urlscan.io logo urlscan.io
SecurityTrails logo

assistant.moneta.ru Open in urlscan Pro
185.111.84.216  Public Scan

Go To Rescan Add Verdict Report
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Submission: On July 31 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 32 HTTP transactions. The main IP is 185.111.84.216, located in Russian Federation and belongs to MONETA, RU. The main domain is assistant.moneta.ru.
TLS certificate: Issued by R10 on June 12th 2024. Valid for: 3 months.
This is the only time assistant.moneta.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 185.111.84.216 204198 (MONETA)
1 10 185.111.86.11 204198 (MONETA)
11 2a02:6b8::353 13238 (YANDEX)
32 4
Apex Domain
Subdomains		 Transfer
22 moneta.ru
assistant.moneta.ru
moneta.ru
298 KB
11 yandex.ru
pay.yandex.ru — Cisco Umbrella Rank: 254745
48 KB
32 2
Domain Requested by
12 assistant.moneta.ru assistant.moneta.ru
11 pay.yandex.ru assistant.moneta.ru
pay.yandex.ru
10 moneta.ru 1 redirects assistant.moneta.ru
moneta.ru
32 3

This site contains links to these domains. Also see Links.

Domain
www.payanyway.ru
Subject Issuer Validity Valid
assistant.moneta.ru
R10		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.moneta.ru
AlphaSSL CA - SHA256 - G4		 2023-10-05 -
2024-11-05		 a year crt.sh
pay.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2024-04-19 -
2024-10-18		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Frame ID: 4C7DBB54D486EA73B7D8BC5B8708EBCF
Requests: 22 HTTP requests in this frame

Frame: https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
Frame ID: 3F168B67A651C0C02E32556C35C9A803
Requests: 11 HTTP requests in this frame

Frame: https://pay.yandex.ru/web/sdk/v1/init-2?abuid=2781722452367&ymuid=1722452367621211094
Frame ID: 5DAC37DA69C0D526F8A2EDC70A5DC9C1
Requests: 1 HTTP requests in this frame

Frame: https://pay.yandex.ru/web/sdk/v1/payment-method?abuid=2781722452367&ymuid=1722452367621211094&extra=%7B%22buttonOptions%22%3A%7B%22type%22%3A%22PAY%22%2C%22theme%22%3A%22WHITE%22%2C%22width%22%3A%22AUTO%22%7D%2C%22paymentSheet%22%3A%7B%22version%22%3A2%2C%22countryCode%22%3A%22RU%22%2C%22currencyCode%22%3A%22RUB%22%2C%22merchant%22%3A%7B%22id%22%3A%22e4b4e45e-c505-44c4-bea1-01a0ff2a1fae%22%2C%22name%22%3A%22%D0%9E%D0%9E%D0%9E+%5C%22%D0%9A%D0%9E%D0%9C%D0%A4%D0%9E%D0%A0%D0%A2+%D0%91%D0%A3%D0%9A%D0%98%D0%9D%D0%93%5C%22%22%7D%2C%22order%22%3A%7B%22id%22%3A%22206820798%22%2C%22total%22%3A%7B%22amount%22%3A%2237520.00%22%7D%7D%2C%22paymentMethods%22%3A%5B%7B%22type%22%3A%22CARD%22%2C%22gateway%22%3A%22moneta%22%2C%22gatewayMerchantId%22%3A%22f935bcd08b9c42163724b3905877d4cd52b0770c5cfd1bef3d37ba278c75c780%22%2C%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CLOUD_TOKEN%22%5D%2C%22allowedCardNetworks%22%3A%5B%22VISA%22%2C%22MASTERCARD%22%2C%22MIR%22%2C%22UZCARD%22%5D%7D%5D%2C%22type%22%3A%22Token%22%7D%2C%22buttonStyles%22%3A%7B%22border%22%3A8%2C%22height%22%3A56%7D%7D&msid=e4b4e45e-c505-44c4-bea1-01a0ff2a1fae.3d9218d6.1722452367868&mcid=&merchantId=e4b4e45e-c505-44c4-bea1-01a0ff2a1fae
Frame ID: 84936E42C55B5738A58D83A5D647117D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Assistant

Page Statistics

32
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

345 kB
Transfer

501 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://moneta.ru/cardpayment.htm?_do_init=true&token=2f8641d9-ce12-497c-a403-5f86d9b8c4ad HTTP 302
  • https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request card
assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
66dded3c433b75b6c3674d3c96e060064d9f36e74da66c472d9d4dc9988e22ea
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-language
de-DE
content-length
7173
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
content-type
text/html
date
Wed, 31 Jul 2024 18:59:27 GMT
referrer-policy
no-referrer
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1 ; mode=block
assistant.min.css
assistant.moneta.ru/static/css/ 		59 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assistant.moneta.ru/static/css/assistant.min.css?v=0.0.259-20240730090031
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
1ff8d34b9ef60ff87b10fdfc5339f8ed47bffe08293688ad305f91b29d9253bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
text/css
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
60658
x-xss-protection
1 ; mode=block
assistant.js
assistant.moneta.ru/static/js/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assistant.moneta.ru/static/js/assistant.js?v=0.0.259-20240730090031
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
34c5293e0d2134716daf55e768b5ee337083de8d5c1669b6c448f84161e96546
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
application/javascript
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
12694
x-xss-protection
1 ; mode=block
cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
moneta.ru/ Frame 3F16
Redirect Chain
  • https://moneta.ru/cardpayment.htm?_do_init=true&token=2f8641d9-ce12-497c-a403-5f86d9b8c4ad
  • https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.111.86.11 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net86.111.185-11.global.moneta.ru
Software
nginx /
Resource Hash
641dfe97557cbd3a23a246d70b3f617ca14b3fa96fd52122e43ed308bebadb15
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Language
ru
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Content-Type
text/html;charset=UTF-8
Date
Wed, 31 Jul 2024 18:59:27 GMT
Keep-Alive
timeout=60
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Date
Wed, 31 Jul 2024 18:59:27 GMT
Keep-Alive
timeout=60
Location
https://moneta.ru:443/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
bg.webp
assistant.moneta.ru/static/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assistant.moneta.ru/static/img/bg.webp
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/static/css/assistant.min.css?v=0.0.259-20240730090031
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
c83fed15ad4456ada4877abe241f1fa78d7766a52a5874502d49a3619cc27023
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
image/webp
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
3598
x-xss-protection
1 ; mode=block
cart.svg
assistant.moneta.ru/static/img/ 		873 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assistant.moneta.ru/static/img/cart.svg
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/static/css/assistant.min.css?v=0.0.259-20240730090031
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
4a1590c291543ddeb6ff55813b9a8b27688801a2b62eb61a947d6eecd94079f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
image/svg+xml
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
873
x-xss-protection
1 ; mode=block
sberpay.svg
assistant.moneta.ru/static/img/pmLogo/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assistant.moneta.ru/static/img/pmLogo/sberpay.svg
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/static/css/assistant.min.css?v=0.0.259-20240730090031
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
ed311cd12eb0f850b425a41d19a65116f875c328e69d292d4ab2301559905289
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
image/svg+xml
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
2074
x-xss-protection
1 ; mode=block
Golos-Text_Regular.woff2
assistant.moneta.ru/static/fonts/golos/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assistant.moneta.ru/static/fonts/golos/Golos-Text_Regular.woff2
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/static/css/assistant.min.css?v=0.0.259-20240730090031
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
9c38f69273b299cd156965166f5b5c3c77481e6c09f776dda664102b199c951b
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://assistant.moneta.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
application/octet-stream
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
29460
x-xss-protection
1 ; mode=block
Golos-Text_Medium.woff2
assistant.moneta.ru/static/fonts/golos/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assistant.moneta.ru/static/fonts/golos/Golos-Text_Medium.woff2
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/static/css/assistant.min.css?v=0.0.259-20240730090031
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
639e6ceb0f2415e87cb4550e531c120ba9a2dc4e8b1066fd4d14407d3306b20e
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
Origin
https://assistant.moneta.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
application/octet-stream
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
30196
x-xss-protection
1 ; mode=block
yandexpay.js
assistant.moneta.ru/static/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assistant.moneta.ru/static/js/yandexpay.js
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
ab0eadd2187a3324d45f182b8c6f27d207ff98bb63ce1a1bddccb9ed4b2044bb
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
application/javascript
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
4797
x-xss-protection
1 ; mode=block
pay.js
pay.yandex.ru/sdk/v1/ 		155 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.yandex.ru/sdk/v1/pay.js
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/static/js/yandexpay.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
2c221db9dc8425bd8de9c085e6fcae0d7bed5cfe714cbb6f28f96fe87dc86653

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 18:59:27 GMT
Content-Encoding
br
Last-Modified
Fri, 26 Jul 2024 14:22:36 GMT
ETag
"66a3b12c-9b18"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=600, private
X-Req-ID
1722452367677513-3770824107392492557
Content-Length
39704
X-Request-ID
1722452367677513-3770824107392492557
Expires
Wed, 31 Jul 2024 19:09:27 GMT
init-2
pay.yandex.ru/web/sdk/v1/ Frame 5DAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.yandex.ru/web/sdk/v1/init-2?abuid=2781722452367&ymuid=1722452367621211094
Requested by
Host: pay.yandex.ru
URL: https://pay.yandex.ru/sdk/v1/pay.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'nonce-efpihaicVRKZIZw3xIfJUw==' 'self' https://mc.yandex.ru https://yastatic.net https://api-maps.yandex.ru/ https://core-renderer-tiles.maps.yandex.net https://cdn-ext.prod.yandex-bank.net; style-src 'unsafe-inline' 'self' https://yastatic.net https://cdn-ext.prod.yandex-bank.net; img-src data: 'self' https://mc.admetrica.ru https://mc.yandex.ru https://yastatic.net https://avatars.mds.yandex.net https://avatars.mdst.yandex.net https://api-maps.yandex.ru/ https://core-renderer-tiles.maps.yandex.net; font-src 'self' https://yastatic.net; connect-src 'self' https://pay.yandex.ru https://trust.yandex.ru https://yandex.ru https://mc.admetrica.ru https://mc.yandex.ru https://yastatic.net https://api.passport.yandex.ru https://api.passport-test.yandex.ru https://csp.yandex.net/csp https://console.pay.yandex.ru https://bank.yandex.ru https://id.yandex.ru/iframe/security/phone-binding https://sandbox.pay.yandex.ru; frame-src 'self' https://pay.yandex.ru https://trust.yandex.ru https://split.yandex.ru https://sandbox.split.yandex.ru https://sandbox.pay.yandex.ru https://mc.yandex.ru https://forms.yandex.ru https://bank.yandex.ru https://id.yandex.ru/iframe/security/phone-binding; object-src https://avatars.mds.yandex.net; report-uri https://csp.yandex.net/csp?from=pay&project=pay&platform=desktop&env=production&reqId=1722452368002666-14555156460746966110&uid=1630738061722452367&login=undefined&page=/web/sdk/v1/init-2;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Encoding
br
Content-Security-Policy
default-src 'none'; script-src 'nonce-efpihaicVRKZIZw3xIfJUw==' 'self' https://mc.yandex.ru https://yastatic.net https://api-maps.yandex.ru/ https://core-renderer-tiles.maps.yandex.net https://cdn-ext.prod.yandex-bank.net; style-src 'unsafe-inline' 'self' https://yastatic.net https://cdn-ext.prod.yandex-bank.net; img-src data: 'self' https://mc.admetrica.ru https://mc.yandex.ru https://yastatic.net https://avatars.mds.yandex.net https://avatars.mdst.yandex.net https://api-maps.yandex.ru/ https://core-renderer-tiles.maps.yandex.net; font-src 'self' https://yastatic.net; connect-src 'self' https://pay.yandex.ru https://trust.yandex.ru https://yandex.ru https://mc.admetrica.ru https://mc.yandex.ru https://yastatic.net https://api.passport.yandex.ru https://api.passport-test.yandex.ru https://csp.yandex.net/csp https://console.pay.yandex.ru https://bank.yandex.ru https://id.yandex.ru/iframe/security/phone-binding https://sandbox.pay.yandex.ru; frame-src 'self' https://pay.yandex.ru https://trust.yandex.ru https://split.yandex.ru https://sandbox.split.yandex.ru https://sandbox.pay.yandex.ru https://mc.yandex.ru https://forms.yandex.ru https://bank.yandex.ru https://id.yandex.ru/iframe/security/phone-binding; object-src https://avatars.mds.yandex.net; report-uri https://csp.yandex.net/csp?from=pay&project=pay&platform=desktop&env=production&reqId=1722452368002666-14555156460746966110&uid=1630738061722452367&login=undefined&page=/web/sdk/v1/init-2;
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 18:59:28 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Req-ID
1722452368002666-14555156460746966110
X-Request-ID
1722452368002666-14555156460746966110
click
pay.yandex.ru/web/cl/ 		43 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://pay.yandex.ru/web/cl/click
Requested by
Host: pay.yandex.ru
URL: https://pay.yandex.ru/sdk/v1/pay.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

X-Content-Type-Options
nosniff
NEL
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
Accept-CH
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
X-Yandex-Req-Id
1722452367894959-7632796170756943131
Report-To
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
X-Req-ID
1722452367894959-7632796170756943131
Content-Length
43
X-Request-ID
1722452367894959-7632796170756943131
1
pay.yandex.ru/web/watch/73147015/ 		43 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.yandex.ru/web/watch/73147015/1?charset=utf-8&page-url=https%3A%2F%2Fassistant.moneta.ru&exp=&page-ref=&site-info=&browser-info=pv%3A1%3Aet%3A1722452367%3Ast%3A1722452367%3Arn%3A765565632%3Au%3A1722452367621211094%3At%3A
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jul 2024 18:59:28 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 31-Jul-2024 18:59:28 GMT
Accept-CH
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
X-Req-ID
1722452367962099-16664981977910677177
Content-Length
43
X-XSS-Protection
1; mode=block
X-Request-ID
1722452367962099-16664981977910677177
Expires
Wed, 31-Jul-2024 18:59:28 GMT
1
pay.yandex.ru/web/watch/73147015/ 		43 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.yandex.ru/web/watch/73147015/1?charset=utf-8&page-url=https%3A%2F%2Fassistant.moneta.ru&exp=&page-ref=&site-info=%7B%22origin%22%3A%22https%3A%2F%2Fassistant.moneta.ru%22%2C%22e4b4e45e-c505-44c4-bea1-01a0ff2a1fae.3d9218d6.1722452367868%22%3A%7B%22meta%22%3A%7B%22type%22%3A%22payment%22%2C%22sessionType%22%3A%22Token%22%2C%22session_type%22%3A%22Token%22%2C%22merchant_id%22%3A%22e4b4e45e-c505-44c4-bea1-01a0ff2a1fae%22%2C%22merchant_origin%22%3A%22https%3A%2F%2Fassistant.moneta.ru%22%2C%22merchant_path%22%3A%22%2F92fe7adb-8bfe-47f2-b658-c58ee7150f6a%2Fcard%22%2C%22merchant_name%22%3A%22%D0%9E%D0%9E%D0%9E%20%5C%22%D0%9A%D0%9E%D0%9C%D0%A4%D0%9E%D0%A0%D0%A2%20%D0%91%D0%A3%D0%9A%D0%98%D0%9D%D0%93%5C%22%22%2C%22merchant_url%22%3A%22nourl%22%2C%22currency%22%3A%22RUB%22%2C%22amount%22%3A%2237520.00%22%2C%22version%22%3A2%2C%22datetime%22%3A1722452367868%2C%22agent%22%3A%7B%22name%22%3A%22%22%2C%22version%22%3A%22%22%7D%2C%22source%22%3A%22%22%2C%22checkout%22%3Afalse%2C%22form_billing_contact%22%3A%22false%22%2C%22form_shipping_contact%22%3A%22false%22%2C%22form_shipping_address%22%3A%22false%22%2C%22form_pickup_address%22%3A%22false%22%2C%22build_version%22%3A%2213%22%2C%22visit_id%22%3A%22YXNzaXN0YW50.5c706ec6.1722452367840%22%7D%7D%7D&browser-info=pa%3A1%3Aar%3A1%3Aet%3A1722452367%3Ast%3A1722452367%3Arn%3A889902255%3Au%3A1722452367621211094%3At%3A
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jul 2024 18:59:28 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 31-Jul-2024 18:59:28 GMT
Accept-CH
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
X-Req-ID
1722452367998692-15237649056040946248
Content-Length
43
X-XSS-Protection
1; mode=block
X-Request-ID
1722452367998692-15237649056040946248
Expires
Wed, 31-Jul-2024 18:59:28 GMT
1
pay.yandex.ru/web/watch/73147015/ 		43 B
950 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.yandex.ru/web/watch/73147015/1?charset=utf-8&page-url=https%3A%2F%2Fassistant.moneta.ru&exp=&page-ref=&site-info=%7B%22origin%22%3A%22https%3A%2F%2Fassistant.moneta.ru%22%2C%22e4b4e45e-c505-44c4-bea1-01a0ff2a1fae.3d9218d6.1722452367868%22%3A%7B%22payment_init%22%3A%7B%22datetime%22%3A1722452367869%7D%7D%7D&browser-info=pa%3A1%3Aar%3A1%3Aet%3A1722452367%3Ast%3A1722452367%3Arn%3A104575293%3Au%3A1722452367621211094%3At%3A
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jul 2024 18:59:28 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 31-Jul-2024 18:59:28 GMT
Accept-CH
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
X-Req-ID
1722452367996774-2915762773624656250
Content-Length
43
X-XSS-Protection
1; mode=block
X-Request-ID
1722452367996774-2915762773624656250
Expires
Wed, 31-Jul-2024 18:59:28 GMT
truncated
/ 		866 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
577aa93c8d81f32ecd019960156fd4efc9e6d42f04a728438b95f6fa1675d566

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
payment-method
pay.yandex.ru/web/sdk/v1/ Frame 8493 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.yandex.ru/web/sdk/v1/payment-method?abuid=2781722452367&ymuid=1722452367621211094&extra=%7B%22buttonOptions%22%3A%7B%22type%22%3A%22PAY%22%2C%22theme%22%3A%22WHITE%22%2C%22width%22%3A%22AUTO%22%7D%2C%22paymentSheet%22%3A%7B%22version%22%3A2%2C%22countryCode%22%3A%22RU%22%2C%22currencyCode%22%3A%22RUB%22%2C%22merchant%22%3A%7B%22id%22%3A%22e4b4e45e-c505-44c4-bea1-01a0ff2a1fae%22%2C%22name%22%3A%22%D0%9E%D0%9E%D0%9E+%5C%22%D0%9A%D0%9E%D0%9C%D0%A4%D0%9E%D0%A0%D0%A2+%D0%91%D0%A3%D0%9A%D0%98%D0%9D%D0%93%5C%22%22%7D%2C%22order%22%3A%7B%22id%22%3A%22206820798%22%2C%22total%22%3A%7B%22amount%22%3A%2237520.00%22%7D%7D%2C%22paymentMethods%22%3A%5B%7B%22type%22%3A%22CARD%22%2C%22gateway%22%3A%22moneta%22%2C%22gatewayMerchantId%22%3A%22f935bcd08b9c42163724b3905877d4cd52b0770c5cfd1bef3d37ba278c75c780%22%2C%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CLOUD_TOKEN%22%5D%2C%22allowedCardNetworks%22%3A%5B%22VISA%22%2C%22MASTERCARD%22%2C%22MIR%22%2C%22UZCARD%22%5D%7D%5D%2C%22type%22%3A%22Token%22%7D%2C%22buttonStyles%22%3A%7B%22border%22%3A8%2C%22height%22%3A56%7D%7D&msid=e4b4e45e-c505-44c4-bea1-01a0ff2a1fae.3d9218d6.1722452367868&mcid=&merchantId=e4b4e45e-c505-44c4-bea1-01a0ff2a1fae
Requested by
Host: pay.yandex.ru
URL: https://pay.yandex.ru/sdk/v1/pay.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'nonce-z59QbPAHlHCRwmmrZOb1LA==' 'self' https://mc.yandex.ru https://yastatic.net https://api-maps.yandex.ru/ https://core-renderer-tiles.maps.yandex.net https://cdn-ext.prod.yandex-bank.net; style-src 'unsafe-inline' 'self' https://yastatic.net https://cdn-ext.prod.yandex-bank.net; img-src data: 'self' https://mc.admetrica.ru https://mc.yandex.ru https://yastatic.net https://avatars.mds.yandex.net https://avatars.mdst.yandex.net https://api-maps.yandex.ru/ https://core-renderer-tiles.maps.yandex.net; font-src 'self' https://yastatic.net; connect-src 'self' https://pay.yandex.ru https://trust.yandex.ru https://yandex.ru https://mc.admetrica.ru https://mc.yandex.ru https://yastatic.net https://api.passport.yandex.ru https://api.passport-test.yandex.ru https://csp.yandex.net/csp https://console.pay.yandex.ru https://bank.yandex.ru https://id.yandex.ru/iframe/security/phone-binding; frame-src 'self' https://pay.yandex.ru https://trust.yandex.ru https://split.yandex.ru https://sandbox.split.yandex.ru https://sandbox.pay.yandex.ru https://mc.yandex.ru https://forms.yandex.ru https://bank.yandex.ru https://id.yandex.ru/iframe/security/phone-binding; object-src https://avatars.mds.yandex.net; report-uri https://csp.yandex.net/csp?from=pay&project=pay&platform=desktop&env=production&reqId=1722452368038380-2344722079006878418&uid=1630738061722452367&login=undefined&page=/web/sdk/v1/payment-method;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Encoding
br
Content-Security-Policy
default-src 'none'; script-src 'nonce-z59QbPAHlHCRwmmrZOb1LA==' 'self' https://mc.yandex.ru https://yastatic.net https://api-maps.yandex.ru/ https://core-renderer-tiles.maps.yandex.net https://cdn-ext.prod.yandex-bank.net; style-src 'unsafe-inline' 'self' https://yastatic.net https://cdn-ext.prod.yandex-bank.net; img-src data: 'self' https://mc.admetrica.ru https://mc.yandex.ru https://yastatic.net https://avatars.mds.yandex.net https://avatars.mdst.yandex.net https://api-maps.yandex.ru/ https://core-renderer-tiles.maps.yandex.net; font-src 'self' https://yastatic.net; connect-src 'self' https://pay.yandex.ru https://trust.yandex.ru https://yandex.ru https://mc.admetrica.ru https://mc.yandex.ru https://yastatic.net https://api.passport.yandex.ru https://api.passport-test.yandex.ru https://csp.yandex.net/csp https://console.pay.yandex.ru https://bank.yandex.ru https://id.yandex.ru/iframe/security/phone-binding; frame-src 'self' https://pay.yandex.ru https://trust.yandex.ru https://split.yandex.ru https://sandbox.split.yandex.ru https://sandbox.pay.yandex.ru https://mc.yandex.ru https://forms.yandex.ru https://bank.yandex.ru https://id.yandex.ru/iframe/security/phone-binding; object-src https://avatars.mds.yandex.net; report-uri https://csp.yandex.net/csp?from=pay&project=pay&platform=desktop&env=production&reqId=1722452368038380-2344722079006878418&uid=1630738061722452367&login=undefined&page=/web/sdk/v1/payment-method;
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 18:59:28 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Req-ID
1722452368038380-2344722079006878418
X-Request-ID
1722452368038380-2344722079006878418
click
pay.yandex.ru/web/cl/ 		43 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://pay.yandex.ru/web/cl/click
Requested by
Host: pay.yandex.ru
URL: https://pay.yandex.ru/sdk/v1/pay.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

X-Content-Type-Options
nosniff
NEL
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
Accept-CH
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
X-Yandex-Req-Id
1722452368024631-11016208233126984697
Report-To
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
X-Req-ID
1722452368024631-11016208233126984697
Content-Length
43
X-Request-ID
1722452368024631-11016208233126984697
1
pay.yandex.ru/web/watch/73147015/ 		43 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.yandex.ru/web/watch/73147015/1?charset=utf-8&page-url=goal%3A%2F%2Fassistant.moneta.ru%2Fpay_button_render&exp=&page-ref=https%3A%2F%2Fassistant.moneta.ru&site-info=&browser-info=et%3A1722452367%3Ast%3A1722452367%3Arn%3A731515595%3Au%3A1722452367621211094%3At%3A
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jul 2024 18:59:28 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 31-Jul-2024 18:59:28 GMT
Accept-CH
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
X-Req-ID
1722452368000257-11216321910090860221
Content-Length
43
X-XSS-Protection
1; mode=block
X-Request-ID
1722452368000257-11216321910090860221
Expires
Wed, 31-Jul-2024 18:59:28 GMT
1
pay.yandex.ru/web/watch/73147015/ 		43 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.yandex.ru/web/watch/73147015/1?charset=utf-8&page-url=https%3A%2F%2Fassistant.moneta.ru&exp=&page-ref=&site-info=%7B%22origin%22%3A%22https%3A%2F%2Fassistant.moneta.ru%22%2C%22e4b4e45e-c505-44c4-bea1-01a0ff2a1fae.3d9218d6.1722452367868%22%3A%7B%22pay_button_render%22%3A%7B%22watcher%22%3A%22io%22%2C%22datetime%22%3A1722452367886%7D%7D%7D&browser-info=pa%3A1%3Aar%3A1%3Aet%3A1722452367%3Ast%3A1722452367%3Arn%3A321786465%3Au%3A1722452367621211094%3At%3A
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/92fe7adb-8bfe-47f2-b658-c58ee7150f6a/card
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jul 2024 18:59:28 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 31-Jul-2024 18:59:28 GMT
Accept-CH
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
X-Req-ID
1722452368015989-7808323221410704557
Content-Length
43
X-XSS-Protection
1; mode=block
X-Request-ID
1722452368015989-7808323221410704557
Expires
Wed, 31-Jul-2024 18:59:28 GMT
cardform.min.css
moneta.ru/cardform/css/ Frame 3F16 		53 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moneta.ru/cardform/css/cardform.min.css
Requested by
Host: moneta.ru
URL: https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.111.86.11 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net86.111.185-11.global.moneta.ru
Software
nginx /
Resource Hash
e8da59911bc073e8143f72b9f8b00b13876a70582c500442ebf7751b2e82ee3b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 18:59:27 GMT
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 30 Jul 2024 09:27:43 GMT
Server
nginx
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"66a8b20f-d218"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
cardform.js
moneta.ru/cardform/js/ Frame 3F16 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneta.ru/cardform/js/cardform.js
Requested by
Host: moneta.ru
URL: https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.111.86.11 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net86.111.185-11.global.moneta.ru
Software
nginx /
Resource Hash
024aac23a1348c18ce17c50e29101912761ebab263948db9f8c4cad5683b7ace
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 18:59:28 GMT
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 30 Jul 2024 09:27:43 GMT
Server
nginx
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"66a8b20f-394c"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
threeDSInfo.min.js
moneta.ru/js/c2s/ Frame 3F16 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moneta.ru/js/c2s/threeDSInfo.min.js
Requested by
Host: moneta.ru
URL: https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.111.86.11 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net86.111.185-11.global.moneta.ru
Software
nginx /
Resource Hash
662bddf4dcccf76fb7b3c33041ec795f10942b4efc3c8becd6e5337690736de2
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 18:59:28 GMT
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 30 Jul 2024 09:27:43 GMT
Server
nginx
ETag
W/"66a8b20f-1962"
Content-Type
application/x-javascript
Cache-Control
max-age=600
Keep-Alive
timeout=60
Expires
Wed, 31 Jul 2024 19:09:28 GMT
checkbox-icon.svg
moneta.ru/cardform/images/ Frame 3F16 		221 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://moneta.ru/cardform/images/checkbox-icon.svg
Requested by
Host: moneta.ru
URL: https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.111.86.11 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net86.111.185-11.global.moneta.ru
Software
nginx /
Resource Hash
f36f24d3381ae9d399408d39476491055ea8d76a10ea648985b033faef0cefda
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 18:59:28 GMT
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 30 Jul 2024 09:27:43 GMT
Server
nginx
Referrer-Policy
strict-origin-when-cross-origin
ETag
"66a8b20f-dd"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
221
X-XSS-Protection
1; mode=block
question-mark.svg
moneta.ru/cardform/images/ Frame 3F16 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://moneta.ru/cardform/images/question-mark.svg
Requested by
Host: moneta.ru
URL: https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.111.86.11 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net86.111.185-11.global.moneta.ru
Software
nginx /
Resource Hash
552b187f7bd0faccd3c2e0bac09b64678ce9150a0d6c74ce9602fe79493f2a17
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 18:59:28 GMT
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 30 Jul 2024 09:27:43 GMT
Server
nginx
Referrer-Policy
strict-origin-when-cross-origin
ETag
"66a8b20f-724"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
1828
X-XSS-Protection
1; mode=block
cross.svg
moneta.ru/cardform/images/ Frame 3F16 		600 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://moneta.ru/cardform/images/cross.svg
Requested by
Host: moneta.ru
URL: https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.111.86.11 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net86.111.185-11.global.moneta.ru
Software
nginx /
Resource Hash
eac916a09d1e10cd6bb265a40b511f5cf34f72f4a71000a94c6bd3576c7aab78
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moneta.ru/cardpayment.htm;jsessionid=A495CF31F5E8EC0C3877771B9242B473.p
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 18:59:28 GMT
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 30 Jul 2024 09:27:43 GMT
Server
nginx
Referrer-Policy
strict-origin-when-cross-origin
ETag
"66a8b20f-258"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
600
X-XSS-Protection
1; mode=block
truncated
/ Frame 3F16 		952 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74f639073f2d7adea49f7d62534a1afda191f6808bf3e0100fb1102ae7b53bbc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3F16 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edf29c08680f24e4caf662a7c1843ac0f5499fd289b6c7361f4678db8551857e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
Golos-Text_DemiBold.woff2
moneta.ru/cardform/fonts/golos/ Frame 3F16 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://moneta.ru/cardform/fonts/golos/Golos-Text_DemiBold.woff2
Requested by
Host: moneta.ru
URL: https://moneta.ru/cardform/css/cardform.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.111.86.11 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net86.111.185-11.global.moneta.ru
Software
nginx /
Resource Hash
41decf90911b3676791d2eb9b9fb935a29a7c640b59e93a531e112f913e35a8f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moneta.ru/cardform/css/cardform.min.css
Origin
https://moneta.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 18:59:28 GMT
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 30 Jul 2024 09:27:43 GMT
Server
nginx
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"66a8b20f-7704"
Transfer-Encoding
chunked
Content-Type
text/plain
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
Golos-Text_Regular.woff2
moneta.ru/cardform/fonts/golos/ Frame 3F16 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://moneta.ru/cardform/fonts/golos/Golos-Text_Regular.woff2
Requested by
Host: moneta.ru
URL: https://moneta.ru/cardform/css/cardform.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.111.86.11 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net86.111.185-11.global.moneta.ru
Software
nginx /
Resource Hash
bc15f3a7e1222beb28b0e1bfa2ad6dfe21c0a4490ad5f3aab93f9a8ad7be3afa
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moneta.ru/cardform/css/cardform.min.css
Origin
https://moneta.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 18:59:28 GMT
Content-Security-Policy
default-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; script-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com payanyway.ru https://pay.google.com https://pay.yandex.ru https://mc.yandex.ru 'report-sample' 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru www.payanyway.ru *.payanyway.com 'unsafe-inline'; img-src * data:; font-src 'self' data: *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru *.payanyway.com ; connect-src 'self' *.moneta.ru *.moneta.com *.payanyway.ru payanyway.ru sbp.payanyway.ru *.payanyway.com https://mc.yandex.ru https://qr.nspk.ru ; frame-src https: sberpay: sbolpay: qr.nspk.ru ; report-uri /cspreport.htm
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Last-Modified
Tue, 30 Jul 2024 09:27:43 GMT
Server
nginx
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
ETag
W/"66a8b20f-7314"
Transfer-Encoding
chunked
Content-Type
text/plain
Connection
keep-alive
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
cross.svg
assistant.moneta.ru/cardform/images/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://assistant.moneta.ru/cardform/images/cross.svg
Requested by
Host: assistant.moneta.ru
URL: https://assistant.moneta.ru/static/js/assistant.js?v=0.0.259-20240730090031
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
referrer-policy
no-referrer
content-type
application/json
content-length
159
x-xss-protection
1 ; mode=block
click
pay.yandex.ru/web/cl/ 		43 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://pay.yandex.ru/web/cl/click
Requested by
Host: pay.yandex.ru
URL: https://pay.yandex.ru/sdk/v1/pay.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::353 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

X-Content-Type-Options
nosniff
NEL
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
Accept-CH
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
X-Yandex-Req-Id
1722452368681118-17574498894735403922
Report-To
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
X-Req-ID
1722452368681118-17574498894735403922
Content-Length
43
X-Request-ID
1722452368681118-17574498894735403922
favicon.svg
assistant.moneta.ru/static/img/ 		298 B
956 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assistant.moneta.ru/static/img/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
996551f9625b6b3bc6d0391247bdc38ba266a4d4278ed3b8f4f3d6d262c96c48
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
image/svg+xml
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
298
x-xss-protection
1 ; mode=block
favicon.ico
assistant.moneta.ru/static/img/ 		41 KB
41 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assistant.moneta.ru/static/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.111.84.216 , Russian Federation, ASN204198 (MONETA, RU),
Reverse DNS
net84.111.185-216.global.moneta.ru
Software
/
Resource Hash
c957649ce8d2bf8bfd52563029a7cb21f19c135185c2103916f9bf8a9eeb734f
Security Headers
Name Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 18:59:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
no-referrer
content-type
image/x-icon
cache-control
max-age=31536000, s-maxage=31536000
accept-ranges
bytes
content-length
41662
x-xss-protection
1 ; mode=block

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| reloadOnSessionEnd function| is_touch_enabled function| setShowPaymentsMethodsListener function| setHidePaymentsMethodsListener function| setAmountSwitcherMethodsListener function| setCheckBoxClickListener function| switchPaymentMethods function| switchAmountDetailsByKey function| switchAmountDetails function| blurElement function| blurCheckBox function| setHintWrapperListener function| toggleHint function| documentClick function| findElementInCollection function| hideHints function| closeModalWindow function| openModalWindow function| inIframe function| setIFrameClass function| listener function| disableButtons function| enableButtons function| disableCardFormIFrame function| enableCardFormIFrame function| sendWebMessage function| sendSize function| sendModal function| addButtonsListeners function| showIFrameLoader function| hideIFrameLoader function| checkStateRequest function| reloadPageByStatusChange function| checkStateChange function| startCheckPaymentStatus function| mobileAndTabletCheck object| yandexPayContainers function| prepareYandexPay function| _onYandexPayLoaded function| yandexPayButtonPressed function| checkSessionRequest function| reloadPageBySession function| checkSession function| enableYaPayButton object| YaPay

9 Cookies

Domain/Path Name / Value
moneta.ru/ Name: JSESSIONID
Value: A495CF31F5E8EC0C3877771B9242B473.p
moneta.ru/ Name: moneta_locale
Value: ru
.yandex.ru/ Name: i
Value: 8TlSm4LJ1TlAz9FApFD5MvmpViu6w4qackPflDjAXy5IdMNxrhDGxO4TiNUSSBtJXcmb+J38Ox57dNfmW277XimlZFo=
.yandex.ru/ Name: yandexuid
Value: 1630738061722452367
.yandex.ru/ Name: yashr
Value: 7801439131722452367
.yandex.ru/ Name: bh
Value: EkEiTm90KUE7QnJhbmQiO3Y9Ijk5IiwgIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNyIsICJDaHJvbWl1bSI7dj0iMTI3IioCPzA6ByJMaW51eCJgkJOqtQY=
.yandex.ru/ Name: gdpr
Value: 0
.yandex.ru/ Name: _ym_uid
Value: 1722452369333284434
.yandex.ru/ Name: _ym_d
Value: 1722452369

1 Console Messages

Source Level URL
Text
network error URL: https://assistant.moneta.ru/cardform/images/cross.svg#cross
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;frame-src 'self' https: sberpay: sbolpay: *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com;img-src 'self' data: moneta.ru moneta.com *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;script-src * 'unsafe-inline';style-src 'self' 'unsafe-inline' *.moneta.ru *.moneta.com *.payanyway.ru *.payanyway.com *.nspk.ru pay.yandex.ru;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1 ; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assistant.moneta.ru
moneta.ru
pay.yandex.ru
185.111.84.216
185.111.86.11
2a02:6b8::353
024aac23a1348c18ce17c50e29101912761ebab263948db9f8c4cad5683b7ace
1ff8d34b9ef60ff87b10fdfc5339f8ed47bffe08293688ad305f91b29d9253bd
2c221db9dc8425bd8de9c085e6fcae0d7bed5cfe714cbb6f28f96fe87dc86653
34c5293e0d2134716daf55e768b5ee337083de8d5c1669b6c448f84161e96546
41decf90911b3676791d2eb9b9fb935a29a7c640b59e93a531e112f913e35a8f
4a1590c291543ddeb6ff55813b9a8b27688801a2b62eb61a947d6eecd94079f8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552b187f7bd0faccd3c2e0bac09b64678ce9150a0d6c74ce9602fe79493f2a17
577aa93c8d81f32ecd019960156fd4efc9e6d42f04a728438b95f6fa1675d566
639e6ceb0f2415e87cb4550e531c120ba9a2dc4e8b1066fd4d14407d3306b20e
641dfe97557cbd3a23a246d70b3f617ca14b3fa96fd52122e43ed308bebadb15
662bddf4dcccf76fb7b3c33041ec795f10942b4efc3c8becd6e5337690736de2
66dded3c433b75b6c3674d3c96e060064d9f36e74da66c472d9d4dc9988e22ea
74f639073f2d7adea49f7d62534a1afda191f6808bf3e0100fb1102ae7b53bbc
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
996551f9625b6b3bc6d0391247bdc38ba266a4d4278ed3b8f4f3d6d262c96c48
9c38f69273b299cd156965166f5b5c3c77481e6c09f776dda664102b199c951b
ab0eadd2187a3324d45f182b8c6f27d207ff98bb63ce1a1bddccb9ed4b2044bb
bc15f3a7e1222beb28b0e1bfa2ad6dfe21c0a4490ad5f3aab93f9a8ad7be3afa
c83fed15ad4456ada4877abe241f1fa78d7766a52a5874502d49a3619cc27023
c957649ce8d2bf8bfd52563029a7cb21f19c135185c2103916f9bf8a9eeb734f
e8da59911bc073e8143f72b9f8b00b13876a70582c500442ebf7751b2e82ee3b
eac916a09d1e10cd6bb265a40b511f5cf34f72f4a71000a94c6bd3576c7aab78
ed311cd12eb0f850b425a41d19a65116f875c328e69d292d4ab2301559905289
edf29c08680f24e4caf662a7c1843ac0f5499fd289b6c7361f4678db8551857e
f36f24d3381ae9d399408d39476491055ea8d76a10ea648985b033faef0cefda