urlscan.io logo urlscan.io
SecurityTrails logo

nalog.24bank.su Open in urlscan Pro
138.201.66.95  Public Scan

Go To Rescan Add Verdict Report
URL: https://nalog.24bank.su/
Submission: On October 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 78 HTTP transactions. The main IP is 138.201.66.95, located in Germany and belongs to HETZNER-AS, DE. The main domain is nalog.24bank.su.
TLS certificate: Issued by R3 on October 14th 2021. Valid for: 3 months.
This is the only time nalog.24bank.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    138.201.66.95 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.seoom.ru
nalog.24bank.su
2    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
ajax.googleapis.com
6    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
pagead2.googlesyndication.com
25    185.111.85.55 (Russian Federation)

ASN204198 (MONETA, RU)
PTR: net85.111.185-55.global.moneta.ru
citycard.ru
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
6    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
11    77.88.21.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
partner.googleadservices.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
adservice.google.de
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
adservice.google.com
1    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
2    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.gstatic.com
2    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f142.1e100.net
www.google-analytics.com
2    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
tpc.googlesyndication.com
Domain Requested by
25 citycard.ru nalog.24bank.su
citycard.ru
14 nalog.24bank.su nalog.24bank.su
8 mc.yandex.com 2 redirects nalog.24bank.su
citycard.ru
mc.yandex.ru
6 fonts.gstatic.com fonts.googleapis.com
6 pagead2.googlesyndication.com nalog.24bank.su
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 mc.yandex.ru 1 redirects nalog.24bank.su
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com citycard.ru
tpc.googlesyndication.com
2 ajax.googleapis.com nalog.24bank.su
1 www.gstatic.com www.google.com
1 www.googletagmanager.com citycard.ru
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com ajax.googleapis.com
78 17

This site contains links to these domains. Also see Links.

Domain
lkfl2.nalog.ru
Subject Issuer Validity Valid
nalog.24bank.su
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
citycard.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-02-16 -
2022-02-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 8 frames:

Primary Page: https://nalog.24bank.su/
Frame ID: E68D8A04EBCD6864FA45B93A23A2C748
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: 157D6496FE23C49FB2A9A083E4E4BF8F
Requests: 1 HTTP requests in this frame

Frame: https://citycard.ru/widget/tax
Frame ID: 451E5F784764B21B91A2844934C8EF60
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634122215&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnalog.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634200128261&bpp=4&bdt=586&idt=86&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=26688854283&frm=20&pv=2&ga_vid=467159864.1634200128&ga_sid=1634200128&ga_hid=954286679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31060048%2C31062526&oid=2&pvsid=3915413270544544&pem=626&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PbQnW2q7kK&p=https%3A//nalog.24bank.su&dtd=105
Frame ID: 644EF184A080A76ECE4959F8A18FCF0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=3025194257&lmt=1634122215&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnalog.24bank.su%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634200128265&bpp=1&bdt=591&idt=113&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=680x280&nras=1&correlator=26688854283&frm=20&pv=1&ga_vid=467159864.1634200128&ga_sid=1634200128&ga_hid=954286679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31060048%2C31062526&oid=2&pvsid=3915413270544544&pem=626&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=118
Frame ID: 50D39DAC1F10E2EA5F1ED329B157C24A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2694386582&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634122215&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnalog.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634200128265&bpp=1&bdt=591&idt=121&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=680x280%2C0x0&nras=1&correlator=26688854283&frm=20&pv=1&ga_vid=467159864.1634200128&ga_sid=1634200128&ga_hid=954286679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31060048%2C31062526&oid=2&pvsid=3915413270544544&pem=626&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bnYt8JPsHv&p=https%3A//nalog.24bank.su&dtd=125
Frame ID: A456657F5136BB7EFA8BC6230FE26C98
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0E7E5B56C1DEF46D1AF5138A69FBCFD3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDC63222C65012CC455817CC1B0E70A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ЛИЧНЫЙ КАБИНЕТ НАЛОГОПЛАТЕЛЬЩИКА - Вход и Регистрация nalog.ru

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!--[^>]+W3 Total Cache
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

78
Requests

99 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

17
IPs

3
Countries

1544 kB
Transfer

4349 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9426.RLS-g0-epm5ibCi2cNN4dl6k9IeemouUnxbQyxwH13RwIbMTxe7szO5q76YD0B7g.kpVBEoMyZ7Srx4KHbzfZ839Mxyc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9426.PVDxj1FY9-cwA1M3DCR3nBnHEnJMDDtKsba4LyYiCvRrEiDJA1pTAS-Xn1gJRYHwefKe6j9w_1QK1ipqEZk8rg%2C%2C.17HebPNR5jeHCog0J2-Z7MNVkAs%2C
Request Chain 47
  • https://mc.yandex.com/watch/53939389?wmode=7&page-url=https%3A%2F%2Fnalog.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A1394958661532%3Ahid%3A859465175%3Az%3A0%3Ai%3A202101014082848%3Aet%3A1634200128%3Ac%3A1%3Arn%3A273072300%3Arqn%3A1%3Au%3A1634200128936382761%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634200127529%3Adsn%3A98%2C24%2C20%2C1%2C0%2C0%2C%2C572%2C21%2C%2C%2C%2C717%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634200129%3At%3A%D0%9B%D0%98%D0%A7%D0%9D%D0%AB%D0%99%20%D0%9A%D0%90%D0%91%D0%98%D0%9D%D0%95%D0%A2%20%D0%9D%D0%90%D0%9B%D0%9E%D0%93%D0%9E%D0%9F%D0%9B%D0%90%D0%A2%D0%95%D0%9B%D0%AC%D0%A9%D0%98%D0%9A%D0%90%20-%20%D0%92%D1%85%D0%BE%D0%B4%20%D0%B8%20%D0%A0%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20nalog.ru&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/53939389/1?wmode=7&page-url=https%3A%2F%2Fnalog.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A1394958661532%3Ahid%3A859465175%3Az%3A0%3Ai%3A202101014082848%3Aet%3A1634200128%3Ac%3A1%3Arn%3A273072300%3Arqn%3A1%3Au%3A1634200128936382761%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634200127529%3Adsn%3A98%2C24%2C20%2C1%2C0%2C0%2C%2C572%2C21%2C%2C%2C%2C717%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634200129%3At%3A%D0%9B%D0%98%D0%A7%D0%9D%D0%AB%D0%99%20%D0%9A%D0%90%D0%91%D0%98%D0%9D%D0%95%D0%A2%20%D0%9D%D0%90%D0%9B%D0%9E%D0%93%D0%9E%D0%9F%D0%9B%D0%90%D0%A2%D0%95%D0%9B%D0%AC%D0%A9%D0%98%D0%9A%D0%90%20-%20%D0%92%D1%85%D0%BE%D0%B4%20%D0%B8%20%D0%A0%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20nalog.ru&t=gdpr%2814%29ti%282%29

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nalog.24bank.su/ 		44 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
346c7776a4eea88a571543be39d71ccbdc1e86f0ea33d88cc737027319dc29c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
nalog.24bank.su
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.18.0
date
Thu, 14 Oct 2021 08:28:47 GMT
content-type
text/html; charset=UTF-8
content-length
10781
vary
Accept-Encoding,Cookie
last-modified
Wed, 13 Oct 2021 10:50:15 GMT
etag
"2a1d-5ce39ba27228e"
accept-ranges
bytes
cache-control
max-age=0, public
expires
Thu, 14 Oct 2021 08:28:47 GMT
pragma
public
content-encoding
gzip
strict-transport-security
max-age=31536000
autoptimize_6f74a9aa84e7a53941e877425e74fdf1.css
nalog.24bank.su/wp-content/cache/autoptimize/css/ 		92 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/wp-content/cache/autoptimize/css/autoptimize_6f74a9aa84e7a53941e877425e74fdf1.css
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
474c7890efeadd2afa91373aff7ff1016ab470ab3e8eba58920030844c7af993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/cache/autoptimize/css/autoptimize_6f74a9aa84e7a53941e877425e74fdf1.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 03:56:48 GMT
server
nginx/1.18.0
etag
W/"6077b980-171ad"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 05:29:40 GMT
x-content-type-options
nosniff
age
269947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95786
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 11 Oct 2022 05:29:40 GMT
autoptimize_b3d692035e59b746cfa687f5a18d2d57.js
nalog.24bank.su/wp-content/cache/autoptimize/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/wp-content/cache/autoptimize/js/autoptimize_b3d692035e59b746cfa687f5a18d2d57.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
b27bf8d902f81d740b7a03b8c6b6912ed1ed07260e9dc5664a0f1f1aef82f3d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/cache/autoptimize/js/autoptimize_b3d692035e59b746cfa687f5a18d2d57.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Wed, 24 Jun 2020 12:46:41 GMT
server
nginx/1.18.0
etag
W/"5ef34b31-2757"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
logo.png
nalog.24bank.su/wp-content/themes/kadarbitr/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nalog.24bank.su/wp-content/themes/kadarbitr/images/logo.png
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
fe42ae21a19ce716a23f3dcd8710789d9c59b3e285a9ef295f899f1cb7cb060d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/kadarbitr/images/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
last-modified
Wed, 05 Jun 2019 10:55:15 GMT
server
nginx/1.18.0
etag
"5cf79f93-1205"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4613
expires
Sat, 13 Nov 2021 08:28:47 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
dd346bd43b9b906e685f7a8eb0962970f5b54043259bbcceb5e57edb2b448b00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51418
x-xss-protection
0
server
cafe
etag
4882766509403257644
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 08:28:47 GMT
widget.js
citycard.ru/w/js/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/w/js/widget.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
860a699c45cb77e9f0e5e6c91d089de1563ae77b1c7a81f4dfa3274405fd9505
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:38:22 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"6164060e-18a2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
lazy_placeholder.gif
nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/images/ 		42 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
"5cf7903e-2a"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
42
expires
Sat, 13 Nov 2021 08:28:47 GMT
front.min.js
nalog.24bank.su/wp-content/plugins/table-of-contents-plus/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/wp-content/plugins/table-of-contents-plus/front.min.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/plugins/table-of-contents-plus/front.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
W/"5cf7903e-17cb"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
jquery.bxslider.min.js
nalog.24bank.su/wp-content/themes/kadarbitr/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/wp-content/themes/kadarbitr/js/jquery.bxslider.min.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
b0ed7256ad6c2f44037d68adcbc5139635d49f99b4fb4ae97876b3264bf714bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/kadarbitr/js/jquery.bxslider.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
W/"5cf7903e-5bfd"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
scripts.js
nalog.24bank.su/wp-content/themes/kadarbitr/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/wp-content/themes/kadarbitr/js/scripts.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
c297fc6b646ba245dda790aa12134d618e1cb2802ec13f9bbb1f1ac94a9a2cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/themes/kadarbitr/js/scripts.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
W/"5cf7903e-21da"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
q2w3-fixed-widget.min.js
nalog.24bank.su/wp-content/plugins/q2w3-fixed-widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
W/"5cf7903e-1108"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
jquery.lazyloadxt.extra.min.js
nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
W/"5cf7903e-bc6"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
jquery.lazyloadxt.srcset.min.js
nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/ 		1 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
0a9e05fa3d5632de3fa9bc89b1e59ad5c93e2f3017675c2f9610623bc9a33eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
W/"5cf7903e-543"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
jquery.lazyloadxt.extend.js
nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/ 		792 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
f3c666d75eeb7a517edef5cd6fc4db0c45f5e3e1442c603ae4fa77d93e4ece7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
W/"5cf7903e-318"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
script.js
nalog.24bank.su/ajax/ 		101 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nalog.24bank.su/ajax/script.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
6028df85a6b8c95d3f04f279c78cc905c8e6746f4684133416987d3ad5fe0aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/ajax/script.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:47 GMT
content-encoding
gzip
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
W/"5cf7903e-65"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
expires
Sat, 13 Nov 2021 08:28:47 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 10 Oct 2021 19:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
306901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Mon, 10 Oct 2022 19:13:46 GMT
css
fonts.googleapis.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
eafe160c631fe12e8295a70b1f984d23fe9a988f47c3768683927c69554e6b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 08:10:26 GMT
server
ESF
date
Thu, 14 Oct 2021 08:28:47 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Thu, 14 Oct 2021 08:28:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nalog.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
226870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 11 Oct 2022 17:27:37 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nalog.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:38:41 GMT
x-content-type-options
nosniff
age
57006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:38:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nalog.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:43 GMT
x-content-type-options
nosniff
age
57424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:43 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nalog.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:39:18 GMT
x-content-type-options
nosniff
age
56969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:39:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 157D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211011/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nalog.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 13 Oct 2021 21:25:32 GMT
expires
Wed, 27 Oct 2021 21:25:32 GMT
content-type
text/html; charset=UTF-8
etag
414810510046348021
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4645
x-xss-protection
0
age
39795
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
widget.css
citycard.ru/w/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/w/css/widget.css
Requested by
Host: citycard.ru
URL: https://citycard.ru/w/js/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
6a83cc1ae65914769e9b613ca8c7b3c7f69b71259299a4060624c330970034a8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:38:22 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"6164060e-2e89"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cookie set tax
citycard.ru/widget/ Frame 451E 		30 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/widget/tax
Requested by
Host: citycard.ru
URL: https://citycard.ru/w/js/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
813c91eab1bd8dde41d19903cc6c54e2a468a135ed2c8e3b5712d14364d73dcc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self' https: http:; ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
citycard.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://nalog.24bank.su/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/

Response headers

Server
nginx
Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
citycard=acvl950034rbslhe2rh1d9h7b5; path=/; secure; SameSite=strict; domain=.citycard.ru; secure; HttpOnly zdexid=visitor_1e325976598a4242a249e73785dc5969%40citycard.ru; expires=Wed, 27-Sep-1972 00:00:00 GMT; Max-Age=-1547800128; path=/; secure; SameSite=strict; domain=citycard.ru; secure; httponly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
same-origin
Content-Encoding
gzip
X-CORS-DEBUG
no
X-XSS-Protection
1; mode=block
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self' https: http:; ;
loading.gif
nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nalog.24bank.su/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/wp-content/cache/autoptimize/css/autoptimize_6f74a9aa84e7a53941e877425e74fdf1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.201.66.95 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.seoom.ru
Software
nginx/1.18.0 /
Resource Hash
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
nalog.24bank.su
referer
https://nalog.24bank.su/wp-content/cache/autoptimize/css/autoptimize_6f74a9aa84e7a53941e877425e74fdf1.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/wp-content/cache/autoptimize/css/autoptimize_6f74a9aa84e7a53941e877425e74fdf1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:48 GMT
last-modified
Wed, 05 Jun 2019 09:49:50 GMT
server
nginx/1.18.0
etag
"5cf7903e-69a"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1690
expires
Sat, 13 Nov 2021 08:28:48 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nalog.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:40:33 GMT
x-content-type-options
nosniff
age
56895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:40:33 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C700%2C700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nalog.24bank.su
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 16:31:40 GMT
x-content-type-options
nosniff
age
57428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 13 Oct 2022 16:31:40 GMT
tag.js
mc.yandex.ru/metrika/ 		188 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:48 GMT
content-encoding
br
last-modified
Wed, 13 Oct 2021 15:51:32 GMT
etag
"6166d654-10040"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65600
expires
Thu, 14 Oct 2021 09:28:48 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=nalog.24bank.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99876
x-xss-protection
0
server
cafe
etag
5725214712622718827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Oct 2021 08:28:48 GMT
cookie.js
partner.googleadservices.com/gampad/ 		199 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=nalog.24bank.su&callback=_gfp_s_&client=ca-pub-1114993438075446
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=nalog.24bank.su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8899df62dd93bf73b0b8fb4e868e31164cd094fc0650313fd5a10a955fed0ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nalog.24bank.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=nalog.24bank.su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 08:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nalog.24bank.su
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=nalog.24bank.su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 08:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 644E 		436 B
234 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634122215&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnalog.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634200128261&bpp=4&bdt=586&idt=86&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=26688854283&frm=20&pv=2&ga_vid=467159864.1634200128&ga_sid=1634200128&ga_hid=954286679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31060048%2C31062526&oid=2&pvsid=3915413270544544&pem=626&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PbQnW2q7kK&p=https%3A//nalog.24bank.su&dtd=105
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=nalog.24bank.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3c2d73af7a2578aa012684d040d1a03b81913a4fa274200d1c3e646e8849a196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7966585668&adk=1829738629&adf=1010768725&pi=t.ma~as.7966585668&w=680&fwrn=4&fwrnh=100&lmt=1634122215&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnalog.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634200128261&bpp=4&bdt=586&idt=86&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&correlator=26688854283&frm=20&pv=2&ga_vid=467159864.1634200128&ga_sid=1634200128&ga_hid=954286679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31060048%2C31062526&oid=2&pvsid=3915413270544544&pem=626&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=PbQnW2q7kK&p=https%3A//nalog.24bank.su&dtd=105
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nalog.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Oct 2021 08:28:48 GMT
server
cafe
content-length
211
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 08:43:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 08:28:48 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 50D3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=3025194257&lmt=1634122215&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnalog.24bank.su%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634200128265&bpp=1&bdt=591&idt=113&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=680x280&nras=1&correlator=26688854283&frm=20&pv=1&ga_vid=467159864.1634200128&ga_sid=1634200128&ga_hid=954286679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31060048%2C31062526&oid=2&pvsid=3915413270544544&pem=626&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=118
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=nalog.24bank.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d2d579481427b186240f38b48620717ec1333f74e9a2e307364d0e962795af5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1114993438075446&output=html&adk=1812271804&adf=3025194257&lmt=1634122215&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnalog.24bank.su%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634200128265&bpp=1&bdt=591&idt=113&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=680x280&nras=1&correlator=26688854283&frm=20&pv=1&ga_vid=467159864.1634200128&ga_sid=1634200128&ga_hid=954286679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31060048%2C31062526&oid=2&pvsid=3915413270544544&pem=626&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=118
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nalog.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Oct 2021 08:28:48 GMT
server
cafe
content-length
4274
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 08:43:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 08:28:48 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame A456 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2694386582&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634122215&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnalog.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634200128265&bpp=1&bdt=591&idt=121&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=680x280%2C0x0&nras=1&correlator=26688854283&frm=20&pv=1&ga_vid=467159864.1634200128&ga_sid=1634200128&ga_hid=954286679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31060048%2C31062526&oid=2&pvsid=3915413270544544&pem=626&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bnYt8JPsHv&p=https%3A//nalog.24bank.su&dtd=125
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=nalog.24bank.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2d53c76c258d1927bb2704d68f5f132b5a8258b5bfd807efdebe334ab9094b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1114993438075446&output=html&h=280&slotname=7189331241&adk=1009418377&adf=2694386582&pi=t.ma~as.7189331241&w=680&fwrn=4&fwrnh=100&lmt=1634122215&rafmt=1&psa=0&format=680x280&url=https%3A%2F%2Fnalog.24bank.su%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634200128265&bpp=1&bdt=591&idt=121&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=680x280%2C0x0&nras=1&correlator=26688854283&frm=20&pv=1&ga_vid=467159864.1634200128&ga_sid=1634200128&ga_hid=954286679&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=300&ady=2881&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750344%2C31060048%2C31062526&oid=2&pvsid=3915413270544544&pem=626&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bnYt8JPsHv&p=https%3A//nalog.24bank.su&dtd=125
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nalog.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 Oct 2021 08:28:48 GMT
server
cafe
content-length
213
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 08:43:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 14 Oct 2021 08:28:48 GMT
cache-control
private
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9426.RLS-g0-epm5ibCi2cNN4dl6k9IeemouUnxbQyxwH13RwIbMTxe7szO5q76YD0B7g.kpVBEoMyZ7Srx4KHbzfZ839Mxyc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9426.PVDxj1FY9-cwA1M3DCR3nBnHEnJMDDtKsba4LyYiCvRrEiDJA1pTAS-Xn1gJRYHwefKe6j9w_1QK1ipqEZk8rg%2C%2C.17HebPNR5jeHCog0J2-Z7MNVkAs%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9426.PVDxj1FY9-cwA1M3DCR3nBnHEnJMDDtKsba4LyYiCvRrEiDJA1pTAS-Xn1gJRYHwefKe6j9w_1QK1ipqEZk8rg%2C%2C.17HebPNR5jeHCog0J2-Z7MNVkAs%2C
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:48 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9426.PVDxj1FY9-cwA1M3DCR3nBnHEnJMDDtKsba4LyYiCvRrEiDJA1pTAS-Xn1gJRYHwefKe6j9w_1QK1ipqEZk8rg%2C%2C.17HebPNR5jeHCog0J2-Z7MNVkAs%2C
date
Thu, 14 Oct 2021 08:28:48 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:48 GMT
last-modified
Wed, 13 Oct 2021 15:51:32 GMT
etag
"6166d654-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 14 Oct 2021 09:28:48 GMT
main.css
citycard.ru/assets/common/ Frame 451E 		372 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/assets/common/main.css?v-2944756eed187ca480d2a55f56279ee7
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
b4749b08d419921c7dc6de87e278ac24a2ac78ad23fe9ff79c8532c89435dcb8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:39:57 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"6164066d-5d179"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
raven.min.js
citycard.ru/assets/ Frame 451E 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/assets/raven.min.js?v-5401076b424745b45c97801e1e4ab089
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
94b6d9369ec03f48ff41ee59e1fcc7638ba66968da37f42c0b980994da4d5f74
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citycard.ru/widget/tax
Origin
https://citycard.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:39:59 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"6164066f-938b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
libs.js
citycard.ru/assets/common/ Frame 451E 		1 MB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/assets/common/libs.js?v-4dfa8d60e8fc3cf5ae79b4b51a09b03c
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
e8551ea7f4284ec7eed3a6a30f10aa5552ba20445aed198ebef5054d9edb7010
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citycard.ru/widget/tax
Origin
https://citycard.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:40:08 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"61640678-11c52d"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
plugins.js
citycard.ru/assets/common/ Frame 451E 		367 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/assets/common/plugins.js?v-b6d560f0552c0b5c9ff3ab92b38e5fcf
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
1d0fc5c0e68f27a4636f91cfd93c9d1c220ad9d11b1ecd6000a205f1e73b55bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citycard.ru/widget/tax
Origin
https://citycard.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:40:08 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"61640678-5bdb9"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
app.js
citycard.ru/assets/common/ Frame 451E 		339 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/assets/common/app.js?v-e3cd944b10bed2c8af2e11fac9818109
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
62b4c0af50241f246527986ef597def60d0b95e9e84359b981ce6ba751e137dc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citycard.ru/widget/tax
Origin
https://citycard.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:40:08 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"61640678-54bc7"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
assistant.js
citycard.ru/assets/ Frame 451E 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/assets/assistant.js?v-14aeac93f7d369be853fd9b67ef99a33
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
c35a40cb99ce2c9950c3ce1d5845dfde7851c2b3bd0188b27c36d26573386abf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citycard.ru/widget/tax
Origin
https://citycard.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:40:03 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"61640673-19e9"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
card-visa-secure-grey.svg
citycard.ru/i/ Frame 451E 		7 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/card-visa-secure-grey.svg
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
6acb544d4ea434f7842069f09afee2553bdcc75b03589efe6b8f00676ff89ee8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:37:58 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"616405f6-1b07"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
card-mir-accept-grey.svg
citycard.ru/i/ Frame 451E 		8 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/card-mir-accept-grey.svg
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
18caac23d568787d1a533014ac236b656ad72f95fbd814edf15e5486b0c0126e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:37:58 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"616405f6-1ec4"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
card-mc-securecode-grey.svg
citycard.ru/i/ Frame 451E 		7 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/card-mc-securecode-grey.svg
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
d49945e31b52ac361e67ac4ac881576e3eeacfeec8423074cc0b5eda7a4e8c59
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:37:58 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"616405f6-1b2a"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
card-pcidss-grey.svg
citycard.ru/i/ Frame 451E 		19 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/card-pcidss-grey.svg
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
b3f94de78f9b0afa566c2092c5a6cf42597770d5f6d4ca01b89ecbf614baf80f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:37:58 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"616405f6-4abe"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1
mc.yandex.com/watch/53939389/
Redirect Chain
  • https://mc.yandex.com/watch/53939389?wmode=7&page-url=https%3A%2F%2Fnalog.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%...
  • https://mc.yandex.com/watch/53939389/1?wmode=7&page-url=https%3A%2F%2Fnalog.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Al...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/53939389/1?wmode=7&page-url=https%3A%2F%2Fnalog.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A1394958661532%3Ahid%3A859465175%3Az%3A0%3Ai%3A202101014082848%3Aet%3A1634200128%3Ac%3A1%3Arn%3A273072300%3Arqn%3A1%3Au%3A1634200128936382761%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634200127529%3Adsn%3A98%2C24%2C20%2C1%2C0%2C0%2C%2C572%2C21%2C%2C%2C%2C717%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634200129%3At%3A%D0%9B%D0%98%D0%A7%D0%9D%D0%AB%D0%99%20%D0%9A%D0%90%D0%91%D0%98%D0%9D%D0%95%D0%A2%20%D0%9D%D0%90%D0%9B%D0%9E%D0%93%D0%9E%D0%9F%D0%9B%D0%90%D0%A2%D0%95%D0%9B%D0%AC%D0%A9%D0%98%D0%9A%D0%90%20-%20%D0%92%D1%85%D0%BE%D0%B4%20%D0%B8%20%D0%A0%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20nalog.ru&t=gdpr%2814%29ti%282%29
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
01b9f01de814e6f78888a11f4f4aa43a68e4f7f9b2bd15692a5e8f093d960538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 08:28:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 14-Oct-2021 08:28:48 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nalog.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 08:28:48 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Oct 2021 08:28:48 GMT
last-modified
Thu, 14-Oct-2021 08:28:48 GMT
location
/watch/53939389/1?wmode=7&page-url=https%3A%2F%2Fnalog.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A239%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A1394958661532%3Ahid%3A859465175%3Az%3A0%3Ai%3A202101014082848%3Aet%3A1634200128%3Ac%3A1%3Arn%3A273072300%3Arqn%3A1%3Au%3A1634200128936382761%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634200127529%3Adsn%3A98%2C24%2C20%2C1%2C0%2C0%2C%2C572%2C21%2C%2C%2C%2C717%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634200129%3At%3A%D0%9B%D0%98%D0%A7%D0%9D%D0%AB%D0%99%20%D0%9A%D0%90%D0%91%D0%98%D0%9D%D0%95%D0%A2%20%D0%9D%D0%90%D0%9B%D0%9E%D0%93%D0%9E%D0%9F%D0%9B%D0%90%D0%A2%D0%95%D0%9B%D0%AC%D0%A9%D0%98%D0%9A%D0%90%20-%20%D0%92%D1%85%D0%BE%D0%B4%20%D0%B8%20%D0%A0%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20nalog.ru&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://nalog.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 08:28:48 GMT
gtm.js
www.googletagmanager.com/ Frame 451E 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K3PHNLX
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
06904636fdb5f8b7adfb9d5eead55f175b78a3363e8a37cb5a324d8aaa20d1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47855
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Oct 2021 08:28:49 GMT
api.js
www.google.com/recaptcha/ Frame 451E 		915 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit
Requested by
Host: citycard.ru
URL: https://citycard.ru/assets/common/libs.js?v-4dfa8d60e8fc3cf5ae79b4b51a09b03c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
77265a905cb4e86f3c1547901c09a96c59a36edf9ce6900adb4f1e2f8769acc0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
582
x-xss-protection
1; mode=block
expires
Thu, 14 Oct 2021 08:28:49 GMT
stepper-finish-registration.htm
citycard.ru/tpl/payment/ Frame 451E 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/tpl/payment/stepper-finish-registration.htm
Requested by
Host: citycard.ru
URL: https://citycard.ru/assets/raven.min.js?v-5401076b424745b45c97801e1e4ab089
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
b7401561e0401231841d747faa00ad50c9878d714f33f19e181b36cdc3012b9b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citycard.ru/widget/tax
X-CSRF-Token
OGQ0Yjc3YjlmMjNhNDMwOTk0ZTU1ZmFjOTExMjJhYjFhCXIIbVosUStYZlFuZ31Ad3AwAXoiChl0A2QBfBs4Ww==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-SSID-Token
acvl950034rbslhe2rh1d9h7b5

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 11 Oct 2021 09:38:22 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"6164060e-10c0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=utf-8
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
share-buttons.htm
citycard.ru/tpl/payment/ Frame 451E 		1007 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/tpl/payment/share-buttons.htm
Requested by
Host: citycard.ru
URL: https://citycard.ru/assets/raven.min.js?v-5401076b424745b45c97801e1e4ab089
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
bb7664d800ecc4e5d7a0d37f11e4da75b1699b75c04103defebded1397949b5a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citycard.ru/widget/tax
X-CSRF-Token
OGQ0Yjc3YjlmMjNhNDMwOTk0ZTU1ZmFjOTExMjJhYjFhCXIIbVosUStYZlFuZ31Ad3AwAXoiChl0A2QBfBs4Ww==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-SSID-Token
acvl950034rbslhe2rh1d9h7b5

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 11 Oct 2021 09:38:22 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"6164060e-3ef"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=utf-8
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
stepper-transaction-state.html
citycard.ru/tpl/payment/ Frame 451E 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/tpl/payment/stepper-transaction-state.html
Requested by
Host: citycard.ru
URL: https://citycard.ru/assets/raven.min.js?v-5401076b424745b45c97801e1e4ab089
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
ad282412aa64cc1cc8b786e2190a0f6e9edd03e71e1460acdc3ebb49e3b8162d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citycard.ru/widget/tax
X-CSRF-Token
OGQ0Yjc3YjlmMjNhNDMwOTk0ZTU1ZmFjOTExMjJhYjFhCXIIbVosUStYZlFuZ31Ad3AwAXoiChl0A2QBfBs4Ww==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-SSID-Token
acvl950034rbslhe2rh1d9h7b5

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 11 Oct 2021 09:38:22 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"6164060e-1848"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=utf-8
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
stepper-payment-methods-form.htm
citycard.ru/tpl/payment/ Frame 451E 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/tpl/payment/stepper-payment-methods-form.htm
Requested by
Host: citycard.ru
URL: https://citycard.ru/assets/raven.min.js?v-5401076b424745b45c97801e1e4ab089
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
6ab4671c6308b01af61fc0f51d1f7c28515240f8dd7d04b6a79fcb7c7c8bf028
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://citycard.ru/widget/tax
X-CSRF-Token
OGQ0Yjc3YjlmMjNhNDMwOTk0ZTU1ZmFjOTExMjJhYjFhCXIIbVosUStYZlFuZ31Ad3AwAXoiChl0A2QBfBs4Ww==
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-SSID-Token
acvl950034rbslhe2rh1d9h7b5

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 11 Oct 2021 09:38:22 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"6164060e-164e"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=utf-8
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
recaptcha__de.js
www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/ Frame 451E 		346 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=vcRecaptchaApiLoaded&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://citycard.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:27:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137921
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 04:21:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Fri, 14 Oct 2022 08:27:59 GMT
analytics.js
www.google-analytics.com/ Frame 451E 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3PHNLX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
1663
date
Thu, 14 Oct 2021 08:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 14 Oct 2021 10:01:06 GMT
watch.js
mc.yandex.ru/metrika/ Frame 451E 		128 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: nalog.24bank.su
URL: https://nalog.24bank.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
35cab8a3f4129d4ec34ba04a05b078cf48feaf1f1ca88503416ef428790238b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:49 GMT
content-encoding
br
last-modified
Wed, 13 Oct 2021 15:51:32 GMT
etag
"6166d654-b650"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
46672
expires
Thu, 14 Oct 2021 09:28:49 GMT
linkid.js
www.google-analytics.com/plugins/ua/ Frame 451E 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f142.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:05:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 14 Oct 2021 09:05:24 GMT
pay-wait.gif
citycard.ru/i/ Frame 451E 		17 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/pay-wait.gif
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
ec9159910e1139b18eb68f9fd1cfe81a9ffc4b589b5135e41fa073594c176547
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Oct 2021 09:38:01 GMT
Server
nginx
ETag
"616405f9-4220"
X-Frame-Options
sameorigin always
X-CORS-DEBUG
no
Content-Type
image/gif
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16928
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pay-error.svg
citycard.ru/i/ Frame 451E 		45 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/pay-error.svg
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
4425292b859007cac1417e4b73e9a5bdb6e042e7d0f374125fe385d64c5611f3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:38:01 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"616405f9-b334"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pay-succes.svg
citycard.ru/i/ Frame 451E 		45 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/pay-succes.svg
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
0bc9f4c59ee0425813933d538317ac9039b8189e5efa4cf6203dc658f8d368ad
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:38:01 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"616405f9-b33b"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
recipe.svg
citycard.ru/i/ Frame 451E 		46 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/recipe.svg
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
dcd355a56378df860e9aa19044893b5b1aa05da73fe1f6e75224cbea496640d2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:38:01 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"616405f9-b9a7"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
36127890
mc.yandex.com/watch/ Frame 451E 		350 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/36127890?wmode=7&page-url=https%3A%2F%2Fcitycard.ru%2Fwidget%2Ftax&page-ref=https%3A%2F%2Fnalog.24bank.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbd8xdjs5a54k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A1099750624501%3Ahid%3A875377235%3Az%3A0%3Ai%3A202101014082849%3Aet%3A1634200129%3Ac%3A1%3Arn%3A209323047%3Arqn%3A1%3Au%3A163420012932776820%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1634200128225%3Adsn%3A0%2C0%2C216%2C1%2C0%2C0%2C%2C514%2C0%2C%2C%2C%2C784%3Arqnl%3A1%3Ast%3A1634200129%3At%3A&t=gdpr(14)ti(2)
Requested by
Host: citycard.ru
URL: https://citycard.ru/assets/raven.min.js?v-5401076b424745b45c97801e1e4ab089
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
c00d8b55bc0b898ff7cd2c31dda2e9fe895015bc681519a3a9454b04cdfa3851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 08:28:49 GMT
x-content-type-options
nosniff
last-modified
Thu, 14-Oct-2021 08:28:49 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://citycard.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 08:28:49 GMT
advert.gif
mc.yandex.com/metrika/ Frame 451E 		0
0
save_customer_logo.svg
citycard.ru/i/ Frame 451E 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/save_customer_logo.svg
Requested by
Host: citycard.ru
URL: https://citycard.ru/widget/tax
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
0bedae477d56038ed8f2c0c9107b728da9794f91d9fb5a3dceeaa86adf6e5f4a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/widget/tax
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-CORS-DEBUG
no
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Oct 2021 09:38:01 GMT
Server
nginx
X-Frame-Options
sameorigin always
ETag
W/"616405f9-56c"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sprite.png
citycard.ru/i/ Frame 451E 		23 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citycard.ru/i/sprite.png?v=1633117780626
Requested by
Host: citycard.ru
URL: https://citycard.ru/assets/common/main.css?v-2944756eed187ca480d2a55f56279ee7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
fbdd871f2190aa565b1e8a98d823d34c5f035566f74810a7f8ea830e98c7c841
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://citycard.ru/assets/common/main.css?v-2944756eed187ca480d2a55f56279ee7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Oct 2021 09:38:02 GMT
Server
nginx
ETag
"616405fa-5a17"
X-Frame-Options
sameorigin always
X-CORS-DEBUG
no
Content-Type
image/png
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23063
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
geometria-light-webfont.woff
citycard.ru/fonts/ Frame 451E 		26 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/fonts/geometria-light-webfont.woff
Requested by
Host: citycard.ru
URL: https://citycard.ru/assets/common/main.css?v-2944756eed187ca480d2a55f56279ee7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
6b34136dec5610149e2082743d2e67357fbdffff76feb23b740d11a12370a852
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citycard.ru/assets/common/main.css?v-2944756eed187ca480d2a55f56279ee7
Origin
https://citycard.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Oct 2021 09:37:57 GMT
Server
nginx
ETag
"616405f5-68f8"
X-Frame-Options
sameorigin always
X-CORS-DEBUG
no
Content-Type
font/woff
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26872
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
geometria-medium-webfont.woff
citycard.ru/fonts/ Frame 451E 		25 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://citycard.ru/fonts/geometria-medium-webfont.woff
Requested by
Host: citycard.ru
URL: https://citycard.ru/assets/common/main.css?v-2944756eed187ca480d2a55f56279ee7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.111.85.55 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net85.111.185-55.global.moneta.ru
Software
nginx /
Resource Hash
b8ad99092e4b1daa59d372ea65178d3bd87e4fd396ad829d3a3d8a9b27316f83
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
X-Content-Type-Options nosniff
X-Frame-Options sameorigin always
X-Xss-Protection 1; mode=block

Request headers

Referer
https://citycard.ru/assets/common/main.css?v-2944756eed187ca480d2a55f56279ee7
Origin
https://citycard.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 14 Oct 2021 08:28:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Oct 2021 09:37:57 GMT
Server
nginx
ETag
"616405f5-658c"
X-Frame-Options
sameorigin always
X-CORS-DEBUG
no
Content-Type
font/woff
Cache-Control
max-age=315360000, public
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' oauth.mail.ru vk.com graph.facebook.com https://www.googleadservices.com *.google-analytics.com https://www.google-analytics.com https://ssl.google-analytics.com https://tagmanager.google.com https://www.googletagmanager.com *.googletagmanager.com *.pingdom.net mc.yandex.ru google.com connect.facebook.net www.googleadservices.com www.gstatic.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://www.google.com/recaptcha/ https://www.google.com https://www.gstatic.com/recaptcha/ googleads.g.doubleclick.net *.ok.ru login.vk.com m.vk.com https://pay.google.com; style-src 'self' 'unsafe-inline' www.payanyway.ru https://tagmanager.google.com https://fonts.googleapis.com; img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com; font-src 'self' fonts.gstatic.com http://fonts.gstatic.com/ https://fonts.gstatic.com; connect-src 'self' 'unsafe-inline' wss://citycard.ru https://* https://www.google-analytics.com; media-src 'self'; object-src 'self'; frame-src 'self' https://*:*; frame-ancestors 'self'; ;
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25996
X-XSS-Protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=nalog.24bank.su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d054fe0c4a8ebb0e8b621623c6ec6f0402aff2b8d1c9399ab3638fa25a83ee08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Oct 2021 08:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8428
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1114993438075446&plah=nalog.24bank.su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 08:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 14 Oct 2021 08:28:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0E7E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nalog.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 14 Oct 2021 07:14:16 GMT
expires
Fri, 14 Oct 2022 07:14:16 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EDC6 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
c159ae46cff3a93f216af0865863031cded2f10de664602c82d7261f41aa4f86
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0TfCN/GVtmZHR13IvZUy1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nalog.24bank.su/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 14 Oct 2021 08:28:49 GMT
date
Thu, 14 Oct 2021 08:28:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-0TfCN/GVtmZHR13IvZUy1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js
pagead2.googlesyndication.com/bg/ Frame 0E7E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 20:37:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
42691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13278
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 13 Oct 2022 20:37:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EDC6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=3915413270544544&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=3915413270544544&bg=!zM-lz4vNAAbGFvHlxhY7ACkAdvg8Wlj2B_PzlbkGOX5kvbp3a7e8BC9Jev9vJ2ELciMiUL971qcqJQIAAABXUgAAAAtoAQcKAGsLYwFfdX-_Z8MDlh3rX4K-2eA5MGibTgfAgkEsdrUueLTVus6VwEjERK1XA0hlBFIn69DKNw4vPiTp2t1NOlchlmZS0wkoaho-4FDorqngvvi2igACM-AN6A31fZ7C-s4MKFlqzPSsvRZj-JkCw9je1uVVyfH8JpsDPQh8M4Huzh6xIT1bsTdpGKMfKLAO0uTEumyv5GVRaZ3Eh6BZX8iIekd9HDnl0OLURf5B2r2PtBQxvL-KnJ-SJ3M-UeeWJwiDo2dVDY5Kn6X7qa0m_tFVGZNqUcjCl2IxscCx68xZ81Hyo6ELe8sLWW_UbtoRVEd3wMaFKX3T0r12gwx_DQ_5Ev67379DAELSl_hHbkpyYNtmHKoklfGbxI2hqIgvhv3SS50NdPhbgGtFO05HSMk1S2zvtC879FhPpwuqi5Lu1xgKVpOsiLG4oVbPLA_pDjEf77_y3BLigHtJvrXqpvo5QWXfp9gAawX7tgRkYc2X6e9yRrXO8l4e3Ds3oqLtvJNsGDQT1rCpXLESgXPEyP1IEyMc5vDULE770-wHbztoBPMBIcoQz2jJREcLd6nnMgWDlJ6lsRKzfIUyVkyWzkFt8ixPFjOHVuewgz86xpdjiV16XJ29imknN0KTnQOnt2r4OWL60VNHkPkvTVJkPuRFvMqghjX2PtgqV6-lvKWv5XHuW_nst26wGgIe_vDGZj_u88bzS2b6C4hjqky7czRc2Ja7NJZosrimfJ46QA5SIhR6jWXuSFvE7oItQCKPxl5tjz6ias411qpTlA4_uWi0FxLGcu_-A8MrICWKJRvtx_XmllTSJkmZUXkhEOlIb1hsZtfEsq7-PNlGJE-fHOuD119fABNb8JyMD0kufkbTHces2NDAK1PExZIQmVqhHNT5Vvhx9-QdX1RMOAnUTZ6vCLk5LhjEsFe4tMJef3RvyzbOw741_1ErLeUbmCKi2iDdePdATmdGVEyKfs8n0W6W1DrZLN0NSATc28SOHBc5_yBowI6Ln4tN0IwIaaiwXNrl-pUMx8TCLfMQDCqLBeOcTT34YPiuNnGHIpbt_QZXiiA_mlIeOXRMPK4wNueseQ0Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nalog.24bank.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 08:28:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
53939389
mc.yandex.com/webvisor/ 		43 B
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/53939389?wmode=0&wv-part=1&wv-hit=859465175&page-url=https%3A%2F%2Fnalog.24bank.su%2F&rn=1064760005&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1634200131%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014082850%3Au%3A1634200128936382761%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634200131&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nalog.24bank.su/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 08:28:50 GMT
last-modified
Thu, 14-Oct-2021 08:28:50 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://nalog.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 08:28:50 GMT
53939389
mc.yandex.com/webvisor/ 		43 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/53939389?wmode=0&wv-part=1&wv-hit=859465175&page-url=https%3A%2F%2Fnalog.24bank.su%2F&rn=1000667939&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634200131%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014082851%3Au%3A1634200128936382761%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634200131&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nalog.24bank.su/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Oct 2021 08:28:51 GMT
last-modified
Thu, 14-Oct-2021 08:28:51 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://nalog.24bank.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 14-Oct-2021 08:28:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.com
URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster object| WebFontConfig function| $ function| jQuery object| WebFont object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint function| isJson function| isObject object| Citycard object| pseudo_links object| sbmt object| npt object| d function| __ksinit object| tocplus function| q2w3_sidebar_init function| q2w3_exclude_mutations_array function| q2w3_sidebar object| a3_lazyload_params object| a3_lazyload_extend_params object| jQuery111108234626099527582 function| ym object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter53939389 object| GoogleGcLKhOms object| google_image_requests

17 Cookies

Domain/Path Name / Value
.24bank.su/ Name: __gads
Value: ID=c012517e7b8e4b41-2282631af4ca0094:T=1634200128:RT=1634200128:S=ALNI_MZwLUM4DRcVRJGwlrCCK8bdVTwP2g
.24bank.su/ Name: _ym_uid
Value: 1634200128936382761
.24bank.su/ Name: _ym_d
Value: 1634200128
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1960924460fake
.24bank.su/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3300456267fake
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yandex.com/ Name: yandexuid
Value: 2696061261634200128
.yandex.com/ Name: yuidss
Value: 2696061261634200128
mc.yandex.com/ Name: yabs-sid
Value: 333230321634200128
.yandex.com/ Name: i
Value: 9mQ5k/73+m/BRfr8oLfha3i9+QWkLdtfubIYvrF55KQ+65XGwkKuXRAhw0TCkp6E6QJagd+V41h5PaXjx+gspDpAI+Q=
.yandex.com/ Name: ymex
Value: 1665736128.yrts.1634200128#1665736128.yrtsi.1634200128
.24bank.su/ Name: _ym_visorc
Value: w
.citycard.ru/ Name: _ym_uid
Value: 163420012932776820
.citycard.ru/ Name: _ym_d
Value: 1634200129
.citycard.ru/ Name: _ym_isad
Value: 1
.citycard.ru/ Name: _ym_visorc
Value: w

2 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9426.PVDxj1FY9-cwA1M3DCR3nBnHEnJMDDtKsba4LyYiCvRrEiDJA1pTAS-Xn1gJRYHwefKe6j9w_1QK1ipqEZk8rg%2C%2C.17HebPNR5jeHCog0J2-Z7MNVkAs%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://mc.yandex.ru/metrika/watch.js(Line 164)
Message:
Refused to load the image 'https://mc.yandex.com/metrika/advert.gif?t=ti(4)' because it violates the following Content Security Policy directive: "img-src 'self' blob: data: mc.yandex.ru *.imgsmail.ru https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com *.googletagmanager.com *.google-analytics.com https://www.google-analytics.com vk.com login.vk.com www.google.com www.google.ru www.facebook.com *.zdassets.com stats.g.doubleclick.net https://stats.g.doubleclick.net https://storage.cloud.croc.ru *.storage.cloud.croc.ru www.payanyway.ru googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://www.google.com *.amazonaws.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
citycard.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
nalog.24bank.su
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
mc.yandex.com
138.201.66.95
142.250.181.226
142.250.184.202
142.250.184.232
142.250.185.131
142.250.185.193
142.250.185.194
142.250.185.226
142.250.185.228
142.250.186.130
142.250.186.42
142.250.186.99
172.217.16.130
172.217.16.142
185.111.85.55
77.88.21.119
01b9f01de814e6f78888a11f4f4aa43a68e4f7f9b2bd15692a5e8f093d960538
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
06904636fdb5f8b7adfb9d5eead55f175b78a3363e8a37cb5a324d8aaa20d1b0
0a9e05fa3d5632de3fa9bc89b1e59ad5c93e2f3017675c2f9610623bc9a33eb1
0bc9f4c59ee0425813933d538317ac9039b8189e5efa4cf6203dc658f8d368ad
0bedae477d56038ed8f2c0c9107b728da9794f91d9fb5a3dceeaa86adf6e5f4a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
18caac23d568787d1a533014ac236b656ad72f95fbd814edf15e5486b0c0126e
1d0fc5c0e68f27a4636f91cfd93c9d1c220ad9d11b1ecd6000a205f1e73b55bc
24888ff57c1714336f283a67e22f1207ef9826694a9078e1cda9d581ff148407
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2d53c76c258d1927bb2704d68f5f132b5a8258b5bfd807efdebe334ab9094b56
346c7776a4eea88a571543be39d71ccbdc1e86f0ea33d88cc737027319dc29c9
35cab8a3f4129d4ec34ba04a05b078cf48feaf1f1ca88503416ef428790238b6
3c2d73af7a2578aa012684d040d1a03b81913a4fa274200d1c3e646e8849a196
4425292b859007cac1417e4b73e9a5bdb6e042e7d0f374125fe385d64c5611f3
474c7890efeadd2afa91373aff7ff1016ab470ab3e8eba58920030844c7af993
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6028df85a6b8c95d3f04f279c78cc905c8e6746f4684133416987d3ad5fe0aee
62b4c0af50241f246527986ef597def60d0b95e9e84359b981ce6ba751e137dc
6a83cc1ae65914769e9b613ca8c7b3c7f69b71259299a4060624c330970034a8
6ab4671c6308b01af61fc0f51d1f7c28515240f8dd7d04b6a79fcb7c7c8bf028
6acb544d4ea434f7842069f09afee2553bdcc75b03589efe6b8f00676ff89ee8
6b34136dec5610149e2082743d2e67357fbdffff76feb23b740d11a12370a852
77265a905cb4e86f3c1547901c09a96c59a36edf9ce6900adb4f1e2f8769acc0
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
813c91eab1bd8dde41d19903cc6c54e2a468a135ed2c8e3b5712d14364d73dcc
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
860a699c45cb77e9f0e5e6c91d089de1563ae77b1c7a81f4dfa3274405fd9505
8899df62dd93bf73b0b8fb4e868e31164cd094fc0650313fd5a10a955fed0ff3
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94b6d9369ec03f48ff41ee59e1fcc7638ba66968da37f42c0b980994da4d5f74
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ad282412aa64cc1cc8b786e2190a0f6e9edd03e71e1460acdc3ebb49e3b8162d
b0ed7256ad6c2f44037d68adcbc5139635d49f99b4fb4ae97876b3264bf714bf
b27bf8d902f81d740b7a03b8c6b6912ed1ed07260e9dc5664a0f1f1aef82f3d8
b3f94de78f9b0afa566c2092c5a6cf42597770d5f6d4ca01b89ecbf614baf80f
b4749b08d419921c7dc6de87e278ac24a2ac78ad23fe9ff79c8532c89435dcb8
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
b7401561e0401231841d747faa00ad50c9878d714f33f19e181b36cdc3012b9b
b8ad99092e4b1daa59d372ea65178d3bd87e4fd396ad829d3a3d8a9b27316f83
b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb7664d800ecc4e5d7a0d37f11e4da75b1699b75c04103defebded1397949b5a
c00d8b55bc0b898ff7cd2c31dda2e9fe895015bc681519a3a9454b04cdfa3851
c159ae46cff3a93f216af0865863031cded2f10de664602c82d7261f41aa4f86
c297fc6b646ba245dda790aa12134d618e1cb2802ec13f9bbb1f1ac94a9a2cd6
c35a40cb99ce2c9950c3ce1d5845dfde7851c2b3bd0188b27c36d26573386abf
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d054fe0c4a8ebb0e8b621623c6ec6f0402aff2b8d1c9399ab3638fa25a83ee08
d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab
d2d579481427b186240f38b48620717ec1333f74e9a2e307364d0e962795af5d
d49945e31b52ac361e67ac4ac881576e3eeacfeec8423074cc0b5eda7a4e8c59
dcd355a56378df860e9aa19044893b5b1aa05da73fe1f6e75224cbea496640d2
dd346bd43b9b906e685f7a8eb0962970f5b54043259bbcceb5e57edb2b448b00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8551ea7f4284ec7eed3a6a30f10aa5552ba20445aed198ebef5054d9edb7010
eafe160c631fe12e8295a70b1f984d23fe9a988f47c3768683927c69554e6b0e
ec9159910e1139b18eb68f9fd1cfe81a9ffc4b589b5135e41fa073594c176547
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c666d75eeb7a517edef5cd6fc4db0c45f5e3e1442c603ae4fa77d93e4ece7a
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
fbdd871f2190aa565b1e8a98d823d34c5f035566f74810a7f8ea830e98c7c841
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe42ae21a19ce716a23f3dcd8710789d9c59b3e285a9ef295f899f1cb7cb060d