urlscan.io logo urlscan.io
SecurityTrails logo

bankffin.kz Open in urlscan Pro
185.146.3.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bankffinkz.ru/
Effective URL: https://bankffin.kz/
Submission: On April 29 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 65 HTTP transactions. The main IP is 185.146.3.56, located in Kazakhstan and belongs to PSKZ-ALA, KZ. The main domain is bankffin.kz.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 13th 2023. Valid for: a year.
This is the only time bankffin.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
bankffinkz.ru
36    185.146.3.56 (Kazakhstan)

ASN48716 (PSKZ-ALA, KZ)
bankffin.kz
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    91.213.247.242 (Almaty, Kazakhstan)

ASN209120 (BANKKASSANOVA-AS, KZ)
cc.bankffin.kz
6    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
6    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
38 bankffin.kz
bankffin.kz
cc.bankffin.kz
10 MB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
547 B
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
282 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2437
75 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
2 google.nl
www.google.nl — Cisco Umbrella Rank: 6376
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 16
562 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
105 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
1 KB
1 bankffinkz.ru
bankffinkz.ru
460 B
65 11
Domain Requested by
36 bankffin.kz bankffin.kz
6 www.facebook.com 1 redirects bankffin.kz
6 connect.facebook.net bankffin.kz
connect.facebook.net
4 mc.yandex.ru 1 redirects bankffin.kz
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.nl bankffin.kz
2 www.google.com bankffin.kz
2 cc.bankffin.kz bankffin.kz
2 www.googletagmanager.com bankffin.kz
1 fonts.googleapis.com cc.bankffin.kz
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 bankffinkz.ru 1 redirects
65 13
Subject Issuer Validity Valid
*.bankffin.kz
GeoTrust RSA CA 2018		 2023-01-13 -
2024-02-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-05 -
2023-05-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bankffin.kz/
Frame ID: 54F0B69B7CFF072D16072C4E5CE9634D
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Главная | Freedom Bank

Page URL History Show full URLs

  1. https://bankffinkz.ru/ HTTP 301
    https://bankffin.kz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

65
Requests

97 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

10427 kB
Transfer

12622 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bankffinkz.ru/ HTTP 301
    https://bankffin.kz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://www.facebook.com/tr/?id=404786705045166&ev=PageView&dl=https%3A%2F%2Fbankffin.kz%2F&rl=&if=false&ts=1682739473965&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682739473828.1079586452&it=1682739473702&coo=false&rqm=GET HTTP 302
  • https://www.facebook.com/tr/?coo=false&cs_est=true&dl=https%3A%2F%2Fbankffin.kz%2F&ec=0&ev=PageView&fbp=fb.1.1682739473828.1079586452&id=404786705045166&if=false&it=1682739473702&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1682739473965&v=2.9.102
Request Chain 60
  • https://mc.yandex.ru/watch/84357130?wmode=7&page-url=https%3A%2F%2Fbankffin.kz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A1749%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A1285041852833%3Ahid%3A296046570%3Az%3A0%3Ai%3A20230429033754%3Aet%3A1682739474%3Ac%3A1%3Arn%3A501292921%3Arqn%3A1%3Au%3A1682739474954312372%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A201%2C247%2C336%2C1%2C126%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1682739471818%3Arqnl%3A1%3Ast%3A1682739474%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/84357130/1?wmode=7&page-url=https%3A%2F%2Fbankffin.kz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A1749%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A1285041852833%3Ahid%3A296046570%3Az%3A0%3Ai%3A20230429033754%3Aet%3A1682739474%3Ac%3A1%3Arn%3A501292921%3Arqn%3A1%3Au%3A1682739474954312372%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A201%2C247%2C336%2C1%2C126%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1682739471818%3Arqnl%3A1%3Ast%3A1682739474%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bankffin.kz/
Redirect Chain
  • https://bankffinkz.ru/
  • https://bankffin.kz/
71 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
0383b15372b2938173fde471e3213b438433ccc0f885e0d1c66c69081d572f84
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Apr 2023 03:39:52 GMT
Referrer-Policy
strict-origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
expires
-1
pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-ray
7bf482439d3cb6fa-AMS
date
Sat, 29 Apr 2023 03:37:51 GMT
expires
Sat, 29 Apr 2023 04:37:51 GMT
location
https://bankffin.kz/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xp2A7XhdfkbrT6tYYrypDgZse59YZPVlkjFurDi2f%2FEtu3cl903AGeamTXR0WLC6AmB5YiA2zuqjFUGf1ISyn749y6l6TkHR8CtiHVwKIGkGkqLc8bEyp%2BlhiWtGOkU%2B9DZd71PflctCi6h4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
app.css
bankffin.kz/css/ 		294 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bankffin.kz/css/app.css?id=cb85afb58aacdd30e4bf
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
9a0bbafd4ab178ed097a56331332f06606e813788aee7e82c9d1d246048e8de3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Wed, 19 Apr 2023 06:24:20 GMT
Server
nginx
Content-Encoding
gzip
ETag
W/"643f8914-49742"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Expires
Mon, 29 May 2023 03:39:53 GMT
newFixes.css
bankffin.kz/css/ 		511 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bankffin.kz/css/newFixes.css
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
39a7d3969ad53c5b0d40eb12781aba6d04a6b0b1a2f7ee1aea3cb7c98f77eaf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Tue, 04 May 2021 10:45:24 GMT
Server
nginx
ETag
"609125c4-1ff"
Content-Type
text/css
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
511
Expires
Mon, 29 May 2023 03:39:53 GMT
manifest.js
bankffin.kz/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankffin.kz/js/manifest.js
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
42d4669cebd905d95a87836f137b77c34db8030f05353eaac705c925106d092f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 13 Aug 2021 03:52:17 GMT
Server
nginx
Content-Encoding
gzip
ETag
W/"6115ec71-187d"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Expires
Mon, 29 May 2023 03:39:53 GMT
vendor.js
bankffin.kz/js/ 		736 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankffin.kz/js/vendor.js
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
541f9f6e3af64157336e90f5335fbbee84c35b84d2280a3b3a28ad0c02ac78ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 13 Aug 2021 03:52:17 GMT
Server
nginx
Content-Encoding
gzip
ETag
W/"6115ec71-b7ef4"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Expires
Mon, 29 May 2023 03:39:53 GMT
app.js
bankffin.kz/js/ 		382 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bankffin.kz/js/app.js
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
ddd99dd53c947c13200c78d5d81ffabebd221721cf082d0a314b9760222476be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Wed, 26 Apr 2023 08:41:46 GMT
Server
nginx
Content-Encoding
gzip
ETag
W/"6448e3ca-5f941"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Expires
Mon, 29 May 2023 03:39:53 GMT
arrow.svg
bankffin.kz/assets/img/ 		313 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/arrow.svg
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
e79c16a7daac0c3f9abec4517f6c8951cbe8474e9a9f034dcd212780c6f0696c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 17 Jun 2022 05:04:00 GMT
Server
nginx
ETag
"62ac0b40-139"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
313
Expires
Mon, 29 May 2023 03:39:53 GMT
banner-ru-179-1681115426.png
bankffin.kz/images/banners/179/ 		759 KB
759 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/179/banner-ru-179-1681115426.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
6a8d2a26313435101b168471f9b135ce8a68c1f6d876c09baecdaeec90b05d21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 10 Apr 2023 08:30:26 GMT
Server
nginx
ETag
"6433c922-bdb52"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
777042
Expires
Mon, 29 May 2023 03:39:53 GMT
banner-ru-176-1677055797.png
bankffin.kz/images/banners/176/ 		357 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/176/banner-ru-176-1677055797.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
a1d865c2b98fe2a778a3eeb8a9fda67b7a35ecda9a73088ab128226cc66ff446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Wed, 22 Feb 2023 08:49:57 GMT
Server
nginx
ETag
"63f5d735-5946c"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
365676
Expires
Mon, 29 May 2023 03:39:53 GMT
banner-ru-175-1671102949.png
bankffin.kz/images/banners/175/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/175/banner-ru-175-1671102949.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
8743ac2b13ef700b9aac309c7b0f3bca330de2867623f6273a71c7d11d643f03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 15 Dec 2022 11:15:49 GMT
Server
nginx
ETag
"639b01e5-12e350"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1237840
Expires
Mon, 29 May 2023 03:39:53 GMT
banner-ru-174-1671102988.png
bankffin.kz/images/banners/174/ 		467 KB
468 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/174/banner-ru-174-1671102988.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
8ac908eace31b2ac1ade920ea728ab538c82fc708300b45736fc7275876f323c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 15 Dec 2022 11:16:28 GMT
Server
nginx
ETag
"639b020c-74cf0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
478448
Expires
Mon, 29 May 2023 03:39:53 GMT
banner-ru-173-1671103041.png
bankffin.kz/images/banners/173/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/173/banner-ru-173-1671103041.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
cd38a09a88bedb63117e81e35aca8135ffce514955b461d669a529781c1f2b43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 15 Dec 2022 11:17:21 GMT
Server
nginx
ETag
"639b0241-1612a9"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1446569
Expires
Mon, 29 May 2023 03:39:54 GMT
banner-mobile-ru-1681115426.png
bankffin.kz/images/banners/ 		399 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/banner-mobile-ru-1681115426.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
3e2af735ed2b0104cd1886729116e41e6d8df9e502bc819193659197b3e2b1b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 10 Apr 2023 08:30:26 GMT
Server
nginx
ETag
"6433c922-63d98"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
408984
Expires
Mon, 29 May 2023 03:39:54 GMT
banner-mobile-ru-1671102910.jpg
bankffin.kz/images/banners/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/banner-mobile-ru-1671102910.jpg
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
228207fb81eb53cd46ee6ba0cb925750acbfc536aa79a11a79ecffd451437d0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 15 Dec 2022 11:15:10 GMT
Server
nginx
ETag
"639b01be-314ec"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
201964
Expires
Mon, 29 May 2023 03:39:54 GMT
banner-mobile-ru-1671102949.png
bankffin.kz/images/banners/ 		692 KB
693 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/banner-mobile-ru-1671102949.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
6514778b6c0117084ae5b571d716ddf72dc8743129399305ad4ddbed45aabf1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 15 Dec 2022 11:15:49 GMT
Server
nginx
ETag
"639b01e5-ad032"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
708658
Expires
Mon, 29 May 2023 03:39:54 GMT
banner-mobile-ru-1671102988.png
bankffin.kz/images/banners/ 		502 KB
502 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/banner-mobile-ru-1671102988.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
747a05204360d96c9b5f8f80a7d73c81f457f6cedf0a5c11a5d24eb37c958e1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 15 Dec 2022 11:16:28 GMT
Server
nginx
ETag
"639b020c-7d6eb"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
513771
Expires
Mon, 29 May 2023 03:39:54 GMT
banner-mobile-ru-1671103041.png
bankffin.kz/images/banners/ 		726 KB
727 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/images/banners/banner-mobile-ru-1671103041.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
a66f44f1683dc2afcdafbb6cb707e5fea967b2edd1ccf7e8c0bb94bcd5fecab0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Thu, 15 Dec 2022 11:17:21 GMT
Server
nginx
ETag
"639b0241-b5906"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
743686
Expires
Mon, 29 May 2023 03:39:55 GMT
freedom.png
bankffin.kz/assets/img/main/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/main/freedom.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
13bab1ea07745bf0ec7d6e9cd4684ae12b55a8544375249498fd5994769a19a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Mon, 13 Jun 2022 10:40:16 GMT
Server
nginx
ETag
"62a71410-46c"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1132
Expires
Mon, 29 May 2023 03:39:54 GMT
kdif.png
bankffin.kz/assets/img/main/ 		927 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/main/kdif.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
43237487fe3e178410e2489649399d1cb61dc2c4ae6b2bf9dcf75a14a4175392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-39f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
927
Expires
Mon, 29 May 2023 03:39:54 GMT
kase.png
bankffin.kz/assets/img/main/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/main/kase.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
8f0c2a5cde5862b050454145223bbc6ab0238990746a537bfcb024404112243a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-5d8"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1496
Expires
Mon, 29 May 2023 03:39:54 GMT
ffin-kaz.png
bankffin.kz/assets/img/main/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/main/ffin-kaz.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
c7795ed433a3358034b948c53d3352219615cfab79bfac341b0ab3f26b5b0e2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-1ce7"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7399
Expires
Mon, 29 May 2023 03:39:54 GMT
swift.png
bankffin.kz/assets/img/main/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/main/swift.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
4a80e9b5b03fd38a739b9beb655cecd1343c4242daef991939f9ea2a12730fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-13e1"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5089
Expires
Mon, 29 May 2023 03:39:54 GMT
visa.png
bankffin.kz/assets/img/main/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/main/visa.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
641f52a349224c44afc3ae747c4fdb5415ede096f0269776af282bd098ab8dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-7c6"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1990
Expires
Mon, 29 May 2023 03:39:54 GMT
damu.png
bankffin.kz/assets/img/main/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/main/damu.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
6e5e5edc1b02ca584a1c5aad8e9fc57359baf6bfbf2e9d79bb73754f76526dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-1237"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4663
Expires
Mon, 29 May 2023 03:39:54 GMT
unistream.png
bankffin.kz/assets/img/main/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/main/unistream.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
9e903979814958c9c8c008be8da0d522affc9b94fd2941e77b8686f7cbe9d8ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-f7c"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3964
Expires
Mon, 29 May 2023 03:39:54 GMT
security.png
bankffin.kz/assets/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/security.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
d8ffd0e7b74a1287b39a5b2f0fd127ff451940144f3129806cad963af48cc816
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 17 Jun 2022 05:04:00 GMT
Server
nginx
ETag
"62ac0b40-238d"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9101
Expires
Mon, 29 May 2023 03:39:54 GMT
calendar.png
bankffin.kz/assets/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/calendar.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
85cd2fc32c2882dfe7479a224e68757139f736880be70b85784414ec9bf1fc7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 17 Jun 2022 05:04:00 GMT
Server
nginx
ETag
"62ac0b40-1eeb"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7915
Expires
Mon, 29 May 2023 03:39:54 GMT
investments.png
bankffin.kz/assets/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/investments.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
2ef83941590f3b2cc3fcdf07199cad046ac1a0d6c515dbe0973db5b87d72bd0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 17 Jun 2022 05:04:00 GMT
Server
nginx
ETag
"62ac0b40-2186"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8582
Expires
Mon, 29 May 2023 03:39:54 GMT
car.png
bankffin.kz/assets/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/car.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
a1784c068f4594f175e74cdfc34a54801262fc3c938894ed6d27556dbbae0da9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 17 Jun 2022 05:04:00 GMT
Server
nginx
ETag
"62ac0b40-1a7e"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6782
Expires
Mon, 29 May 2023 03:39:54 GMT
phones.jpg
bankffin.kz/assets/img/popup-banner/ 		239 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/popup-banner/phones.jpg
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
f3ccef81e5467c33b23f882cfe0d54c3b1900f92ea57aca8267d5b2ef8f4977c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-3bd0d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
245005
Expires
Mon, 29 May 2023 03:39:54 GMT
fb.jpg
bankffin.kz/assets/img/popup-banner/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/popup-banner/fb.jpg
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
06d2c45fdd3d56355419abe8007efcd1bf6849a716f15775b8484e879f954ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-4fff"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20479
Expires
Mon, 29 May 2023 03:39:55 GMT
insta.jpg
bankffin.kz/assets/img/popup-banner/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/popup-banner/insta.jpg
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
397629a2ee9f72ca183a0e5b5ad6aebe019b65b4f11d7d837c44268c6f0c395a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 12 Feb 2021 04:36:26 GMT
Server
nginx
ETag
"602605ca-68f1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26865
Expires
Mon, 29 May 2023 03:39:55 GMT
js
www.googletagmanager.com/gtag/ 		114 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129299156-1
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8217f9c9db623cd148e40772f74112c0e2ee4803811eba6040a317780903c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:37:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45397
x-xss-protection
0
last-modified
Sat, 29 Apr 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Apr 2023 03:37:53 GMT
app.css
cc.bankffin.kz/static/widget/ 		111 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cc.bankffin.kz/static/widget/app.css
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.213.247.242 Almaty, Kazakhstan, ASN209120 (BANKKASSANOVA-AS, KZ),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e82aac72b54c62d7143d79b811db550eb07fe0c4e146bfae9cdd0fc94be14f2f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:37:45 GMT
Last-Modified
Wed, 26 Apr 2023 15:36:35 GMT
Server
nginx/1.14.1
ETag
"64494503-1bc53"
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
113747
app.js
cc.bankffin.kz/static/widget/ 		747 KB
748 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cc.bankffin.kz/static/widget/app.js
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.213.247.242 Almaty, Kazakhstan, ASN209120 (BANKKASSANOVA-AS, KZ),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
ac8494674b8dcf883a71b3af322625d49efa53f1dd14d26ebb9d23dca5d86886

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:37:45 GMT
Last-Modified
Wed, 26 Apr 2023 15:36:35 GMT
Server
nginx/1.14.1
ETag
"64494503-bad59"
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
765273
gtm.js
www.googletagmanager.com/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N7N6NLS
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f692561a4407c9305979828fa29491ef89585617c043f1bdfe71a432e2f7fce8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:37:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61928
x-xss-protection
0
last-modified
Sat, 29 Apr 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Apr 2023 03:37:53 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Apr 2023 03:37:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Opl9aKjDPyCwoz5/tOxJE0Iv7a+DCVRbx0o5JIhXYhAPZkZU1cGhKAiGZ81kAHsuUGaw2DH5QQ0oadHJjZtZfw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
appPhone.png
bankffin.kz/assets/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bankffin.kz/assets/img/appPhone.png
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/css/app.css?id=cb85afb58aacdd30e4bf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
6755a7690d6b4c366468ecf9490b76c31b7f267c93c73d7f7551e95be81f7898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
Last-Modified
Fri, 10 Jun 2022 02:13:55 GMT
Server
nginx
ETag
"62a2a8e3-4e33"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20019
Expires
Mon, 29 May 2023 03:39:55 GMT
NotoSans-Regular.ttf
bankffin.kz/fonts/Noto_Sans/ 		543 KB
544 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bankffin.kz/fonts/Noto_Sans/NotoSans-Regular.ttf
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/css/app.css?id=cb85afb58aacdd30e4bf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
4c8d67001d3c2977e5d6bf0a4f8add80cd564bd1df60b7569fd23751e7dda02a
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankffin.kz/
Origin
https://bankffin.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:53 GMT
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Fri, 10 Jun 2022 02:13:55 GMT
Server
nginx
Referrer-Policy
strict-origin
ETag
"87cb8-5e10e7d846670"
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
556216
X-XSS-Protection
1; mode=block
NotoSans-SemiBold.ttf
bankffin.kz/fonts/Noto_Sans/ 		544 KB
544 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bankffin.kz/fonts/Noto_Sans/NotoSans-SemiBold.ttf
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/css/app.css?id=cb85afb58aacdd30e4bf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
3760806c6e1a9d312b3f884e072e6ce043e0118f624d607360b4d57993ce29a2
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankffin.kz/
Origin
https://bankffin.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Fri, 10 Jun 2022 02:13:55 GMT
Server
nginx
Referrer-Policy
strict-origin
ETag
"87f84-5e10e7d8479f8"
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
556932
X-XSS-Protection
1; mode=block
NotoSans-Medium.ttf
bankffin.kz/fonts/Noto_Sans/ 		542 KB
543 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bankffin.kz/fonts/Noto_Sans/NotoSans-Medium.ttf
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/css/app.css?id=cb85afb58aacdd30e4bf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.146.3.56 , Kazakhstan, ASN48716 (PSKZ-ALA, KZ),
Reverse DNS
Software
nginx /
Resource Hash
ac2c786babb3fd1603d174e6108cc222cede9b0968540a16a7b34ac454467d5e
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bankffin.kz/
Origin
https://bankffin.kz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 03:39:54 GMT
Content-Security-Policy
default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Last-Modified
Fri, 10 Jun 2022 02:13:55 GMT
Server
nginx
Referrer-Policy
strict-origin
ETag
"87900-5e10e7d844348"
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
555264
X-XSS-Protection
1; mode=block
596224603884518
connect.facebook.net/signals/config/ 		150 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/596224603884518?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abb7e0385e94293ce68709fd756e168415ddb43deb8986d57b32749c934a4832
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Apr 2023 03:37:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42279
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
V3DZrKmPcgvS/+7KnZ6nWqDtABDW0t+zJ4eVWkBn9xCQHfMFtCNBue0FXvSkXWgcnoZdwwylgsQcrNYqiAZsDQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129299156-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Apr 2023 02:35:44 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3729
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sat, 29 Apr 2023 04:35:44 GMT
inferredevents.js
connect.facebook.net/signals/plugins/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Apr 2023 03:37:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
DdwMu/ZvBiQt3ZJwzYYXAW0LlpVJrrZMnIoIaaeEflLyjd7rEXw09WC2orA0mdtIIamlxlThibw6CD4Il8VIlA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10940913025/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10940913025/?random=1682739473820&cv=11&fst=1682739473820&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbankffin.kz%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&auid=1806490766.1682739474&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7N6NLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01e561f1a3cb54366fddad8640072d8bfe75dd4f2d0817096eb792ad410d4096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1203
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/ 		212 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
27b16e47b8a7c9a504f1eabe45a5f5b24e9157f56dde3118ba78b262edf51d8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:37:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 28 Apr 2023 15:09:05 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"644bb761-12299"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
74393
expires
Sat, 29 Apr 2023 04:37:54 GMT
240485701189797
connect.facebook.net/signals/config/ 		150 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/240485701189797?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7561480745c669a576551bb7f2df6b83146b15a89ff5a8b92898bdd53d31fe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Apr 2023 03:37:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42278
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
+YC6tWaFuOFiENesRJ5+BdUt+D9MXyc4qG+2Yko1epfvngIf4RqURr25XVBMwRPhr75/zmfG0Lrug5CWSsh9/Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=596224603884518&ev=PageView&dl=https%3A%2F%2Fbankffin.kz%2F&rl=&if=false&ts=1682739473829&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1682739473828.1079586452&it=1682739473702&coo=false&rqm=GET
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Apr 2023 03:37:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
404786705045166
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/404786705045166?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e91e0a778cd83f5906be86a2084c91da0bd012e0f8705af634e4c0981f2353c0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Apr 2023 03:37:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110200
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
JS7lzSbVTmbs+we9IPOE4nLlTqnH7JyVdGo+XPddPSuCzKVhgZT39li0G2low0ABbxhkUhHpC0+acAGLDyae5g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=240485701189797&ev=PageView&dl=https%3A%2F%2Fbankffin.kz%2F&rl=&if=false&ts=1682739473879&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1682739473828.1079586452&it=1682739473702&coo=false&rqm=GET
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Apr 2023 03:37:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1434025045&t=pageview&_s=1&dl=https%3A%2F%2Fbankffin.kz%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=482028192&gjid=1281502475&cid=1780340662.1682739474&tid=UA-129299156-1&_gid=364970066.1682739474&_r=1&gtm=457e34q0&jsscut=1&z=1138225384
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bankffin.kz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bankffin.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1434025045&t=pageview&_s=1&dl=https%3A%2F%2Fbankffin.kz%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=1726613828&gjid=1534680015&cid=1780340662.1682739474&tid=UA-197463295-1&_gid=364970066.1682739474&_r=1&_slc=1&gtm=45He34q0n81N7N6NLS&z=444872464
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bankffin.kz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bankffin.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1434025045&t=pageview&_s=1&dl=https%3A%2F%2Fbankffin.kz%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=70548371&gjid=1778246236&cid=1780340662.1682739474&tid=UA-82402368-50&_gid=364970066.1682739474&_r=1&_slc=1&gtm=45He34q0n81N7N6NLS&z=911137747
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bankffin.kz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bankffin.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
448826263683517
connect.facebook.net/signals/config/ 		150 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448826263683517?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
444df74056d115235c04020de07ecfbbed01a36cf0a1f4fa5d83d471babdb857
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 29 Apr 2023 03:37:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42285
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0/koo4gIx1QVo4B0XXqrVzyur4nFo+qLVETM4RJ9ZgPShHaJL9GZJfDv8QXfbbTxjxbswkoIsgKW/k9fxDl54A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
Redirect Chain
  • https://www.facebook.com/tr/?id=404786705045166&ev=PageView&dl=https%3A%2F%2Fbankffin.kz%2F&rl=&if=false&ts=1682739473965&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.168273947...
  • https://www.facebook.com/tr/?coo=false&cs_est=true&dl=https%3A%2F%2Fbankffin.kz%2F&ec=0&ev=PageView&fbp=fb.1.1682739473828.1079586452&id=404786705045166&if=false&it=1682739473702&o=30&r=stable&redi...
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?coo=false&cs_est=true&dl=https%3A%2F%2Fbankffin.kz%2F&ec=0&ev=PageView&fbp=fb.1.1682739473828.1079586452&id=404786705045166&if=false&it=1682739473702&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1682739473965&v=2.9.102
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Apr 2023 03:37:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
content-type
text/plain
location
/tr/?coo=false&cs_est=true&dl=https%3A%2F%2Fbankffin.kz%2F&ec=0&ev=PageView&fbp=fb.1.1682739473828.1079586452&id=404786705045166&if=false&it=1682739473702&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&ts=1682739473965&v=2.9.102
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-129299156-1&cid=1780340662.1682739474&jid=482028192&gjid=1281502475&_gid=364970066.1682739474&_u=YEBAAUAAAAAAACAAI~&z=514140829
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bankffin.kz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Apr 2023 03:37:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bankffin.kz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448826263683517&ev=PageView&dl=https%3A%2F%2Fbankffin.kz%2F&rl=&if=false&ts=1682739474016&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1682739473828.1079586452&it=1682739473702&coo=false&rqm=GET
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Apr 2023 03:37:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.google.com/pagead/1p-user-list/10940913025/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10940913025/?random=1682739473820&cv=11&fst=1682737200000&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbankffin.kz%2F&frm=0&tiba=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&fmt=3&is_vtc=1&random=864824857&rmt_tld=0&ipr=y
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/10940913025/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/10940913025/?random=1682739473820&cv=11&fst=1682737200000&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbankffin.kz%2F&frm=0&tiba=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&fmt=3&is_vtc=1&random=864824857&rmt_tld=1&ipr=y
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-129299156-1&cid=1780340662.1682739474&jid=482028192&_u=YEBAAUAAAAAAACAAI~&z=1510919441
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-129299156-1&cid=1780340662.1682739474&jid=482028192&_u=YEBAAUAAAAAAACAAI~&z=1510919441
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/84357130/
Redirect Chain
  • https://mc.yandex.ru/watch/84357130?wmode=7&page-url=https%3A%2F%2Fbankffin.kz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A1749%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.ru/watch/84357130/1?wmode=7&page-url=https%3A%2F%2Fbankffin.kz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A1749%3Afu%3A0%3Aen%3Autf-8%...
428 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/84357130/1?wmode=7&page-url=https%3A%2F%2Fbankffin.kz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A1749%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A1285041852833%3Ahid%3A296046570%3Az%3A0%3Ai%3A20230429033754%3Aet%3A1682739474%3Ac%3A1%3Arn%3A501292921%3Arqn%3A1%3Au%3A1682739474954312372%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A201%2C247%2C336%2C1%2C126%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1682739471818%3Arqnl%3A1%3Ast%3A1682739474%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
b23df65ee73933299a5260e91a96adbc84e7ea45d55cc4f1a9172df41c7874b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 29-Apr-2023 03:37:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bankffin.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Sat, 29-Apr-2023 03:37:54 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:54 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 29-Apr-2023 03:37:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/84357130/1?wmode=7&page-url=https%3A%2F%2Fbankffin.kz%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93absudza7%3Afp%3A1749%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A1285041852833%3Ahid%3A296046570%3Az%3A0%3Ai%3A20230429033754%3Aet%3A1682739474%3Ac%3A1%3Arn%3A501292921%3Arqn%3A1%3Au%3A1682739474954312372%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A201%2C247%2C336%2C1%2C126%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1682739471818%3Arqnl%3A1%3Ast%3A1682739474%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://bankffin.kz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 29-Apr-2023 03:37:54 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: cc.bankffin.kz
URL: https://cc.bankffin.kz/static/widget/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cc.bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 29 Apr 2023 03:37:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 29 Apr 2023 03:32:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Apr 2023 03:37:54 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: bankffin.kz
URL: https://bankffin.kz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:37:54 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 28 Apr 2023 15:09:05 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"644bb761-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 29 Apr 2023 04:37:54 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=404786705045166&ev=Microdata&dl=https%3A%2F%2Fbankffin.kz%2F&rl=&if=false&ts=1682739475468&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%7C%20Freedom%20Bank%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682739473828.1079586452&it=1682739473702&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bankffin.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 29 Apr 2023 03:37:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dataLayer object| webpackJsonp function| jQuery function| $ function| Inputmask object| Share function| objectFitImages function| agree function| bookingForm function| bookingFormClose function| gtag function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| ym object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter84357130 object| core object| regeneratorRuntime function| forEach function| detect

20 Cookies

Domain/Path Name / Value
bankffin.kz/ Name: XSRF-TOKEN
Value: eyJpdiI6IjdEQzlvY25pU3NCN3M4STZSZDRrenc9PSIsInZhbHVlIjoiXC9WOWExMHlRNFFxQ0xpMHdTdVliMUN6cUhHSkNoUVFLYkx6Q1VOaWNNSHRVUEpVY2MxWEdXSmFEdlwvUUpzRytEelc4RU1FSitna1wvMWRPZmRNaEplS3c9PSIsIm1hYyI6IjU3NTQ1YWFjMjFiMGRmNGQyNWFhYzQwMWYyZWQ5OTY4MmE1MmE0OGVhYmY1M2QzYzZmMTUyZjhkZjRiMzFlNTkifQ%3D%3D
bankffin.kz/ Name: laravel_session
Value: eyJpdiI6Ikw2M1NidytwUDkyNzhPQWYyZlhkXC9nPT0iLCJ2YWx1ZSI6Im9UTytXQmp4VDJSanBtaGp3ZWZZUDBFanEzS1l1WitXYVpIbWJ0VWNGdlwvd2FDSElwYnZqcUF4QlBrNitGbU05UDdWRHZ6MWpwNGhqaTlkbmhOZXdaZz09IiwibWFjIjoiNmE3NGIzZTZjYzk0M2JiNWFkMGQwODliNzZlZmExOWExYTZmYjFiZDZjMzRiYTQyZDYwMTEyM2ViZGIwNDY5OCJ9
.bankffin.kz/ Name: _gcl_au
Value: 1.1.1806490766.1682739474
.bankffin.kz/ Name: _fbp
Value: fb.1.1682739473828.1079586452
.bankffin.kz/ Name: _ga
Value: GA1.2.1780340662.1682739474
.bankffin.kz/ Name: _gid
Value: GA1.2.364970066.1682739474
.bankffin.kz/ Name: _gat_gtag_UA_129299156_1
Value: 1
.bankffin.kz/ Name: _gat_UA-197463295-1
Value: 1
.bankffin.kz/ Name: _gat_UA-82402368-50
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bankffin.kz/ Name: _ym_uid
Value: 1682739474954312372
.bankffin.kz/ Name: _ym_d
Value: 1682739474
mc.yandex.ru/ Name: yabs-sid
Value: 2435469991682739474
.yandex.ru/ Name: i
Value: 1c5b/4kpeVVSvdiXbj3ACLQCDW+MwtKBhP8XsVF8mUHTr7kzrZjf3qb4DH6jNYxbQqUM8wKR5aEYC+6mmaIwOqDdGBE=
.yandex.ru/ Name: yandexuid
Value: 963744521682739474
.yandex.ru/ Name: yuidss
Value: 963744521682739474
.yandex.ru/ Name: ymex
Value: 1714275474.yc.1682739474#1714275474.yrts.1682739474#1714275474.yrtsi.1682739474
.yandex.ru/ Name: bh
Value: KgI/MA==
.bankffin.kz/ Name: _ym_visorc
Value: b
.bankffin.kz/ Name: _ym_isad
Value: 2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankffin.kz
bankffinkz.ru
cc.bankffin.kz
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
mc.yandex.ru
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
185.146.3.56
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a02:6b8::1:119
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
91.213.247.242
01e561f1a3cb54366fddad8640072d8bfe75dd4f2d0817096eb792ad410d4096
0383b15372b2938173fde471e3213b438433ccc0f885e0d1c66c69081d572f84
06d2c45fdd3d56355419abe8007efcd1bf6849a716f15775b8484e879f954ab4
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
13bab1ea07745bf0ec7d6e9cd4684ae12b55a8544375249498fd5994769a19a5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
228207fb81eb53cd46ee6ba0cb925750acbfc536aa79a11a79ecffd451437d0f
27b16e47b8a7c9a504f1eabe45a5f5b24e9157f56dde3118ba78b262edf51d8d
2ef83941590f3b2cc3fcdf07199cad046ac1a0d6c515dbe0973db5b87d72bd0d
3760806c6e1a9d312b3f884e072e6ce043e0118f624d607360b4d57993ce29a2
397629a2ee9f72ca183a0e5b5ad6aebe019b65b4f11d7d837c44268c6f0c395a
39a7d3969ad53c5b0d40eb12781aba6d04a6b0b1a2f7ee1aea3cb7c98f77eaf4
3e2af735ed2b0104cd1886729116e41e6d8df9e502bc819193659197b3e2b1b1
42d4669cebd905d95a87836f137b77c34db8030f05353eaac705c925106d092f
43237487fe3e178410e2489649399d1cb61dc2c4ae6b2bf9dcf75a14a4175392
444df74056d115235c04020de07ecfbbed01a36cf0a1f4fa5d83d471babdb857
4a80e9b5b03fd38a739b9beb655cecd1343c4242daef991939f9ea2a12730fdb
4c8d67001d3c2977e5d6bf0a4f8add80cd564bd1df60b7569fd23751e7dda02a
541f9f6e3af64157336e90f5335fbbee84c35b84d2280a3b3a28ad0c02ac78ad
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
641f52a349224c44afc3ae747c4fdb5415ede096f0269776af282bd098ab8dcc
6514778b6c0117084ae5b571d716ddf72dc8743129399305ad4ddbed45aabf1e
66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1
6755a7690d6b4c366468ecf9490b76c31b7f267c93c73d7f7551e95be81f7898
6a8d2a26313435101b168471f9b135ce8a68c1f6d876c09baecdaeec90b05d21
6e5e5edc1b02ca584a1c5aad8e9fc57359baf6bfbf2e9d79bb73754f76526dbb
747a05204360d96c9b5f8f80a7d73c81f457f6cedf0a5c11a5d24eb37c958e1d
85cd2fc32c2882dfe7479a224e68757139f736880be70b85784414ec9bf1fc7d
8743ac2b13ef700b9aac309c7b0f3bca330de2867623f6273a71c7d11d643f03
8ac908eace31b2ac1ade920ea728ab538c82fc708300b45736fc7275876f323c
8f0c2a5cde5862b050454145223bbc6ab0238990746a537bfcb024404112243a
9a0bbafd4ab178ed097a56331332f06606e813788aee7e82c9d1d246048e8de3
9e903979814958c9c8c008be8da0d522affc9b94fd2941e77b8686f7cbe9d8ec
a1784c068f4594f175e74cdfc34a54801262fc3c938894ed6d27556dbbae0da9
a1d865c2b98fe2a778a3eeb8a9fda67b7a35ecda9a73088ab128226cc66ff446
a66f44f1683dc2afcdafbb6cb707e5fea967b2edd1ccf7e8c0bb94bcd5fecab0
aa7561480745c669a576551bb7f2df6b83146b15a89ff5a8b92898bdd53d31fe
abb7e0385e94293ce68709fd756e168415ddb43deb8986d57b32749c934a4832
ac2c786babb3fd1603d174e6108cc222cede9b0968540a16a7b34ac454467d5e
ac8494674b8dcf883a71b3af322625d49efa53f1dd14d26ebb9d23dca5d86886
b23df65ee73933299a5260e91a96adbc84e7ea45d55cc4f1a9172df41c7874b8
c7795ed433a3358034b948c53d3352219615cfab79bfac341b0ab3f26b5b0e2d
cd38a09a88bedb63117e81e35aca8135ffce514955b461d669a529781c1f2b43
d8ffd0e7b74a1287b39a5b2f0fd127ff451940144f3129806cad963af48cc816
ddd99dd53c947c13200c78d5d81ffabebd221721cf082d0a314b9760222476be
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c16a7daac0c3f9abec4517f6c8951cbe8474e9a9f034dcd212780c6f0696c
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e82aac72b54c62d7143d79b811db550eb07fe0c4e146bfae9cdd0fc94be14f2f
e91e0a778cd83f5906be86a2084c91da0bd012e0f8705af634e4c0981f2353c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ccef81e5467c33b23f882cfe0d54c3b1900f92ea57aca8267d5b2ef8f4977c
f692561a4407c9305979828fa29491ef89585617c043f1bdfe71a432e2f7fce8
f8217f9c9db623cd148e40772f74112c0e2ee4803811eba6040a317780903c71