autocar.bankffin.kz Open in urlscan Pro
2606:4700::6812:19e2  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10448.cdq9f8Z6FAtVXUGUI_HWX9nql7dtEuz0rXcVQYw1yHkm_bLS8W7wraISJwa1CAn9.hQXlLgPZSIl-8tQuoX9IUvovDzk%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=10448.Qw0_ZcGg0lHUhz9lTfdDw0CHd8MQq6-S7O5auaQbAEYhTk2U0c1uobYaSKf2_ALeLTqmb7YOOQkbwSvshZkphDl7MWg5BB2WhR7A4q1wv1LWK7CucCQtVIHzJvRRCMV_vZnwzL7bw8p2PSRB4-G2xoyK-YHt_KQES07qT-5nmmuy_I9HlljVqML6LqHvwRXbIkz1q9ry3MHCNJwvMC3cPyX-NMmT9LsuXbmMfW7deXo%2C.u4YnG7QdSrzkF3wY1xDBBhQoDqQ%2C HTTP 302
• https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10448.lwkbGq3MjtNxWHfLmSYnll-nxTGc6cSQEta0Zp1T7fFPFWePiwY-SDmjll6eycbDQd1qqO8R5lPPfu9_bK0zRiaLj3nED-golOteuAvb-2PtQBABhXxsw6CvSepi4Ifd6-Nk7C7OrULmxUlU8yXb3Aagbl8Igj1AT3459BVj10ogErVTj2_kQBMw0sVseztkmRetwALi_9XqvPvqDFr3Xg%2C%2C.P0BJeiEPA_2CWqjjqHDdSe7SnRc%2C

Request Chain 42

• https://mc.yandex.kz/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.kz&token=10448.7-31aqdsVQmrKSzYavd4mXjCXoUTegk1PXvUcj0Yuu697cVl3TBv9KJFemNNFNz3.rFWDJoMbpPwCi0zlC8UI6Hpx3Aw%2C HTTP 302
• https://mc.yandex.kz/sync_cookie_image_decide?token=10448.TuYF1EwrOFusivNpYgMDLhqLJn2Nkyy_SSoybK8uFlO4ujLxeYj7kx24pp72jc6MoQwUsN2JCji0-KZhm-G2_aQqwKb4fG7qFwz0GbbCqR_vlhqIsDW4ooKzW8IUbrVyiHT6G1Kgfoi1jZdFzRhJzMNpsaYsKuTaiQ7zcKnrGvlrRDQZEksnZxbqcS8HACqJMw3dcRii419wv1hABB_KhSpXOx80HmfxXWH9YrukHzI%2C.M9hoctpE9IyVon_i8E6_2OG0VsA%2C

Request Chain 53

• https://mc.yandex.com/watch/91048077?wmode=7&page-url=https%3A%2F%2Fautocar.bankffin.kz%2F404&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1401%3Acn%3A2%3Adp%3A0%3Als%3A760400063307%3Ahid%3A60679391%3Az%3A120%3Ai%3A20240801071225%3Aet%3A1722489145%3Ac%3A1%3Arn%3A200242307%3Arqn%3A1%3Au%3A1722489145818285064%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2097%3Awv%3A2%3Ads%3A0%2C59%2C318%2C2%2C0%2C0%2C%2C93%2C0%2C%2C%2C%2C2086%3Aco%3A0%3Acpf%3A1%3Ans%3A1722489142701%3Agi%3AR0ExLjEuODE4NTQ0Njg4LjE3MjI0ODkxNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722489146%3At%3A%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
• https://mc.yandex.com/watch/91048077/1?wmode=7&page-url=https%3A%2F%2Fautocar.bankffin.kz%2F404&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1401%3Acn%3A2%3Adp%3A0%3Als%3A760400063307%3Ahid%3A60679391%3Az%3A120%3Ai%3A20240801071225%3Aet%3A1722489145%3Ac%3A1%3Arn%3A200242307%3Arqn%3A1%3Au%3A1722489145818285064%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2097%3Awv%3A2%3Ads%3A0%2C59%2C318%2C2%2C0%2C0%2C%2C93%2C0%2C%2C%2C%2C2086%3Aco%3A0%3Acpf%3A1%3Ans%3A1722489142701%3Agi%3AR0ExLjEuODE4NTQ0Njg4LjE3MjI0ODkxNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722489146%3At%3A%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response autocar.bankffin.kz/	1 KB 931 B	386ms 319ms	Document text/html	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 309d91cd1c607d797084e13761d95f7169fcf03a9e3edcb4eebae8eb3b993a88 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8ac3553658e80c3b-AMS content-encoding gzip content-type text/html; charset=utf-8 date Thu, 01 Aug 2024 05:12:23 GMT last-modified Tue, 16 Jul 2024 13:23:31 GMT server cloudflare strict-transport-security max-age=15724800; includeSubDomains
GET H/1.1	200 OK	plugin_liveness.php Show response oz-autocred.ffin.kz/	2 MB 2 MB	517ms 230ms	Script application/javascript	149.154.188.35 FFIN
General Check archive.org Show headers Download Go to Full URL https://oz-autocred.ffin.kz/plugin_liveness.php?lang=ru|kz Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.154.188.35 , Kazakhstan, ASN200067 (FFIN, KZ), Reverse DNS Software nginx / Resource Hash df88aede52eb97aa4ff863cffb26327a6336276d3a3cad989dcaede0f82d7481 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Pragma no-cache Date Thu, 01 Aug 2024 05:12:23 GMT Server nginx Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	index-91870390.js Show response autocar.bankffin.kz/assets/	979 KB 284 KB	308ms 308ms	Script application/javascript	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/assets/index-91870390.js Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8123a8506b4e124e57386bf1f75779a60ab7a779987463da7f5f9991cc2369f9 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ Origin https://autocar.bankffin.kz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:23 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 16 Jul 2024 13:23:31 GMT server cloudflare etag W/"66967453-f4c9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 8ac35538aa8d0c3b-AMS expires Thu, 01 Aug 2024 09:12:23 GMT
GET H2	200	react-dcf4d57e.js Show response autocar.bankffin.kz/assets/	148 KB 49 KB	322ms 322ms	Script application/javascript	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/assets/react-dcf4d57e.js Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1f3da6e221a35aff0b7c77881bff619594814b16043b0488d49ecbe1e029712 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ Origin https://autocar.bankffin.kz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:23 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 16 Jul 2024 13:23:31 GMT server cloudflare etag W/"66967453-25054" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 8ac35538aa8e0c3b-AMS expires Thu, 01 Aug 2024 09:12:23 GMT
GET H2	200	tools-1d3727bc.js Show response autocar.bankffin.kz/assets/	728 KB 218 KB	321ms 320ms	Script application/javascript	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/assets/tools-1d3727bc.js Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2693baf6471bb63895b36cbd80fa6665a9c271c75beb30b59e36d9a112a64c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ Origin https://autocar.bankffin.kz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:23 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 16 Jul 2024 13:23:31 GMT server cloudflare etag W/"66967453-b5e7c" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 8ac35538aa8f0c3b-AMS expires Thu, 01 Aug 2024 09:12:23 GMT
GET H2	200	ui_lib-875d6948.js Show response autocar.bankffin.kz/assets/	357 KB 115 KB	309ms 309ms	Script application/javascript	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/assets/ui_lib-875d6948.js Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be5b52efa9e9f6869683e3b28cc038389f05414e59754107bd8de3faf718e8dc Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ Origin https://autocar.bankffin.kz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:23 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 16 Jul 2024 13:23:31 GMT server cloudflare etag W/"66967453-5936c" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 8ac35538aa900c3b-AMS expires Thu, 01 Aug 2024 09:12:23 GMT
GET H2	200	index-932a3bc7.css autocar.bankffin.kz/assets/	143 KB 20 KB	321ms 321ms	Stylesheet text/css	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/assets/index-932a3bc7.css Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 932a3bc7cda6ac267265bdcf7eafcb5798b03f02d0b2ee192091700589dba488 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:23 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 16 Jul 2024 13:23:31 GMT server cloudflare etag W/"66967453-23cff" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 8ac35538aa8b0c3b-AMS expires Thu, 01 Aug 2024 09:12:23 GMT
GET H/1.1	200 OK	liveness-06378d373b.css oz-autocred.ffin.kz/plugin/	28 KB 6 KB	114ms 114ms	Stylesheet text/css	149.154.188.35 FFIN
General Check archive.org Show headers Download Go to Full URL https://oz-autocred.ffin.kz/plugin/liveness-06378d373b.css Requested by Host: oz-autocred.ffin.kz URL: https://oz-autocred.ffin.kz/plugin_liveness.php?lang=ru|kz Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.154.188.35 , Kazakhstan, ASN200067 (FFIN, KZ), Reverse DNS Software nginx / Resource Hash f147d5e170505aa1c33f9ad31b593174c34886d045f15aeac5930899538e0bb7 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Thu, 01 Aug 2024 05:12:24 GMT Content-Encoding gzip Last-Modified Mon, 29 Apr 2024 04:34:22 GMT Server nginx ETag W/"662f234e-6ffe" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H/1.1	200 OK	config.php Show response oz-autocred.ffin.kz/	4 KB 4 KB	328ms 116ms	Fetch application/json	149.154.188.35 FFIN
General Check archive.org Show headers Download Go to Full URL https://oz-autocred.ffin.kz/config.php Requested by Host: oz-autocred.ffin.kz URL: https://oz-autocred.ffin.kz/plugin_liveness.php?lang=ru|kz Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 149.154.188.35 , Kazakhstan, ASN200067 (FFIN, KZ), Reverse DNS Software nginx / Resource Hash ee46065e08a107fa1230bed24a584f4dc344c4dd76c89eeb23032d21298d3fae Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Date Thu, 01 Aug 2024 05:12:24 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	gtm.js Show response www.googletagmanager.com/	293 KB 101 KB	168ms 28ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5THKFTW&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eaa96ffa6f91455b03250c60f08d0843d89baf8dd8d62060fbed6494f2d163fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 102581 x-xss-protection 0 last-modified Thu, 01 Aug 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 01 Aug 2024 05:12:24 GMT
GET H2	200	translation.json Show response autocar.bankffin.kz/locales/kz/	61 KB 17 KB	119ms 119ms	Fetch application/json	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/locales/kz/translation.json Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/assets/index-91870390.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7ac3edc1bc1236ed7d490cecf0365f81f832fb2924c6de28ec18b80aff4ce45 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:24 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 16 Jul 2024 13:23:26 GMT server cloudflare etag W/"6696744e-f329" content-type application/json cf-ray 8ac35542fa180c3b-AMS
GET H2	200	translation.json Show response autocar.bankffin.kz/locales/en-US/	1 KB 792 B	305ms 305ms	Fetch text/html	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/locales/en-US/translation.json Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/assets/index-91870390.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 309d91cd1c607d797084e13761d95f7169fcf03a9e3edcb4eebae8eb3b993a88 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 16 Jul 2024 13:23:31 GMT server cloudflare content-type text/html; charset=utf-8 cf-ray 8ac355433a2f0c3b-AMS
GET H2	200	translation.json Show response autocar.bankffin.kz/locales/en/	1 KB 815 B	301ms 301ms	Fetch text/html	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/locales/en/translation.json Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/assets/index-91870390.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 309d91cd1c607d797084e13761d95f7169fcf03a9e3edcb4eebae8eb3b993a88 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 16 Jul 2024 13:23:31 GMT server cloudflare content-type text/html; charset=utf-8 cf-ray 8ac355433a310c3b-AMS
GET H2	200	js Show response www.googletagmanager.com/gtag/	313 KB 104 KB	25ms 24ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VFK0W482NJ&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5THKFTW&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 58f3428789b1eac2fc5f6c28703e7d517f892c632714a159f1a1f3c6e1f0cab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 106062 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Aug 2024 05:12:24 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	326 KB 106 KB	33ms 33ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-D29FJQ333D&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5THKFTW&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2f64f03be08ca4843adcff7c52aba069218aeaae1ec4392ead712c145b82b7d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108818 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Aug 2024 05:12:24 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	313 KB 104 KB	32ms 32ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GN4N80PHWP&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5THKFTW&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 45cd62a069d65632f81a5c9151ee3786e7a540776e84f5178567846759942d3e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 106156 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Aug 2024 05:12:24 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	326 KB 106 KB	40ms 40ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-F2G6PE26PG&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5THKFTW&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 713f1552213be57d6e0875d75acf0d2d03e5532802daf938ba9e432537760649 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:24 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 108804 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Aug 2024 05:12:24 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	47ms 7ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5THKFTW&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 01 Aug 2024 03:15:05 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 7040 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 01 Aug 2024 05:15:05 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	202 KB 71 KB	211ms 94ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 45ff80f391287f67ec258130a70558da6de6e80d3cacd9eaea331f9546fc2260 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=31536000 content-encoding br last-modified Tue, 30 Jul 2024 13:12:57 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "66a8e6d9-11609" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 71177 expires Thu, 01 Aug 2024 06:12:25 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	224 KB 60 KB	48ms 10ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 01 Aug 2024 05:12:25 GMT document-policy force-load-at-top x-fb-server-load 32 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58677 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1328, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug ATbae7dm7/dKyR0GsO8L9tT9ghKTkwgEqrxtnpqXkTuSZ3Tt+BHyI1ynxFXRhTX92Mn44rGlMrpdT8KNmttzBA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 2 KB	199ms 141ms	Script application/javascript	95.100.146.25 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CI03A8JC77U441D0MNEG&lib=ttq Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-25.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d2e449898d69ef61b579212786321dec706cf36966316dbcce6b49088660aee4 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-akamai-request-id 73c95d6.b54acde3 date Thu, 01 Aug 2024 05:12:25 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240801051225F2B98D0B9D4841566787-6014EE5EDB52FFBA-00 x-cache TCP_MISS from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) x-parent-response-time 118,95.100.146.21 server-timing cdn-cache; desc=MISS, edge; dur=112, origin; dur=8, inner; dur=4 content-length 1648 pragma no-cache server nginx x-tt-logid 20240801051225F2B98D0B9D4841566787 x-cache-remote TCP_MISS from a72-247-190-52.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 8,72.247.190.52 x-tt-trace-host 01ca5754d83224ad6ee886f811f6500308d76895c190fc598f881c91ebb5648b01f5bbbbba6b4cf624db819a0831811f0eaca8f404b9fd101cc3be19ccb65191474546886efa0e25cb7b7239d9c084cda4893de7f1bcec08b7db143ec590ba2ebeb8bd84fa290956eee13eeb0b3b495ff8 expires Thu, 01 Aug 2024 05:12:25 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 211 B	30ms 16ms	XHR text/plain	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1631954160&t=pageview&_s=1&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&ul=de-de&de=UTF-8&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=404719272&gjid=206062570&cid=818544688.1722489145&tid=UA-82402368-55&_gid=703178475.1722489145&_r=1&_slc=1&gtm=45He47v0n815THKFTWv858803796za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&npa=1&z=2136047943 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 83 B	20ms 9ms	XHR text/plain	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1631954160&t=pageview&_s=1&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&ul=de-de&de=UTF-8&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=360107638&gjid=679082809&cid=818544688.1722489145&tid=UA-248525267-1&_gid=703178475.1722489145&_r=1&_slc=1&gtm=45He47v0n815THKFTWv858803796za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&npa=1&z=2095402409 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 949744c777deab79bfa54df66d613a3a3e33fb12bca8aca44ee072ed481bf794 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 0	38ms 15ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-VFK0W482NJ&gtm=45je47v0v9123319414z8858803796za200zb858803796&_p=1722489144753&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=818544688.1722489145&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722489145&sct=1&seg=0&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&en=page_view&_fv=1&_ss=1&tfd=2405 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VFK0W482NJ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 257 B	57ms 18ms	Ping text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VFK0W482NJ&cid=818544688.1722489145&gtm=45je47v0v9123319414z8858803796za200zb858803796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250752 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VFK0W482NJ&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	38ms 17ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VFK0W482NJ&cid=818544688.1722489145&gtm=45je47v0v9123319414z8858803796za200zb858803796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250752&tag_exp=95250752&z=1103461474 Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	278 KB 97 KB	23ms 23ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-TPGE602MXS&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b4b2a33aa40936d0ac65f726af24541dc94b2f812b946f2afa71d24f080022fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 98930 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 01 Aug 2024 05:12:25 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 0	18ms 17ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-GN4N80PHWP&gtm=45je47v0v9123555388z8858803796za200zb858803796&_p=1722489144753&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=818544688.1722489145&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722489145&sct=1&seg=0&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&en=page_view&_fv=1&_ss=1&tfd=2454 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GN4N80PHWP&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 45 B	18ms 18ms	Ping text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GN4N80PHWP&cid=818544688.1722489145&gtm=45je47v0v9123555388z8858803796za200zb858803796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250753 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GN4N80PHWP&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	21ms 21ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GN4N80PHWP&cid=818544688.1722489145&gtm=45je47v0v9123555388z8858803796za200zb858803796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250753&tag_exp=95250753&z=184715988 Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	777742689893769 Show response connect.facebook.net/signals/config/	71 KB 14 KB	87ms 87ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/777742689893769?v=2.9.162&r=stable&domain=autocar.bankffin.kz&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 71e68ef50fcf3de2d59a311b8f4779ad7f49f59f40773ffec82496cdb2629673 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 01 Aug 2024 05:12:25 GMT document-policy force-load-at-top x-fb-server-load 51 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=12, rtx=0, c=65, mss=1328, tbw=64253, tp=-1, tpl=-1, uplat=80, ullat=0 pragma public x-fb-debug k/QIcyCc8t56RdbWLC57Hl3o8pI4481X3RQ/zEY3EilqExQ3058nlLPwevwi9+2iaifX8sxcLUNbhUlx4tREbg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 0	19ms 14ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-D29FJQ333D&gtm=45je47v0v9123544380z8858803796za200zb858803796&_p=1722489144753&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=818544688.1722489145&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722489145&sct=1&seg=0&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&en=page_view&_fv=1&_ss=1&tfd=2491 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-F2G6PE26PG&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 0	16ms 15ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-F2G6PE26PG&gtm=45je47v0v9123544380z8858803796za200zb858803796&_p=1722489144753&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=818544688.1722489145&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722489145&sct=1&seg=0&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&en=page_view&_fv=1&_ss=1&tfd=2494 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-F2G6PE26PG&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 54 B	18ms 17ms	Ping text/plain	2a00:1450:400c:c00::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F2G6PE26PG&cid=818544688.1722489145&gtm=45je47v0v9123544380z8858803796za200zb858803796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250752 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-F2G6PE26PG&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	18ms 17ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F2G6PE26PG&cid=818544688.1722489145&gtm=45je47v0v9123544380z8858803796za200zb858803796&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=95250752&tag_exp=95250752&z=823466432 Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.google-analytics.com/g/	0 0	15ms 15ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-TPGE602MXS&gtm=45je47v0v9139041170za200&_p=1722489144753&gcd=13l3l3l2l3&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&ul=de-de&sr=1600x1200&cid=818544688.1722489145&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&sid=1722489145&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2588 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-TPGE602MXS&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	main.MTc2ZTRjM2Y4MA.js Show response analytics.tiktok.com/i18n/pixel/static/	331 KB 93 KB	20ms 19ms	Script application/javascript	95.100.146.25 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CI03A8JC77U441D0MNEG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-25.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 849e2bcc8c984e3d90fdbf30f1828018ff1d1217c79978ee7be297902949167d Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-akamai-request-id b54ad14f date Thu, 01 Aug 2024 05:12:25 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202407310103023E9146C190A323D53327 x-tt-trace-id 00-2407310103023E9146C190A323D53327-5560DBB4C47BE833-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01f751d996a11e9fc1ab00753dcf7679d5c4c2777a267688da9ce54dc620c1db2da01e8545342b9a4a5d31324d85f366403ba293034b192e01c24d1a0b19ff9eacbde16b670f1b37b4a7fddbc80221e6f1679fb5f69c5265ba776539b9c232efe5 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 94991
GET H2	200	translation.json Show response autocar.bankffin.kz/locales/ru/	61 KB 18 KB	122ms 122ms	Fetch application/json	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/locales/ru/translation.json Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/assets/index-91870390.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d552644442ab2514cce5348455c9e40e1d9c4424f9bf137788c6a327ba34d7d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/main User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 16 Jul 2024 13:23:26 GMT server cloudflare etag W/"6696744e-f271" content-type application/json cf-ray 8ac355466ca90c3b-AMS
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 982 B	37ms 20ms	Script text/javascript	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/assets/tools-1d3727bc.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cd16d59418d247854012161ca2d37366eeb4f4e4de47d6866e32ee8c719291b4 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Thu, 01 Aug 2024 05:12:25 GMT
GET H2	200	hidden-car-dark-c2cbd405.svg autocar.bankffin.kz/assets/	3 KB 2 KB	314ms 313ms	Image image/svg+xml	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://autocar.bankffin.kz/assets/hidden-car-dark-c2cbd405.svg Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2cbd4054f12c68cf3f6c6462df6ccd8517b3a4f4397a6a538b5756458ddf879 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/404 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 16 Jul 2024 13:23:31 GMT server cloudflare etag W/"66967453-dc0" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 8ac35546fcf90c3b-AMS expires Thu, 01 Aug 2024 09:12:25 GMT
GET H2	200	success-dark-05107f45.svg autocar.bankffin.kz/assets/	974 B 570 B	299ms 298ms	Image image/svg+xml	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://autocar.bankffin.kz/assets/success-dark-05107f45.svg Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05107f45754392833c98f3a23f05c59e884f3af59d22e56ebaa23fca421f3856 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/404 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 16 Jul 2024 13:23:30 GMT server cloudflare etag W/"66967452-3ce" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 8ac35546fcfd0c3b-AMS expires Thu, 01 Aug 2024 09:12:25 GMT
GET H2	200	img404-64ed862f.svg autocar.bankffin.kz/assets/	4 KB 2 KB	314ms 313ms	Image image/svg+xml	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://autocar.bankffin.kz/assets/img404-64ed862f.svg Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64ed862f1d292edada4ae3613b6db80ab645ae944e9d7de1809e5dce19233763 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/404 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 16 Jul 2024 13:23:30 GMT server cloudflare etag W/"66967452-10a8" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 8ac35546fcfe0c3b-AMS expires Thu, 01 Aug 2024 09:12:25 GMT
GET H2	400	sync_cookie_image_finish mc.yandex.ru/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10448.cdq9f8Z6FAtVXUGUI_HWX9nql7dtEuz0rXcVQYw1yHkm_bLS8W7wraISJwa1CAn9.hQXlLgPZSIl-8tQuoX9IUvovDzk%2C https://mc.yandex.com/sync_cookie_image_decide?token=10448.Qw0_ZcGg0lHUhz9lTfdDw0CHd8MQq6-S7O5auaQbAEYhTk2U0c1uobYaSKf2_ALeLTqmb7YOOQkbwSvshZkphDl7MWg5BB2WhR7A4q1wv1LWK7CucCQtVIHzJvRRCMV_vZnwzL7bw8... https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10448.lwkbGq3MjtNxWHfLmSYnll-nxTGc6cSQEta0Zp1T7fFPFWePiwY-SDmjll6eycbDQd1qqO8R5lPPfu9_bK0zRiaLj3nED-golOteuAvb-2PtQ...	62 B 62 B	1057ms 1057ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10448.lwkbGq3MjtNxWHfLmSYnll-nxTGc6cSQEta0Zp1T7fFPFWePiwY-SDmjll6eycbDQd1qqO8R5lPPfu9_bK0zRiaLj3nED-golOteuAvb-2PtQBABhXxsw6CvSepi4Ifd6-Nk7C7OrULmxUlU8yXb3Aagbl8Igj1AT3459BVj10ogErVTj2_kQBMw0sVseztkmRetwALi_9XqvPvqDFr3Xg%2C%2C.P0BJeiEPA_2CWqjjqHDdSe7SnRc%2C Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash ee2f91e85185c10fb4e2511b377b30b0df780f841cfc89c132d1f1b16c158437 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 01 Aug 2024 05:12:26 GMT content-length 62 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10448.lwkbGq3MjtNxWHfLmSYnll-nxTGc6cSQEta0Zp1T7fFPFWePiwY-SDmjll6eycbDQd1qqO8R5lPPfu9_bK0zRiaLj3nED-golOteuAvb-2PtQBABhXxsw6CvSepi4Ifd6-Nk7C7OrULmxUlU8yXb3Aagbl8Igj1AT3459BVj10ogErVTj2_kQBMw0sVseztkmRetwALi_9XqvPvqDFr3Xg%2C%2C.P0BJeiEPA_2CWqjjqHDdSe7SnRc%2C date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	sync_cookie_image_decide mc.yandex.kz/ Redirect Chain https://mc.yandex.kz/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.kz&token=10448.7-31aqdsVQmrKSzYavd4mXjCXoUTegk1PXvUcj0Yuu697cVl3TBv9KJFemNNFNz3.rFWDJoMbpPwCi0zlC8UI6Hpx3Aw%2C https://mc.yandex.kz/sync_cookie_image_decide?token=10448.TuYF1EwrOFusivNpYgMDLhqLJn2Nkyy_SSoybK8uFlO4ujLxeYj7kx24pp72jc6MoQwUsN2JCji0-KZhm-G2_aQqwKb4fG7qFwz0GbbCqR_vlhqIsDW4ooKzW8IUbrVyiHT6G1Kgfoi...	43 B 480 B	56ms 56ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.kz/sync_cookie_image_decide?token=10448.TuYF1EwrOFusivNpYgMDLhqLJn2Nkyy_SSoybK8uFlO4ujLxeYj7kx24pp72jc6MoQwUsN2JCji0-KZhm-G2_aQqwKb4fG7qFwz0GbbCqR_vlhqIsDW4ooKzW8IUbrVyiHT6G1Kgfoi1jZdFzRhJzMNpsaYsKuTaiQ7zcKnrGvlrRDQZEksnZxbqcS8HACqJMw3dcRii419wv1hABB_KhSpXOx80HmfxXWH9YrukHzI%2C.M9hoctpE9IyVon_i8E6_2OG0VsA%2C Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 01 Aug 2024 05:12:25 GMT content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.kz/sync_cookie_image_decide?token=10448.TuYF1EwrOFusivNpYgMDLhqLJn2Nkyy_SSoybK8uFlO4ujLxeYj7kx24pp72jc6MoQwUsN2JCji0-KZhm-G2_aQqwKb4fG7qFwz0GbbCqR_vlhqIsDW4ooKzW8IUbrVyiHT6G1Kgfoi1jZdFzRhJzMNpsaYsKuTaiQ7zcKnrGvlrRDQZEksnZxbqcS8HACqJMw3dcRii419wv1hABB_KhSpXOx80HmfxXWH9YrukHzI%2C.M9hoctpE9IyVon_i8E6_2OG0VsA%2C date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H3	200	1819701835059733 Show response connect.facebook.net/signals/config/	23 KB 3 KB	54ms 54ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1819701835059733?v=2.9.162&r=stable&domain=autocar.bankffin.kz&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C127%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C120%2C121%2C223%2C157%2C113%2C129%2C117%2C146%2C141 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d9fb16547c50aad865323b965357e0a690f22cc144b2eef3b142c00bc0fc2c66 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 01 Aug 2024 05:12:25 GMT document-policy force-load-at-top x-fb-server-load 27 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4691, tp=12, tpl=0, uplat=44, ullat=0 pragma public x-fb-debug 3YS/8j7rtRCfSCpJlunHkFMqavTEthfwk8y4QIZkybq6Snr/dTtEGxmzTu07iVkI/FY5mGVU/lP/9gMHPkgRgQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 273 B	35ms 7ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=777742689893769&ev=PageView&dl=https%3A%2F%2Fautocar.bankffin.kz%2F404&rl=&if=false&ts=1722489145471&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722489145465.8597346494080253&cs_est=true&ler=empty&cdl=API_unavailable&it=1722489145167&coo=false&rqm=GET Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2833, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 01 Aug 2024 05:12:25 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	185ms 165ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=777742689893769&ev=PageView&dl=https%3A%2F%2Fautocar.bankffin.kz%2F404&rl=&if=false&ts=1722489145471&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722489145465.8597346494080253&cs_est=true&ler=empty&cdl=API_unavailable&it=1722489145167&coo=false&rqm=FGET Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Thu, 01 Aug 2024 05:12:25 GMT document-policy force-load-at-top x-fb-server-load 30 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398034547459466334", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=17, mss=1328, tbw=3366, tp=-1, tpl=-1, uplat=157, ullat=0 pragma no-cache x-fb-debug R0/96DXh74n4v4ZhV+BrbEpa/V3T0oWjwVF05t7yB1rrDfJkYvxRlUrCkciZpKJPIphYyiqozjHwQpxH/VHk2A== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398034547459466334"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 567 B	53ms 53ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:25 GMT strict-transport-security max-age=31536000 last-modified Tue, 30 Jul 2024 13:12:57 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "66a8e6d9-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Thu, 01 Aug 2024 06:12:25 GMT
GET H2	200	identify_c2008b8c.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 39 KB	18ms 18ms	Script application/javascript	95.100.146.25 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-25.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-akamai-request-id b54ad429 date Thu, 01 Aug 2024 05:12:25 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202407291241450324560FD3E61E30080D x-tt-trace-id 00-2407291241450324560FD3E61E30080D-1CEE7FFDC21C99E7-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 010f165459d4a020da8e7e4806794458ab4311fc6953f7cb24a8674ccffa8060aa6721fff6a4eb73e4144b9b1d52aad081e7a008abb2988e0b84022a4a3dbfa2289b39048ad4354832847c569354ab16fa8a3d5ee84db1b916008a3714f731a6a5 server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2 content-length 39571
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 843 B	167ms 166ms	Ping text/plain	95.100.146.25 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-25.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 129166f8.b54ad45f date Thu, 01 Aug 2024 05:12:25 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-2408010512251F3CFC22BA7FB0581038-1AFFDF29A7132CE2-00 x-cache TCP_MISS from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) x-parent-response-time 138,95.100.146.21 server-timing cdn-cache; desc=MISS, edge; dur=114, origin; dur=35, inner; dur=32 content-length 0 pragma no-cache server nginx x-tt-logid 202408010512251F3CFC22BA7FB0581038 x-cache-remote TCP_MISS from a23-222-0-212.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 35,23.222.0.212 x-tt-trace-host 01ca5754d83224ad6ee886f811f6500308a2cad10dd5761af0f1568871a321082b63ef4f5b9dfeaa7c5fcb0655444d79a0015b672336bc682926dfb180d76ebc903badf3ec1a8990f3bcbc89f125fdebb4028fe35f357c0c0154c9b0fd98f933de3ee10e8da275eb5167838a9f69e46dec access-control-allow-headers Authorization,* expires Thu, 01 Aug 2024 05:12:25 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/	533 KB 212 KB	203ms 12ms	Script text/javascript	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ Origin https://autocar.bankffin.kz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 17:09:29 GMT content-encoding gzip x-content-type-options nosniff age 129776 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 216180 x-xss-protection 0 last-modified Mon, 29 Jul 2024 04:00:39 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 30 Jul 2025 17:09:29 GMT
GET H3	200	1392306241346317 Show response connect.facebook.net/signals/config/	23 KB 3 KB	63ms 63ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1392306241346317?v=2.9.162&r=stable&domain=autocar.bankffin.kz&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C127%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C120%2C121%2C223%2C157%2C113%2C129%2C117%2C146%2C141 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 44a3c7dda6272522d63dda14870f51e8261986a2054bee333307b5dc5b5a9b95 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 01 Aug 2024 05:12:25 GMT document-policy force-load-at-top x-fb-server-load 35 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=28, mss=1232, tbw=10702, tp=20, tpl=0, uplat=47, ullat=0 pragma public x-fb-debug uM/ewTrRs20zcly46bmQTaSUXKiEfomBVO2j8C9hCe6p1jIebhwVy63wPts2ZEexPv0f3rP4RXGIyikdzUV67w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 102 B	15ms 14ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1819701835059733&ev=PageView&dl=https%3A%2F%2Fautocar.bankffin.kz%2F404&rl=&if=false&ts=1722489145563&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722489145465.8597346494080253&ler=empty&cdl=API_unavailable&it=1722489145167&coo=false&rqm=GET Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=17, mss=1328, tbw=3220, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 01 Aug 2024 05:12:25 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 849 B	111ms 110ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1819701835059733&ev=PageView&dl=https%3A%2F%2Fautocar.bankffin.kz%2F404&rl=&if=false&ts=1722489145563&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722489145465.8597346494080253&ler=empty&cdl=API_unavailable&it=1722489145167&coo=false&rqm=FGET Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Thu, 01 Aug 2024 05:12:25 GMT document-policy force-load-at-top x-fb-server-load 26 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398034547260122689", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=17, mss=1328, tbw=6147, tp=-1, tpl=-1, uplat=95, ullat=0 pragma no-cache x-fb-debug zJAKEM9FJ8nRX5mnTMHbA60H4hjSrcQYEpMjpCFQai2U/T5EpepfO2T9/22UuIteBdFlOsrZbGcx1TsTA5AmPw== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398034547260122689"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	1 Show response mc.yandex.com/watch/91048077/ Redirect Chain https://mc.yandex.com/watch/91048077?wmode=7&page-url=https%3A%2F%2Fautocar.bankffin.kz%2F404&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-... https://mc.yandex.com/watch/91048077/1?wmode=7&page-url=https%3A%2F%2Fautocar.bankffin.kz%2F404&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Aut...	464 B 642 B	58ms 58ms	Fetch application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/91048077/1?wmode=7&page-url=https%3A%2F%2Fautocar.bankffin.kz%2F404&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1401%3Acn%3A2%3Adp%3A0%3Als%3A760400063307%3Ahid%3A60679391%3Az%3A120%3Ai%3A20240801071225%3Aet%3A1722489145%3Ac%3A1%3Arn%3A200242307%3Arqn%3A1%3Au%3A1722489145818285064%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2097%3Awv%3A2%3Ads%3A0%2C59%2C318%2C2%2C0%2C0%2C%2C93%2C0%2C%2C%2C%2C2086%3Aco%3A0%3Acpf%3A1%3Ans%3A1722489142701%3Agi%3AR0ExLjEuODE4NTQ0Njg4LjE3MjI0ODkxNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722489146%3At%3A%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29 Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 32505bd1726c0029ed0b1058c1a8a9aec98df822492be45b9102f2536c6d9c2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Thu, 01 Aug 2024 05:12:25 GMT x-content-type-options nosniff last-modified Thu, 01-Aug-2024 05:12:25 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://autocar.bankffin.kz cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 464 x-xss-protection 1; mode=block expires Thu, 01-Aug-2024 05:12:25 GMT Redirect headers pragma no-cache strict-transport-security max-age=31536000 date Thu, 01 Aug 2024 05:12:25 GMT last-modified Thu, 01-Aug-2024 05:12:25 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA access-control-allow-origin https://autocar.bankffin.kz location /watch/91048077/1?wmode=7&page-url=https%3A%2F%2Fautocar.bankffin.kz%2F404&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1401%3Acn%3A2%3Adp%3A0%3Als%3A760400063307%3Ahid%3A60679391%3Az%3A120%3Ai%3A20240801071225%3Aet%3A1722489145%3Ac%3A1%3Arn%3A200242307%3Arqn%3A1%3Au%3A1722489145818285064%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2097%3Awv%3A2%3Ads%3A0%2C59%2C318%2C2%2C0%2C0%2C%2C93%2C0%2C%2C%2C%2C2086%3Aco%3A0%3Acpf%3A1%3Ans%3A1722489142701%3Agi%3AR0ExLjEuODE4NTQ0Njg4LjE3MjI0ODkxNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722489146%3At%3A%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29 cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Thu, 01-Aug-2024 05:12:25 GMT
GET H2	200	metrika_match.html mc.yandex.com/metrika/ Frame 9043	0 0	192ms 68ms	Document text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/metrika/metrika_match.html Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://autocar.bankffin.kz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA access-control-allow-origin * cache-control max-age=3600 content-encoding br content-length 1045 content-type text/html date Thu, 01 Aug 2024 05:12:25 GMT etag "66a8e6d9-415" expires Thu, 01 Aug 2024 06:12:25 GMT last-modified Tue, 30 Jul 2024 13:12:57 GMT strict-transport-security max-age=31536000 timing-allow-origin *
GET H3	200	3634701556805094 Show response connect.facebook.net/signals/config/	22 KB 3 KB	126ms 126ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/3634701556805094?v=2.9.162&r=stable&domain=autocar.bankffin.kz&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C127%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C120%2C121%2C223%2C157%2C113%2C129%2C117%2C146%2C141 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 53dcb2ad488d95db51e58ee6f758a96d15ff2f261a3e595d88491751a42f1ad6 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 01 Aug 2024 05:12:25 GMT document-policy force-load-at-top x-fb-server-load 47 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=10, rtx=0, c=31, mss=1232, tbw=13982, tp=25, tpl=0, uplat=119, ullat=0 pragma public x-fb-debug uVaI6hsm2dvjPXqgERIjRgZSIXvg1KToZqOUqrjB2y2kb/nZ8roR0WE16tbi60QAa8PzrSikZZkz2A0d7MYITw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	0 19 B	10ms 10ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1392306241346317&ev=PageView&dl=https%3A%2F%2Fautocar.bankffin.kz%2F404&rl=&if=false&ts=1722489145745&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722489145465.8597346494080253&ler=empty&cdl=API_unavailable&it=1722489145167&coo=false&rqm=GET Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4407, tp=10, tpl=0, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 01 Aug 2024 05:12:25 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 197 B	37ms 37ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1392306241346317&ev=PageView&dl=https%3A%2F%2Fautocar.bankffin.kz%2F404&rl=&if=false&ts=1722489145745&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722489145465.8597346494080253&ler=empty&cdl=API_unavailable&it=1722489145167&coo=false&rqm=FGET Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Thu, 01 Aug 2024 05:12:25 GMT document-policy force-load-at-top x-fb-server-load 29 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398034546240528486", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4775, tp=13, tpl=0, uplat=28, ullat=0 pragma no-cache x-fb-debug hnXgUs32uOJsMe1OMGZKxDSwCm/qRa7F71sNR7Rf7We0zzaNzpAjUNSSWAM85bVcQDy3L58mpgqBZVNukZ31fg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398034546240528486"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 845 B	355ms 352ms	Ping text/plain	95.100.146.25 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-25.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 1f7c243.b54ad6cd date Thu, 01 Aug 2024 05:12:26 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240801051225D7233520AB0DBB5AE848-256D89F1D5453A3E-00 x-cache TCP_MISS from a95-100-146-21.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) x-parent-response-time 328,95.100.146.21 server-timing cdn-cache; desc=MISS, edge; dur=114, origin; dur=224, inner; dur=216 content-length 0 pragma no-cache server nginx x-tt-logid 20240801051225D7233520AB0DBB5AE848 x-cache-remote TCP_MISS from a23-32-17-154.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-) access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 224,23.32.17.154 x-tt-trace-host 01ca5754d83224ad6ee886f811f6500308a2cad10dd5761af0f1568871a321082bcda7c1bbf74354525a4067b9610ff4c97bafa9e7cd09b0f2878b1da3fd602e2de1def56ea0bd7cd4469d408a63c3b20f14223bb84dbd7fd8fc981e1a3687356a20c2bbddb2cb09957f10b560f22cfadb access-control-allow-headers Authorization,* expires Thu, 01 Aug 2024 05:12:26 GMT
GET H3	200	/ www.facebook.com/tr/	0 16 B	7ms 6ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=3634701556805094&ev=PageView&dl=https%3A%2F%2Fautocar.bankffin.kz%2F404&rl=&if=false&ts=1722489145878&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722489145465.8597346494080253&ler=empty&cdl=API_unavailable&it=1722489145167&coo=false&rqm=GET Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=7, rtx=0, c=26, mss=1232, tbw=7911, tp=19, tpl=0, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 01 Aug 2024 05:12:25 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 193 B	711ms 711ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3634701556805094&ev=PageView&dl=https%3A%2F%2Fautocar.bankffin.kz%2F404&rl=&if=false&ts=1722489145878&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722489145465.8597346494080253&ler=empty&cdl=API_unavailable&it=1722489145167&coo=false&rqm=FGET Requested by Host: autocar.bankffin.kz URL: https://autocar.bankffin.kz/404 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Thu, 01 Aug 2024 05:12:26 GMT document-policy force-load-at-top x-fb-server-load 27 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7398034546682669968", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=7, rtx=0, c=26, mss=1232, tbw=8119, tp=22, tpl=0, uplat=703, ullat=0 pragma no-cache x-fb-debug l7bAV56AtOcYWGaU7FMdbroZ74XA5lPaO+eZ14kidyOVZwLgFl420WnWrhxUCze+aYreeL2mGqE/PEjoLAwXUQ== cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7398034546682669968"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	89179102 Show response mc.yandex.com/watch/	464 B 651 B	60ms 60ms	Fetch application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/89179102?wmode=7&page-url=https%3A%2F%2Fautocar.bankffin.kz%2F404&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A347174911213%3Ahid%3A60679391%3Az%3A120%3Ai%3A20240801071225%3Aet%3A1722489145%3Ac%3A1%3Arn%3A100658453%3Arqn%3A1%3Au%3A1722489145818285064%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2097%3Awv%3A2%3Ads%3A0%2C59%2C318%2C2%2C0%2C0%2C%2C93%2C0%2C%2C%2C%2C2086%3Aco%3A0%3Acpf%3A1%3Ans%3A1722489142701%3Agi%3AR0ExLjEuODE4NTQ0Njg4LjE3MjI0ODkxNDU%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722489147%3At%3A%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash e3c074d7382fc4a5eb903bd19fdb1da2a17947e2aac2c1363d46d76827b62bb5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:26 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 01-Aug-2024 05:12:26 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://autocar.bankffin.kz cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 464 x-xss-protection 1; mode=block expires Thu, 01-Aug-2024 05:12:26 GMT
GET H2	200	favicon-3c45e014.ico autocar.bankffin.kz/assets/	15 KB 2 KB	304ms 303ms	Other image/x-icon	2606:4700::6812:19e2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autocar.bankffin.kz/assets/favicon-3c45e014.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19e2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c45e014b085ddf12f977b9d6b2e6fa51b418e477157421ebcda8f7aac05dd69 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://autocar.bankffin.kz/404 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Thu, 01 Aug 2024 05:12:27 GMT strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 16 Jul 2024 13:23:30 GMT server cloudflare etag W/"66967452-3aee" vary Accept-Encoding content-type image/x-icon cache-control public, max-age=14400 cf-ray 8ac3554f6aff0c3b-AMS expires Thu, 01 Aug 2024 09:12:27 GMT
POST H2	200	89179102 mc.yandex.com/webvisor/	43 B 0	60ms 57ms	Fetch image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/89179102?wv-part=1&wv-type=7&wmode=0&wv-hit=60679391&page-url=https%3A%2F%2Fautocar.bankffin.kz%2F404&rn=260497601&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1722489149%3Aw%3A1600x1200%3Av%3A1401%3Az%3A120%3Ai%3A20240801071229%3Au%3A1722489145818285064%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Ast%3A1722489149&t=gdpr(14)ti(1) Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=31536000 date Thu, 01 Aug 2024 05:12:29 GMT last-modified Thu, 01-Aug-2024 05:12:29 GMT content-type image/gif access-control-allow-origin https://autocar.bankffin.kz cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 01-Aug-2024 05:12:29 GMT
POST H2	200	89179102 mc.yandex.com/webvisor/	43 B 0	58ms 55ms	Fetch image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/89179102?wv-part=1&wv-type=7&wmode=0&wv-hit=60679391&page-url=https%3A%2F%2Fautocar.bankffin.kz%2F404&rn=538362779&browser-info=we%3A1%3Aet%3A1722489149%3Aw%3A1600x1200%3Av%3A1401%3Az%3A120%3Ai%3A20240801071229%3Au%3A1722489145818285064%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Ast%3A1722489149&t=gdpr(14)ti(1) Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:29 GMT strict-transport-security max-age=31536000 last-modified Thu, 01-Aug-2024 05:12:29 GMT content-type image/gif access-control-allow-origin https://autocar.bankffin.kz cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Thu, 01-Aug-2024 05:12:29 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 0	17ms 16ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-VFK0W482NJ&gtm=45je47v0v9123319414za200zb858803796&_p=1722489144753&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=818544688.1722489145&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sid=1722489145&sct=1&seg=0&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&_s=2&tfd=7415 Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 0	16ms 15ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-GN4N80PHWP&gtm=45je47v0v9123555388za200zb858803796&_p=1722489144753&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=818544688.1722489145&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sid=1722489145&sct=1&seg=0&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&_s=2&tfd=7512 Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.google-analytics.com/g/	0 0	15ms 14ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-D29FJQ333D&gtm=45je47v0v9123544380za200zb858803796&_p=1722489144753&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=818544688.1722489145&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&sid=1722489145&sct=1&seg=0&dl=https%3A%2F%2Fautocar.bankffin.kz%2F&dt=%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%D0%BE%D1%82%20%D0%A4%D1%80%D0%B8%D0%B4%D0%BE%D0%BC%20%D0%91%D0%B0%D0%BD%D0%BA%D0%B0&_s=2&tfd=7516 Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MA.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://autocar.bankffin.kz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 01 Aug 2024 05:12:30 GMT server Golfe2 content-type text/plain access-control-allow-origin https://autocar.bankffin.kz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT