urlscan.io logo urlscan.io
SecurityTrails logo

banando.ru Open in urlscan Pro
5.135.74.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dengidar.ru/
Effective URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affili...
Submission: On June 02 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 41 HTTP transactions. The main IP is 5.135.74.196, located in France and belongs to OVH, FR. The main domain is banando.ru.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 17th 2020. Valid for: a year.
This is the only time banando.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.225.25.215 9123 (TIMEWEB-AS)
2 2 52.209.135.184 16509 (AMAZON-02)
23 5.135.74.196 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 130.193.49.123 200350 (YANDEXCLOUD)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 87.240.137.158 47541 (VKONTAKTE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 9 2a02:6b8::1:119 13238 (YANDEX)
41 8
1    188.225.25.215 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: vds-freegenzo.timeweb.ru
dengidar.ru
2    52.209.135.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-135-184.eu-west-1.compute.amazonaws.com
go.lead-click.com
23    5.135.74.196 (France)

ASN16276 (OVH, FR)
banando.ru
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    130.193.49.123 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
api.mindbox.ru
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    87.240.137.158 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv158-137-240-87.vk.com
vk.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
Domain Requested by
23 banando.ru banando.ru
9 mc.yandex.ru 1 redirects banando.ru
mc.yandex.ru
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 vk.com banando.ru
2 connect.facebook.net banando.ru
connect.facebook.net
2 api.mindbox.ru banando.ru
api.mindbox.ru
2 go.lead-click.com 2 redirects
1 www.facebook.com banando.ru
1 www.googletagmanager.com banando.ru
1 dengidar.ru 1 redirects
41 10

This site contains no links.

Subject Issuer Validity Valid
www.banando.ru
AlphaSSL CA - SHA256 - G2		 2020-02-17 -
2021-02-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.mindbox.ru
Thawte RSA CA 2018		 2020-02-10 -
2021-04-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
vk.com
Sectigo ECC Extended Validation Secure Server CA		 2019-07-11 -
2020-07-09		 a year crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Frame ID: D68DDDD7D9899C5E254EACD7FD19D3CF
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://dengidar.ru/ HTTP 302
    https://go.lead-click.com/aff_c?offer_id=4506&aff_id=38233&aff_sub=38233iv&aff_sub2=2&url_id=1730&aff_... HTTP 302
    https://go.lead-click.com/aff_r?offer_id=4506&aff_id=38233&url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%... HTTP 302
    https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /tracker\.js/i

Page Statistics

41
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

10
Subdomains

8
IPs

4
Countries

1214 kB
Transfer

2855 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dengidar.ru/ HTTP 302
    https://go.lead-click.com/aff_c?offer_id=4506&aff_id=38233&aff_sub=38233iv&aff_sub2=2&url_id=1730&aff_sub5=25bq6ho1n6u9 HTTP 302
    https://go.lead-click.com/aff_r?offer_id=4506&aff_id=38233&url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&urlauth=388612456889640786763004271600 HTTP 302
    https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://mc.yandex.ru/watch/53370736?wmode=7&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591094816428%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200602124658%3Aet%3A1591094818%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A513664864499%3Arqn%3A1%3Arn%3A253019978%3Ahid%3A412610947%3Ads%3A145%2C80%2C325%2C1%2C440%2C0%2C0%2C352%2C1%2C%2C%2C%2C1347%3Awn%3A34431%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591094818%3Au%3A1591094818325176392%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20Banando HTTP 302
  • https://mc.yandex.ru/watch/53370736/1?wmode=7&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591094816428%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200602124658%3Aet%3A1591094818%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A513664864499%3Arqn%3A1%3Arn%3A253019978%3Ahid%3A412610947%3Ads%3A145%2C80%2C325%2C1%2C440%2C0%2C0%2C352%2C1%2C%2C%2C%2C1347%3Awn%3A34431%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591094818%3Au%3A1591094818325176392%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20Banando

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set step
banando.ru/site/
Redirect Chain
  • http://dengidar.ru/
  • https://go.lead-click.com/aff_c?offer_id=4506&aff_id=38233&aff_sub=38233iv&aff_sub2=2&url_id=1730&aff_sub5=25bq6ho1n6u9
  • https://go.lead-click.com/aff_r?offer_id=4506&aff_id=38233&url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26a...
  • https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
44 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx / PHP/7.3.4
Resource Hash
9330e3b30aa4121d2d646df789c3aabb0c3774b572aeac727425704ca61ae014

Request headers

Host
banando.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.4
Set-Cookie
advanced-frontend=nosbmr6ic8o14rds83lslij8ul; path=/; HttpOnly click_id=ed260453a8cb8d378d10133f171192a23d48c230fa74f6042d3859c59efb7b85a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22click_id%22%3Bi%3A1%3Bs%3A30%3A%22102570c47c4fa457b94204be04abd9%22%3B%7D; expires=Thu, 02-Jul-2020 10:46:57 GMT; Max-Age=2592000; path=/; HttpOnly destination=e70ba4a788e4eb4483eccfb25d8d76b69e2220949dffdc6f22e9c18a7f571c9aa%3A2%3A%7Bi%3A0%3Bs%3A11%3A%22destination%22%3Bi%3A1%3Bs%3A109%3A%22%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233%22%3B%7D; path=/; HttpOnly referer=fe6611fb73fd381f715b5df8b4f08f3783bb003b5e908e883e630162cf2b49d5a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22referer%22%3Bi%3A1%3BN%3B%7D; path=/; HttpOnly _csrf-frontend=ccc3cc48361cc4c7780b81614bc14bb6d0d09f79a58b99c012f82e2775722f03a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22OvxEgQvA_yCTbdiunUklFgozlh7up7PR%22%3B%7D; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 02 Jun 2020 10:46:56 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
323
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Location
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Access-Control-Allow-Origin
*
X-Request-Id
70e5961dd6ddf769ff0329a3ca917122
Access-Control-Allow-Headers
Tune-SDK-Version
jquery-ui.min.css
banando.ru/css/ 		31 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banando.ru/css/jquery-ui.min.css
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-7d4c"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
bootstrap.min.css
banando.ru/css/ 		119 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banando.ru/css/bootstrap.min.css
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-1da71"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
main.min.css
banando.ru/css/ 		105 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banando.ru/css/main.min.css?v=7
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
9665e65e6cf93d447d7345ae23f8ce9dca748da23b23ff714c346a395d641d2a

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-1a2e3"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
animate.css
banando.ru/assets/6df7ea49/demo/ 		71 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banando.ru/assets/6df7ea49/demo/animate.css
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:29 GMT
Server
nginx
ETag
W/"5ed61929-11cda"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
js
www.googletagmanager.com/gtag/ 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-142535687-1
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25ab2541d896a9fe4ecf14b5a38d1f6f442bb60d7357b445c66d3bce87f5437c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 10:46:57 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33190
x-xss-protection
0
last-modified
Tue, 02 Jun 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jun 2020 10:46:57 GMT
tracker.js
api.mindbox.ru/scripts/v1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.mindbox.ru/scripts/v1/tracker.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
130.193.49.123 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b376e1772d0201d8ad8c9dce2ad40faabf058c024fd067f58362ca5f72886692
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=315360000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' 'unsafe-inline'
content-encoding
gzip
etag
"8079c5955938d61:0"
x-server-name
WEB-TRACKER02
x-powered-by
ASP.NET
strict-transport-security
max-age=315360000; includeSubDomains; preload
x-revision
15304ab766f5ab79aaafb19ad33b0ecc7192e0e0
content-length
13993
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 01 Jun 2020 21:14:07 GMT
server
Microsoft-IIS/10.0
x-frame-options
DENY
date
Tue, 02 Jun 2020 10:46:57 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=604800
feature-policy
vibrate 'self'
accept-ranges
bytes
x-content-type-options
nosniff
ajax_loader.svg
banando.ru/images/ 		1 KB
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banando.ru/images/ajax_loader.svg
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
767dbecedca4be0065bd4b9ac5f4e045ea653f65344780007405b4f83f3d8dce

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-561"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
logo.svg
banando.ru/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banando.ru/images/logo.svg
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
da5673c9daef96bf5dd537958095356f9a5cd9a9af45e054fa3e6d3ce471215d

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-10be"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
jquery-3.4.0.min.js
banando.ru/js/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/js/jquery-3.4.0.min.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-15857"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
jquery.inputmask.bundle.js
banando.ru/js/ 		217 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/js/jquery.inputmask.bundle.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
65ceb139128069557becbded5d5256a13c8756e6afe651b1507ca5e90aef15cd

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-3651e"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
jquery-ui.min.js
banando.ru/js/ 		248 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/js/jquery-ui.min.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-3dee5"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
step_form_common.js
banando.ru/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/js/step_form_common.js?v=17
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d7a5b26826e5e97fa8833dfdf9c771e66374229995640c1946ed0e9484973a8e

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-7f2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
step.js
banando.ru/js/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/js/step.js?v=17
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
cad5160fd572f5d534321d5f52855132b248586df74e8260a1496c1245334fa6

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-8f77"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
yii.min.js
banando.ru/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/js/yii.min.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ff15f34352c9f5969845a0a0e9c8836498aa2fd76bba92ae916229759158966e

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-14fe"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
bootstrap.min.js
banando.ru/js/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/js/bootstrap.min.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-9b00"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
main.min.js
banando.ru/js/ 		337 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/js/main.min.js?v=2
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aa10316acfb19c3f2bd280b723d02342e7d019acb453628be4acc0e1828a8a2a

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-543fe"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
common.js
banando.ru/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/js/common.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
c5c0d9202aabf6408923eee098da1a1c009f609472207b5a10d2c32ab646619d

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-809"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
jquery.noty.packaged.min.js
banando.ru/assets/6df7ea49/js/noty/packaged/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banando.ru/assets/6df7ea49/js/noty/packaged/jquery.noty.packaged.min.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
daf11d7d7459546be0774b9175e59042c31ac19cb4af5df556aed981db87c202

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:29 GMT
Server
nginx
ETag
W/"5ed61929-7fb0"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
fbevents.js
connect.facebook.net/en_US/ 		131 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
q2dPg35kk1KUYfQLa79ENcFtt+EqZKiPI1ajrPwesyKhD9ikvXFeEGPFQ34tFQldV5y0LM0TUG2YNMhS38F3JQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 02 Jun 2020 10:46:57 GMT, Tue, 02 Jun 2020 10:46:57 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
openapi.js
vk.com/js/api/ 		100 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?160
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv158-137-240-87.vk.com
Software
VK /
Resource Hash
c9b0ddf041243f7741bb5d2d39cf707caf8a541a8a5c45a4590e22b3042eaea3

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 10:46:57 GMT
content-encoding
gzip
x-frontend
front632923
last-modified
Tue, 02 Jun 2020 06:56:00 GMT
server
VK
etag
"5ed5f800-5db3"
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23987
expires
Sat, 06 Jun 2020 10:46:57 GMT
Montserrat-Regular.woff
banando.ru/fonts/ 		138 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banando.ru/fonts/Montserrat-Regular.woff
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
482ab3a401f72add39129f3d1b28e3bbaa390abeb053c5cad561be9349c92422

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://banando.ru/css/main.min.css?v=7
Origin
https://banando.ru

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-226b0"
Vary
Accept-Encoding
Content-Type
application/font-woff
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Montserrat-Bold.woff
banando.ru/fonts/ 		137 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banando.ru/fonts/Montserrat-Bold.woff
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b384e996b0f6d87ec811c55cdd25335211fa0999752f281b9a84b53973a1c910

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://banando.ru/css/main.min.css?v=7
Origin
https://banando.ru

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-225ec"
Vary
Accept-Encoding
Content-Type
application/font-woff
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
RotondaBold.woff
banando.ru/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banando.ru/fonts/RotondaBold.woff
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
01424559f0ac7007b524d0ed7d8c5ad5c3ae6f6990b3c7ecd9940ea47ff9c9a0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://banando.ru/css/main.min.css?v=7
Origin
https://banando.ru

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-3b54"
Vary
Accept-Encoding
Content-Type
application/font-woff
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Montserrat-SemiBold.woff
banando.ru/fonts/ 		137 KB
137 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banando.ru/fonts/Montserrat-SemiBold.woff
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0fa7503764e664ad1a450c71a7811c0888fe1006519d9eb881621cd0e651b435

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://banando.ru/css/main.min.css?v=7
Origin
https://banando.ru

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-223dc"
Vary
Accept-Encoding
Content-Type
application/font-woff
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Montserrat-Medium.woff
banando.ru/fonts/ 		138 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://banando.ru/fonts/Montserrat-Medium.woff
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
975842e12f461e3f313fba3cd1e6138b89e3d5a726a0cc29bf17f60148b91210

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://banando.ru/css/main.min.css?v=7
Origin
https://banando.ru

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-226d0"
Vary
Accept-Encoding
Content-Type
application/font-woff
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
2475343715891691
connect.facebook.net/signals/config/ 		147 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2475343715891691?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44187902a7b3545562bafe1e134925be7e1442cd4fe8a5d40cae4cd4a18dbe1d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
37509
x-xss-protection
0
pragma
public
x-fb-debug
0ijklajYjSxm1xVGV5tMbWkZdjw27qZaKipH5ubGyrO4vKlKF1pLnF5Vx5bT3jvNZ7UBvbuw0fPhpMem6lB/ag==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 02 Jun 2020 10:46:57 GMT, Tue, 02 Jun 2020 10:46:57 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-142535687-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
502
date
Tue, 02 Jun 2020 10:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Tue, 02 Jun 2020 12:38:35 GMT
/
www.facebook.com/tr/ 		44 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2475343715891691&ev=PageView&dl=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&rl=&if=false&ts=1591094817705&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=28&fbp=fb.1.1591094817704.2088416859&it=1591094817623&coo=false&rqm=GET
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 10:46:57 GMT, Tue, 02 Jun 2020 10:46:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Tue, 02 Jun 2020 10:46:57 GMT
js
www.google-analytics.com/gtm/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TKBTPHT&t=gtag_UA_142535687_1&cid=506722072.1591094818
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
tag.js
mc.yandex.ru/metrika/ 		359 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
10ad93a3602068c768e39b1a132e9bb748eadbb70f35c6bfd36c08928a9f602c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
br
Last-Modified
Thu, 28 May 2020 05:38:18 GMT
Server
nginx/1.14.2
ETag
"5ecf4e4a-16ba9"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93097
Expires
Tue, 02 Jun 2020 11:46:57 GMT
check.svg
banando.ru/images/ 		235 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banando.ru/images/check.svg
Requested by
Host: banando.ru
URL: https://banando.ru/js/main.min.js?v=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.74.196 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
68de4ca32458df3b425f3587404880f66d350a85349b939d911e3518e032e2b1

Request headers

Referer
https://banando.ru/css/main.min.css?v=7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 09:17:25 GMT
Server
nginx
ETag
W/"5ed61925-eb"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=15552000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
track-visit
api.mindbox.ru/v1.1/customer/ 		134 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mindbox.ru/v1.1/customer/track-visit?version=0.69.14&transport=XmlHttpRequest
Requested by
Host: api.mindbox.ru
URL: https://api.mindbox.ru/scripts/v1/tracker.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
130.193.49.123 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
Kestrel /
Resource Hash
153f3803493378bbe69209940292d3648d2f434f91ea705a0f88cb21404971b6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=315360000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src 'self' 'unsafe-inline'
x-content-type-options
nosniff
content-length
134
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
server
Kestrel
x-frame-options
DENY
date
Tue, 02 Jun 2020 10:46:57 GMT
strict-transport-security
max-age=315360000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://banando.ru
cache-control
no-cache, no-store, must-revalidate
feature-policy
vibrate 'self'
access-control-allow-credentials
true
expires
-1
rtrg
vk.com/ 		49 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-367460-1RVsM&metatag_url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233
Requested by
Host: banando.ru
URL: https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv158-137-240-87.vk.com
Software
VK / PHP/3.24675
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Jun 2020 10:46:57 GMT
content-encoding
gzip
x-frontend
front632923
server
VK
x-powered-by
PHP/3.24675
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
1
mc.yandex.ru/watch/53370736/
Redirect Chain
  • https://mc.yandex.ru/watch/53370736?wmode=7&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_i...
  • https://mc.yandex.ru/watch/53370736/1?wmode=7&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate...
171 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/53370736/1?wmode=7&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591094816428%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200602124658%3Aet%3A1591094818%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A513664864499%3Arqn%3A1%3Arn%3A253019978%3Ahid%3A412610947%3Ads%3A145%2C80%2C325%2C1%2C440%2C0%2C0%2C352%2C1%2C%2C%2C%2C1347%3Awn%3A34431%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591094818%3Au%3A1591094818325176392%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20Banando
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e0dfd739978dd935d46db6bd6740ec5b53af5b56aec4fb78f1d243a36ea4e654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 10:46:58 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 02-Jun-2020 10:46:58 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://banando.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
171
X-XSS-Protection
1; mode=block
Expires
Tue, 02-Jun-2020 10:46:58 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 10:46:58 GMT
Last-Modified
Tue, 02-Jun-2020 10:46:58 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://banando.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/53370736/1?wmode=7&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591094816428%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200602124658%3Aet%3A1591094818%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A513664864499%3Arqn%3A1%3Arn%3A253019978%3Ahid%3A412610947%3Ads%3A145%2C80%2C325%2C1%2C440%2C0%2C0%2C352%2C1%2C%2C%2C%2C1347%3Awn%3A34431%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591094818%3Au%3A1591094818325176392%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20Banando
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 02-Jun-2020 10:46:58 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Jun 2020 10:46:58 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 02 Jun 2020 11:46:58 GMT
53370736
mc.yandex.ru/webvisor/ 		43 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/53370736?wmode=0&rn=217293127&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&wv-type=3&wv-hit=412610947&wv-part=1&browser-info=ti%3A8%3Aet%3A1591094818%3Aw%3A1600x1200%3Av%3A1869%3Az%3A120%3Ai%3A20200602124658%3Abt%3A1%3Ast%3A1591094821%3Au%3A1591094818325176392
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 10:47:00 GMT
Last-Modified
Tue, 02-Jun-2020 10:47:00 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://banando.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 02-Jun-2020 10:47:00 GMT
53370736
mc.yandex.ru/webvisor/ 		43 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/53370736?wmode=0&rn=661535976&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&wv-type=3&wv-hit=412610947&wv-part=1&browser-info=ti%3A8%3Aet%3A1591094818%3Aw%3A1600x1200%3Av%3A1869%3Az%3A120%3Ai%3A20200602124658%3Ast%3A1591094821%3Au%3A1591094818325176392
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 10:47:00 GMT
Last-Modified
Tue, 02-Jun-2020 10:47:00 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://banando.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 02-Jun-2020 10:47:00 GMT
53370736
mc.yandex.ru/webvisor/ 		43 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/53370736?wmode=0&rn=279043958&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&wv-type=3&wv-hit=412610947&wv-part=2&browser-info=ti%3A8%3Aet%3A1591094821%3Aw%3A1600x1200%3Av%3A1869%3Az%3A120%3Ai%3A20200602124658%3Abt%3A1%3Ast%3A1591094823%3Au%3A1591094818325176392
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 10:47:02 GMT
Last-Modified
Tue, 02-Jun-2020 10:47:02 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://banando.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 02-Jun-2020 10:47:02 GMT
53370736
mc.yandex.ru/webvisor/ 		43 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/53370736?wmode=0&rn=56861161&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&wv-type=3&wv-hit=412610947&wv-part=3&browser-info=ti%3A8%3Aet%3A1591094824%3Aw%3A1600x1200%3Av%3A1869%3Az%3A120%3Ai%3A20200602124658%3Abt%3A1%3Ast%3A1591094826%3Au%3A1591094818325176392
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 10:47:05 GMT
Last-Modified
Tue, 02-Jun-2020 10:47:05 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://banando.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 02-Jun-2020 10:47:05 GMT
53370736
mc.yandex.ru/webvisor/ 		43 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/53370736?wmode=0&rn=795501177&page-url=https%3A%2F%2Fbanando.ru%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233&wv-type=3&wv-hit=412610947&wv-part=4&browser-info=ti%3A8%3Aet%3A1591094826%3Aw%3A1600x1200%3Av%3A1869%3Az%3A120%3Ai%3A20200602124658%3Abt%3A1%3Ast%3A1591094828%3Au%3A1591094818325176392
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://banando.ru/site/step?utm_source=leadgid&utm_medium=cpa&transaction_id=102570c47c4fa457b94204be04abd9&affiliate_id=38233
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 02 Jun 2020 10:47:08 GMT
Last-Modified
Tue, 02-Jun-2020 10:47:08 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://banando.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 02-Jun-2020 10:47:08 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| gtag function| fbq function| _fbq function| mindbox string| host string| phoneMask boolean| phoneSubstr string| seriesMask number| min number| max number| defaultValue string| currency object| language function| $ function| jQuery function| Inputmask function| sendRequest function| getUser function| triggerFocus function| drawRightFilled object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| setUserData function| getIssuedBy function| suggest function| drawForm function| checkAlreadyFilled function| checkValue function| hint object| yii function| numberWithSpaces function| moneySlider function| date function| autocomplete function| select function| timer function| setCookieByTime function| checkSendPulse function| setCookie function| getCookie function| eraseCookie function| showLoader function| hideLoader function| callNoty object| gaplugins object| gaGlobal object| gaData function| noty function| Noty function| ym number| minutes number| seconds boolean| mindboxInitialized function| directCrm function| obj2qs object| fastXDM object| VK object| Ya object| yaCounter53370736

14 Cookies

Domain/Path Name / Value
.banando.ru/ Name: _ym_d
Value: 1591094818
.banando.ru/ Name: directCrm-session
Value: %7B%22deviceGuid%22%3A%22eb6ccd05-c324-410e-82c7-c418b6852a73%22%7D
.banando.ru/ Name: _gid
Value: GA1.2.767840864.1591094818
.banando.ru/ Name: mindboxDeviceUUID
Value: eb6ccd05-c324-410e-82c7-c418b6852a73
banando.ru/ Name: advanced-frontend
Value: nosbmr6ic8o14rds83lslij8ul
banando.ru/ Name: step
Value: 1
banando.ru/ Name: timer
Value: Tue Jun 02 2020 13:16:58 GMT+0200 (Central European Summer Time)
.banando.ru/ Name: _ga
Value: GA1.2.506722072.1591094818
.banando.ru/ Name: _fbp
Value: fb.1.1591094817704.2088416859
banando.ru/ Name: _csrf-frontend
Value: ccc3cc48361cc4c7780b81614bc14bb6d0d09f79a58b99c012f82e2775722f03a%3A2%3A%7Bi%3A0%3Bs%3A14%3A%22_csrf-frontend%22%3Bi%3A1%3Bs%3A32%3A%22OvxEgQvA_yCTbdiunUklFgozlh7up7PR%22%3B%7D
banando.ru/ Name: referer
Value: fe6611fb73fd381f715b5df8b4f08f3783bb003b5e908e883e630162cf2b49d5a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22referer%22%3Bi%3A1%3BN%3B%7D
banando.ru/ Name: destination
Value: e70ba4a788e4eb4483eccfb25d8d76b69e2220949dffdc6f22e9c18a7f571c9aa%3A2%3A%7Bi%3A0%3Bs%3A11%3A%22destination%22%3Bi%3A1%3Bs%3A109%3A%22%2Fsite%2Fstep%3Futm_source%3Dleadgid%26utm_medium%3Dcpa%26transaction_id%3D102570c47c4fa457b94204be04abd9%26affiliate_id%3D38233%22%3B%7D
.banando.ru/ Name: _ym_uid
Value: 1591094818325176392
banando.ru/ Name: click_id
Value: ed260453a8cb8d378d10133f171192a23d48c230fa74f6042d3859c59efb7b85a%3A2%3A%7Bi%3A0%3Bs%3A8%3A%22click_id%22%3Bi%3A1%3Bs%3A30%3A%22102570c47c4fa457b94204be04abd9%22%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mindbox.ru
banando.ru
connect.facebook.net
dengidar.ru
go.lead-click.com
mc.yandex.ru
vk.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
130.193.49.123
188.225.25.215
2a00:1450:4001:800::2008
2a00:1450:4001:801::200e
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
5.135.74.196
52.209.135.184
87.240.137.158
01424559f0ac7007b524d0ed7d8c5ad5c3ae6f6990b3c7ecd9940ea47ff9c9a0
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0fa7503764e664ad1a450c71a7811c0888fe1006519d9eb881621cd0e651b435
10ad93a3602068c768e39b1a132e9bb748eadbb70f35c6bfd36c08928a9f602c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
153f3803493378bbe69209940292d3648d2f434f91ea705a0f88cb21404971b6
25ab2541d896a9fe4ecf14b5a38d1f6f442bb60d7357b445c66d3bce87f5437c
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
44187902a7b3545562bafe1e134925be7e1442cd4fe8a5d40cae4cd4a18dbe1d
482ab3a401f72add39129f3d1b28e3bbaa390abeb053c5cad561be9349c92422
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
65ceb139128069557becbded5d5256a13c8756e6afe651b1507ca5e90aef15cd
68de4ca32458df3b425f3587404880f66d350a85349b939d911e3518e032e2b1
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
767dbecedca4be0065bd4b9ac5f4e045ea653f65344780007405b4f83f3d8dce
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7
9330e3b30aa4121d2d646df789c3aabb0c3774b572aeac727425704ca61ae014
9665e65e6cf93d447d7345ae23f8ce9dca748da23b23ff714c346a395d641d2a
975842e12f461e3f313fba3cd1e6138b89e3d5a726a0cc29bf17f60148b91210
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
aa10316acfb19c3f2bd280b723d02342e7d019acb453628be4acc0e1828a8a2a
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
b376e1772d0201d8ad8c9dce2ad40faabf058c024fd067f58362ca5f72886692
b384e996b0f6d87ec811c55cdd25335211fa0999752f281b9a84b53973a1c910
c5c0d9202aabf6408923eee098da1a1c009f609472207b5a10d2c32ab646619d
c9b0ddf041243f7741bb5d2d39cf707caf8a541a8a5c45a4590e22b3042eaea3
cad5160fd572f5d534321d5f52855132b248586df74e8260a1496c1245334fa6
d7a5b26826e5e97fa8833dfdf9c771e66374229995640c1946ed0e9484973a8e
da5673c9daef96bf5dd537958095356f9a5cd9a9af45e054fa3e6d3ce471215d
daf11d7d7459546be0774b9175e59042c31ac19cb4af5df556aed981db87c202
e0dfd739978dd935d46db6bd6740ec5b53af5b56aec4fb78f1d243a36ea4e654
ff15f34352c9f5969845a0a0e9c8836498aa2fd76bba92ae916229759158966e