6b35399f4645ed4990d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
110677
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-1b055"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
background-min.jpg
halykbank.com/template/static/img/main/ 		146 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halykbank.com/template/static/img/main/background-min.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4a29b3c4c85e32bbe6c24c5489c471c42cf48a0ae5f1faf7f83a1e0843938362
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
149234
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-246f2"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
44b2ad9.js
halykbank.com/_nuxt/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/44b2ad9.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aaec3b83c0bf238452c36b776272d43f5f0f3edf4462bec56e12fb15d5b1781d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-7316"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
d8830b9.js
halykbank.com/_nuxt/ 		222 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/d8830b9.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5cc105efb77b7824e8dc4ad4a7c7cd7f83a0d34f062b34901d18b8182618ecd2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
222
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-de"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
4ce9e2b.js
halykbank.com/_nuxt/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/4ce9e2b.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bdec1206c351e1486dad450e952772cd70f843619bd7cc2cb9fc5d85b8b287be
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-1d37"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
ecf6780.js
halykbank.com/_nuxt/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/ecf6780.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0a6b25e8ab5bc3a47522846363bef7e745018484c9cdbf78ea485182bd42b1b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-36b4"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
6af4207.js
halykbank.com/_nuxt/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/6af4207.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
55c62ec0a5c9012dcdc7e51d35d1a5d52523ce099ecbe774ec0085ca4cdc6e5c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-846b"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
9d21d00.js
halykbank.com/_nuxt/ 		222 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/9d21d00.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d11150a2e9ae5f70e4ac79261e26916e6d2e24dbd5559069afeeef6c9cdff3af
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Connection
keep-alive
Content-Length
222
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"66a376ae-de"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
Accept-Ranges
bytes
905a518.js
halykbank.com/_nuxt/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/905a518.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a79a8635d7ee1fae8a62edb2e81d5985639f915b6f2627a2dffade373c09b93
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-2371"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
3b7dde7.js
halykbank.com/_nuxt/ 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/3b7dde7.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6ca9bd0941dea095c96fb28c9c9bded7babefed249578c94a3784e96ed1303c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-1cc2"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
1519a8b.js
halykbank.com/_nuxt/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/1519a8b.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
34ea7c61616b9f1e2c3609249b7273b5fe8d18d05521036474e9e9c3bf45b417
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-10d2"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()
3fcdf4f.js
halykbank.com/_nuxt/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halykbank.com/_nuxt/3fcdf4f.js
Requested by
Host: halykbank.com
URL: https://halykbank.com/_nuxt/93dd792.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.93.56.81 Almaty, Kazakhstan, ASN39433 (KAZCOMBANK-AS, KZ),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bd92b67007941345b48b1c12e4ea5107876f4aab5865a89356bd99138a1c461d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halykbank.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 29 Jul 2024 05:34:30 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
no-referrer, same-origin
Last-Modified
Fri, 26 Jul 2024 10:13:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"66a376ae-b14"
Expect-CT
max-age=604800, report-uri="https://{subdomain}.report-uri.com/r/d/ct/enforce"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Permissions-Policy
geolocation=();midi=();notifications=();push=();sync-xhr=();microphone=();camera=();magnetometer=();gyroscope=();speaker=(self);vibrate=();fullscreen=(self);payment=();, fullscreen=(self),geolocation=*, camera=()

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| _gtm_init object| _gtm_ids function| _gtm_inject object| dataLayer object| __NUXT__ function| $ function| jQuery function| Popper object| bootstrap object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| regeneratorRuntime object| isvek object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt

0 Cookies

1 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://backend.halykbank.com/sk https://backend.halykbank.com/api/v1/menu https://backend.halykbank.com/api/v1/homepage https://backend.halykbank.com/api/v1/ https://backend.halykbank.com/api/v1/digital https://www.google-analytics.com/ https://irs.tools.investis.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js https://www.googletagmanager.com/ https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com https://backend.halykbank.com/ https://irs.tools.investis.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css; media-src https://backend.halykbank.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://www.youtube.com/ https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com https://backend.halykbank.com/storage/media/ https://irs.tools.investis.com; object-src 'none'; frame-ancestors https://www.youtube.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
backend.halykbank.com
cdnjs.cloudflare.com
halykbank.com
maxcdn.bootstrapcdn.com
www.googletagmanager.com
193.93.56.81
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2008
08aa88086eaf41fd86861f75dffc57a03b0596f8f9c4277d3e177e4bc47fa4f7
0a6b25e8ab5bc3a47522846363bef7e745018484c9cdbf78ea485182bd42b1b4
110dc85755b7021f0a12f0384be98c4a27a796661ecc82a7747794ac4569bf85
1a79a8635d7ee1fae8a62edb2e81d5985639f915b6f2627a2dffade373c09b93
34ea7c61616b9f1e2c3609249b7273b5fe8d18d05521036474e9e9c3bf45b417
37703e3a1f20daa2b599578b2c49ccb930ab0c16e66fe6ea3879a7cf115fa8d5
44595f63ffd74ebcdcf476139bef8f811b7b17caf6a73a9ca2c4396d572a8573
48116dd7778af040feb97ae0f6d4cdcc5e8a2cd83951b65192d52c2a4a1f8f2d
4a29b3c4c85e32bbe6c24c5489c471c42cf48a0ae5f1faf7f83a1e0843938362
4d1c7ca8b307103bf423a1f12f37cba3b043098a993970c87e439ee7d8c84016
50977ebba97a50a35741de36883c23d4c76f24d62abae6077d6fa51d69049c34
5575d4feed1e2f11e6027dcb3c8544a41617fbf0c0ab363d16315fe49b5ca432
55c62ec0a5c9012dcdc7e51d35d1a5d52523ce099ecbe774ec0085ca4cdc6e5c
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5cc105efb77b7824e8dc4ad4a7c7cd7f83a0d34f062b34901d18b8182618ecd2
6022f6538ac773446958efe18179ec143c8d2f5c8702b94ab69a18b4492e0130
6a125e901fa4aac8fd06329ae7d215dc35c82e440298e9b558990e2e955c38c7
6a5b723d24cc318d83c2d9c7ea7c995b2f05f52e350d3330c939bb41f458ba28
6ca9bd0941dea095c96fb28c9c9bded7babefed249578c94a3784e96ed1303c4
6dc7b1ca3d1c65672e250cdf3986a1d12d878f4e436ec6f1a6288e71376d16d4
846c51743aa08c27197686110de89b1c772c1592763e7aa4da32c9547b82d3f4
84959013a112f5ff3485b31f648ac47142e6b258b206c5fdfc87f6e4ad59db7e
98b6537e7a913cc7a7555c39a2ab24cfb22e5ad0867b3e4e4065890889b9f709
9ae051a775913ab953273d0903b120c7d6116e6b44e5eda27811e1d20fc23c07
aaec3b83c0bf238452c36b776272d43f5f0f3edf4462bec56e12fb15d5b1781d
afa148e09773d87f0da128aa6c2e87c16ff9705574087a27e53cda35a0a15bdc
bd92b67007941345b48b1c12e4ea5107876f4aab5865a89356bd99138a1c461d
bdec1206c351e1486dad450e952772cd70f843619bd7cc2cb9fc5d85b8b287be
c02f362bd3016af003a65dd690ada8c104768e7c78f4cd3975147dde6d3d1c31
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
d0ea7748177faa282c01ab2b37dcf85b2f98e7c37542d6b35399f4645ed4990d
d11150a2e9ae5f70e4ac79261e26916e6d2e24dbd5559069afeeef6c9cdff3af
d2f2d0b8963add598e90b052e2e7f59838d8124d86aa681b95f4bb4b218986eb
d765233613bf4cdbc5d38eb3ecb2610101204ce00e5335dbfa0fd756f1072d34
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e77f2a9839998dfcfb51ffe5d9610d17c3381b3e8d2b6eacd6727175052ac5a8
f2da322d68009f003f0d2eec29e5dc6c6baffd833ccf6b0df705f3df1f4d65fb
f72fbe1be3e0559ce94c4e6d29e74199d0811ff63f13dc83e854f194dcd90afc