urlscan.io logo urlscan.io
SecurityTrails logo

personal.bgfbank.ru Open in urlscan Pro
5.252.32.26  Public Scan

Go To Rescan Add Verdict Report
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-b...
Submission: On June 24 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 5.252.32.26, located in Slovakia and belongs to STORMWALL-AS, SK. The main domain is personal.bgfbank.ru.
TLS certificate: Issued by R10 on June 18th 2024. Valid for: 3 months.
This is the only time personal.bgfbank.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 5.252.32.26 59796 (STORMWALL-AS)
3 7 2a02:6b8::1:119 13238 (YANDEX)
4 194.85.125.100 59957 (BILLING-C...)
28 4
Apex Domain
Subdomains		 Transfer
20 bgfbank.ru
personal.bgfbank.ru
287 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8749
4 KB
4 faktura.ru
static.faktura.ru
172 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3382
71 KB
28 4
Domain Requested by
20 personal.bgfbank.ru personal.bgfbank.ru
5 mc.yandex.com 2 redirects personal.bgfbank.ru
4 static.faktura.ru personal.bgfbank.ru
2 mc.yandex.ru 1 redirects personal.bgfbank.ru
28 4

This site contains links to these domains. Also see Links.

Domain
bgfbank.ru
Subject Issuer Validity Valid
personal.bgfbank.ru
R10		 2024-06-18 -
2024-09-16		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
*.faktura.ru
GlobalSign RSA OV SSL CA 2018		 2023-09-27 -
2024-10-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Frame ID: B6B5475EFF58EB12E4968364775505FC
Requests: 28 HTTP requests in this frame

Frame: data://truncated
Frame ID: 224A3A1E6BC57302C0E0A3E1EC1F81DE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

АО "Банк БЖФ"

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

28
Requests

93 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

531 kB
Transfer

1141 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10410.cQ_ZtaZ1DmFz7SjJLawJ8yfN2TP_ElecBYJcN28VHmebQGNEvCUFdhmn6oRd_UXs.LFuIjZGc7WHmMrmBgNcK4hrtB2s%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10410.dgeixXKtw57il1ix9YF2Wv76e-l8GWR-phLm5KSKePZC6VfMglvju3wrpEaLcW9qUr2ET8din4__y_izdWEm6W-GfD6AW9R-Vbxpx2DOrJleOWdXB4aUOZaopGcj-6rxQiE-nV6mYaB_obopRqRqHrAbPy-lvM7khmUSwj3ba8eoQV3RMnHqG6mgq2ojizyv99S2P4ls7CyJJeURJtXAWf70ERVDzwcH8t22OtCNhAk%2C.DvX0cB6L5Uk4lzRoEY3nqSEs8qE%2C
Request Chain 24
  • https://mc.yandex.com/watch/90849143?wmode=7&page-url=https%3A%2F%2Fpersonal.bgfbank.ru%2Fauth-cluster%2Frealms%2Fmdse_multi%2Fprotocol%2Fopenid-connect%2Fauth%3Fresponse_type%3Dcode%26client_id%3Dreact-balance-auth%26state%3De3bc604b-63fe-476b-b1bf-ea1e2f5b82bd%26login%3Dtrue%26scope%3Dopenid%26site%3Dbgf-bank%26redirect_uri%3Dhttps%253A%252F%252Fpersonal.bgfbank.ru%252FmobileService%252Fsso%252Flogin%253Fchannel%253Dweb%252Flite&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A1672783172318%3Ahid%3A420888790%3Az%3A120%3Ai%3A20240624125602%3Aet%3A1719226562%3Ac%3A1%3Arn%3A683440544%3Arqn%3A1%3Au%3A1719226562274956547%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C294%2C691%2C286%2C0%2C0%2C%2C622%2C0%2C%2C%2C%2C2508%3Aco%3A0%3Acpf%3A1%3Ans%3A1719226559312%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719226563%3At%3A%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B1%D0%B0%D0%BD%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/90849143/1?wmode=7&page-url=https%3A%2F%2Fpersonal.bgfbank.ru%2Fauth-cluster%2Frealms%2Fmdse_multi%2Fprotocol%2Fopenid-connect%2Fauth%3Fresponse_type%3Dcode%26client_id%3Dreact-balance-auth%26state%3De3bc604b-63fe-476b-b1bf-ea1e2f5b82bd%26login%3Dtrue%26scope%3Dopenid%26site%3Dbgf-bank%26redirect_uri%3Dhttps%253A%252F%252Fpersonal.bgfbank.ru%252FmobileService%252Fsso%252Flogin%253Fchannel%253Dweb%252Flite&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A1672783172318%3Ahid%3A420888790%3Az%3A120%3Ai%3A20240624125602%3Aet%3A1719226562%3Ac%3A1%3Arn%3A683440544%3Arqn%3A1%3Au%3A1719226562274956547%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C294%2C691%2C286%2C0%2C0%2C%2C622%2C0%2C%2C%2C%2C2508%3Aco%3A0%3Acpf%3A1%3Ans%3A1719226559312%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719226563%3At%3A%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B1%D0%B0%D0%BD%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/ 		415 KB
127 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
59c2fc32e450ff4af06d5231691a24ccb5f11ae6433aebea47278eaea66d5311
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, must-revalidate, max-age=0
content-encoding
gzip
content-language
ru
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Mon, 24 Jun 2024 10:56:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
none
x-xss-protection
1; mode=block
login.css
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/login.css?9c8f3842-6481-434c-8420-58412842ca52
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
dd29efa1fcc10137451e540923cf57c58c23b3c8541cba5d65e602792e7131f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
msie.css
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/ 		1 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/msie.css
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
ef68ccd1be0bda4be75603c17e0d196d46f9d2d067c7ef91bed342b8630b2d2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
qrcode.min.js
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/qrcode.min.js
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
6afbe1ebc2ba9b4bb0833f9f55c4eb80edb582903ea9611a9be49633a7aa3b09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
functions.js
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/functions.js?9c8f3842-6481-434c-8420-58412842ca52
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
d2fcb438d324b9e0a942305c181ca5d6fc0485e6c7a2f0cab571f49f7d7b5316
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
mask.min.js
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/mask.min.js
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
c9c229bcf563fcf0dd0be23f73d8f9af771b6f3a0c50801654dd2ca16007cb27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
fonts.css
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/login.css?9c8f3842-6481-434c-8420-58412842ca52
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
3f6162d9828e9550435fce1f42dc3aef7019e000be642d55308445ca64dccb28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/login.css?9c8f3842-6481-434c-8420-58412842ca52
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
variables.css
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/ 		738 B
558 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/variables.css
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/login.css?9c8f3842-6481-434c-8420-58412842ca52
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
54a1b017721500467dfa32add02ff92a482165c219665d0f44f1819e5326589e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/login.css?9c8f3842-6481-434c-8420-58412842ca52
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
common.css
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/ 		1 KB
730 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/common.css
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/login.css?9c8f3842-6481-434c-8420-58412842ca52
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
f3ce1b30616b5864fad42ff4791924a4d30d06fd89503cd99702240259f08a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/login.css?9c8f3842-6481-434c-8420-58412842ca52
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
text/css;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
tag.js
mc.yandex.ru/metrika/ 		201 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
78ed30ffd8883c55678252b0d846ea07a2b22e00721227dd8b5f72bbc48e9045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Mon, 17 Jun 2024 09:09:08 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"666ffd34-11486"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70790
expires
Mon, 24 Jun 2024 11:56:02 GMT
fingerprint.js
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/ 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/fingerprint.js
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
3b78b822b99c09f25ccbd29db3301a6f06a853a2a5a0f0bffecd2154b7a56d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Origin
https://personal.bgfbank.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
cache-control
max-age=2592000
x-xss-protection
1; mode=block
sprite.svg
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/img/ 		24 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/img/sprite.svg
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
757f5363b6cb00ebe15114a99e73c85e6966ab0443f5e3289746bf0eb7057036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-type
image/svg+xml
cache-control
max-age=2592000
x-xss-protection
1; mode=block
getRegistrationSettings
personal.bgfbank.ru/mobileService/3.0/json/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/mobileService/3.0/json/getRegistrationSettings
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/functions.js?9c8f3842-6481-434c-8420-58412842ca52
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
542190a456c9f30bcb563f4c9e553d6d873c5f373d97e9425e009940784bf991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
publicBankInfoForWeb
personal.bgfbank.ru/mobileService/3.0/json/ 		675 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/mobileService/3.0/json/publicBankInfoForWeb
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/functions.js?9c8f3842-6481-434c-8420-58412842ca52
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
e12a06135d0097f9d32d93418db9bbbd68bf61fe29e45c9f5fa1d59a0028ce48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
mem8YaGs126MiZpBA-UFVZ0b.woff2
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Origin
https://personal.bgfbank.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
content-type
application/octet-stream
cache-control
max-age=2592000
content-length
14380
x-xss-protection
1; mode=block
mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Origin
https://personal.bgfbank.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
content-type
application/octet-stream
cache-control
max-age=2592000
content-length
9604
x-xss-protection
1; mode=block
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Origin
https://personal.bgfbank.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
content-type
application/octet-stream
cache-control
max-age=2592000
content-length
14880
x-xss-protection
1; mode=block
mem8YaGs126MiZpBA-UFUZ0bbck.woff2
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/mem8YaGs126MiZpBA-UFUZ0bbck.woff2
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Origin
https://personal.bgfbank.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
content-type
application/octet-stream
cache-control
max-age=2592000
content-length
9400
x-xss-protection
1; mode=block
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10410.cQ_ZtaZ1DmFz7SjJLawJ8yfN2TP_ElecBYJcN28VHmebQGNEvCUFdhmn6oRd_UXs.LFuIjZGc7WHmMrmBgNcK4hrtB2s%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10410.dgeixXKtw57il1ix9YF2Wv76e-l8GWR-phLm5KSKePZC6VfMglvju3wrpEaLcW9qUr2ET8din4__y_izdWEm6W-GfD6AW9R-Vbxpx2DOrJleOWdXB4aUOZaopGcj-6rxQiE-nV6mYa...
43 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10410.dgeixXKtw57il1ix9YF2Wv76e-l8GWR-phLm5KSKePZC6VfMglvju3wrpEaLcW9qUr2ET8din4__y_izdWEm6W-GfD6AW9R-Vbxpx2DOrJleOWdXB4aUOZaopGcj-6rxQiE-nV6mYaB_obopRqRqHrAbPy-lvM7khmUSwj3ba8eoQV3RMnHqG6mgq2ojizyv99S2P4ls7CyJJeURJtXAWf70ERVDzwcH8t22OtCNhAk%2C.DvX0cB6L5Uk4lzRoEY3nqSEs8qE%2C
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://personal.bgfbank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10410.dgeixXKtw57il1ix9YF2Wv76e-l8GWR-phLm5KSKePZC6VfMglvju3wrpEaLcW9qUr2ET8din4__y_izdWEm6W-GfD6AW9R-Vbxpx2DOrJleOWdXB4aUOZaopGcj-6rxQiE-nV6mYaB_obopRqRqHrAbPy-lvM7khmUSwj3ba8eoQV3RMnHqG6mgq2ojizyv99S2P4ls7CyJJeURJtXAWf70ERVDzwcH8t22OtCNhAk%2C.DvX0cB6L5Uk4lzRoEY3nqSEs8qE%2C
date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 17 Jun 2024 09:09:08 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"666ffd34-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 24 Jun 2024 11:56:02 GMT
courses
personal.bgfbank.ru/mobileService/3.0/json/ 		781 B
630 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/mobileService/3.0/json/courses
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/functions.js?9c8f3842-6481-434c-8420-58412842ca52
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
8300233eb1ca9f0bd481c059e61558162a641fad5271d7d6fd173c1f30a8614b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-xss-protection
1; mode=block
expires
0
skin.json
static.faktura.ru/cdn/img/web/1.0/banner/0/ 		889 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static.faktura.ru/cdn/img/web/1.0/banner/0/skin.json
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/js/functions.js?9c8f3842-6481-434c-8420-58412842ca52
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.85.125.100 , Russian Federation, ASN59957 (BILLING-CENTER-AS, RU),
Reverse DNS
static.faktura.ru
Software
nginx /
Resource Hash
131b9904637727297d87b81c560eeb962905ed423e94f3b2e630537da5b6cb28

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 10:56:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Apr 2024 03:22:58 GMT
Server
nginx
ETag
W/"66287b12-379"
Transfer-Encoding
chunked
Access-Control-Max-Age
1728000
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
logo.svg
static.faktura.ru/cdn/img/web/1.0/logo/bgf-bank/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.faktura.ru/cdn/img/web/1.0/logo/bgf-bank/logo.svg
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.85.125.100 , Russian Federation, ASN59957 (BILLING-CENTER-AS, RU),
Reverse DNS
static.faktura.ru
Software
nginx /
Resource Hash
3671a51a8b0f8bdb95a28329abda73faa6b97d124191c6f2462147b6ad15fa49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 10:56:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Apr 2022 02:39:39 GMT
Server
nginx
ETag
W/"6262156b-d75"
Transfer-Encoding
chunked
Access-Control-Max-Age
1728000
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
truncated
/ Frame 224A 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 224A 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
1
mc.yandex.com/watch/90849143/
Redirect Chain
  • https://mc.yandex.com/watch/90849143?wmode=7&page-url=https%3A%2F%2Fpersonal.bgfbank.ru%2Fauth-cluster%2Frealms%2Fmdse_multi%2Fprotocol%2Fopenid-connect%2Fauth%3Fresponse_type%3Dcode%26client_id%3D...
  • https://mc.yandex.com/watch/90849143/1?wmode=7&page-url=https%3A%2F%2Fpersonal.bgfbank.ru%2Fauth-cluster%2Frealms%2Fmdse_multi%2Fprotocol%2Fopenid-connect%2Fauth%3Fresponse_type%3Dcode%26client_id%...
447 B
539 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/90849143/1?wmode=7&page-url=https%3A%2F%2Fpersonal.bgfbank.ru%2Fauth-cluster%2Frealms%2Fmdse_multi%2Fprotocol%2Fopenid-connect%2Fauth%3Fresponse_type%3Dcode%26client_id%3Dreact-balance-auth%26state%3De3bc604b-63fe-476b-b1bf-ea1e2f5b82bd%26login%3Dtrue%26scope%3Dopenid%26site%3Dbgf-bank%26redirect_uri%3Dhttps%253A%252F%252Fpersonal.bgfbank.ru%252FmobileService%252Fsso%252Flogin%253Fchannel%253Dweb%252Flite&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A1672783172318%3Ahid%3A420888790%3Az%3A120%3Ai%3A20240624125602%3Aet%3A1719226562%3Ac%3A1%3Arn%3A683440544%3Arqn%3A1%3Au%3A1719226562274956547%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C294%2C691%2C286%2C0%2C0%2C%2C622%2C0%2C%2C%2C%2C2508%3Aco%3A0%3Acpf%3A1%3Ans%3A1719226559312%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719226563%3At%3A%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B1%D0%B0%D0%BD%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f00deb6947689157c90105dd853a4bd70ed91365aa311891ccd850f3b62aff48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://personal.bgfbank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 24-Jun-2024 10:56:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://personal.bgfbank.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Mon, 24-Jun-2024 10:56:02 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 24-Jun-2024 10:56:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/90849143/1?wmode=7&page-url=https%3A%2F%2Fpersonal.bgfbank.ru%2Fauth-cluster%2Frealms%2Fmdse_multi%2Fprotocol%2Fopenid-connect%2Fauth%3Fresponse_type%3Dcode%26client_id%3Dreact-balance-auth%26state%3De3bc604b-63fe-476b-b1bf-ea1e2f5b82bd%26login%3Dtrue%26scope%3Dopenid%26site%3Dbgf-bank%26redirect_uri%3Dhttps%253A%252F%252Fpersonal.bgfbank.ru%252FmobileService%252Fsso%252Flogin%253Fchannel%253Dweb%252Flite&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.114%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.114%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.114%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A2zmls2rp8z74v4amwvwsqnn6xn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1370%3Acn%3A1%3Adp%3A0%3Als%3A1672783172318%3Ahid%3A420888790%3Az%3A120%3Ai%3A20240624125602%3Aet%3A1719226562%3Ac%3A1%3Arn%3A683440544%3Arqn%3A1%3Au%3A1719226562274956547%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C294%2C691%2C286%2C0%2C0%2C%2C622%2C0%2C%2C%2C%2C2508%3Aco%3A0%3Acpf%3A1%3Ans%3A1719226559312%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1719226563%3At%3A%D0%92%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B1%D0%B0%D0%BD%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin
https://personal.bgfbank.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 24-Jun-2024 10:56:02 GMT
2.jpg
static.faktura.ru/cdn/img/web/1.0/banner/0/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.faktura.ru/cdn/img/web/1.0/banner/0/2.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.85.125.100 , Russian Federation, ASN59957 (BILLING-CENTER-AS, RU),
Reverse DNS
static.faktura.ru
Software
nginx /
Resource Hash
2f6d88e296c931cc660cd0d17983f6b655e7103cf473e68e832fbcb147101893

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 10:56:02 GMT
Last-Modified
Fri, 22 Apr 2022 02:37:33 GMT
Server
nginx
ETag
"626214ed-299e8"
Access-Control-Max-Age
1728000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
170472
mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Origin
https://personal.bgfbank.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
content-type
application/octet-stream
cache-control
max-age=2592000
content-length
9560
x-xss-protection
1; mode=block
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: personal.bgfbank.ru
URL: https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.32.26 , Slovakia, ASN59796 (STORMWALL-AS, SK),
Reverse DNS
Software
nginx /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/auth-cluster/resources/xi2i5/login/balance/static/fonts.css
Origin
https://personal.bgfbank.ru
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:56:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
content-type
application/octet-stream
cache-control
max-age=2592000
content-length
15056
x-xss-protection
1; mode=block
favicon.ico
static.faktura.ru/cdn/img/web/1.0/favicon/bgf-bank/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.faktura.ru/cdn/img/web/1.0/favicon/bgf-bank/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.85.125.100 , Russian Federation, ASN59957 (BILLING-CENTER-AS, RU),
Reverse DNS
static.faktura.ru
Software
nginx /
Resource Hash
2a372b45e0ec4d006e2f04ae331b79c2141ba282596be75b240c73fffb9838be

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://personal.bgfbank.ru/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 10:56:02 GMT
Last-Modified
Fri, 22 Apr 2022 02:39:16 GMT
Server
nginx
ETag
"62621554-47e"
Access-Control-Max-Age
1728000
Content-Type
image/x-icon
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
1150

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| QR8bitByte function| QRCodeModel object| QRMode object| QRErrorCorrectLevel object| QRMaskPattern object| QRUtil object| QRMath function| QRPolynomial function| QRRSBlock function| QRBitBuffer object| QRCodeLimitLength function| QRCode function| initLoginFn function| handleLanguage function| helloMe function| maskInput function| initFields function| initLoginValidatorsFields function| handleMdseInfo function| getRegistrationSettings function| publicBankInfoForWeb function| setSkinInfo function| getDefaultBanners function| setBankLogo function| setMetaInfo function| setSplashScreen function| setCoursesData function| checkBanner function| setCustomStyle function| setBankLinks function| createBankLink function| setBankProducts function| setBankFrames function| handleAccordionToggle function| setMobileApps function| setSocial function| viewDialog function| hideFrame function| checkResolutions function| initSlider function| roundDecimals function| coursesTable function| dataTest function| changeSaved function| scrollPage function| selectTab function| handleQrDialog function| hideQrDialog function| sendRegister function| showInputError function| removeError function| showSecurity function| hideSecurity function| handleCheck function| handleInput function| handleStorage function| validateAgreement function| togglePassword function| handleOtpInput function| showDialog function| hideDialog function| handleSdm function| setFsitecode function| checkPswFocus function| checkPswBlur function| checkCyrillic function| checkPasSync function| checkPswRules function| checkPswButton function| metrica function| sendMetricaOnBlur function| checkBookmarks function| hideBookmarks function| getPasswordPolicy function| handleFaceid function| closeFaceid function| IMask function| ym object| Ya object| yaCounter90849143

26 Cookies

Domain/Path Name / Value
personal.bgfbank.ru/auth-cluster/realms/mdse_multi/ Name: AUTH_SESSION_ID
Value: 962edd24-3d1e-4a13-a9ec-263b734b3dcc.fdmz01.f.ftc.ru:node1_fiz
personal.bgfbank.ru/auth-cluster/realms/mdse_multi/ Name: AUTH_SESSION_ID_LEGACY
Value: 962edd24-3d1e-4a13-a9ec-263b734b3dcc.fdmz01.f.ftc.ru:node1_fiz
personal.bgfbank.ru/auth-cluster/realms/mdse_multi/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJmN2UyNjNhMi1jZTdlLTQxNGEtOWM1Yi1mMjZiZjAxODVkYzUifQ.eyJjaWQiOiJyZWFjdC1iYWxhbmNlLWF1dGgiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL3BlcnNvbmFsLmJnZmJhbmsucnUvbW9iaWxlU2VydmljZS9zc28vbG9naW4_Y2hhbm5lbD13ZWIvbGl0ZSIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7ImNsaWVudF9yZXF1ZXN0X3BhcmFtX3NpdGUiOiJiZ2YtYmFuayIsInNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9wZXJzb25hbC5iZ2ZiYW5rLnJ1L2F1dGgtY2x1c3Rlci9yZWFsbXMvbWRzZV9tdWx0aSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9wZXJzb25hbC5iZ2ZiYW5rLnJ1L21vYmlsZVNlcnZpY2Uvc3NvL2xvZ2luP2NoYW5uZWw9d2ViL2xpdGUiLCJzdGF0ZSI6ImUzYmM2MDRiLTYzZmUtNDc2Yi1iMWJmLWVhMWUyZjViODJiZCIsImNsaWVudF9yZXF1ZXN0X3BhcmFtX2xvZ2luIjoidHJ1ZSJ9fQ.Ep1-qKMYn779Rt-iGYG-cx7Su1iW8NjSOUWy7zWR2LA
personal.bgfbank.ru/mobileService Name: JSESSIONID
Value: 68D5450F637EED62161AC7F990C3E4B8.fdmz02_reactws_2
.yandex.ru/ Name: i
Value: /uoxvNCUMjUiULJkf6fQcoKz7EQ4f8Iy8en5ptg8QkkRiLRsbDBcdHBjas8wXb1N/CDA5J1knGYNPPmmeYICpetrj7E=
.yandex.ru/ Name: yandexuid
Value: 655846991719226561
.yandex.ru/ Name: yashr
Value: 7214223741719226561
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.bgfbank.ru/ Name: _ym_uid
Value: 1719226562274956547
.bgfbank.ru/ Name: _ym_d
Value: 1719226562
personal.bgfbank.ru/ Name: SRWSID
Value: fdmz02_reactws_2|ZnlQx
personal.bgfbank.ru/ Name: session-cookie
Value: 17dbeb730c37e967c5572305beb261f547b8e6ae6272e8e744e437081ea415a29a097f3f4c91c01dcfd437e2eb34394a
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1844424218fake
mc.yandex.com/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.yandex.com/ Name: yashr
Value: 7028141291719226562
.bgfbank.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1198812830fake
.yandex.com/ Name: yandexuid
Value: 655846991719226561
.yandex.com/ Name: yuidss
Value: 655846991719226561
.yandex.com/ Name: i
Value: /uoxvNCUMjUiULJkf6fQcoKz7EQ4f8Iy8en5ptg8QkkRiLRsbDBcdHBjas8wXb1N/CDA5J1knGYNPPmmeYICpetrj7E=
.yandex.com/ Name: yp
Value: 1719312962.yu.8599537691719226562
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 683169841719226562
.yandex.com/ Name: ymex
Value: 1721818562.oyu.8599537691719226562#1750762562.yrts.1719226562
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI2IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI2IhoFIng4NiIiECIxMjYuMC42NDc4LjExNCIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIk5vdC9BKUJyYW5kIjt2PSI4LjAuMC4wIiwiQ2hyb21pdW0iO3Y9IjEyNi4wLjY0NzguMTE0IiwiR29vZ2xlIENocm9tZSI7dj0iMTI2LjAuNjQ3OC4xMTQiIg==

7 Console Messages

Source Level URL
Text
recommendation warning URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Message:
[DOM] Found 2 elements with non-unique id #id-hidden-input: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Message:
[DOM] Found 2 elements with non-unique id #kc-form-login: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Message:
[DOM] Found 2 elements with non-unique id #kc-login: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Message:
[DOM] Found 2 elements with non-unique id #password: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Message:
[DOM] Found 2 elements with non-unique id #rememberMe: (More info: https://goo.gl/9p2vKq) %o %o
recommendation warning URL: https://personal.bgfbank.ru/auth-cluster/realms/mdse_multi/protocol/openid-connect/auth?response_type=code&client_id=react-balance-auth&state=e3bc604b-63fe-476b-b1bf-ea1e2f5b82bd&login=true&scope=openid&site=bgf-bank&redirect_uri=https%3A%2F%2Fpersonal.bgfbank.ru%2FmobileService%2Fsso%2Flogin%3Fchannel%3Dweb%2Flite
Message:
[DOM] Found 2 elements with non-unique id #username: (More info: https://goo.gl/9p2vKq) %o %o
security error URL: https://mc.yandex.ru/
Message:
Refused to frame 'https://mc.yandex.com/' because it violates the following Content Security Policy directive: "frame-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mc.yandex.com
mc.yandex.ru
personal.bgfbank.ru
static.faktura.ru
194.85.125.100
2a02:6b8::1:119
5.252.32.26
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
131b9904637727297d87b81c560eeb962905ed423e94f3b2e630537da5b6cb28
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
2a372b45e0ec4d006e2f04ae331b79c2141ba282596be75b240c73fffb9838be
2f6d88e296c931cc660cd0d17983f6b655e7103cf473e68e832fbcb147101893
3671a51a8b0f8bdb95a28329abda73faa6b97d124191c6f2462147b6ad15fa49
3b78b822b99c09f25ccbd29db3301a6f06a853a2a5a0f0bffecd2154b7a56d2f
3f6162d9828e9550435fce1f42dc3aef7019e000be642d55308445ca64dccb28
460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265
542190a456c9f30bcb563f4c9e553d6d873c5f373d97e9425e009940784bf991
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1b017721500467dfa32add02ff92a482165c219665d0f44f1819e5326589e
59c2fc32e450ff4af06d5231691a24ccb5f11ae6433aebea47278eaea66d5311
6afbe1ebc2ba9b4bb0833f9f55c4eb80edb582903ea9611a9be49633a7aa3b09
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
757f5363b6cb00ebe15114a99e73c85e6966ab0443f5e3289746bf0eb7057036
78ed30ffd8883c55678252b0d846ea07a2b22e00721227dd8b5f72bbc48e9045
7909c732c29e37db8eb4a96106deb97541b86d4d1ad4b0b96c4e6729b1c3d666
8300233eb1ca9f0bd481c059e61558162a641fad5271d7d6fd173c1f30a8614b
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
c9c229bcf563fcf0dd0be23f73d8f9af771b6f3a0c50801654dd2ca16007cb27
d2fcb438d324b9e0a942305c181ca5d6fc0485e6c7a2f0cab571f49f7d7b5316
dd29efa1fcc10137451e540923cf57c58c23b3c8541cba5d65e602792e7131f4
e12a06135d0097f9d32d93418db9bbbd68bf61fe29e45c9f5fa1d59a0028ce48
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
ef68ccd1be0bda4be75603c17e0d196d46f9d2d067c7ef91bed342b8630b2d2c
f00deb6947689157c90105dd853a4bd70ed91365aa311891ccd850f3b62aff48
f3ce1b30616b5864fad42ff4791924a4d30d06fd89503cd99702240259f08a46