online-sberbank1.ru Open in urlscan Pro
217.107.219.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.online-sberbank1.ru/
Effective URL:
https://online-sberbank1.ru/
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2021, 5:12:23 pm UTC) — Scanned from DE

Summary HTTP 125 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 125 HTTP transactions. The main IP is 217.107.219.4, located in Russian Federation and belongs to RTCOMM-AS, RU. The main domain is online-sberbank1.ru.
TLS certificate: Issued by R3 on October 14th 2021. Valid for: 3 months.

This is the only time online-sberbank1.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	217.107.219.4 217.107.219.4	8342 (RTCOMM-AS) (RTCOMM-AS)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	104.111.214.74 104.111.214.74	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	46.46.137.178 46.46.137.178	29470 (RETNNET-AS) (RETNNET-AS)
1 1	2a02:24b0:300... 2a02:24b0:300:2::32	29470 (RETNNET-AS) (RETNNET-AS)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
19	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
125	16

26 217.107.219.4 (Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)
PTR: srv176-h-st.jino.ru

www.online-sberbank1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
online-sberbank1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-74.deploy.static.akamaitechnologies.com

ae01.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.46.137.178 (Moscow, Russian Federation) 1 redirects

ASN29470 (RETNNET-AS, RU)

otclick-adv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:24b0:300:2::32 (Russian Federation) 1 redirects

ASN29470 (RETNNET-AS, RU)

idntfy.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com pagead2.googlesyndication.com Failed tpc.googlesyndication.com	660 KB
26	online-sberbank1.ru 1 redirects www.online-sberbank1.ru online-sberbank1.ru	534 KB
15	doubleclick.net googleads.g.doubleclick.net	137 KB
8	google.com 3 redirects adservice.google.com www.google.com	2 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	63 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	googletagservices.com www.googletagservices.com	149 KB
3	googleapis.com fonts.googleapis.com Failed	2 KB
2	google.de adservice.google.de	1018 B
2	yandex.ru 1 redirects mc.yandex.ru	65 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	otclick-adv.ru 1 redirects otclick-adv.ru	793 B
1	googleadservices.com partner.googleadservices.com	663 B
1	idntfy.ru 1 redirects idntfy.ru	441 B
1	alicdn.com ae01.alicdn.com Failed	16 KB
125	15

	Domain	Requested by
28	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
25	online-sberbank1.ru	online-sberbank1.ru
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net online-sberbank1.ru
14	pagead2.googlesyndication.com	online-sberbank1.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	mc.yandex.com	2 redirects online-sberbank1.ru
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	online-sberbank1.ru googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects online-sberbank1.ru
2	counter.yadro.ru	1 redirects online-sberbank1.ru
2	otclick-adv.ru	1 redirects online-sberbank1.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	idntfy.ru	1 redirects
1	ae01.alicdn.com	online-sberbank1.ru
1	www.online-sberbank1.ru	1 redirects
125	19

This site contains links to these domains. Also see Links.

Domain
order.zaim-srochno24.ru
online.sberbank.ru
sbi.sberbank.ru
www.liveinternet.ru
s.click.aliexpress.com

Subject Issuer	Validity	Valid
online-sberbank1.ru R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
img.alicdn.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
otclick.ru R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://online-sberbank1.ru/
Frame ID: 1756614DCAFA9912E1E21091946B807E
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: D14B43CD5F65224084956BA036984F0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=280&slotname=7845794100&adk=4102060681&adf=752368115&pi=t.ma~as.7845794100&w=670&fwrn=4&fwrnh=100&lmt=1634231537&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536927&bpp=5&bdt=435&idt=84&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6781197838306&frm=20&pv=2&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=285&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jfCHXGTNZJ&p=https%3A//online-sberbank1.ru&dtd=104
Frame ID: 2E751519C50E64E5E9618CCA24944799
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=600&slotname=4950570475&adk=3627811727&adf=4070090934&pi=t.ma~as.4950570475&w=300&lmt=1634231537&psa=0&format=300x600&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536935&bpp=1&bdt=443&idt=177&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=laztcpJLrr&p=https%3A//online-sberbank1.ru&dtd=181
Frame ID: 6600E515D32F207CF27BC299937E342C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&adk=1812271804&adf=3025194257&lmt=1634231537&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fonline-sberbank1.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536950&bpp=2&bdt=458&idt=171&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280%2C300x600&nras=1&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=177
Frame ID: B9CDEB5D30641D0B7A0D9504FB84A052
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 68A32C9769A996773AA9A5ACA4FC66FE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Frame ID: 9A6400C09998882D6BA4201F95EF8AAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/index.html
Frame ID: 581AD8BAC8D87F51D427A1765F9ADAE5
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4EA5BB56B88F820E6199EA0F3C48AB2A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 51863FF3C51B0B75349A753B9110150A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1D3056DDFA5DFAE170BCE5B1384B3814
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 923A5DAD2BA5F46B0111D33AC2F4CCF7
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%96%89%E3%81%98%E3%82%8B
Frame ID: 05C99ADEB6B426B85CE665EF823B332C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Frame ID: 11A3E67762B67BA5C42B899FB69FE07C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Frame ID: 0D48B20311CB8BC9F8662ED5D0A8FA10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 30C287FE2B31BAE3D852BA45BCDB52EF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 571198C516843EF5D1D7A7E2FDA0E83D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сбербанк Онлайн Личный Кабинет — вход — online.sberbank.ru

Page URL History Show full URLs

https://www.online-sberbank1.ru/ HTTP 301
https://online-sberbank1.ru/ Page URL
https://online-sberbank1.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

125
Requests

89 %
HTTPS

69 %
IPv6

15
Domains

19
Subdomains

16
IPs

3
Countries

1632 kB
Transfer

3590 kB
Size

22
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://order.zaim-srochno24.ru/click/4b4cbf73d84bc9552b56ba912c7fdbbd
Title: Деловая Среда

Search URL Search Domain Scan URL

URL: https://online.sberbank.ru/

Search URL Search Domain Scan URL

URL: https://sbi.sberbank.ru:9443/ic/login.zhtml

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://s.click.aliexpress.com/e/4nVYDBeo?bz=300*250

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.online-sberbank1.ru/ HTTP 301
https://online-sberbank1.ru/ Page URL
https://online-sberbank1.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.online-sberbank1.ru/ HTTP 301
https://online-sberbank1.ru/

Request Chain 42

https://otclick-adv.ru/core/code.js?pid=5076&rid=389119&rl=&ll=https%3A//online-sberbank1.ru/&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&f=0 HTTP 302
https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9vdGNsaWNrLWFkdi5ydS9jb3JlL2NvZGUuanM/cGlkPTUwNzYmcmlkPTM4OTExOSZybD0mbGw9aHR0cHMlM0EvL29ubGluZS1zYmVyYmFuazEucnUvJm93PTE2MDAmb2g9MTIwMCZzdz0xNjAwJnNoPTEyMDAmcGQ9MjQmZj0wJnZpZHNldHVwPTE=&p=idntfy&n=otclick HTTP 302
https://otclick-adv.ru/core/code.js?pid=5076&rid=389119&rl=&ll=https%3A//online-sberbank1.ru/&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&f=0&vidsetup=1&idntfy=VOsMbOXa7ThjXGo

Request Chain 43

https://counter.yadro.ru/hit?t45.15;r;s1600*1200*24;uhttps%3A//online-sberbank1.ru/;h%u0421%u0431%u0435%u0440%u0431%u0430%u043D%u043A%20%u041E%u043D%u043B%u0430%u0439%u043D%20%u041B%u0438%u0447%u043D%u044B%u0439%20%u041A%u0430%u0431%u0438%u043D%u0435%u0442%20%u2014%20%u0432%u0445%u043E%u0434%20%u2014%20online.sberbank.ru;0.2213185833637923 HTTP 302
https://counter.yadro.ru/hit?q;t45.15;r;s1600*1200*24;uhttps%3A//online-sberbank1.ru/;h%u0421%u0431%u0435%u0440%u0431%u0430%u043D%u043A%20%u041E%u043D%u043B%u0430%u0439%u043D%20%u041B%u0438%u0447%u043D%u044B%u0439%20%u041A%u0430%u0431%u0438%u043D%u0435%u0442%20%u2014%20%u0432%u0445%u043E%u0434%20%u2014%20online.sberbank.ru;0.2213185833637923

Request Chain 54

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9426.E4ByL1WsJwSBnC0MZqAbOb7jRNNq7emcFA5weZfqyOz9GCnYkqJYUCjjoAoMqz8O.kXoWS1v4ekoU5aCzZzDFpKgwOP0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9426.GljSOitp1X-N6ceeFgKFQKDLVMSNIrv0zsrWMatAMxYEu552APJaRnuqFugV4OhDFdieq6OrZssrz_ycsHVhnw%2C%2C.OEW8ZYrx21ZcNAd9dALf-v3FXUo%2C

Request Chain 58

https://mc.yandex.com/watch/49147003?wmode=7&page-url=https%3A%2F%2Fonline-sberbank1.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A1634%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A153768659710%3Ahid%3A4054406%3Az%3A0%3Ai%3A202101014171217%3Aet%3A1634231537%3Ac%3A1%3Arn%3A944372989%3Arqn%3A1%3Au%3A1634231537493923146%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634231535149%3Adsn%3A0%2C0%2C1335%2C1%2C0%2C0%2C%2C339%2C0%2C%2C%2C%2C1676%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634231537%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%9A%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%E2%80%94%20%D0%B2%D1%85%D0%BE%D0%B4%20%E2%80%94%20online.sberbank.ru&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/49147003/1?wmode=7&page-url=https%3A%2F%2Fonline-sberbank1.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A1634%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A153768659710%3Ahid%3A4054406%3Az%3A0%3Ai%3A202101014171217%3Aet%3A1634231537%3Ac%3A1%3Arn%3A944372989%3Arqn%3A1%3Au%3A1634231537493923146%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634231535149%3Adsn%3A0%2C0%2C1335%2C1%2C0%2C0%2C%2C339%2C0%2C%2C%2C%2C1676%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634231537%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%9A%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%E2%80%94%20%D0%B2%D1%85%D0%BE%D0%B4%20%E2%80%94%20online.sberbank.ru&t=gdpr%2814%29ti%282%29

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

125 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
online-sberbank1.ru/
Redirect Chain

https://www.online-sberbank1.ru/
https://online-sberbank1.ru/

62 KB
16 KB

733ms
726ms

Document
text/html

217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: fee6e549e9c1332880b1c1a9e36bc6dca50c1d0e673ebaa8cb0780d8a76e697c

Request headers

:method: GET
:authority: online-sberbank1.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 14 Oct 2021 17:12:15 GMT
content-type: text/html; charset=UTF-8
content-length: 16157
server: Jino.ru/mod_pizza
link: <https://online-sberbank1.ru/wp-json/>; rel="https://api.w.org/" <https://online-sberbank1.ru/wp-json/wp/v2/pages/130>; rel="alternate"; type="application/json" <https://online-sberbank1.ru/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

date: Thu, 14 Oct 2021 17:12:14 GMT
content-type: text/html; charset=UTF-8
content-length: 241
location: https://online-sberbank1.ru/
server: Jino.ru/mod_pizza
x-redirect-by: WordPress

GET style.min.css
online-sberbank1.ru/wp-includes/css/dist/block-library/ 0
0

GET fancybox.css
online-sberbank1.ru/wp-content/plugins/fancybox-for-wordpress/assets/css/ 0
0

GET postratings-css.css
online-sberbank1.ru/wp-content/plugins/wp-postratings/css/ 0
0

GET css
fonts.googleapis.com/ 0
0

GET style.min.css
online-sberbank1.ru/wp-content/themes/root/css/ 0
0

GET jquery.min.js
online-sberbank1.ru/wp-includes/js/jquery/ 0
0

GET jquery-migrate.min.js
online-sberbank1.ru/wp-includes/js/jquery/ 0
0

GET jquery.fancybox.js
online-sberbank1.ru/wp-content/plugins/fancybox-for-wordpress/assets/js/ 0
0

GET adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0

GET 300x250.jpg
ae01.alicdn.com/kf/HTB1lLGHXc_vK1Rjy0Foq6xIxVXaL/ 0
0

GET front.min.js
online-sberbank1.ru/wp-content/plugins/table-of-contents-plus/ 0
0

GET postratings-js.js
online-sberbank1.ru/wp-content/plugins/wp-postratings/js/ 0
0

GET scripts.min.js
online-sberbank1.ru/wp-content/themes/root/js/ 0
0

GET wp-embed.min.js
online-sberbank1.ru/wp-includes/js/ 0
0

GET
H2 200 Primary Request / Show response
online-sberbank1.ru/ 62 KB
16 KB 1335ms
1335ms Document
text/html 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: fee6e549e9c1332880b1c1a9e36bc6dca50c1d0e673ebaa8cb0780d8a76e697c

Request headers

:method: GET
:authority: online-sberbank1.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://online-sberbank1.ru/
accept-encoding: gzip, deflate, br
cookie: redirect_to_cookie_reload=; redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-type: text/html; charset=UTF-8
content-length: 16157
server: Jino.ru/mod_pizza
link: <https://online-sberbank1.ru/wp-json/>; rel="https://api.w.org/" <https://online-sberbank1.ru/wp-json/wp/v2/pages/130>; rel="alternate"; type="application/json" <https://online-sberbank1.ru/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 style.min.css
online-sberbank1.ru/wp-includes/css/dist/block-library/ 79 KB
10 KB 114ms
112ms Stylesheet
text/css 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma: no-cache
cookie: redirect_to_cookie_reload=; redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:42:05 GMT
server: Jino.ru/mod_pizza
etag: "13abe-5c99d70ef04b5-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 10523

GET
H2 200 fancybox.css
online-sberbank1.ru/wp-content/plugins/fancybox-for-wordpress/assets/css/ 18 KB
4 KB 61ms
59ms Stylesheet
text/css 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-content/plugins/fancybox-for-wordpress/assets/css/fancybox.css?ver=1.3.4
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 8e6630390ef512b8785eac0eac76219d07d16c69f68760f0e3677e9b7348f1e3

Request headers

:path: /wp-content/plugins/fancybox-for-wordpress/assets/css/fancybox.css?ver=1.3.4
pragma: no-cache
cookie: redirect_to_cookie_reload=; redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:42:35 GMT
server: Jino.ru/mod_pizza
etag: "4932-5c99d72b4b486-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 3858

GET
H2 200 postratings-css.css
online-sberbank1.ru/wp-content/plugins/wp-postratings/css/ 1 KB
606 B 59ms
58ms Stylesheet
text/css 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Request headers

:path: /wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89
pragma: no-cache
cookie: redirect_to_cookie_reload=; redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:43:06 GMT
server: Jino.ru/mod_pizza
etag: "549-5c99d74987f96-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 410

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=5.8

Requested by

Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29bc8d1584c12a05db9ac9637886359eb8688bb718cd946ff177dcca7cafd81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 16:36:46 GMT
server: ESF
date: Thu, 14 Oct 2021 17:12:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 17:12:16 GMT

GET
H2 200 style.min.css
online-sberbank1.ru/wp-content/themes/root/css/ 106 KB
25 KB 113ms
112ms Stylesheet
text/css 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-content/themes/root/css/style.min.css?ver=2.2.3
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 7e204f01d5b640388ee502377c83c5a7055c1d2d95b0455d31689b26b1028105

Request headers

:path: /wp-content/themes/root/css/style.min.css?ver=2.2.3
pragma: no-cache
cookie: redirect_to_cookie_reload=; redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 03 Jun 2018 15:43:49 GMT
server: Jino.ru/mod_pizza
etag: "1a8d5-56dbeaee4d740-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 24885

GET
H2 200 jquery.min.js Show response
online-sberbank1.ru/wp-includes/js/jquery/ 87 KB
30 KB 216ms
215ms Script
application/javascript 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
cookie: redirect_to_cookie_reload=; redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:42:06 GMT
server: Jino.ru/mod_pizza
etag: "15db1-5c99d70f9fd61-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 30908

GET
H2 200 jquery-migrate.min.js Show response
online-sberbank1.ru/wp-includes/js/jquery/ 11 KB
4 KB 214ms
213ms Script
application/javascript 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
cookie: redirect_to_cookie_reload=; redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:42:06 GMT
server: Jino.ru/mod_pizza
etag: "2bd8-5c99d70fa4f69-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4169

GET
H2 200 jquery.fancybox.js Show response
online-sberbank1.ru/wp-content/plugins/fancybox-for-wordpress/assets/js/ 158 KB
39 KB 221ms
220ms Script
application/javascript 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-content/plugins/fancybox-for-wordpress/assets/js/jquery.fancybox.js?ver=1.3.4
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: fbefbec9195c7a222e896bc45b0afa18af494fdc038c0977cefe1401efc64be2

Request headers

:path: /wp-content/plugins/fancybox-for-wordpress/assets/js/jquery.fancybox.js?ver=1.3.4
pragma: no-cache
cookie: redirect_to_cookie_reload=; redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:42:35 GMT
server: Jino.ru/mod_pizza
etag: "2795c-5c99d72b4b86e-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 39290

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 130ms
92ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0330e02c3c486e38d255ed3c4cf733c6e811eb528a6526508e3bd91922586df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51440
x-xss-protection: 0
server: cafe
etag: 12741808073100336274
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 17:12:16 GMT

GET
H2 200 300x250.jpg
ae01.alicdn.com/kf/HTB1lLGHXc_vK1Rjy0Foq6xIxVXaL/ 15 KB
16 KB 94ms
32ms Image
image/webp 104.111.214.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ae01.alicdn.com/kf/HTB1lLGHXc_vK1Rjy0Foq6xIxVXaL/300x250.jpg
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 9052c5a2f595d6b78e5baed4348610767c1b23aec65f560b36cdebdeb46a91ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
last-modified: Wed, 09 Dec 2020 16:21:36 GMT
server: Akamai Image Manager
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1553095
served-from: 2.16.187.92
content-length: 15844
timing-allow-origin: *
network_info: DE_FRANKFURT_9009
from-req-dns-type: NA
expires: Mon, 01 Nov 2021 16:37:11 GMT

GET
H2 200 front.min.js Show response
online-sberbank1.ru/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 59ms
58ms Script
application/javascript 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

:path: /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:42:53 GMT
server: Jino.ru/mod_pizza
etag: "17cb-5c99d73cc96ee-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2349

GET
H2 200 postratings-js.js Show response
online-sberbank1.ru/wp-content/plugins/wp-postratings/js/ 3 KB
958 B 58ms
58ms Script
application/javascript 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

:path: /wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:43:06 GMT
server: Jino.ru/mod_pizza
etag: "d01-5c99d74988f36-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 752

GET
H2 200 scripts.min.js Show response
online-sberbank1.ru/wp-content/themes/root/js/ 5 KB
2 KB 60ms
59ms Script
application/javascript 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-content/themes/root/js/scripts.min.js?ver=2.2.3
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 55804d675a713bff7f36baf9911ca3467ab5bbfcee717564bb768bdc030501ad

Request headers

:path: /wp-content/themes/root/js/scripts.min.js?ver=2.2.3
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 03 Jun 2018 15:43:49 GMT
server: Jino.ru/mod_pizza
etag: "13c6-56dbeaee4d740-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1932

GET
H2 200 wp-embed.min.js Show response
online-sberbank1.ru/wp-includes/js/ 1 KB
971 B 59ms
59ms Script
application/javascript 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:42:06 GMT
server: Jino.ru/mod_pizza
etag: "592-5c99d70fda2ff-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 765

GET
H2 200 wp-emoji-release.min.js Show response
online-sberbank1.ru/wp-includes/js/ 18 KB
5 KB 60ms
60ms Script
application/javascript 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-sberbank1.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
last-modified: Sun, 15 Aug 2021 18:42:06 GMT
server: Jino.ru/mod_pizza
etag: "4705-5c99d70fdd1e0-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4930

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
10 KB 66ms
26ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://online-sberbank1.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:41:26 GMT
x-content-type-options: nosniff
age: 135050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 03:41:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 68ms
28ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://online-sberbank1.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:34:35 GMT
x-content-type-options: nosniff
age: 88661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:34:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 53ms
16ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://online-sberbank1.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:45 GMT
x-content-type-options: nosniff
age: 88831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 55ms
22ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://online-sberbank1.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 88835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:41 GMT

GET
H2 200 sberbank-onlayn-lichnyy-kabinet-1.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 63 KB
63 KB 60ms
59ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-1.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: b21f17cf622c771f1646868d61a15628ec2f9c8d90020fdead0e0d50afafe7dd

Request headers

:path: /wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-1.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
last-modified: Tue, 05 Jun 2018 22:29:51 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "fc94-56dec96aa35c0"
content-length: 64660
content-type: image/png

GET
H2 200 sberbank-onlayn-lichnyy-kabinet-2.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 25 KB
25 KB 129ms
129ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-2.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 39934a281e24990cdaca8abe4f15a44f9eb8ad2bacb3cd6b6231e46e6579797c

Request headers

:path: /wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-2.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
last-modified: Tue, 05 Jun 2018 22:33:42 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "6488-56deca46efd80"
content-length: 25736
content-type: image/png

GET
H2 200 sberbank-onlayn-lichnyy-kabinet-3.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 49 KB
49 KB 139ms
139ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-3.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 1dd85b526e16d23216c8b6ce0a01ad8b2772205b58450e22ee71964a57f215b4

Request headers

:path: /wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-3.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
last-modified: Tue, 05 Jun 2018 22:35:27 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "c244-56decaab129c0"
content-length: 49732
content-type: image/png

GET
H2 200 sberbank-onlayn-lichnyy-kabinet-4.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 41 KB
41 KB 180ms
179ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-4.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 8aaae8cb64403bebcac996ab13ecd0902d949eaad8ec1205057a7f0c74c68952

Request headers

:path: /wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-4.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
last-modified: Tue, 05 Jun 2018 22:37:22 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "a510-56decb18bec80"
content-length: 42256
content-type: image/png

GET
H2 200 sberbank-onlayn-lichnyy-kabinet-5.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 24 KB
25 KB 180ms
179ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-5.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 127c494eb2157780fd21c388c6d0232c49a7fa544226c3e723cdc55c69646f55

Request headers

:path: /wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-5.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
last-modified: Tue, 05 Jun 2018 22:39:09 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "616d-56decb7ec9d40"
content-length: 24941
content-type: image/png

GET
H2 200 sberbank-onlayn-lichnyy-kabinet-6.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 9 KB
9 KB 180ms
179ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-6.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 7a9d9f36e8aa43284fe3245391056c3111457db452cceeab098dc0cb6fd934d6

Request headers

:path: /wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-6.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
last-modified: Tue, 05 Jun 2018 22:40:22 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "22f1-56decbc468180"
content-length: 8945
content-type: image/png

GET
H2 200 sberbank-onlayn-lichnyy-kabinet-7.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 93 KB
94 KB 111ms
108ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-7.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 519688b452987df9e19cd80f091a1de138f2d53f4a5e9158dc3190eacc28e3d6

Request headers

:path: /wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-7.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:17 GMT
last-modified: Tue, 05 Jun 2018 22:42:34 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "175e5-56decc424aa80"
content-length: 95717
content-type: image/png

GET
H2 200 sberbank-onlayn-lichnyy-kabinet-8.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 52 KB
52 KB 110ms
108ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-8.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: bed10853a8a19744b0d29e03fec969313b238afcac7650bca7c3c185436d6a49

Request headers

:path: /wp-content/uploads/2018/06/sberbank-onlayn-lichnyy-kabinet-8.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:17 GMT
last-modified: Tue, 05 Jun 2018 22:43:57 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "cef7-56decc9172540"
content-length: 52983
content-type: image/png

GET
H2

204

code.js Show response
otclick-adv.ru/core/
Redirect Chain

https://otclick-adv.ru/core/code.js?pid=5076&rid=389119&rl=&ll=https%3A//online-sberbank1.ru/&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&f=0
https://idntfy.ru/core/idntfy?e=base64&u=aHR0cHM6Ly9vdGNsaWNrLWFkdi5ydS9jb3JlL2NvZGUuanM/cGlkPTUwNzYmcmlkPTM4OTExOSZybD0mbGw9aHR0cHMlM0EvL29ubGluZS1zYmVyYmFuazEucnUvJm93PTE2MDAmb2g9MTIwMCZzdz0xNjAw...
https://otclick-adv.ru/core/code.js?pid=5076&rid=389119&rl=&ll=https%3A//online-sberbank1.ru/&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&f=0&vidsetup=1&idntfy=VOsMbOXa7ThjXGo

0
334 B

40ms
40ms

Script
text/plain

46.46.137.178
RETNNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://otclick-adv.ru/core/code.js?pid=5076&rid=389119&rl=&ll=https%3A//online-sberbank1.ru/&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&f=0&vidsetup=1&idntfy=VOsMbOXa7ThjXGo
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.46.137.178 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 17:12:17 GMT
cache-control: no-cache, max-age=0, must-revalidate, no-store
referrer-policy: origin-when-cross-origin
server: nginx/1.20.1
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
expires: Thursday, 01-Jan-1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 17:12:17 GMT
server: nginx/1.20.1
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location: https://otclick-adv.ru/core/code.js?pid=5076&rid=389119&rl=&ll=https%3A//online-sberbank1.ru/&ow=1600&oh=1200&sw=1600&sh=1200&pd=24&f=0&vidsetup=1&idntfy=VOsMbOXa7ThjXGo
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 124
expires: Thursday, 01-Jan-1970 00:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.15;r;s1600*1200*24;uhttps%3A//online-sberbank1.ru/;h%u0421%u0431%u0435%u0440%u0431%u0430%u043D%u043A%20%u041E%u043D%u043B%u0430%u0439%u043D%20%u041B%u0438%u0447%u04...
https://counter.yadro.ru/hit?q;t45.15;r;s1600*1200*24;uhttps%3A//online-sberbank1.ru/;h%u0421%u0431%u0435%u0440%u0431%u0430%u043D%u043A%20%u041E%u043D%u043B%u0430%u0439%u043D%20%u041B%u0438%u0447%u...

104 B
590 B

58ms
58ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.15;r;s1600*1200*24;uhttps%3A//online-sberbank1.ru/;h%u0421%u0431%u0435%u0440%u0431%u0430%u043D%u043A%20%u041E%u043D%u043B%u0430%u0439%u043D%20%u041B%u0438%u0447%u043D%u044B%u0439%20%u041A%u0430%u0431%u0438%u043D%u0435%u0442%20%u2014%20%u0432%u0445%u043E%u0434%20%u2014%20online.sberbank.ru;0.2213185833637923

Requested by

Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1c235f78410a35ee8160adeebf3908b8ba0a1ba8f5689839ec05d61155ef9f9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 17:12:17 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 104
Expires: Tue, 13 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 17:12:16 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.15;r;s1600*1200*24;uhttps%3A//online-sberbank1.ru/;h%u0421%u0431%u0435%u0440%u0431%u0430%u043D%u043A%20%u041E%u043D%u043B%u0430%u0439%u043D%20%u041B%u0438%u0447%u043D%u044B%u0439%20%u041A%u0430%u0431%u0438%u043D%u0435%u0442%20%u2014%20%u0432%u0445%u043E%u0434%20%u2014%20online.sberbank.ru;0.2213185833637923
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 13 Oct 2020 21:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 188 KB
64 KB 203ms
94ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: br
last-modified: Thu, 14 Oct 2021 16:17:22 GMT
etag: "61682de2-10040"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65600
expires: Thu, 14 Oct 2021 18:12:16 GMT

GET
H2 200 vh.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 12 KB
13 KB 280ms
280ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/vh.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 253684f3a621a99e7a8af6d3dbb4bf6f7ce749793c2e290965e9ffd41993216d

Request headers

:path: /wp-content/uploads/2018/06/vh.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
last-modified: Tue, 05 Jun 2018 23:34:59 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "3159-56ded7f998ec0"
content-length: 12633
content-type: image/png

GET
H2 200 vh-biznes-300x84.png
online-sberbank1.ru/wp-content/uploads/2018/06/ 6 KB
7 KB 262ms
262ms Image
image/png 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/uploads/2018/06/vh-biznes-300x84.png
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: b7b69024e7fdb5e587ad524da5cb77cffa0603277dce3f0be24068cf987ccc0e

Request headers

:path: /wp-content/uploads/2018/06/vh-biznes-300x84.png
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
last-modified: Thu, 14 Jun 2018 21:09:33 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "197e-56ea0840fbd40"
content-length: 6526
content-type: image/png

GET
H2 200 rating_over.gif
online-sberbank1.ru/wp-content/plugins/wp-postratings/images/stars/ 523 B
681 B 232ms
232ms Image
image/gif 217.107.219.4
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online-sberbank1.ru/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
Requested by: Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.107.219.4 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv176-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6

Request headers

:path: /wp-content/plugins/wp-postratings/images/stars/rating_over.gif
pragma: no-cache
cookie: redirect_to_cookie_width=1600; redirect_to_cookie_date=14.10.2021; redirect_to_cookie_time=17:12; redirect_to_cookie_reload=234
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online-sberbank1.ru
referer: https://online-sberbank1.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:17 GMT
last-modified: Sun, 15 Aug 2021 18:43:06 GMT
server: Jino.ru/mod_pizza
accept-ranges: bytes
etag: "20b-5c99d7499c7b8"
content-length: 523
content-type: image/gif

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 272 KB
98 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3317951157291526&plah=online-sberbank1.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99876
x-xss-protection: 0
server: cafe
etag: 5725214712622718827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 17:12:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame D14B 10 KB
5 KB 53ms
14ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online-sberbank1.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 20:21:55 GMT
expires: Wed, 27 Oct 2021 20:21:55 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 75022
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
663 B 44ms
20ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=online-sberbank1.ru&callback=_gfp_s_&client=ca-pub-3317951157291526

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3317951157291526&plah=online-sberbank1.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4da83fc323c6f3489594687d740f21dea9ac2b5d656d73f57cfb3550abd7f5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 42ms
18ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=online-sberbank1.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 17:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 60ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=online-sberbank1.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 17:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E75 68 KB
25 KB 581ms
580ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=280&slotname=7845794100&adk=4102060681&adf=752368115&pi=t.ma~as.7845794100&w=670&fwrn=4&fwrnh=100&lmt=1634231537&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536927&bpp=5&bdt=435&idt=84&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6781197838306&frm=20&pv=2&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=285&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jfCHXGTNZJ&p=https%3A//online-sberbank1.ru&dtd=104

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

379ba40b5a1ecf8ae944deddf1c03709007fc8b6e60d31744fdf3a9b32c0f982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3317951157291526&output=html&h=280&slotname=7845794100&adk=4102060681&adf=752368115&pi=t.ma~as.7845794100&w=670&fwrn=4&fwrnh=100&lmt=1634231537&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536927&bpp=5&bdt=435&idt=84&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6781197838306&frm=20&pv=2&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=285&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jfCHXGTNZJ&p=https%3A//online-sberbank1.ru&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online-sberbank1.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 17:12:17 GMT
server: cafe
content-length: 25873
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 17:27:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 17:12:17 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9426.E4ByL1WsJwSBnC0MZqAbOb7jRNNq7emcFA5weZfqyOz9GCnYkqJYUCjjoAoMqz8O.kXoWS1v4ekoU5aCzZzDFpKgwOP0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9426.GljSOitp1X-N6ceeFgKFQKDLVMSNIrv0zsrWMatAMxYEu552APJaRnuqFugV4OhDFdieq6OrZssrz_ycsHVhnw%2C%2C.OEW8ZYrx21ZcNAd9dALf-v3FXUo%2C

75 B
75 B

52ms
52ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9426.GljSOitp1X-N6ceeFgKFQKDLVMSNIrv0zsrWMatAMxYEu552APJaRnuqFugV4OhDFdieq6OrZssrz_ycsHVhnw%2C%2C.OEW8ZYrx21ZcNAd9dALf-v3FXUo%2C

Requested by

Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:17 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9426.GljSOitp1X-N6ceeFgKFQKDLVMSNIrv0zsrWMatAMxYEu552APJaRnuqFugV4OhDFdieq6OrZssrz_ycsHVhnw%2C%2C.OEW8ZYrx21ZcNAd9dALf-v3FXUo%2C
date: Thu, 14 Oct 2021 17:12:17 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 53ms
52ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Requested by

Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:17 GMT
last-modified: Wed, 13 Oct 2021 15:51:32 GMT
etag: "6166d654-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 14 Oct 2021 18:12:17 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6600 104 KB
37 KB 884ms
884ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=600&slotname=4950570475&adk=3627811727&adf=4070090934&pi=t.ma~as.4950570475&w=300&lmt=1634231537&psa=0&format=300x600&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536935&bpp=1&bdt=443&idt=177&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=laztcpJLrr&p=https%3A//online-sberbank1.ru&dtd=181

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b90496fc6fc903b5624fd1a74d5d6e4ee59f50b2b0b3bc87fa5ea5f1ec1996cc

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJGgg_KyyvMCFT6Ggwcd_ekPmA&gqi=8WRoYc_iCLOD1fAPn8en0A8&layout=/sadbundle/%24csp%253Der3%24/10688699414658601799/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3317951157291526&output=html&h=600&slotname=4950570475&adk=3627811727&adf=4070090934&pi=t.ma~as.4950570475&w=300&lmt=1634231537&psa=0&format=300x600&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536935&bpp=1&bdt=443&idt=177&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=laztcpJLrr&p=https%3A//online-sberbank1.ru&dtd=181
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online-sberbank1.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJGgg_KyyvMCFT6Ggwcd_ekPmA&gqi=8WRoYc_iCLOD1fAPn8en0A8&layout=/sadbundle/%24csp%253Der3%24/10688699414658601799/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 17:12:17 GMT
server: cafe
content-length: 37136
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 17:27:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 17:12:17 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9CD 238 KB
59 KB 841ms
841ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&adk=1812271804&adf=3025194257&lmt=1634231537&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fonline-sberbank1.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536950&bpp=2&bdt=458&idt=171&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280%2C300x600&nras=1&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=177

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb198991477b6c66321aacd6d9452439eb24c02d12ec519e55db7b253debaf51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3317951157291526&output=html&adk=1812271804&adf=3025194257&lmt=1634231537&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fonline-sberbank1.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536950&bpp=2&bdt=458&idt=171&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280%2C300x600&nras=1&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=177
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online-sberbank1.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 17:12:17 GMT
server: cafe
content-length: 60628
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 17:27:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 17:12:17 GMT
cache-control: private

GET
H2

200

1 Show response
mc.yandex.com/watch/49147003/
Redirect Chain

https://mc.yandex.com/watch/49147003?wmode=7&page-url=https%3A%2F%2Fonline-sberbank1.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A1634%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.com/watch/49147003/1?wmode=7&page-url=https%3A%2F%2Fonline-sberbank1.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A1634%3Afu%3A0%3Aen%3Autf-...

331 B
413 B

51ms
50ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49147003/1?wmode=7&page-url=https%3A%2F%2Fonline-sberbank1.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A1634%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A153768659710%3Ahid%3A4054406%3Az%3A0%3Ai%3A202101014171217%3Aet%3A1634231537%3Ac%3A1%3Arn%3A944372989%3Arqn%3A1%3Au%3A1634231537493923146%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634231535149%3Adsn%3A0%2C0%2C1335%2C1%2C0%2C0%2C%2C339%2C0%2C%2C%2C%2C1676%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634231537%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%9A%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%E2%80%94%20%D0%B2%D1%85%D0%BE%D0%B4%20%E2%80%94%20online.sberbank.ru&t=gdpr%2814%29ti%282%29

Requested by

Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

b7b03f3c0e0766b0ddd065ceb831d228f7167aa25ce98413471800990fe159df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 17:12:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 14-Oct-2021 17:12:17 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://online-sberbank1.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 17:12:17 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 17:12:17 GMT
last-modified: Thu, 14-Oct-2021 17:12:17 GMT
location: /watch/49147003/1?wmode=7&page-url=https%3A%2F%2Fonline-sberbank1.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A1634%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A153768659710%3Ahid%3A4054406%3Az%3A0%3Ai%3A202101014171217%3Aet%3A1634231537%3Ac%3A1%3Arn%3A944372989%3Arqn%3A1%3Au%3A1634231537493923146%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634231535149%3Adsn%3A0%2C0%2C1335%2C1%2C0%2C0%2C%2C339%2C0%2C%2C%2C%2C1676%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634231537%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%20%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%9A%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%E2%80%94%20%D0%B2%D1%85%D0%BE%D0%B4%20%E2%80%94%20online.sberbank.ru&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://online-sberbank1.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 17:12:17 GMT

GET
H2 200 6418127619908293116
tpc.googlesyndication.com/daca_images/simgad/ Frame 2E75 127 KB
127 KB 44ms
20ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6418127619908293116

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=280&slotname=7845794100&adk=4102060681&adf=752368115&pi=t.ma~as.7845794100&w=670&fwrn=4&fwrnh=100&lmt=1634231537&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536927&bpp=5&bdt=435&idt=84&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6781197838306&frm=20&pv=2&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=285&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jfCHXGTNZJ&p=https%3A//online-sberbank1.ru&dtd=104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24007b84adce7cc20646a6f93ff5f1666a136d2f3e06f3dfc808451fd3efe3de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 12:52:38 GMT
x-content-type-options: nosniff
age: 533979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130081
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 06:49:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Oct 2022 12:52:38 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 2E75 18 KB
8 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:11:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2E75 3 KB
1 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:04:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E75 123 KB
37 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 17:12:17 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2E75 14 KB
6 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:04:49 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2E75 27 KB
11 KB 54ms
34ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 12:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11185
x-xss-protection: 0
server: cafe
etag: 5630310602010257655
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 12:58:38 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2E75 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_SLF8WRoYfeMBNHhtwfXx5M4vtOw8GH28dTW9Qy23cCEhgIQASCc9bEtYJX68IGMB6AB3LiWigPIAQKpAgG2eaaVeLM-qAMByAPJBKoE0QFP0Jip-_q0FPW9KBr29SO0v5PxWwfq3g_cG-xiSljmI1T3hdr1jueYvbBqhSip2xKo8DEJxi4xZz4EONM5s5TLUjYXEwCDAAvEs9Y9oa1TKyRX1jj4M9RTmM65F9E7PofQncbPeWck7CTuPM21k6BBFEhBXD_SXpvN8tarqMSaMvLibX1nbK59ZInPtmstiMheELcyZhyLxtyAEA3muPQ3wVrAAG__CY_qQfWTwyqYrpUNz6qAe8VuxZoS0pu6pT1MVx-6xufmFwf1URl4UiHCcsAE2aaNg6sDkgUECAQYAZIFBAgFGASgBgKAB4zH6XWoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEN2qR9IICQiA4YAQEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMzE3OTUxMTU3MjkxNTI2GAA&sigh=PWuPF4w_YR8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=280&slotname=7845794100&adk=4102060681&adf=752368115&pi=t.ma~as.7845794100&w=670&fwrn=4&fwrnh=100&lmt=1634231537&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536927&bpp=5&bdt=435&idt=84&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6781197838306&frm=20&pv=2&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=285&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jfCHXGTNZJ&p=https%3A//online-sberbank1.ru&dtd=104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 17:12:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Oct 2021 17:12:17 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 68A3 143 B
225 B 13ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=280&slotname=7845794100&adk=4102060681&adf=752368115&pi=t.ma~as.7845794100&w=670&fwrn=4&fwrnh=100&lmt=1634231537&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536927&bpp=5&bdt=435&idt=84&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6781197838306&frm=20&pv=2&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=285&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jfCHXGTNZJ&p=https%3A//online-sberbank1.ru&dtd=104
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=280&slotname=7845794100&adk=4102060681&adf=752368115&pi=t.ma~as.7845794100&w=670&fwrn=4&fwrnh=100&lmt=1634231537&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536927&bpp=5&bdt=435&idt=84&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=6781197838306&frm=20&pv=2&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=285&ady=536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=jfCHXGTNZJ&p=https%3A//online-sberbank1.ru&dtd=104

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 17:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2E75 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e16e03dfd994e6e101cf38bfbe87ce8407181d5354ce8cf0e2f09e4b29a5d75b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 68A3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

22ms
22ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkeF8mgNP9K6qY1W0NKnXy6JJxVQ2v3NyhxgAjixjYUZHm0A0PR9TdFZefcenw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 17:12:17 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 14-Oct-2021 18:12:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 17:12:17 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 17:12:17 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A64 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 16:53:37 GMT

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 143 KB
52 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3a9fde73ab4eed86a484b3ddb02e285cead10a46c95d7915c2ff9a490a711a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52637
x-xss-protection: 0
server: cafe
etag: 6817435743625754192
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 17:12:18 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 6600 18 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=600&slotname=4950570475&adk=3627811727&adf=4070090934&pi=t.ma~as.4950570475&w=300&lmt=1634231537&psa=0&format=300x600&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536935&bpp=1&bdt=443&idt=177&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=laztcpJLrr&p=https%3A//online-sberbank1.ru&dtd=181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:11:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 6600 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:04:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6600 123 KB
37 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 17:12:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 6600 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:04:49 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/ Frame 581A 74 KB
19 KB 11ms
10ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32daa0b2c4965b913cbf1e869e480e81b66782717b200283108803c3e86231d2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10688699414658601799/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Mon, 11 Oct 2021 22:18:04 GMT
expires: Tue, 11 Oct 2022 22:18:04 GMT
last-modified: Thu, 30 Sep 2021 09:02:30 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 18193
age: 240854
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6600 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5Y-38WRoYdHjCb6MjuwP_dO_wAnK8JzOZZjgk8ihDoOZ9P0IEAEgnPWxLWCV-vCBjAegAenFqp0CyAEJqQLFnzOMt3ezPqgDAcgDSKoE1wFP0GU7lZbePl31XATamYCTsEGHmifaDrFepTB26TdUOsZhVIJivTilHzFNfUE0Hqce-uMTsEG393mTeGcPBhQjLLbPOVZu6fAJwiq6yDcZ7NFBC1AceR3fLBIyDONEdWt8GAT_SdwY-mKv8zh5n_PzWafNmxNTs_eaqjaQ2On56wAavJl3lbcYxQTsNENfERF6C2vtxzHCBnF-GcCGwjMAQM1EKpxk5FdGK0ux2cyU1NxAWHAQrIiZEETC2Ww3TTmyzARxg6xIPjVHJsLzxDoDAi5HaVJhqMAE1OWJp5UDkgUECAQYAZIFBAgFGASgBi6AB_-51eIBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCK3RLSCAkIiOGAEBABGF-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMzMxNzk1MTE1NzI5MTUyNhgA&sigh=thFnDQ5ck_A&template_id=419

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=600&slotname=4950570475&adk=3627811727&adf=4070090934&pi=t.ma~as.4950570475&w=300&lmt=1634231537&psa=0&format=300x600&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536935&bpp=1&bdt=443&idt=177&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=laztcpJLrr&p=https%3A//online-sberbank1.ru&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 17:12:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4EA5 143 B
202 B 16ms
16ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=600&slotname=4950570475&adk=3627811727&adf=4070090934&pi=t.ma~as.4950570475&w=300&lmt=1634231537&psa=0&format=300x600&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536935&bpp=1&bdt=443&idt=177&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=laztcpJLrr&p=https%3A//online-sberbank1.ru&dtd=181
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkeF8mgNP9K6qY1W0NKnXy6JJxVQ2v3NyhxgAjixjYUZHm0A0PR9TdFZefcenw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3317951157291526&output=html&h=600&slotname=4950570475&adk=3627811727&adf=4070090934&pi=t.ma~as.4950570475&w=300&lmt=1634231537&psa=0&format=300x600&url=https%3A%2F%2Fonline-sberbank1.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634231536935&bpp=1&bdt=443&idt=177&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58fa4ed9f0577243-22a853f0f5ca0010%3AT%3D1634231537%3ART%3D1634231537%3AS%3DALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA&prev_fmts=670x280&correlator=6781197838306&frm=20&pv=1&ga_vid=1063161285.1634231537&ga_sid=1634231537&ga_hid=51351712&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1045&ady=761&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C31062938&oid=2&pvsid=801897927232337&pem=882&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=laztcpJLrr&p=https%3A//online-sberbank1.ru&dtd=181

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 17:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 22ms
21ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=online-sberbank1.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 17:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 28ms
28ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=online-sberbank1.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 17:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame 5186 10 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online-sberbank1.ru/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkeF8mgNP9K6qY1W0NKnXy6JJxVQ2v3NyhxgAjixjYUZHm0A0PR9TdFZefcenw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:08:24 GMT
expires: Wed, 27 Oct 2021 21:08:24 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 72234
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame 1D30 10 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online-sberbank1.ru/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkeF8mgNP9K6qY1W0NKnXy6JJxVQ2v3NyhxgAjixjYUZHm0A0PR9TdFZefcenw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:08:24 GMT
expires: Wed, 27 Oct 2021 21:08:24 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 72234
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6600 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82efd5119e31d3c28df4607d7b92ab2a0a429542a6ac92d2fc73464157ee3723

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 581A 16 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 14 Oct 2021 18:00:57 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 581A 26 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 13:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 15 Oct 2021 13:46:49 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 5186 4 KB
731 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 16:56:58 GMT
server: ESF
date: Thu, 14 Oct 2021 17:12:18 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 17:12:18 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5186 205 B
764 B 54ms
14ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:17:01 GMT
x-content-type-options: nosniff
age: 71717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Oct 2022 21:17:01 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5186 604 B
696 B 54ms
15ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:52:09 GMT
x-content-type-options: nosniff
age: 134409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Oct 2022 03:52:09 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 5186 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7792
x-xss-protection: 0
server: cafe
etag: 11501120118990840405
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 16:57:59 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1D30 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrFT78WRoYff1CZqVtgfP6o2ABvby3Y9jwu3jgYQOjJfJ4rQoEAEgnPWxLWCV-vCBjAegAaTRmf0DyAECqQIBtnmmlXizPqgDAcgDyQSqBNYBT9CXfv-wXsPQ6hnuFKusAtKulq-pXifTCtLGEyDcsYxxlIDBuSfv2nLXVgNEfyBw_PRvuzvoTqRQ8JMIs8_uWyHGqxIHDQs7Y5PqxQ3i71AZdoOvBn6VYx9Vbrym56nmtNndn5soTNj6R6Sx0dLODrhOnCBMwNec5kKzW6zD6MEX1WFtt1zP29VXImamw3pk3FZp1y1vMAqFv5gvRjt6eLUO99v3wZ0iVWh8wrOxVYn8bC9WcWaCixbb_FgUV-V9J1jiAaBx7ZjMGnC285hSJc0wsM6m5MAEkur3wM8DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8Su5gKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEObxBNIICQiI4YAQEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMzE3OTUxMTU3MjkxNTI2GAA&sigh=-WgKVEWB5MA&uach_m=[UACH]

Requested by

Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 17:12:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 1D30 18 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:11:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 1D30 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:04:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D30 123 KB
37 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 17:12:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 1D30 14 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:04:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1D30 0
0 16ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQzrkAP-ZJtQTxsUUMlU_UxUl3G3b3gZRjJwSbwb43dJUlSmce6nWlAd-Anr8UJ7pptpyc3CnGZp854eJI3rHd3aAu0w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 1D30 27 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 12:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11185
x-xss-protection: 0
server: cafe
etag: 5630310602010257655
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 12:58:38 GMT

GET
H2 200 14991390252959441415
tpc.googlesyndication.com/simgad/ Frame 1D30 21 KB
21 KB 11ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14991390252959441415?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmUA68jjwpTwqo8eQdOpDvaGlWQbw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

660fbaf94f25468f883f58c8709d95475a3331e07af448dbb2f540c9247610d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 07:23:42 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 08:11:18 GMT
server: sffe
age: 208116
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Wed, 12 Oct 2022 07:23:42 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4EA5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

23ms
23ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkeF8mgNP9K6qY1W0NKnXy6JJxVQ2v3NyhxgAjixjYUZHm0A0PR9TdFZefcenw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 17:12:18 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 14-Oct-2021 18:12:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 17:12:18 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 17:12:18 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 923A 143 B
198 B 14ms
14ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkeF8mgNP9K6qY1W0NKnXy6JJxVQ2v3NyhxgAjixjYUZHm0A0PR9TdFZefcenw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 17:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 05C9 466 B
381 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%96%89%E3%81%98%E3%82%8B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e191600bbbaa840db6761295d4041b3933cc6c5e15df54f7bd30f1b590fe280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 17:12:18 GMT
server: ESF
date: Thu, 14 Oct 2021 17:12:18 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 17:12:18 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 05C9 2 KB
994 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:00:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 05C9 18 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:11:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 05C9 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:04:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05C9 123 KB
37 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 17:12:18 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 05C9 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 17:04:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 05C9 0
0 25ms
24ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgqe_biG7mu7ezA57RbhnX4MtlqiHuZ1sTgWuvjY4pJpMWNrxz_lJmAzSrXNzCwLrY4Z7UdOm9h1jOwonfD2REKL_WCg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 05C9 27 KB
11 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 12 Jan 2022 14:23:51 GMT

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 581A 35 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 16:53:37 GMT

GET
H2 200 express_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/ Frame 581A 9 KB
3 KB 10ms
8ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/express_1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99decf2e57b18a85e5cb56188d99a685da6caa26aad681cf6a2026d9394c80b7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 222417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3257
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 09:02:30 GMT
server: sffe
date: Tue, 12 Oct 2021 03:25:21 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Oct 2022 03:25:21 GMT

GET
H2 200 copy.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/ Frame 581A 9 KB
3 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/copy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

215925e45cebe1e509c80c24b6c90aa434cef4b60a45c9b3bc60d61df906cf5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 543232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3393
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 09:02:30 GMT
server: sffe
date: Fri, 08 Oct 2021 10:18:26 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 08 Oct 2022 10:18:26 GMT

GET
H2 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/ Frame 581A 3 KB
1 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/cta.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f07bd642127aa2ded36db5ccfd04e5664e43dc12a00dc5a2b939844c70fc61

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 128440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1162
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 09:02:30 GMT
server: sffe
date: Wed, 13 Oct 2021 05:31:38 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Oct 2022 05:31:38 GMT

GET
H2 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/ Frame 581A 11 KB
4 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df94f250261b0e62e9d52930185d9213aa6a52ce707dd7af144a4ba03c5456b4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 204542
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3918
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 09:02:30 GMT
server: sffe
date: Tue, 12 Oct 2021 08:23:16 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Oct 2022 08:23:16 GMT

GET
H2 200 img.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/ Frame 581A 86 KB
86 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10688699414658601799/img.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65696379d43214671c66450e5023e91c302d98041f6492f0768237429a570a05

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221314
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87612
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 09:02:30 GMT
server: sffe
date: Tue, 12 Oct 2021 03:43:44 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Oct 2022 03:43:44 GMT

GET
DATA 200
OK truncated
/ Frame 1D30 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a1ce449b2e8454813ef30a7711dd5722583eeb81ff1c81710849a66bc7634f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 77ms
34ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a514b42ede79ec37281c680b01c6bbf1cf3e6dda593898bb52d589ac32fdbd83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 17:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8515
x-xss-protection: 0

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 11A3 35 KB
13 KB 15ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: online-sberbank1.ru
URL: https://online-sberbank1.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 16:53:37 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 923A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

26ms
25ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkeF8mgNP9K6qY1W0NKnXy6JJxVQ2v3NyhxgAjixjYUZHm0A0PR9TdFZefcenw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 17:12:18 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 14-Oct-2021 18:12:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 17:12:18 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 17:12:18 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D48 35 KB
13 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 16:53:37 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 14 Oct 2021 17:12:18 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E75 42 B
174 B 38ms
38ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOz_5wrTUcr3tlU_9NfT3IW2L91QZtIA9yoz78hwToKCydkpUc4kGsV0KFhN8i1wgMAywnynzn_YmyfHOf11JTxpBlxLsORDPK7yqJQfLdEefdBzW-ZA&sai=AMfl-YSID8RaMN4xLQq8-kzn2_IZ3hOELyMW0TysOwOi_jRsZ6dT94ob6bLuYQwdkHIVbWv9XvQ7uIeNThZp&sig=Cg0ArKJSzKONBrOoEWibEAE&id=lidar2&mcvt=1047&p=0,125,280,545&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4102060681&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634231537033&rpt=710&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 17:12:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 30C2 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online-sberbank1.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 14 Oct 2021 16:04:25 GMT
expires: Fri, 14 Oct 2022 16:04:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5711 783 B
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0a09d53f57591d09639ed401101e8cdf4d9265d9ca21375b94f12e080862313

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L8mbidmsUlGJysYkZG1iXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online-sberbank1.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 14 Oct 2021 17:12:18 GMT
date: Thu, 14 Oct 2021 17:12:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-L8mbidmsUlGJysYkZG1iXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 30C2 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 87521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 16:53:37 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5711 0
0 69ms
69ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=801897927232337&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 50ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=801897927232337&bg=!Dg2lDUnNAAbGFvHlxhY7ACkAdvg8WjTt5Wh7e3-oYrKLCt_6IFaLq3BWl7yyCBQhh9Xk6apdz46SSAIAAACLUgAAAA5oAQcKAEtU_PVSQNanl_SnjAQ6QXyxXHx2nGY0Hg2_JTWSbW7J1CyUfpgr-wMlJwpR6xUFchWOU2hCng7wG6Uv55ut_nPXqnk8FsLWwFMTgK6ZAp5k54OEzpLK1s9Y3ef9oyZq6Pbtdl1gE6KC9egu69GxtgaBxThXWMOeFAgIuUzBlLWSmbDVqbNErYIX8Wh_uqIzXp6QeUU08HHFB4ev3c8s1pbxIbDDy5bhlDNMI2ImI5N8s0-zoapEYH8w6n6jOqOfyOO4_bjYa_X1teRKRLKjQ0i4YoXce66ae29nOYy5oGVNtXBcQzpVLWeqqVDGRvJSfyRDv2k30SpSIJlZ-gPlySeHr_39ocsZBrw0DxHV958LV5rw1A1p1JlaqFVBvelpdJg-Prc0cb3nHtHTeJEEn-fIf1869v_LEnxFXpXOL3YBhBLjC-QKF3IQIkc_PqGy4aDuKOGzI2vWiFXeBLcVuWOLtaj2uveF9ZJNjrj_6p5rIAp0vOYPiY0v3oouVxMe4KMk_714aFG0i1opK9nLmp-p5pFfCYwrIehxV6vhlACMHXh65K9YS3Hrpm-EuUjZEHaME5szohQyhOpWvwCtvhfpSDfF7mvAEd8mXC4wCyYxT7sgu6uRKczuxRBv1F5dA2YLh9En-_cDP-iFRjJ4lgISdelA31D-H3HKYCd21KdmrWa5hvLdQICtOBeHu0w9nlJkV5oXdjZLdlVCQj3ol4IRu61gOQpgr7sk5x3miPpToTbl16b7v66mGT1ZhSp0W56N5fO9JoVw1JDAfcTjQ2W6yzQo8Uo-mCL2_MJqI6raH_lRnf_kILTkq3leVG6ZFSex4--wqq1GqJt-5BLAa8LTLkjcPIfMjn5lOpHBD9hO4djL18E43z4zRJ7qWqqiPdOhfw0KVf5YtKiNMB1R1BVUy3GV9-h30ry091xiJ0EyD48JDMdkHcI7jsZAJFGf6LvoPhR80x5MD24cwEBXmld_qy3pS21ALRsB5nGO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-sberbank1.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 17:12:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6600 42 B
108 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFYjQ9TSwbb9D2Q_GT4k2xuNm1-3bHOX-hTSb2ckxiarOEl_b_n_IcUnI4s7PswKC-S1lpi0TmTg92C3BQ5oC-tVW71NYo6lZVkC37nr2tJkUZO48v4wlrinnedoP42I_Cmyubm8Okt464Ew&sai=AMfl-YS79BShL29Esd8oyBKy4lp8GwheDjS94slbyMVEjy1JfUJU6WTQzOCq3UhTFF-w-QufOs8FvVhwi7JTvP-d5Zy4VUAWGvXTch4in7S-KfqCa0tJhu1Xtv210NNHa3k&sig=Cg0ArKJSzAJGXxsEBzsBEAE&id=lidar2&mcvt=1001&p=0,0,600,300&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=0.73&if=1&app=0&itpl=2&adk=3627811727&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634231537117&rpt=1070&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 17:12:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D30 42 B
108 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstf-6zx6ClQ76CvlY7J9yTYywRwDadNBV71YULQeUdiWNl_HHsYjIwgWzD6Ho_5QmTr6yyeJ3zZzNzG69cmR7y5kz7NpIh-hIOQ_8uY6p4deXAYr1cjQg&sai=AMfl-YRhqQ1tPQZfwgj3wT44COOfwyj7YOGDOdVHvL3DfD7ypanHzzagk2z8Hf7Ewy7tEIynImYmDdjKNCU8xwJMPKUvQmjgaU7NMNiue455cSz449VP7NbUK0F38jH8i64&sig=Cg0ArKJSzHIpXBNmel7rEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=133,744,1000,1158,1166&tos=133,611,256,158,8&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634231538106&rpt=253&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 17:12:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.8

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-content/plugins/fancybox-for-wordpress/assets/css/fancybox.css?ver=1.3.4

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C700&subset=cyrillic&ver=5.8

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-content/themes/root/css/style.min.css?ver=2.2.3

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-content/plugins/fancybox-for-wordpress/assets/js/jquery.fancybox.js?ver=1.3.4

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1lLGHXc_vK1Rjy0Foq6xIxVXaL/300x250.jpg

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-content/themes/root/js/scripts.min.js?ver=2.2.3

Domain: online-sberbank1.ru
URL: https://online-sberbank1.ru/wp-includes/js/wp-embed.min.js?ver=5.8

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.otclick-adv.ru/core	1970-01-23 13:33:11	Name: idntfy Value: VOsMbOXa7ThjXGo
online-sberbank1.ru/	1969-12-31 23:59:59	Name: redirect_to_cookie_width Value: 1600
online-sberbank1.ru/	1969-12-31 23:59:59	Name: redirect_to_cookie_date Value: 14.10.2021
online-sberbank1.ru/	1969-12-31 23:59:59	Name: redirect_to_cookie_time Value: 17:12
online-sberbank1.ru/	1969-12-31 23:59:59	Name: redirect_to_cookie_reload Value: 234
.yadro.ru/	1970-01-20 06:41:34	Name: FTID Value: 1XQ6Jm3-JzeB1XQ6Jm000UMv
.yadro.ru/	1970-01-20 06:41:34	Name: VID Value: 0lyrrg38eZeB1XQ6Jn000F-0
.online-sberbank1.ru/	1970-01-20 06:42:47	Name: _ym_uid Value: 1634231537493923146
.online-sberbank1.ru/	1970-01-20 06:42:47	Name: _ym_d Value: 1634231537
.online-sberbank1.ru/	1970-01-20 07:18:47	Name: __gads Value: ID=58fa4ed9f0577243-22a853f0f5ca0010:T=1634231537:RT=1634231537:S=ALNI_MaxkmrLefZY_U9l6CBKpAn3B_N1JA
.mc.yandex.com/	1970-01-19 21:57:12	Name: sync_cookie_csrf Value: 1940335602fake
.online-sberbank1.ru/	1970-01-19 21:58:23	Name: _ym_isad Value: 2
.idntfy.ru/	1970-01-23 13:33:11	Name: idntfy Value: VOsMbOXa7ThjXGo
.mc.yandex.ru/	1970-01-19 21:57:12	Name: sync_cookie_csrf Value: 2876349835fake
.yandex.com/	1970-01-20 06:42:47	Name: yandexuid Value: 2429981791634231537
.yandex.com/	1970-01-20 06:42:47	Name: yuidss Value: 2429981791634231537
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 457474001634231537
.yandex.com/	1970-01-23 13:33:11	Name: i Value: OBH7INu8yPgucML5JRvC+dGBXuWDLP2srB+lHl7PF7JnkfXirN5TnVq/R1c0rINZPp67cdiSm7xaBV1WO8ytYr/nphM=
.yandex.com/	1970-01-20 06:42:47	Name: ymex Value: 1665767537.yrts.1634231537#1665767537.yrtsi.1634231537
.doubleclick.net/	1970-01-20 07:18:47	Name: IDE Value: AHWqTUkeF8mgNP9K6qY1W0NKnXy6JJxVQ2v3NyhxgAjixjYUZHm0A0PR9TdFZefcenw
.doubleclick.net/	1970-01-19 21:57:12	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 21:57:15	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9426.GljSOitp1X-N6ceeFgKFQKDLVMSNIrv0zsrWMatAMxYEu552APJaRnuqFugV4OhDFdieq6OrZssrz_ycsHVhnw%2C%2C.OEW8ZYrx21ZcNAd9dALf-v3FXUo%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ae01.alicdn.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idntfy.ru
mc.yandex.com
mc.yandex.ru
online-sberbank1.ru
otclick-adv.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.online-sberbank1.ru
ae01.alicdn.com
fonts.googleapis.com
online-sberbank1.ru
pagead2.googlesyndication.com
104.111.214.74
142.250.185.66
217.107.219.4
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a02:24b0:300:2::32
2a02:6b8::1:119
46.46.137.178
88.212.201.216
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0330e02c3c486e38d255ed3c4cf733c6e811eb528a6526508e3bd91922586df8
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127c494eb2157780fd21c388c6d0232c49a7fa544226c3e723cdc55c69646f55
14f07bd642127aa2ded36db5ccfd04e5664e43dc12a00dc5a2b939844c70fc61
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a1ce449b2e8454813ef30a7711dd5722583eeb81ff1c81710849a66bc7634f1
1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1c235f78410a35ee8160adeebf3908b8ba0a1ba8f5689839ec05d61155ef9f9a
1dd85b526e16d23216c8b6ce0a01ad8b2772205b58450e22ee71964a57f215b4
1e191600bbbaa840db6761295d4041b3933cc6c5e15df54f7bd30f1b590fe280
215925e45cebe1e509c80c24b6c90aa434cef4b60a45c9b3bc60d61df906cf5b
24007b84adce7cc20646a6f93ff5f1666a136d2f3e06f3dfc808451fd3efe3de
253684f3a621a99e7a8af6d3dbb4bf6f7ce749793c2e290965e9ffd41993216d
29bc8d1584c12a05db9ac9637886359eb8688bb718cd946ff177dcca7cafd81b
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
32daa0b2c4965b913cbf1e869e480e81b66782717b200283108803c3e86231d2
379ba40b5a1ecf8ae944deddf1c03709007fc8b6e60d31744fdf3a9b32c0f982
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
39934a281e24990cdaca8abe4f15a44f9eb8ad2bacb3cd6b6231e46e6579797c
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
519688b452987df9e19cd80f091a1de138f2d53f4a5e9158dc3190eacc28e3d6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55804d675a713bff7f36baf9911ca3467ab5bbfcee717564bb768bdc030501ad
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
65696379d43214671c66450e5023e91c302d98041f6492f0768237429a570a05
660fbaf94f25468f883f58c8709d95475a3331e07af448dbb2f540c9247610d1
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
7a9d9f36e8aa43284fe3245391056c3111457db452cceeab098dc0cb6fd934d6
7e204f01d5b640388ee502377c83c5a7055c1d2d95b0455d31689b26b1028105
82efd5119e31d3c28df4607d7b92ab2a0a429542a6ac92d2fc73464157ee3723
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8aaae8cb64403bebcac996ab13ecd0902d949eaad8ec1205057a7f0c74c68952
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e6630390ef512b8785eac0eac76219d07d16c69f68760f0e3677e9b7348f1e3
9052c5a2f595d6b78e5baed4348610767c1b23aec65f560b36cdebdeb46a91ab
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
99decf2e57b18a85e5cb56188d99a685da6caa26aad681cf6a2026d9394c80b7
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4da83fc323c6f3489594687d740f21dea9ac2b5d656d73f57cfb3550abd7f5c
a514b42ede79ec37281c680b01c6bbf1cf3e6dda593898bb52d589ac32fdbd83
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b0a09d53f57591d09639ed401101e8cdf4d9265d9ca21375b94f12e080862313
b21f17cf622c771f1646868d61a15628ec2f9c8d90020fdead0e0d50afafe7dd
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b7b03f3c0e0766b0ddd065ceb831d228f7167aa25ce98413471800990fe159df
b7b69024e7fdb5e587ad524da5cb77cffa0603277dce3f0be24068cf987ccc0e
b90496fc6fc903b5624fd1a74d5d6e4ee59f50b2b0b3bc87fa5ea5f1ec1996cc
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bed10853a8a19744b0d29e03fec969313b238afcac7650bca7c3c185436d6a49
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
cb198991477b6c66321aacd6d9452439eb24c02d12ec519e55db7b253debaf51
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df94f250261b0e62e9d52930185d9213aa6a52ce707dd7af144a4ba03c5456b4
e16e03dfd994e6e101cf38bfbe87ce8407181d5354ce8cf0e2f09e4b29a5d75b
e3a9fde73ab4eed86a484b3ddb02e285cead10a46c95d7915c2ff9a490a711a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
fbefbec9195c7a222e896bc45b0afa18af494fdc038c0977cefe1401efc64be2
fee6e549e9c1332880b1c1a9e36bc6dca50c1d0e673ebaa8cb0780d8a76e697c

online-sberbank1.ru Open in urlscan Pro 217.107.219.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

89 %HTTPS

69 %IPv6

15 Domains

19 Subdomains

16 IPs

3 Countries

1632 kBTransfer

3590 kBSize

22 Cookies

5 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

online-sberbank1.ru Open in urlscan Pro
217.107.219.4 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

89 %
HTTPS

69 %
IPv6

15
Domains

19
Subdomains

16
IPs

3
Countries

1632 kB
Transfer

3590 kB
Size

22
Cookies

125 HTTP transactions
3 data transactions