urlscan.io logo urlscan.io
SecurityTrails logo

banks-rf.ru Open in urlscan Pro
81.177.141.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.banks-rf.ru/
Effective URL: https://banks-rf.ru/
Submission: On August 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 18 domains to perform 88 HTTP transactions. The main IP is 81.177.141.34, located in Russian Federation and belongs to RTCOMM-AS, RU. The main domain is banks-rf.ru.
TLS certificate: Issued by R3 on August 24th 2021. Valid for: 3 months.
This is the only time banks-rf.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

35    81.177.141.34 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)
www.banks-rf.ru
banks-rf.ru
9    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    217.160.242.25 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
image.newsru.com
2    80.68.253.13 (Russian Federation)

ASN20848 (ROSBUSINESSCONSULTING-AS, RU)
PTR: redirector.rbc.ru
www.rbcdaily.ru
2    80.68.253.3 (Russian Federation)

ASN20848 (ROSBUSINESSCONSULTING-AS, RU)
PTR: www.rbc.ru
www.rbc.ru
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
5    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
34 banks-rf.ru banks-rf.ru
12 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 pagead2.googlesyndication.com banks-rf.ru
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 www.gstatic.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.rbc.ru banks-rf.ru
2 www.rbcdaily.ru 2 redirects
2 image.newsru.com banks-rf.ru
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.banks-rf.ru 1 redirects
0 vk.com Failed banks-rf.ru
0 urls.api.twitter.com Failed banks-rf.ru
0 www.odnoklassniki.ru Failed banks-rf.ru
0 connect.mail.ru Failed banks-rf.ru
0 share.yandex.ru Failed banks-rf.ru
0 graph.facebook.com Failed banks-rf.ru
0 pics.rbcdaily.ru Failed banks-rf.ru
88 23

This site contains links to these domains. Also see Links.

Domain
pikabu.ru
www.livejournal.com
www.liveinternet.ru
Subject Issuer Validity Valid
banks-rf.ru
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.newsru.com
R3		 2021-06-07 -
2021-09-05		 3 months crt.sh
*.rbc.ru
RU-CENTER High Assurance Services CA 2		 2021-01-21 -
2022-02-19		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://banks-rf.ru/
Frame ID: 1D02D70D7900F87C2930593FF6172731
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html
Frame ID: 05CCE62DF6209415B94B2694FFE9B604
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Frame ID: F3E4B0C7BF3B13E083AEF554BD3B0C25
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Frame ID: 7A11F79F09B17054F07398FBEFA91D06
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&adk=1812271804&adf=3025194257&lmt=1629775421&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbanks-rf.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421594&bpp=1&bdt=1201&idt=59&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C980x280&nras=1&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=62
Frame ID: 879745741C6D5A765AA579B778842A65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Frame ID: BE29DE674A3208ADC3D4E40B6D3E0FA8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Frame ID: 8DF8C4F0E894E71309B18E93B3280E60
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F3EE9EF0C718407819226CEDE0AB56E3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A83BD2D7DA34AA08CE08175AC25AF062
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Справочник банков

Page URL History Show full URLs

  1. https://www.banks-rf.ru/ HTTP 301
    https://banks-rf.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /mootools.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

88
Requests

91 %
HTTPS

74 %
IPv6

18
Domains

23
Subdomains

19
IPs

3
Countries

1702 kB
Transfer

2885 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.banks-rf.ru/ HTTP 301
    https://banks-rf.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.rbcdaily.ru/static/styles/blocks/b-article-item/images/logo-for-blog.gif HTTP 302
  • https://www.rbc.ru/newspaper/
Request Chain 32
  • https://www.rbcdaily.ru/static/styles/blocks/b-article-item/images/logo-for-blog.gif HTTP 302
  • https://www.rbc.ru/newspaper/

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
banks-rf.ru/
Redirect Chain
  • https://www.banks-rf.ru/
  • https://banks-rf.ru/
46 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
213e62855eb22da07543fc8f4ccc29e6ddb25f8fb668fc2fbf097cea6ce8a2e6

Request headers

:method
GET
:authority
banks-rf.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-type
text/html; charset=utf-8
content-length
8004
server
Jino.ru/mod_pizza
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-type
text/html; charset=UTF-8
content-length
20
location
https://banks-rf.ru/
server
Jino.ru/mod_pizza
vary
Accept-Encoding
content-encoding
gzip
mod_idcurrenciesrates.css
banks-rf.ru/modules/mod_idcurrenciesrates/ 		329 B
384 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/modules/mod_idcurrenciesrates/mod_idcurrenciesrates.css
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
cff3b24f7b7cde6f8585e6859db29074467e1bb74a32c60eb6c3fd3f1c2c3907

Request headers

:path
/modules/mod_idcurrenciesrates/mod_idcurrenciesrates.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"7f8e76d2c46901deec6f7e2895fa9602"
vary
Accept-Encoding
content-type
text/css; charset=
cache-control
public, max-age=2592000
content-length
196
mootools-core.js
banks-rf.ru/media/system/js/ 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/media/system/js/mootools-core.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6

Request headers

:path
/media/system/js/mootools-core.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"cf58a30ea9b7a731712baede90b790ec"
vary
Accept-Encoding
content-type
application/javascript; charset=
cache-control
public, max-age=2592000
content-length
31097
core.js
banks-rf.ru/media/system/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/media/system/js/core.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b

Request headers

:path
/media/system/js/core.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"4b59c964036a5a6ba36d4cfa34968c2a"
vary
Accept-Encoding
content-type
application/javascript; charset=
cache-control
public, max-age=2592000
content-length
1713
caption.js
banks-rf.ru/media/system/js/ 		729 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/media/system/js/caption.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
5fe084328c9d2b7612b6e7c739946752c5326ece5a1566a41531f3efff175321

Request headers

:path
/media/system/js/caption.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"031416fd2123cc114170494fdfc1a8a0"
vary
Accept-Encoding
content-type
application/javascript; charset=
cache-control
public, max-age=2592000
content-length
403
mootools-more.js
banks-rf.ru/media/system/js/ 		233 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/media/system/js/mootools-more.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
65d92e52232e1409aaaebc6ad930501bb223b96fea580940d39470f3f492e6ba

Request headers

:path
/media/system/js/mootools-more.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
content-encoding
gzip
etag
"06a6a417945b8e518494ffc4c8abd22b"
vary
Accept-Encoding
content-type
application/javascript; charset=
default.js
banks-rf.ru/modules/mod_bt_floater/tmpl/js/ 		2 KB
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/modules/mod_bt_floater/tmpl/js/default.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
49460cab901501b1ca16d8c8610a5eff95910ca866e8c463b925a82dd4bed8bb

Request headers

:path
/modules/mod_bt_floater/tmpl/js/default.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"287330b34d38c213e5aef92d09bf6d8c"
vary
Accept-Encoding
content-type
application/javascript; charset=
cache-control
public, max-age=2592000
content-length
593
system.css
banks-rf.ru/templates/system/css/ 		896 B
610 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/templates/system/css/system.css
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
81daea821e31e38d0817e29d17fa03d7b39d28291c8fb06eecd9111faabef9de

Request headers

:path
/templates/system/css/system.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"5eb2fce934fc4203857ce20333a2566c"
vary
Accept-Encoding
content-type
text/css; charset=
cache-control
public, max-age=2592000
content-length
422
general.css
banks-rf.ru/templates/system/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/templates/system/css/general.css
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
04c2af8f5b8d414c47847201a33ac5873aef26bed9fbedd351222362ef66912e

Request headers

:path
/templates/system/css/general.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"6ce52781de5ab36383064948b55333d6"
vary
Accept-Encoding
content-type
text/css; charset=
cache-control
public, max-age=2592000
content-length
881
template.css
banks-rf.ru/templates/05032015/css/ 		53 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/templates/05032015/css/template.css
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
7b3f147ea41b85e50a557be685dfe4bf7a889f5e117669ea503615f2f106076e

Request headers

:path
/templates/05032015/css/template.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"62eec4f929826f9d03596ae38a928b9b"
vary
Accept-Encoding
content-type
text/css; charset=
cache-control
public, max-age=2592000
content-length
7489
template.responsive.css
banks-rf.ru/templates/05032015/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/templates/05032015/css/template.responsive.css
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
82045daa7273cbb9684a4246db3152f34d4532485493150d5ee690d845d9cacc

Request headers

:path
/templates/05032015/css/template.responsive.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"a066c155cb4890567c321aa5471c50b0"
vary
Accept-Encoding
content-type
text/css; charset=
cache-control
public, max-age=2592000
content-length
1536
jquery.js
banks-rf.ru/templates/05032015/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/templates/05032015/jquery.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Request headers

:path
/templates/05032015/jquery.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"ddb84c1587287b2df08966081ef063bf"
vary
Accept-Encoding
content-type
application/javascript; charset=
cache-control
public, max-age=2592000
content-length
33140
script.js
banks-rf.ru/templates/05032015/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/templates/05032015/script.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
194adc301c26ab822296975261798e719505a52b4d64214f93067c1f8b5346ed

Request headers

:path
/templates/05032015/script.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"b238be5f2cca052e0fdf042e25b6e583"
vary
Accept-Encoding
content-type
application/javascript; charset=
cache-control
public, max-age=2592000
content-length
10189
script.responsive.js
banks-rf.ru/templates/05032015/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/templates/05032015/script.responsive.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
b9c3a69b6c61d4f158ce72fb012d2710693cc94592a92525bfdd634bf122892b

Request headers

:path
/templates/05032015/script.responsive.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"4762243a90a815e989f19e9d318e00b8"
vary
Accept-Encoding
content-type
application/javascript; charset=
cache-control
public, max-age=2592000
content-length
2510
share42.js
banks-rf.ru/share42/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/share42/share42.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
00ca70dfc3c55cc0c07e48f2a839ae89ff82191446a036e0db26da45499441bb

Request headers

:path
/share42/share42.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"fad695c23c69c3d68cac318a0273c6d1"
vary
Accept-Encoding
content-type
application/javascript; charset=
cache-control
public, max-age=2592000
content-length
3194
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c838fc36a34ba2b6a81bc721c8f8f8902ac1130d05b6a568e9977d2012719e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49830
x-xss-protection
0
server
cafe
etag
13038126457644665702
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 24 Aug 2021 03:23:40 GMT
1721908_20150226161758.gif
image.newsru.com/pict/id/large/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.newsru.com/pict/id/large/1721908_20150226161758.gif
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
d7a08f3d0e2f7feb82b59fea224e3dce6b47480791f2ab8f71258c9a44698174

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 03:23:40 GMT
Last-Modified
Thu, 26 Feb 2015 13:17:58 GMT
Server
nginx
ETag
"54ef1d06-17d92"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97682
Expires
Tue, 31 Aug 2021 03:23:40 GMT
1722141_20150227140440.gif
image.newsru.com/pict/id/large/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.newsru.com/pict/id/large/1722141_20150227140440.gif
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
8505920de24c20de009d8e537839d65f8232da35597bf4aff703c6d2830b9ef3

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 24 Aug 2021 03:23:40 GMT
Last-Modified
Fri, 27 Feb 2015 11:04:38 GMT
Server
nginx
ETag
"54f04f46-15a45"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88645
Expires
Tue, 31 Aug 2021 03:23:40 GMT
/
www.rbc.ru/newspaper/
Redirect Chain
  • https://www.rbcdaily.ru/static/styles/blocks/b-article-item/images/logo-for-blog.gif
  • https://www.rbc.ru/newspaper/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ru/newspaper/
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.68.253.3 , Russian Federation, ASN20848 (ROSBUSINESSCONSULTING-AS, RU),
Reverse DNS
www.rbc.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

location
https://www.rbc.ru/newspaper/
date
Tue, 24 Aug 2021 03:23:41 GMT
server
nginx
content-length
138
content-type
text/html
98581f7c7eaab25c9e2434527ba90266.jpg
pics.rbcdaily.ru/c/160x120/rbcdaily_pics/v4/26/06/ 		0
0
f2a35294e101e8674c78da645a837144.jpg
pics.rbcdaily.ru/c/160x120/rbcdaily_pics/v4/22/48/ 		0
0
grozny2.png
banks-rf.ru/images/news/ 		586 KB
587 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/images/news/grozny2.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
f74a7679ef8bc90dc055e7e491911d73e23969bafc70a229c799087629a3240e

Request headers

:path
/images/news/grozny2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"4c9ee097d305f1d118a21b5a16baa330"
content-type
image/png
system.css
banks-rf.ru/media/system/css/ 		1 KB
738 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banks-rf.ru/media/system/css/system.css
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/system/css/system.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
7998b1a3a745310a44df30b99b5becc3aa15eab739c3421096f7e7feacfe9d92

Request headers

:path
/media/system/css/system.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/system/css/system.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/system/css/system.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:40 GMT
content-encoding
gzip
server
Jino.ru/mod_pizza
etag
"9d3914d8cc86129b58a605a801999bc5"
vary
Accept-Encoding
content-type
text/css; charset=
cache-control
public, max-age=2592000
content-length
549
page.jpeg
banks-rf.ru/templates/05032015/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/page.jpeg
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
89fdc2ac11dfbe271bfbd78c6dad12c9de8a0da6b95d23b4f50a8e67dcb7f311

Request headers

:path
/templates/05032015/images/page.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"20a44a194bc11d2c4111e9a2d0f65cef"
content-type
image/jpeg
header.jpg
banks-rf.ru/templates/05032015/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/header.jpg
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
52b6ca90c28218fe668a01a66f50009001c4345667a71d8dd3ec426046d8e5e9

Request headers

:path
/templates/05032015/images/header.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"a74dc22a05707c4ac884bc1ddc7109dd"
content-length
1823
content-type
image/jpeg
object534403361.png
banks-rf.ru/templates/05032015/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/object534403361.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
01d954d8df295ae38c9a2d9740b748078e8864eeed0ec981e15610814d5ad72b

Request headers

:path
/templates/05032015/images/object534403361.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"cf27b82adb056ce714ec348472cf6e25"
content-type
image/png
object1064097424.png
banks-rf.ru/templates/05032015/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/object1064097424.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
f0ffb505e8cbe662a43a9964e5af8c4697063e184d1339fa30a4df768c109625

Request headers

:path
/templates/05032015/images/object1064097424.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"b78b380bf74fe2c9dddfa38a697f194a"
content-type
image/png
object1547634306.png
banks-rf.ru/templates/05032015/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/object1547634306.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
8614379bb9ffa5758d0bff409c6fb46225bc140a404e3f360b79f5bd837a0670

Request headers

:path
/templates/05032015/images/object1547634306.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"cae0bfe8ee44c91e2c199cd2b82362a8"
content-type
image/png
menuseparator.png
banks-rf.ru/templates/05032015/images/ 		193 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/menuseparator.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
817180588bd332b90d7db570a61c0a999e010fdc43a6f3750b3555cc62def06d

Request headers

:path
/templates/05032015/images/menuseparator.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"93a0a5e6a90f9ade3109c1c4812761d0"
content-length
193
content-type
image/png
spacer.gif
banks-rf.ru/templates/05032015/images/ 		73 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/spacer.gif
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
800323b701904203a9037d6f4ffb9025ceea778420af391c4e21a1b61f4468c4

Request headers

:path
/templates/05032015/images/spacer.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"bd706877a84f2a521bfb39aba97af038"
content-length
73
content-type
image/gif
sidebar1glare.png
banks-rf.ru/templates/05032015/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/sidebar1glare.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
f24bc2fb54fddc36c33c71d9f41bb96d169f18eab6cb37758ff7df1819084bbd

Request headers

:path
/templates/05032015/images/sidebar1glare.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:42 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"6e6f63e77a7cf7f96b9f2c14a6d7d5c6"
content-type
image/png
vmenublockheadericon.png
banks-rf.ru/templates/05032015/images/ 		779 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/vmenublockheadericon.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
824b5a611d5fa63177c2b7f5d7742276b78477ab9b6e05aeb46ca182c23f441b

Request headers

:path
/templates/05032015/images/vmenublockheadericon.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:42 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"1bfc8e5f75a9df110242d22386d5f2eb"
content-length
779
content-type
image/png
vmenuitemicon.png
banks-rf.ru/templates/05032015/images/ 		142 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/vmenuitemicon.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
6bbb1ad3d2675c096e5e305a3670504b0d361219527266c00cdae6444417caf0

Request headers

:path
/templates/05032015/images/vmenuitemicon.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:43 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"fc5c2e3aa15e6045167ae66e446b3ece"
content-length
142
content-type
image/png
/
www.rbc.ru/newspaper/
Redirect Chain
  • https://www.rbcdaily.ru/static/styles/blocks/b-article-item/images/logo-for-blog.gif
  • https://www.rbc.ru/newspaper/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbc.ru/newspaper/
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.68.253.3 , Russian Federation, ASN20848 (ROSBUSINESSCONSULTING-AS, RU),
Reverse DNS
www.rbc.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

location
https://www.rbc.ru/newspaper/
date
Tue, 24 Aug 2021 03:23:41 GMT
server
nginx
content-length
138
content-type
text/html
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ 		252 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 24 Aug 2021 03:23:41 GMT
sidebar2glare.png
banks-rf.ru/templates/05032015/images/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/templates/05032015/images/sidebar2glare.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/templates/05032015/css/template.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
f24bc2fb54fddc36c33c71d9f41bb96d169f18eab6cb37758ff7df1819084bbd

Request headers

:path
/templates/05032015/images/sidebar2glare.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/templates/05032015/css/template.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/templates/05032015/css/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"6e6f63e77a7cf7f96b9f2c14a6d7d5c6"
content-type
image/png
USD.png
banks-rf.ru/modules/mod_idcurrenciesrates/flags/ 		664 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/modules/mod_idcurrenciesrates/flags/USD.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
822d551306e9332ef14c5fca3c46b151cf90afa6d850883317fedc91541cf86d

Request headers

:path
/modules/mod_idcurrenciesrates/flags/USD.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"c82da36c3a4bd09c96abcde9a56c6bfa"
content-length
664
content-type
image/png
EUR.png
banks-rf.ru/modules/mod_idcurrenciesrates/flags/ 		672 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/modules/mod_idcurrenciesrates/flags/EUR.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
8ddb795f0ba6a36386ff0d8f60e57010bc497904fb81973ef28baeb5ef14cf64

Request headers

:path
/modules/mod_idcurrenciesrates/flags/EUR.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"8c8a08068c2e69234d97d58cc9c4ce13"
content-length
672
content-type
image/png
CNY.png
banks-rf.ru/modules/mod_idcurrenciesrates/flags/ 		660 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/modules/mod_idcurrenciesrates/flags/CNY.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
5780b318dd39baf88889669cbed317db0ce81f4737e93c5f71f9f068c2c7dfbb

Request headers

:path
/modules/mod_idcurrenciesrates/flags/CNY.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"e950c6b5250542ac46a3996b583ce3a9"
content-length
660
content-type
image/png
GBP.png
banks-rf.ru/modules/mod_idcurrenciesrates/flags/ 		666 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/modules/mod_idcurrenciesrates/flags/GBP.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
aa4f3616216e9aa867d85b0a744fb6134cba5770671eb475c1d1bfbb49b53312

Request headers

:path
/modules/mod_idcurrenciesrates/flags/GBP.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"4bf72c3f3feb5b74456bab03c785ec35"
content-length
666
content-type
image/png
UAK.png
banks-rf.ru/modules/mod_idcurrenciesrates/flags/ 		81 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/modules/mod_idcurrenciesrates/flags/UAK.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81

Request headers

:path
/modules/mod_idcurrenciesrates/flags/UAK.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"5fa23ea9f65e3a772b747fa0e6234308"
content-length
81
content-type
image/png
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/ Frame 05CC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210816/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banks-rf.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://banks-rf.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 23 Aug 2021 08:37:30 GMT
expires
Mon, 06 Sep 2021 08:37:30 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
67571
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
graph.facebook.com/ 		0
0
gpp.xml
share.yandex.ru/ 		0
0
share_count
connect.mail.ru/ 		0
0
dk
www.odnoklassniki.ru/ 		0
0
count.json
urls.api.twitter.com/1/urls/ 		0
0
share.php
vk.com/ 		0
0
cookie.js
partner.googleadservices.com/gampad/ 		201 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=banks-rf.ru&callback=_gfp_s_&client=ca-pub-8891247570239205
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
3d4f7cbf9a7b267e2c2f3b7b428bc700c4aeedf436679d4f1432a14d29d3ef75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=banks-rf.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 03:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=banks-rf.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 03:23:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F3E4 		85 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96c1bd20287d9876a5e987a4ea38119d14c11bb223ad8d843ef27210e7cfa25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banks-rf.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://banks-rf.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 24 Aug 2021 03:23:42 GMT
server
cafe
content-length
27946
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 24-Aug-2021 03:38:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 24 Aug 2021 03:23:42 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718286636491"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27620
x-xss-protection
0
expires
Tue, 24 Aug 2021 03:23:41 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7A11 		89 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53704e4b543761170c2dd65c187d58c8b3e67cd7bd6d3f57e22877be77b61724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banks-rf.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://banks-rf.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 24 Aug 2021 03:23:42 GMT
server
cafe
content-length
28846
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 24-Aug-2021 03:38:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 24 Aug 2021 03:23:42 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 8797 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&adk=1812271804&adf=3025194257&lmt=1629775421&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbanks-rf.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421594&bpp=1&bdt=1201&idt=59&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C980x280&nras=1&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=62
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8891247570239205&output=html&adk=1812271804&adf=3025194257&lmt=1629775421&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbanks-rf.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421594&bpp=1&bdt=1201&idt=59&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C980x280&nras=1&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=62
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banks-rf.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://banks-rf.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 24 Aug 2021 03:23:41 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 24-Aug-2021 03:38:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 24 Aug 2021 03:23:41 GMT
cache-control
private
css
fonts.googleapis.com/ Frame F3E4 		3 KB
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 02:22:47 GMT
server
ESF
date
Tue, 24 Aug 2021 03:23:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Aug 2021 03:23:42 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame F3E4 		1 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 03:04:57 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame F3E4 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 02:26:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3428
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7637
x-xss-protection
0
server
cafe
etag
2853818853078434854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 02:26:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame F3E4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 02:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1828
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 02:53:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F3E4 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:42 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 03:23:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame F3E4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
909
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 03:08:33 GMT
b0b7c8cfc8b22cb6a71ecf22b35577d4.js
www.gstatic.com/mysidia/ Frame F3E4 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b0b7c8cfc8b22cb6a71ecf22b35577d4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 04:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Nov 2021 13:07:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F3E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4vlbPWYkYaXAKJHx3wOkwISgB__nqMVk_uTmy54O2tkeEAEgjPiFIWCVAqABnc2l-wLIAQmpAtqrl517tbM-qAMByAPLBKoEtgFP0Ng_sw9ihRQeTB7t-BTpDahqAeMRtctcjSqmtmY9zwnmppexhIC49u6gJ5syv-vKibYFZvDuIzrcf65e9HaCU4KdeQnE2VHB7MkbDD0MJqHfjhQZAALmEqAVB36snG3MMT8Ohv7phe6HpQW3YYxM4MMl0lHRmSedT4PO8crdHiR3Q0XN4T9hOWi805ST1PUYiEbSOJ3ujQP6FycQIy9oFQQ1mBoQfnOTVhZSuYv2fJzO7M0h3MAE8JXFsaYDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8uy2oQBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEL6FNNIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItODg5MTI0NzU3MDIzOTIwNRgA&sigh=Ge495W5UKzg&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 24 Aug 2021 03:23:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 24 Aug 2021 03:23:42 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/12848051227690047772/ Frame F3E4 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12848051227690047772/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9d996437389a37e236922f76e7b4434b4cc4eeb36e39b366b5abd4599c2bd22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:42:06 GMT
x-content-type-options
nosniff
age
60096
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7739
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 17:50:59 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Aug 2022 10:42:06 GMT
truncated
/ Frame F3E4 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F3E4 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49a2664dacb62fd4715401e266976c6edae00d77a351795f43b45beff4833633

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame F3E4 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:11 GMT
x-content-type-options
nosniff
age
530551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:11 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame F3E4 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:03 GMT
x-content-type-options
nosniff
age
530559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:00:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:03 GMT
css
fonts.googleapis.com/ Frame 7A11 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 02:07:09 GMT
server
ESF
date
Tue, 24 Aug 2021 03:23:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Aug 2021 03:23:42 GMT
D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
pagead2.googlesyndication.com/bg/ Frame BE29 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=4197790424&adf=1748226182&pi=t.ma~as.3816097776&w=970&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421541&bpp=32&bdt=1148&idt=84&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&correlator=4076489443188&frm=20&pv=2&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=316&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Cd%7CopeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UMyea4Aakz&p=https%3A//banks-rf.ru&dtd=98
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
541748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13489
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 15:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 20:54:34 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 7A11 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 03:04:57 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 7A11 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7637
x-xss-protection
0
server
cafe
etag
2853818853078434854
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 03:06:03 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 7A11 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:17:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 03:17:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A11 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:42 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629718280506303"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38186
x-xss-protection
0
expires
Tue, 24 Aug 2021 03:23:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 7A11 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
909
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Sep 2021 03:08:33 GMT
b0b7c8cfc8b22cb6a71ecf22b35577d4.js
www.gstatic.com/mysidia/ Frame 7A11 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b0b7c8cfc8b22cb6a71ecf22b35577d4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 04:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Nov 2021 13:07:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7A11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEjY5PWYkYafQKo_f3wOChangD_--jJBkzNWdzO0N-p3coNQBEAEgjPiFIWCVAqABk56b1wPIAQmpAtqrl517tbM-qAMByAPLBKoEtQFP0ENMSG1mBpJWBOJd3gwIzOqsgGWeud-dOB1rjysEMDbyLrzoERicrZGE1ZaEoh4MACHajqyTiIvss7nrmBlyDH7Oqq1qOroOBc1qF9CX5s2eoUKxRnnDjmN4JlyqUFx-UFoPRY1I1j33NULKYwFvVvDW3DpEaiV8Ey6kDpMkG91pWvix7nso8sYd8sGw5-xbjnwW7gaz1bK6Xd_fQjiMFL5q1H0beY1GwHHEtF_TAV8hw9S1wAT224nixgOSBQQIBBgBkgUECAUYBKAGLoAH1eHkKKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCEzCnSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMNiBQB0BUBgBcBshccChoIABIUcHViLTg4OTEyNDc1NzAyMzkyMDUYAA&sigh=0XKvNcmHSuQ&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 24 Aug 2021 03:23:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/9730327569825436596/ Frame 7A11 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9730327569825436596/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34dc1bd36ca7371f4763b16e96b63f9702abcc9fe9c6e4e023c4af363bd87324
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 06:15:31 GMT
x-content-type-options
nosniff
age
421691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16447
x-xss-protection
0
last-modified
Thu, 29 Oct 2020 15:04:54 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Aug 2022 06:15:31 GMT
truncated
/ Frame 7A11 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7A11 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4185d1a6430235eb7c33d4747c2879dc2ed743b26e65719cd4be10fc815abca

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 7A11 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:11 GMT
x-content-type-options
nosniff
age
530551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:11 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 7A11 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:03 GMT
x-content-type-options
nosniff
age
530559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:00:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:03 GMT
D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
pagead2.googlesyndication.com/bg/ Frame 8DF8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8891247570239205&output=html&h=280&slotname=3816097776&adk=1774852347&adf=3780508927&pi=t.ma~as.3816097776&w=980&fwrn=4&fwrnh=100&lmt=1629775421&rafmt=1&psa=0&format=980x280&url=https%3A%2F%2Fbanks-rf.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629775421580&bpp=1&bdt=1187&idt=65&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=4076489443188&frm=20&pv=1&ga_vid=1026173224.1629775422&ga_sid=1629775422&ga_hid=1341655734&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=312&ady=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=1915663105641456&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JODROHBl6v&p=https%3A//banks-rf.ru&dtd=69
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:54:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
541748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13489
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 15:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 20:54:34 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F3E4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunPqU5eJz6qcJcHg4QHRS8CEHJV0I2tXSDT1TDIai6dg9r6v0ej-yDCD8m2wUeJYGO9VMpVOvVAeRH85sNxVerkenK8CVmKpT9Mcnw-z_C7aDc7sIW59xPP_6IRg&sai=AMfl-YQpPlSXSyEMjHjsd3G43v9awuFQk1SL4JZCJuth08GKsJ2D2B7EZCG2AH6g-SRlmm_epGGRaNey3v-0&sig=Cg0ArKJSzI-Kz9EHJ25wEAE&id=lidar2&mcvt=1000&p=455,316,735,1286&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4197790424&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629775421642&dlt=566&rpt=42&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 03:23:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7A11 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk9Eim6WvZ5Bzt-pRSwF4HijIjV9einrHDkJmahvpw_OJFfB98yPlFK7-RWQADYVxrp2WipSDH_CgosTWw9VLi6d5QAaXpEhHwOXp9rcSyo0w0N_ncF_XMJODo8g&sai=AMfl-YRbMjNe7wXD7DF1oetlJzlfNDW3hVks_ONxHwU_zuqhdY8iv6aRrgRyVP6y6bOL5yd6C0K2Vxnc-w9U&sig=Cg0ArKJSzPexB0fY5roZEAE&id=lidar2&mcvt=1000&p=1116,312,1396,1292&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=0.3&if=1&app=0&itpl=22&adk=1774852347&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629775421651&dlt=640&rpt=28&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 03:23:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d76cd67619fe62cae706d7334d560464e9690178739d2c069d4ad67351d15e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 24 Aug 2021 03:23:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8546
x-xss-protection
0
icons.png
banks-rf.ru/share42/ 		81 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banks-rf.ru/share42/icons.png
Requested by
Host: banks-rf.ru
URL: https://banks-rf.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.177.141.34 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81

Request headers

:path
/share42/icons.png
pragma
no-cache
cookie
__gads=ID=77fc2005325d6e58-22815da9b3c9001d:T=1629775421:RT=1629775421:S=ALNI_Mauu1e4fXkidNuf_vYrbiJ7JLE-nQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
banks-rf.ru
referer
https://banks-rf.ru/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:43 GMT
cache-control
public, max-age=2592000
server
Jino.ru/mod_pizza
etag
"5fa23ea9f65e3a772b747fa0e6234308"
content-length
81
content-type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8891247570239205&plah=banks-rf.ru
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 24 Aug 2021 03:23:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F3EE 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banks-rf.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://banks-rf.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 24 Aug 2021 00:42:51 GMT
expires
Wed, 24 Aug 2022 00:42:51 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9652
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A83B 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cb3b8a185a197a6f7815a24b99214870a2f0283e152885b79416ef3e410acf75
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aZf3dK9+TwVofaQI42SaZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://banks-rf.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://banks-rf.ru/

Response headers

expires
Tue, 24 Aug 2021 03:23:43 GMT
date
Tue, 24 Aug 2021 03:23:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-aZf3dK9+TwVofaQI42SaZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
pagead2.googlesyndication.com/bg/ Frame F3EE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 11:26:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
57411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13303
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 11:26:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210816&jk=1915663105641456&bg=!QUKlQgbNAAZvV8FTb1c7ACkAdvg8WnBBsh6qrOBD72xoTVYLeIqqKOslUGsLKgWQnsLF-j3qe3iMKAIAAAA1UgAAAApoAQeZAn2gl_4JreGc4kYSnWemsdW1FK46cNYzX4udRaxxDru7a419voeZ8tWIZUkglUq1d9bpKYMzs2sQxZPpM8diSGvJvUR9yPawg-llDZ1ZvP6avDOfoDUvVOQC3YqOKbjQsavpgvXpMicKDfda7GRY-iggYA-zbHG39qmM2F8QrIY9MXrcIAikSM2yMf5vXJ9_Vu7cFpKHKKC9vBF3UgJjgqj2kK9P-Wt67DqBTr8ygwvvnR4r2FKqIf83SgycE_v8z9oOqcheMmr9KcZPhazLWqgqUBMjwBLwumBQVSQIn15A4mwsdDi-gTEjZ-Zx3pxlUozU9MzwHTlrqg72FvCsbCkWUqR4K670H0PPfWE2JD6y1f-aSlgfIwaQqFiil8KJ6as4wb_P19L8QR1SBf-bHS9ojFZXAaVbpyxfFsgunHAAWqSUwXehULiDVDFeukbb22UyStnF_VYkk86lFZDFurn4jbcoTmsum9BahC4dd78Lpe9xhIXDDl3LH7WhTRQc1RvVn1C3Pf1fAaiEjCNQ3pOMGwKGDas2dx78oiQVvWMTvMYqOxPiifPLzSWC6kZ9XED1OzQC0Dtba-1CH1Ngsy8BfrGgYgy-wgrFTjzRjNQzc2ROaSYN5MBw2HmGrKD44VhELEZR4S7QUJBUwZ5sm-AzNhq37FrbwRldG5xNbKxUWTK_culDiBh1J0MoBcybTxTSharKLT3DdgMKNBu4my-64eIP_YgGAMiRN6UZwNYso6_A-xqHq3eYmVjULL9DrDZEmNn4J-SjYKsb-sTOaM4PVo8nquJ6G3u5T6V7Bzveb5JeJy95mvJZj_isi-bP1O_j7pNtNNXeubBwUbqS
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://banks-rf.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pics.rbcdaily.ru
URL
https://pics.rbcdaily.ru/c/160x120/rbcdaily_pics/v4/26/06/98581f7c7eaab25c9e2434527ba90266.jpg
Domain
pics.rbcdaily.ru
URL
https://pics.rbcdaily.ru/c/160x120/rbcdaily_pics/v4/22/48/f2a35294e101e8674c78da645a837144.jpg
Domain
graph.facebook.com
URL
http://graph.facebook.com/?callback=jQuery17103681184643811417_1629775420640&ids=https://banks-rf.ru/&_=1629775421592
Domain
share.yandex.ru
URL
http://share.yandex.ru/gpp.xml?url=https://banks-rf.ru/&_=1629775421592
Domain
connect.mail.ru
URL
http://connect.mail.ru/share_count?callback=1&func=jQuery17103681184643811417_1629775420641&url_list=https://banks-rf.ru/&_=1629775421592
Domain
www.odnoklassniki.ru
URL
http://www.odnoklassniki.ru/dk?st.cmd=extLike&uid=0&ref=https://banks-rf.ru/&_=1629775421593
Domain
urls.api.twitter.com
URL
http://urls.api.twitter.com/1/urls/count.json?callback=jQuery17103681184643811417_1629775420642&url=https://banks-rf.ru/&_=1629775421593
Domain
vk.com
URL
http://vk.com/share.php?act=count&index=0&url=https://banks-rf.ru/&_=1629775421593

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $pick function| $try function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type function| Hash function| Native function| $A function| $arguments function| $chk function| $clear function| $defined function| $each function| $empty function| $extend function| $H function| $merge function| $lambda function| $mixin function| $random function| $splat function| $time function| $type function| $unlink object| Browser function| $constructor function| $family function| $exec function| DOMEvent function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow object| Selectors function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx function| Swiff object| Joomla function| writeDynaList function| changeDynaList function| radioGetCheckedValue function| getSelectedValue function| checkAll function| listItemTask function| isChecked function| submitbutton function| submitform function| popupWindow function| tableOrdering function| saveorder function| checkAll_button function| JCaption function| IframeShim function| Mask function| Spinner function| InputValidator function| FormValidator function| OverText function| Accordion function| SmoothScroll function| Drag function| Slider function| Sortables object| Asset function| HtmlTable function| Scroller object| Locale function| URI object| Form function| Color function| $RGB function| $HSB function| $HEX function| Group function| Table function| Tips function| createFloating function| moveFollowleft function| moveFollowright function| jQuery function| setHMenuOpenDirection function| setOpenSubmenuWithHover function| showVMenuSubmenu function| hideVMenuSubmenus function| artButtonSetup function| Control function| fixRssIconLineHeight function| ThemeLightbox object| jQuery17103681184643811417 function| BackgroundHelper object| responsiveDesign function| responsiveAbsBg function| responsiveImages function| responsiveCollages function| responsiveVideos function| responsiveHeader function| responsiveNavFit function| responsiveLayoutCell function| fav function| up object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| prefix string| path string| addy61040 string| addy_text61040 function| jQuery17103681184643811417_1629775420640 object| services function| jQuery17103681184643811417_1629775420641 object| ODKL function| jQuery17103681184643811417_1629775420642 object| VK number| j object| google_persistent_state_async string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: IDE
Value: AHWqTUkEmaYP6ROSL2tg2us5KAKiq3sR6ZlcGX-XABEVTAdog8bVycphjPdbhbiqK0c
.banks-rf.ru/ Name: __gads
Value: ID=77fc2005325d6e58-22815da9b3c9001d:T=1629775421:RT=1629775421:S=ALNI_Mauu1e4fXkidNuf_vYrbiJ7JLE-nQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
banks-rf.ru
connect.mail.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
image.newsru.com
pagead2.googlesyndication.com
partner.googleadservices.com
pics.rbcdaily.ru
share.yandex.ru
tpc.googlesyndication.com
urls.api.twitter.com
vk.com
www.banks-rf.ru
www.google.com
www.googletagservices.com
www.gstatic.com
www.odnoklassniki.ru
www.rbc.ru
www.rbcdaily.ru
connect.mail.ru
graph.facebook.com
pics.rbcdaily.ru
share.yandex.ru
urls.api.twitter.com
vk.com
www.odnoklassniki.ru
142.250.185.130
217.160.242.25
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
80.68.253.13
80.68.253.3
81.177.141.34
00ca70dfc3c55cc0c07e48f2a839ae89ff82191446a036e0db26da45499441bb
01d954d8df295ae38c9a2d9740b748078e8864eeed0ec981e15610814d5ad72b
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
04c2af8f5b8d414c47847201a33ac5873aef26bed9fbedd351222362ef66912e
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
194adc301c26ab822296975261798e719505a52b4d64214f93067c1f8b5346ed
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
213e62855eb22da07543fc8f4ccc29e6ddb25f8fb668fc2fbf097cea6ce8a2e6
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
34dc1bd36ca7371f4763b16e96b63f9702abcc9fe9c6e4e023c4af363bd87324
38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4
3c838fc36a34ba2b6a81bc721c8f8f8902ac1130d05b6a568e9977d2012719e0
3d4f7cbf9a7b267e2c2f3b7b428bc700c4aeedf436679d4f1432a14d29d3ef75
49460cab901501b1ca16d8c8610a5eff95910ca866e8c463b925a82dd4bed8bb
49a2664dacb62fd4715401e266976c6edae00d77a351795f43b45beff4833633
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52b6ca90c28218fe668a01a66f50009001c4345667a71d8dd3ec426046d8e5e9
53704e4b543761170c2dd65c187d58c8b3e67cd7bd6d3f57e22877be77b61724
5780b318dd39baf88889669cbed317db0ce81f4737e93c5f71f9f068c2c7dfbb
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5fe084328c9d2b7612b6e7c739946752c5326ece5a1566a41531f3efff175321
65d92e52232e1409aaaebc6ad930501bb223b96fea580940d39470f3f492e6ba
6bbb1ad3d2675c096e5e305a3670504b0d361219527266c00cdae6444417caf0
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6
7998b1a3a745310a44df30b99b5becc3aa15eab739c3421096f7e7feacfe9d92
7b3f147ea41b85e50a557be685dfe4bf7a889f5e117669ea503615f2f106076e
800323b701904203a9037d6f4ffb9025ceea778420af391c4e21a1b61f4468c4
817180588bd332b90d7db570a61c0a999e010fdc43a6f3750b3555cc62def06d
81daea821e31e38d0817e29d17fa03d7b39d28291c8fb06eecd9111faabef9de
82045daa7273cbb9684a4246db3152f34d4532485493150d5ee690d845d9cacc
822d551306e9332ef14c5fca3c46b151cf90afa6d850883317fedc91541cf86d
824b5a611d5fa63177c2b7f5d7742276b78477ab9b6e05aeb46ca182c23f441b
8505920de24c20de009d8e537839d65f8232da35597bf4aff703c6d2830b9ef3
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
8614379bb9ffa5758d0bff409c6fb46225bc140a404e3f360b79f5bd837a0670
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
89fdc2ac11dfbe271bfbd78c6dad12c9de8a0da6b95d23b4f50a8e67dcb7f311
8ddb795f0ba6a36386ff0d8f60e57010bc497904fb81973ef28baeb5ef14cf64
96c1bd20287d9876a5e987a4ea38119d14c11bb223ad8d843ef27210e7cfa25a
99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b
9d76cd67619fe62cae706d7334d560464e9690178739d2c069d4ad67351d15e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa4f3616216e9aa867d85b0a744fb6134cba5770671eb475c1d1bfbb49b53312
b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b9c3a69b6c61d4f158ce72fb012d2710693cc94592a92525bfdd634bf122892b
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cb3b8a185a197a6f7815a24b99214870a2f0283e152885b79416ef3e410acf75
cff3b24f7b7cde6f8585e6859db29074467e1bb74a32c60eb6c3fd3f1c2c3907
d4185d1a6430235eb7c33d4747c2879dc2ed743b26e65719cd4be10fc815abca
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7a08f3d0e2f7feb82b59fea224e3dce6b47480791f2ab8f71258c9a44698174
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ffb505e8cbe662a43a9964e5af8c4697063e184d1339fa30a4df768c109625
f24bc2fb54fddc36c33c71d9f41bb96d169f18eab6cb37758ff7df1819084bbd
f74a7679ef8bc90dc055e7e491911d73e23969bafc70a229c799087629a3240e
f9d996437389a37e236922f76e7b4434b4cc4eeb36e39b366b5abd4599c2bd22