bank-otkrytie-kabinet.ru Open in urlscan Pro
104.21.18.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bank-otkrytie-kabinet.ru/
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2021, 3:50:00 pm UTC) — Scanned from DE

Summary HTTP 161 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 161 HTTP transactions. The main IP is 104.21.18.182, located in and belongs to CLOUDFLARENET, US. The main domain is bank-otkrytie-kabinet.ru.
TLS certificate: Issued by R3 on October 14th 2021. Valid for: 3 months.

This is the only time bank-otkrytie-kabinet.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	104.21.18.182 104.21.18.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
5	87.250.251.134 87.250.251.134	13238 (YANDEX) (YANDEX)
1	159.69.75.12 159.69.75.12	24940 (HETZNER-AS) (HETZNER-AS)
18	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
3	94.26.236.170 94.26.236.170	49505 (SELECTEL) (SELECTEL)
7	178.154.131.217 178.154.131.217	13238 (YANDEX) (YANDEX)
4	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
22	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4 20	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
2	93.158.134.90 93.158.134.90	13238 (YANDEX) (YANDEX)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
25	142.250.186.33 142.250.186.33	15169 (GOOGLE) (GOOGLE)
5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 6	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
161	21

36 104.21.18.182 (None, )

ASN13335 (CLOUDFLARENET, US)

bank-otkrytie-kabinet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 87.250.251.134 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: front-jsapi.slb.maps.yandex.net

api-maps.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.75.12 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.75.69.159.clients.your-server.de

realpush.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.26.236.170 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: cobrancas60.mastplon.buzz

leadgidads.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 178.154.131.217 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 93.158.134.119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.158.134.90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.196 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	596 KB
36	bank-otkrytie-kabinet.ru bank-otkrytie-kabinet.ru	400 KB
21	doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	161 KB
18	yandex.com 3 redirects mc.yandex.com	5 KB
9	google.com 3 redirects adservice.google.com www.google.com	2 KB
9	yandex.ru 1 redirects api-maps.yandex.ru mc.yandex.ru an.yandex.ru	158 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	83 KB
7	yastatic.net yastatic.net	975 KB
5	googletagservices.com www.googletagservices.com	186 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	37 KB
3	leadgidads.ru leadgidads.ru	223 KB
2	yadro.ru 1 redirects counter.yadro.ru	2 KB
1	2mdn.net s0.2mdn.net	85 KB
1	googleadservices.com partner.googleadservices.com	666 B
1	realpush.media realpush.media	218 B
161	15

	Domain	Requested by
36	bank-otkrytie-kabinet.ru	bank-otkrytie-kabinet.ru
25	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com bank-otkrytie-kabinet.ru googleads.g.doubleclick.net
18	mc.yandex.com	3 redirects bank-otkrytie-kabinet.ru mc.yandex.ru
18	pagead2.googlesyndication.com	bank-otkrytie-kabinet.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	yastatic.net	bank-otkrytie-kabinet.ru api-maps.yandex.ru an.yandex.ru
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	api-maps.yandex.ru	bank-otkrytie-kabinet.ru
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	bank-otkrytie-kabinet.ru googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	leadgidads.ru	bank-otkrytie-kabinet.ru
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	an.yandex.ru	bank-otkrytie-kabinet.ru an.yandex.ru
2	counter.yadro.ru	1 redirects bank-otkrytie-kabinet.ru
2	mc.yandex.ru	1 redirects bank-otkrytie-kabinet.ru
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	realpush.media	bank-otkrytie-kabinet.ru
1	ajax.googleapis.com	bank-otkrytie-kabinet.ru
161	22

This site contains links to these domains. Also see Links.

Domain
go.leadgid.ru
online.open.ru
itunes.apple.com
play.google.com
ib.open.ru
vk.com
www.facebook.com
connect.ok.ru
connect.mail.ru
twitter.com
t.me
www.open.ru
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.bank-otkrytie-kabinet.ru R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
api-maps.yandex.ru Yandex CA	`2021-08-27` - `2022-02-20`	6 months	crt.sh
realpush.media R3	`2021-10-06` - `2022-01-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
leadgidads.ru R3	`2021-09-21` - `2021-12-20`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 22 frames:

Primary Page: https://bank-otkrytie-kabinet.ru/
Frame ID: 937C8697B0A21070205F4771D6A85CBD
Requests: 91 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: 6B4995B8290A0FB2DDCED8F0679136CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&adk=1812271804&adf=3025194257&lmt=1634226592&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592756&bpp=6&bdt=353&idt=174&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=809343491605&frm=20&pv=2&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201
Frame ID: 24510EDE7FD8D9EE91B493B80A149E44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=280&slotname=8421418601&adk=3869422495&adf=462570616&pi=t.ma~as.8421418601&w=670&fwrn=4&fwrnh=100&lmt=1634226592&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592762&bpp=15&bdt=360&idt=203&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wKuYLUfv3X&p=https%3A//bank-otkrytie-kabinet.ru&dtd=212
Frame ID: 59DC46226AE756E5025375DD84D420B4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=168&slotname=5839008363&adk=4141857107&adf=1308614067&pi=t.ma~as.5839008363&w=670&fwrn=4&lmt=1634226592&rafmt=11&psa=0&format=670x168&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592777&bpp=2&bdt=375&idt=210&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=HkV1snRE27&p=https%3A//bank-otkrytie-kabinet.ru&dtd=214
Frame ID: 8955A56972CDF92FC6EDDBD2EBD27346
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=1585285578&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592841&bpp=1&bdt=439&idt=181&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=q5Cw9poJZx&p=https%3A//bank-otkrytie-kabinet.ru&dtd=907
Frame ID: E9543905C8A15EA825FCBFDE933C7B3C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913
Frame ID: 62EB4E3365A447B010C00CFBD2414192
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Frame ID: E5CBC4E6CBEF48ED3A06A8933A10B04F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1C5A8E09C935744DA4D46E06E2661C15
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7421E6B286BBC6A03FEBF9B7E577CDA3
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 79B88CFE6F88C35210567365C8667075
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js
Frame ID: 47B3C78F45B6D33BE895DB99AFD34AA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9F9D8AC3AB708532C3444C792BCAD12A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js
Frame ID: 17DAC4CC24FD020A59D4071F1CC80D81
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js
Frame ID: 0CADBADFCF2E5394BFB64BC3870F70AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6C5174D4EC2E40845C586A027D5E887D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_L9gIQ-YC8-AEYlfv8fTAB&v=APEucNUrg96BSitofWrWeyDtDkoW5Ad1gpPV3rfHe3A5KigMBTMt1SV56lkWxH6OkP7VoJAHY6mPT2u3xtbX6CIyfpBrohPrkQ
Frame ID: C96FFDEBC21F87204377C5CA56E1CDC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DR-zGPKM4ohW9pmiX912F9dcqlFp-Ro-uuy5gk7R8ECaBLzxOQM-XO_SOG14dWP3uMtj4_FQIY79GfgJrZ2RAfg-M3wwUV67F8Yj3QNAu9LXbt-tdL7UBiK1wjLGB7A4abiUjqwFpFatOXE91bUBpa1rPYCA&dbm_d=AKAmf-DQxhooo-2Qck_PKfbcs-fg2mpPMzwnW0du5R7pLDb6fv5oxutmmOIuTvsazERxWlvxqGoMM5aQitBzAt_R_ftV5X4jFfHYLecI_6cLz3CIohSnLE_LrOCefx85lJp5u1JRi-vwLsg5j_pdxNAKc_aNrsdm9BxQUMGmyF-Ljo7tJ0ceuJzMJZ9kQ1KARhN78vVvp_SsTrcj6bcdGLYCeP5BsiUSfa1fwX6ZCiKIfHP9j8_-lISpNVj9CBQoV9Ffo0LQxySVOjcUyXcbKop4BiJ_hSnk9fcgOaNgZ3qWHdlw2a9ec2jWSIK-8J9I3JZsAEaNOX55l8r-JQVqlkH06DQMTeRmN-g7UjXC388of1LpMngLXAxBur9JfbR_uCVkFoZuSu41CMilpm68GiZsa4CMVlf9uodeuLA28Wc7jGAL9lfpBXUHKIiRP8Gz5y3gHcWnngy_TUauQK3vMpvmBo98BOGKHv8DWuc7AfIRMf5T0cBCRRYb2yi_03Y5XJ8BIF-ZmFpIVW_1O3EnSpCEwmnyiF6kgXgtiEv2Yqu4ezpNU-VQlEbyN5AmaVFxWsWjH_i8rNTTO_ixXMza39f1PCBf8mvLBirkIUGe8kUBK9FgJFL6e-YX4yWe43suP9abvbWEm77tptwqRWASHhMPnpGOUhR8vlZwdoXorlpe42cWefRx3YkIfCkwodIIAikpQaoldDrharqLi2KIdeNH7SsfNbJSKg8BczpJ_R-3t3R3jot8fu1npbRcuaflTe0u2WzzY6LmTSOgK1IFCsYFhl5mfPcC9YXRF9L530czrlN6WO3gqkQxMIzsx0kay3wVrjn7aurGF42M1_Yf7gB7eyIjxlV5azn6V45TjV3T0SjHSOCC9aTNecm44lDiVUAyzhMx1Cq-PQIkPG2MlFsQfMaSwPsMkqi4HYZ16VSJhuVbO2kQhqeV2jOX1cooBvPlmM12712ZupshscyxRA24vmxx16Ut8dPlGSWzOX_ASw9RDzLqPq-SCgDAoPWVq7_jukC7F1xUepNrNjrE8ssIsRx8zaPt0nwxV03XXfFbDf5Bm_ZC0uhK78i9nhaJqe-SG_kcky2AQ5_2ng6MXBXQJjqxdA7YlYoUYmTDtjvVK6r6DoTx5N70oaQd2OknsZTwV3e7RDURVJ-J9BImEnjct5uurLajSEyzHIJ5fMvmwj-omvoO4Yczq09HGMcTFc9KQ3jbUjRWup3akeGpxpRvPk1TK0Nw2aktFzSo4AQdC9Y9KtV1X6Q2PwfVro-ScV3eOUkuGbooYsKAjx-eapiRWUe-9lKfq62q_XeM1N0EdqAEajKQQ7jTdq_EYhPObVZi6jido2Aq6ADNr5704GIcxb1m-gTpQF9jCaBN30iDStvxS_LiI1_txwqD-27fcdSNYXyHSYGu-NEPDT2GoKXgXyMMuD9D_6x4jEBiz9Wr_LPm_eYGeC2VdQhQOwhPKYtkN7DCDpJK_berYCgDrKVGq6erWsvwqVz-Y0MIUOAdOaWB0ahh1v9VqjYj8TjPRwX456ADTcxG1pnXyBj_ifgMMFj27uyU6IMjTwaptq9aAWFR3MV4dyG9rfPjP-eGYrxFfvs-wzwTWqHXhCWavoqsXRJtsDPl0azlu-CkNm8qMi_CSyH4Nsdhh3R4dT2jOwl3MkBrW2W2Gt6T4ncVtfG_Jpxv7DtYQmwLvOoqGdcV0tVU3aA882xFojkVzuAAzZCECPaGXSe6w24rSU1zyWMHvvjID-gQfmC20Y6_dgZ7khD7lYqw3QBxok_E26ByXShxreg7blLqSFOXVf2X-AULI8JIMXbY0we9moP2gfEWrlroX2bfxduSCEiT5FcR51pk2iNP9Tf59z79G6jXo665iHBFWWaflbYuNfGNila8fHJslDO-zgDcNsxsobuVZGOIRmOsq6plOsuxGMNhicupDgNa4hVImgjBLKj2MkqTAc6K7lY9Jp2CefUQIkTORnAlkiPKRxxLZZqYz1ErGwjeWIOpaVqHdaSyE2VnZB7ZMDYpaFY3ludXB1BogDuaDe1caZNQ7gLQliwFHh3llb1dj-BKVg8050VlBI3wKMZZoKYIIjKuZff0AF_vV56pZo0JxJ35tbXrxL5HMwnbDk0ovKaxFhIDSH5yqdodMRxv_yGQqmdfOwlhxzs-fs0LrnR2UqVxxO4rSAU-QSSF2u2G0fXAR9yi2z2NjaiPHiMiWqMagsmcmf-_6tSuxqAG6CPmODqPHjVjMxIh4H6rU0YRMpOSvsgdjGaPxLY7Ht4XykNZHnpirHBjaAUava8O_IBa3kVs4fvoghL9fiWnbyoAaqjzOEBwMwk3IgtgDeWN3TUwxNMekh78eV_pciQcs95Y3EZPHxy4CL8Cm1dp_tV2z5HQ1EFsvXg87bGxdrtkLkDUWjK8yGoVrTAGfyuATZmTrPy8_6U8apaziJqkUR8kIG06cbOfTUWEDNPd78MHCbHv4iJfh85fcobI9dU26aOKHfA7x-a9dFdcEASX1ZKboCSG9MPiHABlkBc4wMA8SbAxRuYQJCAWteyB_BLU-JcpBFfgO3yyUZthfmBwGNaeDyfQ2aRael5ZoP_HyEk6Hr6Zk7_5KarMO5YjvgwJ-Kew0ChfDJvFg-RcDwoFjzmVogJHrN6LqGuCJdem5vJPjTRSHLxvx9txvB4bAlca71dJ79zqut3SdNI3u5p9Wvb9aZlH-JFFwLVdnK1d3jYc_S5WYGFJZ6JFbJj31UUqkJAkH-a7XplKwbQ4erbeMOia0G8sGN9JwmtYJWqryk5Xw-3zPkHhN78_8Gayyx9afUOhy2gDyvb6Mo6dwcNv8CJzZdg8ipbcLB6xvWyCm_CRsRr4iW4UHQInW5GQSTsp9HklVeDwCD0D1cYEznW4Z_5EE3G7TdN5XEuRn_nKY-C6uEMUai2g5yFSImrc9E7mZ79iVw0mZAdgon0GnIseKs9gcv052Bu0AMa5kYxn2_zPw4XOntc4VdJqWC1U4I_qb5wFTOh-LVYWO_B8wujyQ2-2R6alSjF_SiVi6ddBKbGSsT4OEni0XHY2xJNnaFOsWYw5gRALehKBcFIG4ni3DYXmgh5AjyPJvc8fEV5CUpVYYeSXlu8WN5jGUI6woUasAjM4g8Rh0128fjyGGQ2JFsxQqIsdbJ5T9rTkCSnq-Yul-JWez5C6KhT2hfnHzt4gFK3S932-KoCbkVbOBY58ybQUtklrV8wjXTSv5S3hHopJNccq1SX4UiNIvVMZtd7dIh1A4DIR6zN7njobYrKsLG8RvC4eKzjUdoPfbCHEYe7rBi4LEvycjuU&cid=CAASPeRoLrOmHK5oaWQlVk9cwwxM4DitP2r3tSBgaWF6M_7lyS3InkGYBvCT5ByE0o1aQSR-Mcqy1O1eSg7g1Oc&rfl=2%2Chttps%253A%252F%252Fbank-otkrytie-kabinet.ru%252F%240
Frame ID: 5D2C90A23578C663DD190D1B47CE7E14
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js
Frame ID: B3987ED6C68C85991D9BE4C3F6E8609A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8248B87E35B9F74670DF44E164D15D84
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 13A6DE26D3927686066A06C430493D52
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45B0C0E015E0D30778EA3D47C7D0342A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Банк Открытие личный кабинет: регистрация, вход, услуги банка

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

161
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

22
Subdomains

21
IPs

4
Countries

2908 kB
Transfer

8893 kB
Size

18
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://go.leadgid.ru/aff_c?offer_id=2233&aff_id=30807&file_id=40225

Search URL Search Domain Scan URL

URL: https://go.leadgid.ru/aff_c?offer_id=2233&aff_id=30807&url_id=1223
Title: Оформить карту «Развлечений»

Search URL Search Domain Scan URL

URL: https://go.leadgid.ru/aff_c?offer_id=2233&aff_id=30807&url_id=1225
Title: Оформить карту «Travel»

Search URL Search Domain Scan URL

URL: https://go.leadgid.ru/aff_c?offer_id=2233&aff_id=30807&url_id=1227
Title: Оформить «Автокарту»

Search URL Search Domain Scan URL

URL: https://go.leadgid.ru/aff_c?offer_id=2233&aff_id=30807&url_id=1233
Title: Оформить «Смарт Карту»

Search URL Search Domain Scan URL

URL: https://online.open.ru/r
Title: https://online.open.ru/r

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/RU/app/id909649844?mt=8
Title: <span itemprop="image" itemscope itemtype="https://schema.org/ImageObject"><img itemprop="url image" class="wp-image-26 size-medium" src="https://bank-otkrytie-kabinet.ru/wp-content/uploads/2018/05/AppStore-300x93-300x93.png" alt="AppStore" width="300" height="93" /><meta itemprop="width" content="300"><meta itemprop="height" content="93"></span>

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.openbank
Title: <span itemprop="image" itemscope itemtype="https://schema.org/ImageObject"><img itemprop="url image" class="wp-image-27 size-medium" src="https://bank-otkrytie-kabinet.ru/wp-content/uploads/2018/05/GooglePlay-300x98-300x98.png" alt="GooglePlay" width="300" height="98" /><meta itemprop="width" content="300"><meta itemprop="height" content="98"></span>

Search URL Search Domain Scan URL

URL: https://ib.open.ru/login
Title: <img src="https://bank-otkrytie-kabinet.ru/wp-content/uploads/2018/06/vhod.png" alt="Вход в ЛК">

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&title=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&title=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&utm_source=share2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&title=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/share?url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&title=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&utm_source=share2
Title: Мой Мир

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&text=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&utm_source=share2
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.open.ru/
Title: Официальный сайт Банк Открытие

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//bank-otkrytie-kabinet.ru/;h%u0411%u0430%u043D%u043A%20%u041E%u0442%u043A%u0440%u044B%u0442%u0438%u0435%20%u043B%u0438%u0447%u043D%u044B%u0439%20%u043A%u0430%u0431%u0438%u043D%u0435%u0442%3A%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u044F%2C%20%u0432%u0445%u043E%u0434%2C%20%u0443%u0441%u043B%u0443%u0433%u0438%20%u0431%u0430%u043D%u043A%u0430;0.6392566176370535 HTTP 302
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//bank-otkrytie-kabinet.ru/;h%u0411%u0430%u043D%u043A%20%u041E%u0442%u043A%u0440%u044B%u0442%u0438%u0435%20%u043B%u0438%u0447%u043D%u044B%u0439%20%u043A%u0430%u0431%u0438%u043D%u0435%u0442%3A%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u044F%2C%20%u0432%u0445%u043E%u0434%2C%20%u0443%u0441%u043B%u0443%u0433%u0438%20%u0431%u0430%u043D%u043A%u0430;0.6392566176370535

Request Chain 63

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9426.jZzqHHEpKjMVeoZ881rNWpT8WjGB38cAPCMuW9rCKlrYGHSLkq0E0PabiOLCjlFb.dv59oTX9Y5NrEouZDsx2x6CVqeA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9426.KmiNDboMcTAYkO90wytJoOPC4iQSv121epRzAy9MZF-pjhU3x5wcYnSXJUvh5tvSpwurxi__2eQ_omeWwaQWNA%2C%2C.3nTlbR9RKicQk7Do3Dmzoa7f4fQ%2C

Request Chain 69

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22c%2Fn%2Fq%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A2%3Adp%3A0%3Als%3A1462763952831%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A406012182%3Arqn%3A1%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634226591952%3Adsn%3A1%2C22%2C423%2C77%2C0%2C0%2C%2C337%2C16%2C%2C%2C%2C902%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22c%2Fn%2Fq%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A2%3Adp%3A0%3Als%3A1462763952831%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A406012182%3Arqn%3A1%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634226591952%3Adsn%3A1%2C22%2C423%2C77%2C0%2C0%2C%2C337%2C16%2C%2C%2C%2C902%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29ti%282%29

Request Chain 70

https://mc.yandex.com/watch/49313860?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A249074188018%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A431288247%3Arqn%3A1%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634226591952%3Adsn%3A1%2C22%2C423%2C77%2C0%2C0%2C%2C337%2C16%2C%2C%2C%2C902%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/49313860/1?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A249074188018%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A431288247%3Arqn%3A1%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634226591952%3Adsn%3A1%2C22%2C423%2C77%2C0%2C0%2C%2C337%2C16%2C%2C%2C%2C902%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29ti%282%29

Request Chain 117

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

161 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bank-otkrytie-kabinet.ru/ 346 KB
63 KB 446ms
423ms Document
text/html 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank-otkrytie-kabinet.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.36
Resource Hash: 20d4d2f621ed9db020d27bb66b63fc23a4af562b9de9a2e1a45aee101896b073

Request headers

:method: GET
:authority: bank-otkrytie-kabinet.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/5.6.36
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbkV0Z6jSiaRGhwBSZj0B9d%2FXGUw7uHAlQKOJiAzc42YuqxXQrbQERKgt%2FeLDcnRTETMyjkGCqCwB5EkqAasbCgyw3nk6ihCkoMPwm4VfUMKD0WlE0F%2FSQpOQQ1UKhfr6Xj0ZmRZOOK5WzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69e1f5c7d8bf4ab0-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 a3_lazy_load.min.css
bank-otkrytie-kabinet.ru/wp-content/uploads/sass/ 127 B
421 B 18ms
17ms Stylesheet
text/css 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/uploads/sass/a3_lazy_load.min.css
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

Request headers

:path: /wp-content/uploads/sass/a3_lazy_load.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7784156
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 22 Nov 2018 14:24:22 GMT
server: cloudflare
etag: W/"5bf6bc16-7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTInohqwC4B%2FQLHm5XW%2Bd91z7rCCbh9apvjyEAiDKUjSY7TEkUjXOiAXK4AsqesA1aoh4rsWvZwy%2FTu%2BKo%2BqtUqErz7m%2FgjT6q2wDkrqWPdx1H5%2FZh%2FJDXpDpRh9OYJ0OSXYzk7VL%2FtBTBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 69e1f5cafe7a4ab0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 36ms
10ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 14 Oct 2022 14:06:42 GMT

GET
H2 200 / Show response
api-maps.yandex.ru/2.1/ 33 KB
12 KB 182ms
117ms Script
application/javascript 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1/?lang=ru_RU

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

front-jsapi.slb.maps.yandex.net

Software

Resource Hash

97a02a812c7b65463a747b090788c3fcce060121e86fb46597799f7ff43766ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-lighttpd-locale: ru_RU
content-disposition: attachment; filename=json.txt
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 qi3aA1ep.js Show response
realpush.media/pushJs/ 0
218 B 41ms
10ms Script
application/javascript 159.69.75.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://realpush.media/pushJs/qi3aA1ep.js
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.75.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.75.69.159.clients.your-server.de
Software: cloudflare-nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
last-modified: Mon, 19 Jul 2021 15:48:47 GMT
server: cloudflare-nginx
etag: "60f59edf-0"
content-type: application/javascript
cache-control: max-age=259200, public, must_revalidate
accept-ranges: bytes
content-length: 0
expires: Sun, 17 Oct 2021 15:49:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 73ms
37ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9b658d32ab626de2971021c458ea3aa6cc131e79c1d4e4bdf1cc229b99bf7465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51475
x-xss-protection: 0
server: cafe
etag: 2150372836419296857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:49:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 42ms
19ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400|Quattrocento+Sans:400&subset=latin

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

a2b96d6f1253a99039b4ced8ff14dfe080e6200783451e6a07b1bc936ef807e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 15:44:08 GMT
server: ESF
date: Thu, 14 Oct 2021 15:49:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 15:49:52 GMT

GET
H2 200 1c20e6b8706f96b570143c5cc0fb2f19.css
bank-otkrytie-kabinet.ru/wp-content/cache/css/static/ 25 KB
2 KB 16ms
16ms Stylesheet
text/css 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/cache/css/static/1c20e6b8706f96b570143c5cc0fb2f19.css
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a721065b733dcbcd059de184fcc1edd365eec8f60746e81223eef6663a17ea44

Request headers

:path: /wp-content/cache/css/static/1c20e6b8706f96b570143c5cc0fb2f19.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7720464
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 26 Jan 2020 06:09:59 GMT
server: cloudflare
etag: W/"5e2d2d37-6286"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMxcjJUGv34S4tcQVTg8zzyh7oSgXReZL2BNmN8BygnPssJqgRVsP0oDfHFBbXO6auMfMo60QKVa%2Btg3MuJqcX5IzOqn0Q4rrrI4aE0r6njOm5VSMvSxI4MmSgFySOA1kiiER1IrfA2ADcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 69e1f5cafe7c4ab0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo.png
bank-otkrytie-kabinet.ru/wp-content/uploads/2018/06/ 6 KB
7 KB 22ms
22ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/uploads/2018/06/logo.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0c4ae5203aaa3493eaeeaaec672a6386093128d64f362d10d8e3455ab5d26c

Request headers

:path: /wp-content/uploads/2018/06/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Nov 2018 15:14:36 GMT
server: cloudflare
age: 8291719
etag: W/"5bf6c7dc-190e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiB3gHjXoyh8JefoOQWH5HtyJCsGMZqGDPczjba2MELTMMHKYmYgcXGiAcaBiKif1Gz9elLnItPhlCJOMI5%2FizyhFjNDe3jzzC4ItipWH8HCiRRqFISu9bs9%2Bp4KePlKJ5MLKe1rN2sC3ns%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc59b24a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 40249.gif
leadgidads.ru/b/9/5/ 57 KB
57 KB 203ms
37ms Image
image/gif 94.26.236.170
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leadgidads.ru/b/9/5/40249.gif

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.26.236.170 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

cobrancas60.mastplon.buzz

Software

Resource Hash

473813f3e2c50e44564507539251a6228d9aef6caabdad35220854c0f0835070

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
last-modified: Mon, 21 Dec 2020 08:12:18 GMT
x-amz-request-id: tx00000000000002d02e572-00616840ce-f56c916-ams3c
etag: "52d07c6afdc3cb9a454ab1964b7d9f1b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/gif
x-rgw-object-type: Normal
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 57995

GET
H3 200 lazy_placeholder.gif
bank-otkrytie-kabinet.ru/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
659 B 19ms
15ms Image
image/gif 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path: /wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8291719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42
last-modified: Sun, 26 Jan 2020 06:02:06 GMT
server: cloudflare
etag: "5e2d2b5e-2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wroFpJATmhs3L5j4skXXswm8oUTc%2Bilx%2B%2F%2By62N0n%2FbPdpkn%2BxW5GDMftTf6s0G4gzjNMQR7oLfhIdFgaKqnbxDlckssL5glaQsHQMlpOp8hZcwF1GJFvj3UUv05UjAQSvv2NrVNG9cnbLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e1f5cc69ba4a85-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 40231.gif
leadgidads.ru/b/d/5/ 75 KB
75 KB 202ms
37ms Image
image/gif 94.26.236.170
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leadgidads.ru/b/d/5/40231.gif

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.26.236.170 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

cobrancas60.mastplon.buzz

Software

Resource Hash

4f7f4169854b868f5c40040b7b00803782a0781ab3188e0e0e572e6597a4a37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
last-modified: Mon, 21 Dec 2020 08:27:36 GMT
x-amz-request-id: tx00000000000002d02e575-00616840ce-f56c916-ams3c
etag: "5dc40178f754e27bf1a3debe5f274378"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/gif
x-rgw-object-type: Normal
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 76586

GET
H3 200 wink.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 815 B
1 KB 24ms
19ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/wink.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d1521bd9c97e21379ee29be828ab88468deaf8f52d845baeafb3cab8c4917a7

Request headers

:path: /wp-content/themes/root/images/smilies/wink.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 7720464
etag: W/"5c6ab04a-32f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7t9QmhYjR2MDYyoapSyesVjSyIjs9HgzDcYavZfD4Bu4HMaxWpDL8XZQlMDKdbNyRsj74jWoHYsEQl2CshmvIoSm8cdCXV1I%2FW0xB4UUcVndF2uta6cetMwGjtWroIAfbTwUgej3YotKJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69bb4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 neutral.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 637 B
1 KB 20ms
14ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/neutral.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c1ba8cb3693236155e0ecf842d29622ebb5c47e92b303b6bfadaf0c99ed22a

Request headers

:path: /wp-content/themes/root/images/smilies/neutral.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 4453852
etag: W/"5c6ab04a-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EK0TKLuISfV92iROiJB0%2BXHrezLqmExm8G75QuH1Kyy5W%2BGmNgOIMil7n47xjZoiNpM3tYO5emJyVKray4CeFgfN7TsHcr0wkWd6IpUQaaejGCqlyLc%2BPbn6Y7Q%2BDL7WKo3agzGSDFu%2FjBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69bc4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mad.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 958 B
2 KB 19ms
14ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/mad.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccb2de978f607c02c595632d38051c17978e018220b429c8ccd0ad4aca206032

Request headers

:path: /wp-content/themes/root/images/smilies/mad.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 7720464
etag: W/"5c6ab04a-3be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hy4Cq2ILHHl4%2BeB9sshCJmeJ%2B%2FAVZUFISctSbBLIoiMLh2t2mvhIsZ9%2F2aIGmFpduJE7vIqONgx%2FyIc4%2FhCjTunBertfboq1dMRY7rOl8nsSPkDUREzLiutoi11nQyGeiIpGjvpveiCVFxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69bd4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 twisted.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 1 KB
2 KB 29ms
24ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/twisted.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5cabd806694695eeb10b48b8e5b1f4499ec46c19bbae6312284f40ce4b64b81

Request headers

:path: /wp-content/themes/root/images/smilies/twisted.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 5928709
etag: W/"5c6ab04a-434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1x1OImN3xqaTzh6nJqMiuHYHoNA2Bjz8plooZzzeep%2FJqeqLlfT09z4aClVK91k%2FSU3CrTddMS4rqRcQ3404pOUB%2FLz705cdToqZt68jk3RA6kWpSOy99qu%2FAAvlnffYVpQ8kcvdoeW7vk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69be4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 smile.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 710 B
1 KB 18ms
13ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/smile.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43cd2653b5cbc9875746d0d418d1cdce1c55de38b17ecd0e56614518259f71b

Request headers

:path: /wp-content/themes/root/images/smilies/smile.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 8291719
etag: W/"5c6ab04a-2c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5n4MDQloKjP1AIiNdfbXpzMfvqrj401QsUt%2FqbI3eLDoXo5mx%2FNOQDOwofa5G4iE6f1DgjUTm%2B761jd3F9i9V593TN0MOLuR%2FTpiq3XKAQBKsAAg3rKn%2FREogrCWbTLXNo3kgiFWNwvhRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69bf4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 eek.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 1 KB
2 KB 22ms
17ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/eek.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f7ac379ead267382afe1258b1a23eb64bb01a4f320ca3f91a3220a01485ac96

Request headers

:path: /wp-content/themes/root/images/smilies/eek.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 2725094
etag: W/"5c6ab04a-49b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuuKQjdT%2BcQ4dUgwTU%2BvnuH%2FMgNjh6df4eVMUOJoAnoks9yIG9WdbiEusBmBOEJ33OgyX0Xth2lvyPsVmsouYH1y%2FNqx5FuDHZ0VUAL5xyd4cl6Nb9oA2WUDGYPeDacqrYub7nG9QJkyT2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69c04a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sad.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 713 B
1 KB 20ms
15ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/sad.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8250f65127f9a58a72ea10c7d75296efa28708df144b684dbf2c94d7bcc04b9d

Request headers

:path: /wp-content/themes/root/images/smilies/sad.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 2725094
etag: W/"5c6ab04a-2c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgLP7qOz1RsVoLiZuuCUe4phsf6in8G9kontpdkIH0uJ%2BzG7SuL79saBmvGCYnU02lLQFL6V6qvQC4HZUxXR2DzZBMXJjd5wQhuNLCIIknyODrX65O1x5dRgf%2Fneh4gUrJETiOm%2Be1zHlRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69c14a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rolleyes.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 898 B
1 KB 24ms
19ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/rolleyes.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d4e1f91df020fd4c9caf87da7ba0c8febc6a40e0880d2852da7f5f30664434

Request headers

:path: /wp-content/themes/root/images/smilies/rolleyes.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 2725093
etag: W/"5c6ab04a-382"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sslC6F6MX2crj1906%2B5R2x0TRr2TocNt5eefm8b26JxfsrxgosCkT0J6uo7iRLEUeh9HdLyW5t00HLMTDj0Ya5rE%2BDV%2FiNwZ6P%2BeXLjEBDwvQdRyq%2F5s1x0CZcNvo%2BaJkCm9Im7Tv8EZnwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69c24a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 razz.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 846 B
1 KB 20ms
15ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/razz.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3bc26d03dc5313b9df615fc465f58c0a197a045ad900aebf84ca6e819929ddd

Request headers

:path: /wp-content/themes/root/images/smilies/razz.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 4453852
etag: W/"5c6ab04a-34e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZn90Jo93zFksawf5XDEaD2AEZGfRL69eBh59tCf8ohr%2F6kNp2dY3Mio0ExpFvB2kIvsU6zrJW1zEBasPxg1752%2BO7BCxdYk0oTEF4gF0WVl5GYuR%2FJUFzPSoeZxeVhoGCR7SOGE5vJKDhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69c44a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 redface.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 873 B
1 KB 357ms
352ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/redface.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2462f4d85888c4301384d028b17cf96a5e6856f9639b3a0fa98b511b3cc2b0f5

Request headers

:path: /wp-content/themes/root/images/smilies/redface.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
etag: W/"5c6ab04a-369"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ1lbxLTHQhL2ChZkK1b3vKF1HNbpVTUJ8xWvWXcgjvChydJEpW0Uaz%2BpaXuFsbKx21NkIrP82Vg3CMAPv5I7jorP0At4uPJaThTHGxpsJgJf7fqpS2KojTBdYkgAHfcWOeY13lzWG7k%2FCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69c54a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 surprised.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 1 KB
2 KB 25ms
20ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/surprised.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bedbfebb1e570a307a3c53fa9922989a22aaae3602a306d66f8d1fd982496bf8

Request headers

:path: /wp-content/themes/root/images/smilies/surprised.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 8291719
etag: W/"5c6ab04a-495"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpJmEFxiY%2B6N7kV3XaA5cMbU3W1J4gkK74GxCR9YEFncB3I%2B%2FNcQyLPJvVVPVjk%2FEGeMOA9jgMjVgyqdqO4erU0huB8WCL2yhSspHcVCwbsGfMLKEgTAqL7LNbtHHdHxTUuF1diC%2BgX4nw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69c64a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 mrgreen.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 859 B
1 KB 20ms
15ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/mrgreen.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aff9a1ebcc9288d03aefe8890c1c3d865fb1d51871ee9eae6ead3362b996904

Request headers

:path: /wp-content/themes/root/images/smilies/mrgreen.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 2725091
etag: W/"5c6ab04a-35b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUzjPhuaK%2BQDo1GQn11NNR%2BqSTEhWBrlG5%2FfXWALt6knku8%2F7p5echpkJj58KMoENFvIt4nljP%2FM%2BUqX5DRgRlRi1TJgT1nO2eIGA9YPtQvo9BfQwaIuHZeC7ncWT4Kyi1RdAAuwgu5HeZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69c74a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 lol.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 913 B
1 KB 29ms
24ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/lol.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bf1f354f2fc01f58f53314b6b08f69f34058211d8dc0cedd73746481311821c

Request headers

:path: /wp-content/themes/root/images/smilies/lol.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 7135620
etag: W/"5c6ab04a-391"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Z7T55LQWiFPkady7Mwoyq7vhxrtjNhA5w%2B0YhoaeFmxUJZZ9nzxwKrsatsdaWAohsu3hLjet9n5Nt0DhCbJRH0AOySogoeS%2FkI3aYvAfTEE53un845ozERJ74fVjySN4JG4Z8XrOR1xPIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69c84a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 idea.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 765 B
1 KB 23ms
19ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/idea.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ef85555374c6902eccad1b67d6c74d13afb219a768ab8d6a7bddea1f601787d

Request headers

:path: /wp-content/themes/root/images/smilies/idea.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 8291719
etag: W/"5c6ab04a-2fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJiZ3MFesIbnJ8Oymsl63YbdUPfciZ%2FEZmls9PrcxITxRMVjJDpidUs0BnCg230ruHAcBepSNMqNn%2FkeRuji%2BqKol3qotl08RgmrVqb%2FV7pHV15RkZ1kWesq0dMkHVgarZcVrzFHHClACfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69c94a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 biggrin.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 859 B
1 KB 20ms
16ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/biggrin.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c685378c7f15fb7a809c8d36db127c1620294330405921a3a13c978c3415e403

Request headers

:path: /wp-content/themes/root/images/smilies/biggrin.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 8291719
etag: W/"5c6ab04a-35b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXg5%2F3DssnRCqZl6QxFMFvtsPaa7EvEKoLbm6%2F9fBqLkDgQ%2FrnOa1XsVhpg1sM6iH6DOM5JFSr3XidfBrQt%2BtOEyCgUfZDKGUud4W9mfnM2XnAfPHwf%2BSZaxb6hKXqd1Aer83G3elib5MZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69ca4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 evil.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 937 B
2 KB 23ms
19ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/evil.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936fb434a14b628a1c6f4f52cf995ad93adccd3fad1346955f29b80f05fa985c

Request headers

:path: /wp-content/themes/root/images/smilies/evil.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 8291719
etag: W/"5c6ab04a-3a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BNC0DVNQK68mXPoeK8pIhYEuhZfLFnpl7rsqlO7QPhcnsxB%2BwVKGmfYGbOwJ0%2BnMbXBMmxTxaD3bpZe1sVw8CudcEk5p4070XcXbQ7F9K74oFOI4GCC0aTJDiumIr9Q451jgNJ1UKpO5QE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69cb4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cry.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 1 KB
2 KB 25ms
21ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/cry.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82faa7a5ead139ade1fa1b11387a6dfdf881c1c3fea161df3da52a039f3662bb

Request headers

:path: /wp-content/themes/root/images/smilies/cry.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 7720464
etag: W/"5c6ab04a-528"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhGkl6wRLHcKZWNJrdVoenpV7c6rXR53fd43ZnW0kbW9RJTSH6PkG5s3o%2BF3QgCnnaEcP4rdDf6BYujJenAlYMiWp6%2FGpmcesJ%2FGcCs2klieiKqquHmfrZDF0vf8ZZls4BSxCQIOYVg3oEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69cd4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cool.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 921 B
1 KB 23ms
19ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/cool.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1658582fd8c3291ee75ebd8fffe7b1b125bd73f71acf7c04edbc51a8a25ab6ed

Request headers

:path: /wp-content/themes/root/images/smilies/cool.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 8291719
etag: W/"5c6ab04a-399"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67Xa2DxqhvURctdiigcDbUXwpWVuUm3%2BqvCdzWf%2FLfbDOlLAhga3oeJ7lLQ60IaVawNh5HgcGVAsCOJ5sn6e9l8rMl%2FJWN2S2upc90eFRmm6dfWKvL32l2i61qKbnrehmigEomfZZGnbqzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69ce4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 arrow.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 569 B
1 KB 22ms
19ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/arrow.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c06340de9f3beb799319aabe3751252dd687c2c194f44c3797afe72230192fdd

Request headers

:path: /wp-content/themes/root/images/smilies/arrow.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 3953684
etag: W/"5c6ab04a-239"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DQB8Ahu2TrJKJhUBxaK4iKIF0ZLJIGmSGAd8%2FuxLGJCOGTsfyewCCKfmuZTlE%2FCdZuGBOz%2Bf4SPlxBEV8HKvqEK32ZS2yHx1O8jrAVuc0V2OpuiUI%2Fz6SvPQVm%2Bqp%2BAF78sJITrnOalWU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69d14a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 confused.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 935 B
2 KB 24ms
20ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/confused.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1725c52315ddd4904d3ec6f701395b4e825b4a871e8d584fbcec1fd97c0db6f3

Request headers

:path: /wp-content/themes/root/images/smilies/confused.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 5928709
etag: W/"5c6ab04a-3a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDNKBlc2snO7qhleJdNBxBFgAYkXqaawFkr4X%2F1Af2IjgCH2jUlh%2BMoTuYV3Y4mg7Qkr8THz7JapaeTjW5Rw3h3t7dYsTdZ5s5q%2BcdLCOiBEZzH50mRf3PEAcwF0scZ1qH%2Bg1MFk9gcvs9w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69d34a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 question.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 504 B
1 KB 24ms
21ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/question.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbe2111eb50b721ea6f79e1cb61f6febc76795fd015a21593089bc1a3dfe490

Request headers

:path: /wp-content/themes/root/images/smilies/question.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5928709
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 504
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
etag: "5c6ab04a-1f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrMnXDJ54GTY4p7xTGdICwrlz01pykNDL%2F1tdyzn1E8UGd8hsm7XB5MzWAAtcezLW%2Fwk%2BK937Fe%2BXR3frlBEbQm%2BYnOnVXK4dOfqaUmyquyZZiOMFq8PYJ9CjBwKF4OSwPsSKfVFHQKlmFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e1f5cc69d54a85-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 exclaim.png
bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/ 700 B
1 KB 26ms
23ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/images/smilies/exclaim.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1da222840d0c513869093c5d892419db13bdbe9b2ee5a64ed96249edcfbca5b2

Request headers

:path: /wp-content/themes/root/images/smilies/exclaim.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
age: 8291719
etag: W/"5c6ab04a-2bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mluZOmWPuA8L8ya9GptdabM0RiAtNqIYpXfA06veLctnVlLo9Uc00esyWnBVAnw1re7Y3uyK0DiWXWe9QGAnEoGRGyGqRVwYI5%2B3d1BKuWHdXsQ%2BbzF8AuTCI7MT8f1o0IY7f9KhdBvgZwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cc69d84a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 144 KB
39 KB 134ms
58ms Script
application/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 24 May 2021 12:18:35 GMT
server: nginx/1.17.9
etag: W/"bcd00e6750a3b5b8b79248b4c2e87b60"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
expires: Sun, 17 Oct 2021 03:48:16 GMT

GET
H3 200 autoptimize_6431bd553b50967c0afd2040f810afe3.js Show response
bank-otkrytie-kabinet.ru/wp-content/cache/autoptimize/js/ 70 KB
24 KB 24ms
21ms Script
application/javascript 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/cache/autoptimize/js/autoptimize_6431bd553b50967c0afd2040f810afe3.js
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f17f352985894cc81958fbb5e44f0eb5d1f0973a9da33e2b7bf6469307e9256

Request headers

:path: /wp-content/cache/autoptimize/js/autoptimize_6431bd553b50967c0afd2040f810afe3.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5890795
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 10 Nov 2020 22:05:20 GMT
server: cloudflare
etag: W/"5fab0ea0-1169b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0k2fhxmzaVGucM1h%2Bf4%2B%2FUoeg7H4Y%2FwgBS9wU8PFShFwKWXzAOuIzW5P%2BSPT7E7p%2FWE0vvdjKBdP%2F%2Fvuzx75aRqHNEGl9YgtXiN7ygFZPpn4LkO20iVJh37mRIwa4eW%2Bw45c4qaniBd5z8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e1f5cc69da4a85-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 079ccc8809c4250a00a6d66046bb14b5.js Show response
bank-otkrytie-kabinet.ru/wp-content/cache/js/static/ 114 KB
37 KB 17ms
17ms Script
application/javascript 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/cache/js/static/079ccc8809c4250a00a6d66046bb14b5.js
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9543bd5b9d6794a9fea4d9f555764271939b4338015cc6c6172d158738d743b

Request headers

:path: /wp-content/cache/js/static/079ccc8809c4250a00a6d66046bb14b5.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8291719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 26 Jan 2020 06:09:59 GMT
server: cloudflare
etag: W/"5e2d2d37-1c829"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xb3PTuToZthlg5Kbwueh%2BMvAUQNg6PK5jwNTJWKrfRGsqiUci0DsC6WIsyM793U3nR6fl3LGV245YuCICU4WCD3K2r%2FQGPSVgzJbyR1EFPUCS8dU14HDIcnJJjEO7%2FbPzzo5Gi2XPn0lfGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e1f5cb48074a85-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 full-ee53113a645d81222ecb164b335955b69104f320.js Show response
yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-26/build/release/ 3 MB
688 KB 167ms
92ms Script
application/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-26/build/release/full-ee53113a645d81222ecb164b335955b69104f320.js

Requested by

Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9efb9eb2d0d3a02956c526db065129fa21b249296aae1180f67110633f943956

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: br
last-modified: Mon, 30 Aug 2021 15:23:05 GMT
server: nginx/1.17.9
etag: W/"da58bb924d29dd93f0f418e35fb652d9"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 14 Oct 2022 21:34:52 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 2e3d33b4ff7533f8

GET
H3 200 loading.gif
bank-otkrytie-kabinet.ru/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 18ms
16ms Image
image/gif 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Request headers

:path: /wp-content/plugins/a3-lazy-load/assets/css/loading.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7720464
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1690
last-modified: Sun, 26 Jan 2020 06:02:05 GMT
server: cloudflare
etag: "5e2d2b5d-69a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2mdDN8GuvtZN6b543%2BHhKQ8KFr5Vx61tURxey6S9U4%2FkX7arnZkL1qrWPaWJyp4cdbaUjtWchHWmCZdhSJyTBtZ%2BjB3z1SUEntKzRNP9wnp7Ofdis60Yj44aR2fVUSmoYlRVziuwqWjpNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e1f5cc8a124a85-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ez-toc-icomoon.ttf
bank-otkrytie-kabinet.ru/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ 1 KB
2 KB 14ms
13ms Font
application/octet-stream 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.ttf?-5j7dhv
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98b46048d73e92b6ca203d9bfc2015ec3f37cd72dedd9696c35a6b3840e9433

Request headers

:path: /wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.ttf?-5j7dhv
pragma: no-cache
origin: https://bank-otkrytie-kabinet.ru
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bank-otkrytie-kabinet.ru/
Origin: https://bank-otkrytie-kabinet.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7623097
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1204
last-modified: Thu, 31 May 2018 10:59:32 GMT
server: cloudflare
etag: "5b0fd594-4b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LqOmnYb7Q4boY1auUVVQbxeffhoQkpiaSZ2POj5E8cd7KKx%2BYxTZLuRkLHXhkv%2B3n4iCy%2B20g5cNPsvHyvuYmVN9Ts%2FxWx%2F6Qr6raF32h9wwl0L5d5RIHtdom7G9mrGYGTJYg0AQL2vvLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e1f5cc8a134a85-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/ 273 KB
98 KB 65ms
41ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1319331a1eb2acd634aafd5c428659e212e9ba503ffef3751d726d1f65c33b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99865
x-xss-protection: 0
server: cafe
etag: 3593107766786651928
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:49:52 GMT

GET
H3 200 word-image-6.png
bank-otkrytie-kabinet.ru/wp-content/uploads/2018/06/ 137 KB
137 KB 13ms
13ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/uploads/2018/06/word-image-6.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dafb742c2b6191760cc1f87dc34dc07e4dc3bf60cc26e957e73879b99f09db6

Request headers

:path: /wp-content/uploads/2018/06/word-image-6.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Mon, 03 Dec 2018 09:35:08 GMT
server: cloudflare
age: 1694086
etag: W/"5c04f8cc-2226f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsPmgdx0oUKfppTVqIh%2BJ%2F9IycluTwl0mB5sGo06ficzplFO6aRt2YzjIoAiwOFZ75Ab28X2tjzJmU6ozTMmlhrwCmftOUh6pm3trjR9QuE0ZsTRQr622SFd5wi17I0QIwgnW7Cap6wgN0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5ccba5c4a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 transparentcolor.png
bank-otkrytie-kabinet.ru/wp-content/cache/image/static/ 91 B
711 B 22ms
22ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/cache/image/static/transparentcolor.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/wp-content/cache/css/static/1c20e6b8706f96b570143c5cc0fb2f19.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a314c29d5dcce23cc726140820143658561b0f544c5bfb3810fe83ba4183ce7c

Request headers

:path: /wp-content/cache/image/static/transparentcolor.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/wp-content/cache/css/static/1c20e6b8706f96b570143c5cc0fb2f19.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/wp-content/cache/css/static/1c20e6b8706f96b570143c5cc0fb2f19.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2725089
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 91
last-modified: Tue, 04 Sep 2018 11:25:42 GMT
server: cloudflare
etag: "5b8e6bb6-5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8iVf%2Bal0bkwlilJaKzwEVi09vHfRRKJTC6Q6D1Sr4RhjcBE6QmzGhY9lTkzQGh9S8d%2BKv%2FqX0grO0o77pRvmJiH3eO7wvZYRjNRF%2BBIi%2BfUBKNmTDa7YiyhYL3SGVFUULpCKV7uHNvWD1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e1f5ccba5f4a85-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcBBrBZQI.woff2
fonts.gstatic.com/s/arimo/v17/ 7 KB
7 KB 30ms
7ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v17/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcBBrBZQI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400|Quattrocento+Sans:400&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

4a196b115d9a635615fe9ed410f609b3ac35c8a44279c1fee1a8ddfb9a1faeda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bank-otkrytie-kabinet.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:01:19 GMT
x-content-type-options: nosniff
age: 262113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6712
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:42:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 15:01:19 GMT

GET
H2 200 P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
fonts.gstatic.com/s/arimo/v17/ 10 KB
10 KB 16ms
8ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v17/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400|Quattrocento+Sans:400&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

e2e100dccf35fc8fbda8298d47d2719362a984ff46eebf871a878376224071df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bank-otkrytie-kabinet.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 09:25:06 GMT
x-content-type-options: nosniff
age: 541486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9976
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 23:11:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 08 Oct 2022 09:25:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 6B49 10 KB
5 KB 29ms
6ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 20:21:55 GMT
expires: Wed, 27 Oct 2021 20:21:55 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 70077
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 fontawesome-webfont.woff2
bank-otkrytie-kabinet.ru/wp-content/themes/root/fonts/ 75 KB
76 KB 356ms
355ms Font
application/octet-stream 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/themes/root/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://bank-otkrytie-kabinet.ru
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bank-otkrytie-kabinet.ru/
Origin: https://bank-otkrytie-kabinet.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 18 Feb 2019 13:16:58 GMT
server: cloudflare
etag: "12d68-5822af0752680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChGmFpmcprmb6qAz2Vm35fJ5WQMz%2BgfQpvLbiEPfcjhuYCoiBuo1y2QRaHdjbGX9BuhGTlBQ6FMSfz0uM5cBrgN%2FMM30dD2LgzfhGJXmYbFGc9tFlXsb8idKuTjr%2FSudChgTP0AIvGAXRAY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69e1f5cd0ae74a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
expires: Thu, 14 Oct 2021 16:49:53 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 188 KB
64 KB 126ms
62ms Script
application/javascript 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
content-encoding: br
last-modified: Thu, 14 Oct 2021 15:13:04 GMT
etag: "61681ed0-10040"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65600
expires: Thu, 14 Oct 2021 16:49:52 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//bank-otkrytie-kabinet.ru/;h%u0411%u0430%u043D%u043A%20%u041E%u0442%u043A%u0440%u044B%u0442%u0438%u0435%20%u043B%u0438%u0447%u043D%u044B...
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//bank-otkrytie-kabinet.ru/;h%u0411%u0430%u043D%u043A%20%u041E%u0442%u043A%u0440%u044B%u0442%u0438%u0435%20%u043B%u0438%u0447%u043D%u04...

133 B
619 B

43ms
43ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//bank-otkrytie-kabinet.ru/;h%u0411%u0430%u043D%u043A%20%u041E%u0442%u043A%u0440%u044B%u0442%u0438%u0435%20%u043B%u0438%u0447%u043D%u044B%u0439%20%u043A%u0430%u0431%u0438%u043D%u0435%u0442%3A%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u044F%2C%20%u0432%u0445%u043E%u0434%2C%20%u0443%u0441%u043B%u0443%u0433%u0438%20%u0431%u0430%u043D%u043A%u0430;0.6392566176370535

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

49a25d21e02a70496a3f786e331184c1b552a102eb39f78fa68e6c9d2d62e249

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 15:49:53 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 133
Expires: Tue, 13 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 15:49:53 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//bank-otkrytie-kabinet.ru/;h%u0411%u0430%u043D%u043A%20%u041E%u0442%u043A%u0440%u044B%u0442%u0438%u0435%20%u043B%u0438%u0447%u043D%u044B%u0439%20%u043A%u0430%u0431%u0438%u043D%u0435%u0442%3A%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u044F%2C%20%u0432%u0445%u043E%u0434%2C%20%u0443%u0441%u043B%u0443%u0433%u0438%20%u0431%u0430%u043D%u043A%u0430;0.6392566176370535
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 13 Oct 2020 21:00:00 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 299 KB
80 KB 390ms
55ms Script
text/javascript 93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

777b5231470dbaf1a2dbd7839e7f7c7de4ff64a28fe3bb9656205a82aa043c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 1571696986
x-yandex-req-id: 1634226593210407-1472496527078396759300353-production-app-host-vla-pcode-223
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 14 Oct 2021 16:49:53 GMT

GET
H2 200 40225.gif
leadgidads.ru/b/d/a/ 90 KB
90 KB 134ms
133ms Image
image/gif 94.26.236.170
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leadgidads.ru/b/d/a/40225.gif

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.26.236.170 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

cobrancas60.mastplon.buzz

Software

Resource Hash

bed542f8dde9593921a55619985affad6e77af3cf023012d02d3cbc7b7576ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
last-modified: Mon, 21 Dec 2020 08:29:29 GMT
x-amz-request-id: tx00000000000002cffb43b-0061683ddf-f58f0fc-ams3c
etag: "ea6f0f0e875d22023ef558d638684451"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/gif
x-rgw-object-type: Normal
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 92133

GET
H3 200 vhod.png
bank-otkrytie-kabinet.ru/wp-content/uploads/2018/06/ 10 KB
11 KB 13ms
12ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/uploads/2018/06/vhod.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92929a62869690b11dfc5b2e41d107314db34daf0bd1b990a04f95dfb3ebc377

Request headers

:path: /wp-content/uploads/2018/06/vhod.png
pragma: no-cache
cookie: flat_r_mb=%2F%2F%2F%3Adirect
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Nov 2018 15:13:42 GMT
server: cloudflare
age: 8210643
etag: W/"5bf6c7a6-2997"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqXhr8x2%2FQU72V0Mw0OlLl4THnVKGvfXsPVJtpL2Uj6s7q4WOlNzTd0hdqLIJFhDeMieoKqZTMT31t1fASeTwYh7z8dfjihVhriruAyK04J6OXmmKSs2D5I5Wx8ikO4d%2FwC4p4jt9%2FpnXPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cdac144a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 v_zakladki.png
bank-otkrytie-kabinet.ru/wp-content/uploads/2018/05/ 6 KB
6 KB 25ms
25ms Image
image/png 104.21.18.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bank-otkrytie-kabinet.ru/wp-content/uploads/2018/05/v_zakladki.png
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.18.182 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4fbc7d5ad26b24430edb279a7bc6c9c6d354b569988587c7bc02b5518d9dae2

Request headers

:path: /wp-content/uploads/2018/05/v_zakladki.png
pragma: no-cache
cookie: flat_r_mb=%2F%2F%2F%3Adirect
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bank-otkrytie-kabinet.ru
referer: https://bank-otkrytie-kabinet.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:52 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Nov 2018 15:39:58 GMT
server: cloudflare
age: 7131813
etag: W/"5bf6cdce-176c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9PdX4%2B0Y%2F9SNiNqAzMRSLJ6qAHIOEbLREtnZ%2BEaI6DpHwc0dvgvxd8%2BfADkOexOsf3G2WN0JPpcmr1zp1oAcw193CWqy1V%2FpkJInV3Q0hH0SG0CpUputeGUN6uLcZ%2FgJsyTXJl2eeqnFZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e1f5cdac174a85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 799 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
666 B 259ms
17ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bank-otkrytie-kabinet.ru&callback=_gfp_s_&client=ca-pub-7131396095253182

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4db66a9879e2176a4caedaaf6c14bb5645abc54ab7e0d9dde2725ea3d0ebed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 260ms
21ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bank-otkrytie-kabinet.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2451 233 KB
58 KB 590ms
569ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&adk=1812271804&adf=3025194257&lmt=1634226592&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592756&bpp=6&bdt=353&idt=174&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=809343491605&frm=20&pv=2&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

df8b3e2f6daca44be06e59c1561e7743f3fbb3d5f7f006367c7fe9927aff3f06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7131396095253182&output=html&adk=1812271804&adf=3025194257&lmt=1634226592&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592756&bpp=6&bdt=353&idt=174&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=809343491605&frm=20&pv=2&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 15:49:53 GMT
server: cafe
content-length: 59042
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 16:04:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 15:49:53 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 59DC 71 KB
26 KB 786ms
765ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=280&slotname=8421418601&adk=3869422495&adf=462570616&pi=t.ma~as.8421418601&w=670&fwrn=4&fwrnh=100&lmt=1634226592&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592762&bpp=15&bdt=360&idt=203&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wKuYLUfv3X&p=https%3A//bank-otkrytie-kabinet.ru&dtd=212

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

039661683cd030136477dd700f6300331b3e625ad685e2a39ad299514e22fcb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7131396095253182&output=html&h=280&slotname=8421418601&adk=3869422495&adf=462570616&pi=t.ma~as.8421418601&w=670&fwrn=4&fwrnh=100&lmt=1634226592&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592762&bpp=15&bdt=360&idt=203&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wKuYLUfv3X&p=https%3A//bank-otkrytie-kabinet.ru&dtd=212
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 15:49:53 GMT
server: cafe
content-length: 26585
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 16:04:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 15:49:53 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8955 430 B
230 B 529ms
509ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=168&slotname=5839008363&adk=4141857107&adf=1308614067&pi=t.ma~as.5839008363&w=670&fwrn=4&lmt=1634226592&rafmt=11&psa=0&format=670x168&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592777&bpp=2&bdt=375&idt=210&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=HkV1snRE27&p=https%3A//bank-otkrytie-kabinet.ru&dtd=214

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cab95834f7418dad87b4ff37953e5c02a9dd52416d45ef762cc46e3cad055413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7131396095253182&output=html&h=168&slotname=5839008363&adk=4141857107&adf=1308614067&pi=t.ma~as.5839008363&w=670&fwrn=4&lmt=1634226592&rafmt=11&psa=0&format=670x168&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592777&bpp=2&bdt=375&idt=210&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C670x280&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=HkV1snRE27&p=https%3A//bank-otkrytie-kabinet.ru&dtd=214
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 15:49:53 GMT
server: cafe
content-length: 207
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 16:04:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 15:49:53 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9426.jZzqHHEpKjMVeoZ881rNWpT8WjGB38cAPCMuW9rCKlrYGHSLkq0E0PabiOLCjlFb.dv59oTX9Y5NrEouZDsx2x6CVqeA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9426.KmiNDboMcTAYkO90wytJoOPC4iQSv121epRzAy9MZF-pjhU3x5wcYnSXJUvh5tvSpwurxi__2eQ_omeWwaQWNA%2C%2C.3nTlbR9RKicQk7Do3Dmzoa7f4fQ%2C

75 B
75 B

32ms
32ms

Image
text/html

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9426.KmiNDboMcTAYkO90wytJoOPC4iQSv121epRzAy9MZF-pjhU3x5wcYnSXJUvh5tvSpwurxi__2eQ_omeWwaQWNA%2C%2C.3nTlbR9RKicQk7Do3Dmzoa7f4fQ%2C

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9426.KmiNDboMcTAYkO90wytJoOPC4iQSv121epRzAy9MZF-pjhU3x5wcYnSXJUvh5tvSpwurxi__2eQ_omeWwaQWNA%2C%2C.3nTlbR9RKicQk7Do3Dmzoa7f4fQ%2C
date: Thu, 14 Oct 2021 15:49:53 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
184 B 36ms
31ms Image
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Wed, 13 Oct 2021 15:51:32 GMT
etag: "6166d654-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 14 Oct 2021 16:49:53 GMT

GET
H2 200 grab.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 326 B
355 B 74ms
73ms Image
application/octet-stream 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grab.cur
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: front-jsapi.slb.maps.yandex.net
Software: /
Resource Hash: 13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Mon, 30 Aug 2021 15:23:15 GMT
etag: "612cf7e3-146"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 grabbing.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 326 B
355 B 67ms
67ms Image
application/octet-stream 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grabbing.cur
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: front-jsapi.slb.maps.yandex.net
Software: /
Resource Hash: a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Mon, 30 Aug 2021 15:23:15 GMT
etag: "612cf7e3-146"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 help.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 326 B
524 B 33ms
33ms Image
application/octet-stream 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/help.cur
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: front-jsapi.slb.maps.yandex.net
Software: /
Resource Hash: 128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Mon, 30 Aug 2021 15:23:15 GMT
etag: "612cf7e3-146"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zoom_in.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 326 B
355 B 33ms
33ms Image
application/octet-stream 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/zoom_in.cur
Requested by: Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: front-jsapi.slb.maps.yandex.net
Software: /
Resource Hash: eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Mon, 30 Aug 2021 15:23:15 GMT
etag: "612cf7e3-146"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/26812653/
Redirect Chain

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22c%2Fn%2Fq%2Fj%2Fk%2Fk%2Fl%2Ft...
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22c%2Fn%2Fq%2Fj%2Fk%2Fk%2Fl%2...

331 B
422 B

33ms
33ms

XHR
application/json

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22c%2Fn%2Fq%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A2%3Adp%3A0%3Als%3A1462763952831%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A406012182%3Arqn%3A1%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634226591952%3Adsn%3A1%2C22%2C423%2C77%2C0%2C0%2C%2C337%2C16%2C%2C%2C%2C902%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29ti%282%29

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

85d798012bb94ef365680bd9439a927acd5280ff83c50ee323cc2a41eba5d1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22c%2Fn%2Fq%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A2%3Adp%3A0%3Als%3A1462763952831%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A406012182%3Arqn%3A1%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634226591952%3Adsn%3A1%2C22%2C423%2C77%2C0%2C0%2C%2C337%2C16%2C%2C%2C%2C902%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/49313860/
Redirect Chain

https://mc.yandex.com/watch/49313860?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.com/watch/49313860/1?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3A...

350 B
385 B

35ms
35ms

XHR
application/json

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49313860/1?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A249074188018%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A431288247%3Arqn%3A1%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634226591952%3Adsn%3A1%2C22%2C423%2C77%2C0%2C0%2C%2C337%2C16%2C%2C%2C%2C902%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29ti%282%29

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

8917e30efcc1260d758f2e67a6f5891da6c9ce8f2601a4446e868afc19ff9f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
location: /watch/49313860/1?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A249074188018%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A431288247%3Arqn%3A1%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634226591952%3Adsn%3A1%2C22%2C423%2C77%2C0%2C0%2C%2C337%2C16%2C%2C%2C%2C902%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26812653/ 43 B
85 B 31ms
31ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A2%3Adp%3A1%3Als%3A1462763952831%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A965122843%3Arqn%3A2%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634226591952%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

GET
H2 200 e164a42c0611a0f5a570.js Show response
yastatic.net/partner-code-bundles/44908/ 13 KB
5 KB 94ms
32ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/44908/e164a42c0611a0f5a570.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

43dd8340e927310f58e7b489c5d4c7998759ebdd0b97613cab11671af85644cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Origin: https://bank-otkrytie-kabinet.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4459
last-modified: Wed, 13 Oct 2021 16:10:59 GMT
server: nginx/1.17.9
etag: "17d4f2306ce7f4db8ec60b04edacce92"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2051 22:25:09 GMT

GET
H2 200 cbb525054500b467e728.js Show response
yastatic.net/partner-code-bundles/44908/ 81 KB
18 KB 170ms
108ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/44908/cbb525054500b467e728.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

021b5cb98a78c05acbfcce488dff6d28116ca76f8a17f9139db4cbbfe92570e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Origin: https://bank-otkrytie-kabinet.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17441
last-modified: Wed, 13 Oct 2021 16:10:59 GMT
server: nginx/1.17.9
etag: "f417a05a04cd79bc05567229eae4537a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2051 22:24:47 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.82/ 33 KB
9 KB 169ms
109ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.82/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Origin: https://bank-otkrytie-kabinet.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8879
last-modified: Mon, 28 Jun 2021 10:29:24 GMT
server: nginx/1.17.9
etag: "e4627697ff619d2b610d2b2fee975531"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2051 22:24:12 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/49313860/ 43 B
73 B 32ms
31ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49313860/1?page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A1%3Als%3A249074188018%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A863097214%3Arqn%3A2%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634226591952%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26812653/ 43 B
73 B 32ms
32ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A2%3Adp%3A1%3Als%3A1462763952831%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226593%3Ac%3A1%3Arn%3A491357332%3Arqn%3A3%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634226591952%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226593&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

GET
H2 404 663670 Show response
an.yandex.ru/meta/ 29 B
426 B 37ms
37ms XHR
text/html 93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/663670?target-ref=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&pcode-test-ids=431005%2C0%2C90%3B428759%2C0%2C12%3B435402%2C0%2C27%3B434271%2C0%2C76%3B434063%2C0%2C21%3B430925%2C0%2C69%3B434521%2C0%2C5%3B430931%2C0%2C64%3B428464%2C0%2C71%3B434214%2C0%2C12%3B437093%2C0%2C33%3B204299%2C0%2C53%3B426160%2C0%2C10&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22434485%22%2C%22testId%22%3A%22435340%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22435450%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22435450%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22435450%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22435450%22%7D%5D%2C%22DECODE_VAST%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22432455%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%5D%2C%22testId%22%3A%22436842%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22DISABLE_144P_QUALITY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22431005%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22EXP%22%2C%22testId%22%3A%22428759%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22435402%22%2C%22testId%22%3A%22435402%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22434271%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22434063%22%7D%5D%2C%22COMBO_INPAGE_LOAD_MODULE_DIRECT%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22430925%22%7D%5D%2C%22DISABLE_FONT_SYNC%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22434521%22%7D%5D%2C%22INPAGE_LOAD_MODULE_DIRECT%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22430931%22%7D%5D%2C%22ADFOX_AVAILABLE_SIZE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428464%22%7D%5D%2C%22POSTER_COLLECTION%22%3A%5B%7B%22value%22%3A%22exp-icon-1%22%2C%22testId%22%3A%22434214%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244908%22%2C%22testId%22%3A%22437093%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=Tkn0HdkpvCr19%2BxLY%2FcPszFMUNsvUXq6wUspeaBCSaV%2BoNYvU2TAj893wK%2BxjBMRNge8sSLZPZLRfclp1TmM6Oim7kM%3D&duid=MTYzNDIyNjU5Mzk5MzMxMDQxOQ%3D%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=481637632573442&ad-session-id=7945781634226593393&target-id=33655322&tga-with-creatives=1&pcode-version=44908&pcodever=44908&flash-ver=0&available-width=250&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A250%2C%22h%22%3A0%2C%22width%22%3A250%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A-250%2C%22top%22%3A1050%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=692&grab=dNCR0LDQvdC6INCe0YLQutGA0YvRgtC40LUg0LvQuNGH0L3Ri9C5INC60LDQsdC40L3QtdGCOiDRgNC10LPQuNGB0YLRgNCw0YbQuNGPLCDQstGF0L7QtCwg0YPRgdC70YPQs9C4INCx0LDQvdC60LAKMdCR0LDQvdC6INCe0YLQutGA0YvRgtC40LUg0LvQuNGH0L3Ri9C5INC60LDQsdC40L3QtdGCIAoy0KDQtdCz0LjRgdGC0YDQsNGG0LjRjyDQsiDQu9C40YfQvdC-0Lwg0LrQsNCx0LjQvdC10YLQtSAKMtCQ0LLRgtC-0YDQuNC30LDRhtC40Y8g0LIg0LvQuNGH0L3QvtC8INC60LDQsdC40L3QtdGC0LUgCjLQntCx0LfQvtGAINGE0YPQvdC60YbQuNC5INC4INCy0L7Qt9C80L7QttC90L7RgdGC0LXQuSAKMtCf0YDQvtCz0YDQsNC80LzRiyDQutGA0LXQtNC40YLQvtCy0LDQvdC40Y8gCjLQktC-0YHRgdGC0LDQvdC-0LLQu9C10L3QuNC1INC_0LDRgNC-0LvRjyAKMtCc0L7QsdC40LvRjNC90L7QtSDQv9GA0LjQu9C-0LbQtdC90LjQtSAKMtCa0L7QvdGC0LDQutGC0L3QsNGPINC40L3RhNC-0YDQvNCw0YbQuNGPIAo%3D&uniformat=true&callback=Ya%5B7738363031373%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

93.158.134.90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

570b114960a1c462fa6a31099768630b6a2dbec99057710df5a8896e872fdacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 15:49:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1634226593428897-918462890127622182400379-production-app-host-man-pcode-75
strict-transport-security: max-age=31536000
content-type: text/html; charset=windows-1251
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 14 Oct 2021 15:49:53 GMT

GET
H2 200 f359c08680e4ca96fe54.js Show response
yastatic.net/partner-code-bundles/44908/ 949 KB
155 KB 99ms
63ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/44908/f359c08680e4ca96fe54.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

12f595281b269087a1ed9b9c4cc6c8685a12d81ba1b6caf93917f280e6c46423

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Origin: https://bank-otkrytie-kabinet.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 158033
last-modified: Wed, 13 Oct 2021 16:10:59 GMT
server: nginx/1.17.9
etag: "f614b919ce55e6350071ae29e59e5a01"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2051 22:24:41 GMT

GET
H2 200 814ed19a1fcb8bec1d8e.js Show response
yastatic.net/partner-code-bundles/44908/ 337 KB
62 KB 144ms
108ms Script
text/javascript 178.154.131.217
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/44908/814ed19a1fcb8bec1d8e.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9c54ba0bd3ece361e671851c96c48c896508c4ae5133ca44f36ecfc189122c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Origin: https://bank-otkrytie-kabinet.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 62573
last-modified: Wed, 13 Oct 2021 16:10:59 GMT
server: nginx/1.17.9
etag: "ecb49fe14eb8712aeb5a026d5cc83e62"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2051 22:24:47 GMT

GET
H2 200 663670 Show response
mc.yandex.com/watch/ 295 B
330 B 32ms
31ms XHR
application/json 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/663670?wmode=7&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A3%3Adp%3A1%3Als%3A970282026823%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226594%3Ac%3A1%3Arn%3A246556104%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634226591952%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226594%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

c75670cc0f104a2aad9990ece265612b9fb496fa8f84d4eca097a26376a748aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 295
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/663670/ 43 B
73 B 32ms
31ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/663670/1?page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A761%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A3%3Adp%3A1%3Als%3A970282026823%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226594%3Ac%3A1%3Arn%3A97937621%3Arqn%3A1%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634226591952%3Adsn%3A1%2C22%2C423%2C77%2C0%2C0%2C%2C337%2C16%2C%2C%2C%2C902%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226594&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

GET
H2 200 663670 Show response
mc.yandex.com/watch/ 43 B
73 B 31ms
31ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/663670?page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A3%3Adp%3A1%3Als%3A970282026823%3Ahid%3A184845316%3Az%3A0%3Ai%3A202101014154953%3Aet%3A1634226594%3Ac%3A1%3Arn%3A91216579%3Arqn%3A2%3Au%3A1634226593993310419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634226591952%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634226594%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D0%B8%D0%B5%20%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%3A%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B2%D1%85%D0%BE%D0%B4%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:53 GMT
last-modified: Thu, 14-Oct-2021 15:49:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:53 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bank-otkrytie-kabinet.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E954 88 KB
28 KB 407ms
406ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=1585285578&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592841&bpp=1&bdt=439&idt=181&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=q5Cw9poJZx&p=https%3A//bank-otkrytie-kabinet.ru&dtd=907

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

31495082e5e4277dd3d1db41ea9c0c60697475abbdd6a2c036405da69705b57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=1585285578&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592841&bpp=1&bdt=439&idt=181&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=q5Cw9poJZx&p=https%3A//bank-otkrytie-kabinet.ru&dtd=907
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 15:49:54 GMT
server: cafe
content-length: 29067
x-xss-protection: 0
set-cookie: IDE=AHWqTUkUf_VaBaS7lNi72RdqndsCsMVtqy4Uh1LB1S_QXPgEaUOwsuQo0qfe-brampk; expires=Sat, 14-Oct-2023 15:49:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 15:49:54 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 62EB 16 KB
8 KB 566ms
565ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4a722b708f14a1c799f46d53831de0d139c1fdc9ee61ae34934d2d8d176cb860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 15:49:54 GMT
server: cafe
content-length: 8026
x-xss-protection: 0
set-cookie: IDE=AHWqTUnwi8jP9b6Rz0E9dvjHbBYe3ZNrjaTBeEYFqVk8HdVAau5swkxyNfszqcTxLC8; expires=Sat, 14-Oct-2023 15:49:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 15:49:54 GMT
cache-control: private

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/ 143 KB
51 KB 36ms
36ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/reactive_library_fy2019.js?bust=31063156

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

67b74d329d1fdfccbeb08c801422ad89d1ab11518f51ed5ff9bc4793863ea3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52658
x-xss-protection: 0
server: cafe
etag: 11830421027839560173
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:49:53 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bank-otkrytie-kabinet.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame E5CB 10 KB
5 KB 13ms
13ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:08:24 GMT
expires: Wed, 27 Oct 2021 21:08:24 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 67289
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame 1C5A 10 KB
5 KB 14ms
13ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:08:24 GMT
expires: Wed, 27 Oct 2021 21:08:24 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 67289
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame E5CB 4 KB
635 B 49ms
25ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 14:39:55 GMT
server: ESF
date: Thu, 14 Oct 2021 15:49:53 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 15:49:53 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E5CB 205 B
764 B 28ms
7ms Image
image/png 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 06:46:14 GMT
x-content-type-options: nosniff
age: 119019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Oct 2022 06:46:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E5CB 604 B
696 B 29ms
7ms Image
image/png 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 00:41:57 GMT
x-content-type-options: nosniff
age: 400076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 10 Oct 2022 00:41:57 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame E5CB 18 KB
8 KB 43ms
11ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:44:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7792
x-xss-protection: 0
server: cafe
etag: 11501120118990840405
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:44:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1C5A 0
0 44ms
43ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-gTRoVFoYfaKDuDG1fAP6Y6PqA36tajVZePJtdHYDtrZHhABINrJh2tgyQagAb7w85UDyAECqAMByAPJBKoE0gFP0MqIOj5vEVhvcz43Xs32sAb7aJ1pA8eM-Gtu4zUyoojIKlgcHhfWRivpl5kQAPhhfdp6Qz2crltBryb_oSldOnGdh2wj8EZ9AUl-hY9eNMWan-RSYVVsLzgwTllo8O7dk42484o7Sflbd0h9AW9xrS41hWlp2qDFPz9cwf2SCDtpgiUR3pJWg-9Q9HZkyWyM94aBsv7apifgohVnUplZ4jBFM1QlPYwl3gyBqvOllfFdLh8BdT65F-QMLcHqydL-sjhWQYqchXmkqj4GOiQDt4_ABKrQqPXbA5IFBAgEGAGSBQQIBRgEoAYCgAex4eVwqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBDZ3h_SCAkIgOGAYBABGF-ACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItNzEzMTM5NjA5NTI1MzE4MhgA&sigh=fEAeu7jfmAI

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 15:49:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Oct 2021 15:49:53 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 1C5A 18 KB
8 KB 30ms
6ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:49:49 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 1C5A 3 KB
1 KB 36ms
13ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:46:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C5A 123 KB
38 KB 62ms
39ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 15:49:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 1C5A 14 KB
6 KB 30ms
7ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:47:33 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 1C5A 27 KB
11 KB 36ms
13ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11185
x-xss-protection: 0
server: cafe
etag: 5630310602010257655
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:26:55 GMT

GET
H2 200 13382777922022129787
tpc.googlesyndication.com/daca_images/simgad/ Frame 1C5A 70 KB
70 KB 37ms
15ms Image
image/png 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13382777922022129787

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

1bc898565504b604c3b74a633141b6ab6ea2b2677e7f04e29239930757bde7e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 08:02:41 GMT
x-content-type-options: nosniff
age: 287232
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71279
x-xss-protection: 0
last-modified: Sun, 10 Oct 2021 06:12:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Oct 2022 08:02:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7421 143 B
163 B 14ms
13ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 15:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 79B8 3 KB
580 B 26ms
26ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 15:35:29 GMT
server: ESF
date: Thu, 14 Oct 2021 15:49:54 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 15:49:54 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 79B8 2 KB
912 B 45ms
17ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:44:10 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 79B8 18 KB
8 KB 42ms
16ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:49:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 79B8 3 KB
1 KB 43ms
17ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:46:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79B8 123 KB
37 KB 52ms
28ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 15:49:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 79B8 14 KB
6 KB 38ms
13ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:47:33 GMT

GET
H3 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame 79B8 27 KB
11 KB 37ms
13ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 11:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 10 Jan 2022 11:08:32 GMT

GET
DATA 200
OK truncated
/ Frame 1C5A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89110229884d51983fa8a74fe2a17d1606b35b7fca08bce9ff3a4012046c3c69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6552860597541814841
tpc.googlesyndication.com/daca_images/simgad/ Frame 59DC 93 KB
93 KB 42ms
42ms Image
image/png 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6552860597541814841

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=280&slotname=8421418601&adk=3869422495&adf=462570616&pi=t.ma~as.8421418601&w=670&fwrn=4&fwrnh=100&lmt=1634226592&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592762&bpp=15&bdt=360&idt=203&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wKuYLUfv3X&p=https%3A//bank-otkrytie-kabinet.ru&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

ee9c8149c9c87eef99e3ee78aacd47bebd931818d6ca105d9ab4c49e8ec6aeab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:54 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94863
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 06:44:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Oct 2022 15:49:54 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 59DC 18 KB
8 KB 15ms
14ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:49:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 59DC 3 KB
1 KB 15ms
14ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:46:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59DC 123 KB
37 KB 38ms
37ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 15:49:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 59DC 14 KB
6 KB 14ms
13ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:47:33 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 59DC 27 KB
11 KB 15ms
14ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11185
x-xss-protection: 0
server: cafe
etag: 5630310602010257655
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:26:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 59DC 0
0 45ms
44ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cr5WdoVFoYZ-IDsGt1fAP-N6H-Arcv8vjZebOqOyfDo6yys--CRABINrJh2tgyQagAb6-3uQDyAECqAMByAPJBKoE0AFP0OQT_sDcAxoC9gqJFCtky_xV89gr0SauZN0PlX-BORfHsMDaaiJEYDyyIt1dh6xtUyKcHettX0ZTxEdFvVIE_u7OYHOOcRuoWJOj9wLbrXjpzDOaKi1c9JyDhZfWNBc9sgNasvFhepmBKnRi8D7xB1nfDuRNEwmR9ENscDaBKNaPWBg__u6gPbKb7NLpHxwa9CZrspkSQZHoBIlTbZ7QXsiw0ez7gRtjwJF1h7oSrVnIyUfEBvSAKN7nDIkswuyGJGZLb2VPsvvPsywjtUowwAT89tab0QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHqsGhG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQ1ddF0ggJCIDhgGAQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTcxMzEzOTYwOTUyNTMxODIYAA&sigh=q8wImzFCUxU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=280&slotname=8421418601&adk=3869422495&adf=462570616&pi=t.ma~as.8421418601&w=670&fwrn=4&fwrnh=100&lmt=1634226592&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592762&bpp=15&bdt=360&idt=203&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wKuYLUfv3X&p=https%3A//bank-otkrytie-kabinet.ru&dtd=212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 15:49:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7421
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

23ms
22ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkUf_VaBaS7lNi72RdqndsCsMVtqy4Uh1LB1S_QXPgEaUOwsuQo0qfe-brampk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 15:49:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 14-Oct-2021 16:49:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 15:49:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 15:49:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 47B3 35 KB
13 KB 17ms
16ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 14 Oct 2022 14:23:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9F9D 143 B
163 B 13ms
13ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=280&slotname=8421418601&adk=3869422495&adf=462570616&pi=t.ma~as.8421418601&w=670&fwrn=4&fwrnh=100&lmt=1634226592&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592762&bpp=15&bdt=360&idt=203&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wKuYLUfv3X&p=https%3A//bank-otkrytie-kabinet.ru&dtd=212
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkUf_VaBaS7lNi72RdqndsCsMVtqy4Uh1LB1S_QXPgEaUOwsuQo0qfe-brampk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=280&slotname=8421418601&adk=3869422495&adf=462570616&pi=t.ma~as.8421418601&w=670&fwrn=4&fwrnh=100&lmt=1634226592&rafmt=1&psa=0&format=670x280&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592762&bpp=15&bdt=360&idt=203&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wKuYLUfv3X&p=https%3A//bank-otkrytie-kabinet.ru&dtd=212

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 15:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 59DC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c895814a665c6f34f6ecae968f6ffb0c930fe78b0d75bc75e404814fdf1fd50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 17DA 35 KB
13 KB 17ms
17ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 14 Oct 2022 14:23:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E954 3 KB
580 B 26ms
25ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=1585285578&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592841&bpp=1&bdt=439&idt=181&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=q5Cw9poJZx&p=https%3A//bank-otkrytie-kabinet.ru&dtd=907

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 14:32:33 GMT
server: ESF
date: Thu, 14 Oct 2021 15:49:54 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 15:49:54 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame E954 2 KB
912 B 16ms
16ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:44:10 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame E954 18 KB
8 KB 21ms
15ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:49:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame E954 3 KB
1 KB 22ms
16ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:46:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E954 123 KB
37 KB 43ms
37ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 15:49:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame E954 14 KB
6 KB 16ms
15ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:47:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E954 0
0 35ms
16ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMaGA0Mtjz6FavjGolKj0_BhWfxdh_7YId-KgtQZfXDNMW60m9nDvPzUtSDvec3puhd_cq
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=1585285578&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592841&bpp=1&bdt=439&idt=181&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=q5Cw9poJZx&p=https%3A//bank-otkrytie-kabinet.ru&dtd=907
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame E954 27 KB
11 KB 16ms
15ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 11:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 189682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 10 Jan 2022 11:08:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E954 0
0 43ms
43ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHFJSoVFoYcrPL9jH1fAP-5O5sA3esrnhZKvo3ra2DtrZHhABINrJh2tgyQagAf-wpKMDyAEBqAMByAPLBKoE5QFP0CUd3HHXeLlFRW4dus8OJed_ovuwQDfggi-7y12sJzLbbRWowsspCPvUp5MJbU3AI7V4RmplWSmdgNmYfXcPkFQFsCjpEWawZRtHBg8v9jLsbXxVk7X8OqrTJ9mbfmz-alpPol9DnYMgGIiYFHqWp4pMKOgM_j3MWtF5t7Ddfk8y73QPx9TULFUmcSbQcXCSQAAF2A6A_4bJ_hsBKEY03fOeVDNHC1XcW0cEwx0a4jN9EBqtSlEKm2Q4spwBkLN1bMAA9fA2YDRhgEwdNzQbKGJ5FSg-FsLlaMJwiP-QoR8sp3x1wATJ5YasqAOSBQQIBBgBkgUECAUYBIAH3-64NagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQjtIH0ggJCIDhgGAQARhfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTcxMzEzOTYwOTUyNTMxODIYAA&sigh=HwPLx1v-Esk&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=1585285578&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592841&bpp=1&bdt=439&idt=181&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=q5Cw9poJZx&p=https%3A//bank-otkrytie-kabinet.ru&dtd=907
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 15:49:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9F9D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

30ms
30ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUnwi8jP9b6Rz0E9dvjHbBYe3ZNrjaTBeEYFqVk8HdVAau5swkxyNfszqcTxLC8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 15:49:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 14-Oct-2021 16:49:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 15:49:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 15:49:54 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0CAD 35 KB
13 KB 18ms
18ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 14 Oct 2022 14:23:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C51 143 B
163 B 15ms
15ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=1585285578&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592841&bpp=1&bdt=439&idt=181&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=q5Cw9poJZx&p=https%3A//bank-otkrytie-kabinet.ru&dtd=907
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUnwi8jP9b6Rz0E9dvjHbBYe3ZNrjaTBeEYFqVk8HdVAau5swkxyNfszqcTxLC8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=1585285578&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592841&bpp=1&bdt=439&idt=181&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=285&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=q5Cw9poJZx&p=https%3A//bank-otkrytie-kabinet.ru&dtd=907

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 15:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C96F 0
16 B 36ms
36ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_L9gIQ-YC8-AEYlfv8fTAB&v=APEucNUrg96BSitofWrWeyDtDkoW5Ad1gpPV3rfHe3A5KigMBTMt1SV56lkWxH6OkP7VoJAHY6mPT2u3xtbX6CIyfpBrohPrkQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CI_L9gIQ-YC8-AEYlfv8fTAB&v=APEucNUrg96BSitofWrWeyDtDkoW5Ad1gpPV3rfHe3A5KigMBTMt1SV56lkWxH6OkP7VoJAHY6mPT2u3xtbX6CIyfpBrohPrkQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUnwi8jP9b6Rz0E9dvjHbBYe3ZNrjaTBeEYFqVk8HdVAau5swkxyNfszqcTxLC8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 15:49:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5D2C 54 KB
26 KB 48ms
48ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DR-zGPKM4ohW9pmiX912F9dcqlFp-Ro-uuy5gk7R8ECaBLzxOQM-XO_SOG14dWP3uMtj4_FQIY79GfgJrZ2RAfg-M3wwUV67F8Yj3QNAu9LXbt-tdL7UBiK1wjLGB7A4abiUjqwFpFatOXE91bUBpa1rPYCA&dbm_d=AKAmf-DQxhooo-2Qck_PKfbcs-fg2mpPMzwnW0du5R7pLDb6fv5oxutmmOIuTvsazERxWlvxqGoMM5aQitBzAt_R_ftV5X4jFfHYLecI_6cLz3CIohSnLE_LrOCefx85lJp5u1JRi-vwLsg5j_pdxNAKc_aNrsdm9BxQUMGmyF-Ljo7tJ0ceuJzMJZ9kQ1KARhN78vVvp_SsTrcj6bcdGLYCeP5BsiUSfa1fwX6ZCiKIfHP9j8_-lISpNVj9CBQoV9Ffo0LQxySVOjcUyXcbKop4BiJ_hSnk9fcgOaNgZ3qWHdlw2a9ec2jWSIK-8J9I3JZsAEaNOX55l8r-JQVqlkH06DQMTeRmN-g7UjXC388of1LpMngLXAxBur9JfbR_uCVkFoZuSu41CMilpm68GiZsa4CMVlf9uodeuLA28Wc7jGAL9lfpBXUHKIiRP8Gz5y3gHcWnngy_TUauQK3vMpvmBo98BOGKHv8DWuc7AfIRMf5T0cBCRRYb2yi_03Y5XJ8BIF-ZmFpIVW_1O3EnSpCEwmnyiF6kgXgtiEv2Yqu4ezpNU-VQlEbyN5AmaVFxWsWjH_i8rNTTO_ixXMza39f1PCBf8mvLBirkIUGe8kUBK9FgJFL6e-YX4yWe43suP9abvbWEm77tptwqRWASHhMPnpGOUhR8vlZwdoXorlpe42cWefRx3YkIfCkwodIIAikpQaoldDrharqLi2KIdeNH7SsfNbJSKg8BczpJ_R-3t3R3jot8fu1npbRcuaflTe0u2WzzY6LmTSOgK1IFCsYFhl5mfPcC9YXRF9L530czrlN6WO3gqkQxMIzsx0kay3wVrjn7aurGF42M1_Yf7gB7eyIjxlV5azn6V45TjV3T0SjHSOCC9aTNecm44lDiVUAyzhMx1Cq-PQIkPG2MlFsQfMaSwPsMkqi4HYZ16VSJhuVbO2kQhqeV2jOX1cooBvPlmM12712ZupshscyxRA24vmxx16Ut8dPlGSWzOX_ASw9RDzLqPq-SCgDAoPWVq7_jukC7F1xUepNrNjrE8ssIsRx8zaPt0nwxV03XXfFbDf5Bm_ZC0uhK78i9nhaJqe-SG_kcky2AQ5_2ng6MXBXQJjqxdA7YlYoUYmTDtjvVK6r6DoTx5N70oaQd2OknsZTwV3e7RDURVJ-J9BImEnjct5uurLajSEyzHIJ5fMvmwj-omvoO4Yczq09HGMcTFc9KQ3jbUjRWup3akeGpxpRvPk1TK0Nw2aktFzSo4AQdC9Y9KtV1X6Q2PwfVro-ScV3eOUkuGbooYsKAjx-eapiRWUe-9lKfq62q_XeM1N0EdqAEajKQQ7jTdq_EYhPObVZi6jido2Aq6ADNr5704GIcxb1m-gTpQF9jCaBN30iDStvxS_LiI1_txwqD-27fcdSNYXyHSYGu-NEPDT2GoKXgXyMMuD9D_6x4jEBiz9Wr_LPm_eYGeC2VdQhQOwhPKYtkN7DCDpJK_berYCgDrKVGq6erWsvwqVz-Y0MIUOAdOaWB0ahh1v9VqjYj8TjPRwX456ADTcxG1pnXyBj_ifgMMFj27uyU6IMjTwaptq9aAWFR3MV4dyG9rfPjP-eGYrxFfvs-wzwTWqHXhCWavoqsXRJtsDPl0azlu-CkNm8qMi_CSyH4Nsdhh3R4dT2jOwl3MkBrW2W2Gt6T4ncVtfG_Jpxv7DtYQmwLvOoqGdcV0tVU3aA882xFojkVzuAAzZCECPaGXSe6w24rSU1zyWMHvvjID-gQfmC20Y6_dgZ7khD7lYqw3QBxok_E26ByXShxreg7blLqSFOXVf2X-AULI8JIMXbY0we9moP2gfEWrlroX2bfxduSCEiT5FcR51pk2iNP9Tf59z79G6jXo665iHBFWWaflbYuNfGNila8fHJslDO-zgDcNsxsobuVZGOIRmOsq6plOsuxGMNhicupDgNa4hVImgjBLKj2MkqTAc6K7lY9Jp2CefUQIkTORnAlkiPKRxxLZZqYz1ErGwjeWIOpaVqHdaSyE2VnZB7ZMDYpaFY3ludXB1BogDuaDe1caZNQ7gLQliwFHh3llb1dj-BKVg8050VlBI3wKMZZoKYIIjKuZff0AF_vV56pZo0JxJ35tbXrxL5HMwnbDk0ovKaxFhIDSH5yqdodMRxv_yGQqmdfOwlhxzs-fs0LrnR2UqVxxO4rSAU-QSSF2u2G0fXAR9yi2z2NjaiPHiMiWqMagsmcmf-_6tSuxqAG6CPmODqPHjVjMxIh4H6rU0YRMpOSvsgdjGaPxLY7Ht4XykNZHnpirHBjaAUava8O_IBa3kVs4fvoghL9fiWnbyoAaqjzOEBwMwk3IgtgDeWN3TUwxNMekh78eV_pciQcs95Y3EZPHxy4CL8Cm1dp_tV2z5HQ1EFsvXg87bGxdrtkLkDUWjK8yGoVrTAGfyuATZmTrPy8_6U8apaziJqkUR8kIG06cbOfTUWEDNPd78MHCbHv4iJfh85fcobI9dU26aOKHfA7x-a9dFdcEASX1ZKboCSG9MPiHABlkBc4wMA8SbAxRuYQJCAWteyB_BLU-JcpBFfgO3yyUZthfmBwGNaeDyfQ2aRael5ZoP_HyEk6Hr6Zk7_5KarMO5YjvgwJ-Kew0ChfDJvFg-RcDwoFjzmVogJHrN6LqGuCJdem5vJPjTRSHLxvx9txvB4bAlca71dJ79zqut3SdNI3u5p9Wvb9aZlH-JFFwLVdnK1d3jYc_S5WYGFJZ6JFbJj31UUqkJAkH-a7XplKwbQ4erbeMOia0G8sGN9JwmtYJWqryk5Xw-3zPkHhN78_8Gayyx9afUOhy2gDyvb6Mo6dwcNv8CJzZdg8ipbcLB6xvWyCm_CRsRr4iW4UHQInW5GQSTsp9HklVeDwCD0D1cYEznW4Z_5EE3G7TdN5XEuRn_nKY-C6uEMUai2g5yFSImrc9E7mZ79iVw0mZAdgon0GnIseKs9gcv052Bu0AMa5kYxn2_zPw4XOntc4VdJqWC1U4I_qb5wFTOh-LVYWO_B8wujyQ2-2R6alSjF_SiVi6ddBKbGSsT4OEni0XHY2xJNnaFOsWYw5gRALehKBcFIG4ni3DYXmgh5AjyPJvc8fEV5CUpVYYeSXlu8WN5jGUI6woUasAjM4g8Rh0128fjyGGQ2JFsxQqIsdbJ5T9rTkCSnq-Yul-JWez5C6KhT2hfnHzt4gFK3S932-KoCbkVbOBY58ybQUtklrV8wjXTSv5S3hHopJNccq1SX4UiNIvVMZtd7dIh1A4DIR6zN7njobYrKsLG8RvC4eKzjUdoPfbCHEYe7rBi4LEvycjuU&cid=CAASPeRoLrOmHK5oaWQlVk9cwwxM4DitP2r3tSBgaWF6M_7lyS3InkGYBvCT5ByE0o1aQSR-Mcqy1O1eSg7g1Oc&rfl=2%2Chttps%253A%252F%252Fbank-otkrytie-kabinet.ru%252F%240

Requested by

Host: bank-otkrytie-kabinet.ru
URL: https://bank-otkrytie-kabinet.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

af57fb213d1cc58960d74737c24d93136cbf86f0f1194d563e02e013c406fdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26108
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 5D2C 3 KB
1 KB 17ms
17ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:46:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D2C 123 KB
37 KB 36ms
36ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 15:49:54 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 5D2C 14 KB
6 KB 15ms
14ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:47:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5D2C 0
0 16ms
15ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRx-VSwYaFN1GLiUISyQx8qRP__dzW9mlXKzpoV4b-gBVU_WGIp6dTxRJMYPp6mWWKNn6e
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D2C 42 B
63 B 50ms
50ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DgEOGshF3JIgCOheMTrolRfFsm-ptxnXUWhy4gVbZaqeoD5bT5sJ0vAH21M2bvbxTcmNxJebCYgU9ZU97F_Hc9dFL4cT-dATnx9MI0IDvFqFLbKKc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 49313860 Show response
mc.yandex.com/webvisor/ 43 B
145 B 1159ms
36ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/49313860?wmode=0&wv-part=2&wv-hit=184845316&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&rn=473720484&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634226594%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014154954%3Au%3A1634226593993310419%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634226594&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:55 GMT
last-modified: Thu, 14-Oct-2021 15:49:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:55 GMT

POST
H2 200 49313860 Show response
mc.yandex.com/webvisor/ 43 B
145 B 132ms
38ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/49313860?wmode=0&wv-part=1&wv-hit=184845316&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&rn=600687046&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634226594%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014154954%3Au%3A1634226593993310419%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634226594&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:54 GMT
last-modified: Thu, 14-Oct-2021 15:49:54 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:54 GMT

GET
DATA 200
OK truncated
/ Frame E954 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0b378360d978b941fc0b5aebec61c375a11685a99ce540796f05a572dec1a7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E954 21 KB
21 KB 45ms
20ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 245005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:46:29 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E954 21 KB
21 KB 42ms
19ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 250108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Oct 2022 18:21:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 5D2C 23 KB
9 KB 20ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DR-zGPKM4ohW9pmiX912F9dcqlFp-Ro-uuy5gk7R8ECaBLzxOQM-XO_SOG14dWP3uMtj4_FQIY79GfgJrZ2RAfg-M3wwUV67F8Yj3QNAu9LXbt-tdL7UBiK1wjLGB7A4abiUjqwFpFatOXE91bUBpa1rPYCA&dbm_d=AKAmf-DQxhooo-2Qck_PKfbcs-fg2mpPMzwnW0du5R7pLDb6fv5oxutmmOIuTvsazERxWlvxqGoMM5aQitBzAt_R_ftV5X4jFfHYLecI_6cLz3CIohSnLE_LrOCefx85lJp5u1JRi-vwLsg5j_pdxNAKc_aNrsdm9BxQUMGmyF-Ljo7tJ0ceuJzMJZ9kQ1KARhN78vVvp_SsTrcj6bcdGLYCeP5BsiUSfa1fwX6ZCiKIfHP9j8_-lISpNVj9CBQoV9Ffo0LQxySVOjcUyXcbKop4BiJ_hSnk9fcgOaNgZ3qWHdlw2a9ec2jWSIK-8J9I3JZsAEaNOX55l8r-JQVqlkH06DQMTeRmN-g7UjXC388of1LpMngLXAxBur9JfbR_uCVkFoZuSu41CMilpm68GiZsa4CMVlf9uodeuLA28Wc7jGAL9lfpBXUHKIiRP8Gz5y3gHcWnngy_TUauQK3vMpvmBo98BOGKHv8DWuc7AfIRMf5T0cBCRRYb2yi_03Y5XJ8BIF-ZmFpIVW_1O3EnSpCEwmnyiF6kgXgtiEv2Yqu4ezpNU-VQlEbyN5AmaVFxWsWjH_i8rNTTO_ixXMza39f1PCBf8mvLBirkIUGe8kUBK9FgJFL6e-YX4yWe43suP9abvbWEm77tptwqRWASHhMPnpGOUhR8vlZwdoXorlpe42cWefRx3YkIfCkwodIIAikpQaoldDrharqLi2KIdeNH7SsfNbJSKg8BczpJ_R-3t3R3jot8fu1npbRcuaflTe0u2WzzY6LmTSOgK1IFCsYFhl5mfPcC9YXRF9L530czrlN6WO3gqkQxMIzsx0kay3wVrjn7aurGF42M1_Yf7gB7eyIjxlV5azn6V45TjV3T0SjHSOCC9aTNecm44lDiVUAyzhMx1Cq-PQIkPG2MlFsQfMaSwPsMkqi4HYZ16VSJhuVbO2kQhqeV2jOX1cooBvPlmM12712ZupshscyxRA24vmxx16Ut8dPlGSWzOX_ASw9RDzLqPq-SCgDAoPWVq7_jukC7F1xUepNrNjrE8ssIsRx8zaPt0nwxV03XXfFbDf5Bm_ZC0uhK78i9nhaJqe-SG_kcky2AQ5_2ng6MXBXQJjqxdA7YlYoUYmTDtjvVK6r6DoTx5N70oaQd2OknsZTwV3e7RDURVJ-J9BImEnjct5uurLajSEyzHIJ5fMvmwj-omvoO4Yczq09HGMcTFc9KQ3jbUjRWup3akeGpxpRvPk1TK0Nw2aktFzSo4AQdC9Y9KtV1X6Q2PwfVro-ScV3eOUkuGbooYsKAjx-eapiRWUe-9lKfq62q_XeM1N0EdqAEajKQQ7jTdq_EYhPObVZi6jido2Aq6ADNr5704GIcxb1m-gTpQF9jCaBN30iDStvxS_LiI1_txwqD-27fcdSNYXyHSYGu-NEPDT2GoKXgXyMMuD9D_6x4jEBiz9Wr_LPm_eYGeC2VdQhQOwhPKYtkN7DCDpJK_berYCgDrKVGq6erWsvwqVz-Y0MIUOAdOaWB0ahh1v9VqjYj8TjPRwX456ADTcxG1pnXyBj_ifgMMFj27uyU6IMjTwaptq9aAWFR3MV4dyG9rfPjP-eGYrxFfvs-wzwTWqHXhCWavoqsXRJtsDPl0azlu-CkNm8qMi_CSyH4Nsdhh3R4dT2jOwl3MkBrW2W2Gt6T4ncVtfG_Jpxv7DtYQmwLvOoqGdcV0tVU3aA882xFojkVzuAAzZCECPaGXSe6w24rSU1zyWMHvvjID-gQfmC20Y6_dgZ7khD7lYqw3QBxok_E26ByXShxreg7blLqSFOXVf2X-AULI8JIMXbY0we9moP2gfEWrlroX2bfxduSCEiT5FcR51pk2iNP9Tf59z79G6jXo665iHBFWWaflbYuNfGNila8fHJslDO-zgDcNsxsobuVZGOIRmOsq6plOsuxGMNhicupDgNa4hVImgjBLKj2MkqTAc6K7lY9Jp2CefUQIkTORnAlkiPKRxxLZZqYz1ErGwjeWIOpaVqHdaSyE2VnZB7ZMDYpaFY3ludXB1BogDuaDe1caZNQ7gLQliwFHh3llb1dj-BKVg8050VlBI3wKMZZoKYIIjKuZff0AF_vV56pZo0JxJ35tbXrxL5HMwnbDk0ovKaxFhIDSH5yqdodMRxv_yGQqmdfOwlhxzs-fs0LrnR2UqVxxO4rSAU-QSSF2u2G0fXAR9yi2z2NjaiPHiMiWqMagsmcmf-_6tSuxqAG6CPmODqPHjVjMxIh4H6rU0YRMpOSvsgdjGaPxLY7Ht4XykNZHnpirHBjaAUava8O_IBa3kVs4fvoghL9fiWnbyoAaqjzOEBwMwk3IgtgDeWN3TUwxNMekh78eV_pciQcs95Y3EZPHxy4CL8Cm1dp_tV2z5HQ1EFsvXg87bGxdrtkLkDUWjK8yGoVrTAGfyuATZmTrPy8_6U8apaziJqkUR8kIG06cbOfTUWEDNPd78MHCbHv4iJfh85fcobI9dU26aOKHfA7x-a9dFdcEASX1ZKboCSG9MPiHABlkBc4wMA8SbAxRuYQJCAWteyB_BLU-JcpBFfgO3yyUZthfmBwGNaeDyfQ2aRael5ZoP_HyEk6Hr6Zk7_5KarMO5YjvgwJ-Kew0ChfDJvFg-RcDwoFjzmVogJHrN6LqGuCJdem5vJPjTRSHLxvx9txvB4bAlca71dJ79zqut3SdNI3u5p9Wvb9aZlH-JFFwLVdnK1d3jYc_S5WYGFJZ6JFbJj31UUqkJAkH-a7XplKwbQ4erbeMOia0G8sGN9JwmtYJWqryk5Xw-3zPkHhN78_8Gayyx9afUOhy2gDyvb6Mo6dwcNv8CJzZdg8ipbcLB6xvWyCm_CRsRr4iW4UHQInW5GQSTsp9HklVeDwCD0D1cYEznW4Z_5EE3G7TdN5XEuRn_nKY-C6uEMUai2g5yFSImrc9E7mZ79iVw0mZAdgon0GnIseKs9gcv052Bu0AMa5kYxn2_zPw4XOntc4VdJqWC1U4I_qb5wFTOh-LVYWO_B8wujyQ2-2R6alSjF_SiVi6ddBKbGSsT4OEni0XHY2xJNnaFOsWYw5gRALehKBcFIG4ni3DYXmgh5AjyPJvc8fEV5CUpVYYeSXlu8WN5jGUI6woUasAjM4g8Rh0128fjyGGQ2JFsxQqIsdbJ5T9rTkCSnq-Yul-JWez5C6KhT2hfnHzt4gFK3S932-KoCbkVbOBY58ybQUtklrV8wjXTSv5S3hHopJNccq1SX4UiNIvVMZtd7dIh1A4DIR6zN7njobYrKsLG8RvC4eKzjUdoPfbCHEYe7rBi4LEvycjuU&cid=CAASPeRoLrOmHK5oaWQlVk9cwwxM4DitP2r3tSBgaWF6M_7lyS3InkGYBvCT5ByE0o1aQSR-Mcqy1O1eSg7g1Oc&rfl=2%2Chttps%253A%252F%252Fbank-otkrytie-kabinet.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9283
x-xss-protection: 0
server: cafe
etag: 1044373809082006429
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:48:52 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 5D2C 8 KB
3 KB 20ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 15:49:27 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5D2C 0
592 B 841ms
790ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspf6Um6ZpmGQLNMM14gZBAT7TyttkpRnAZ2RhN2waQfuUz66OX8uIoIhD6JOjlMqZuvMqh9ER_SVyISxw-2Ba6c1zR_f6iIIVzWKdMqN6_jLskeJkg7ntNxqiYxu7S2WPewLViml5tGigYwzbkhi10TTBR4WTnH9Zaswg_oC2tAGSU8Cl84zeACbAqEddLj-elXNt3fo3g57AMhTv4Dk3chHcWEscRewjT4-y9huxykrvfNZjJYou0m3KKoemTi5TCynEzFaZ2rGQJDlO0Rq3F5jiOF6MttqgT16FePZOJuN6dDzeRSv7lfRe0nayKGCjKDPDtCNHjL5S0GH5ppdrxmk07T8h--_H6Fv84n6pMJ7Kgbx7N-vYz9Tpm1DhkgqL9WrEnxA0hnx84DiHQ4v-DaYskNTXh8hm-QOzJDR_AvFMQjIAg30IWMb-IRHFV-EL8g8JoneE2sJ7TLgFAO_AaojDWw8TNlvHsj6i_yEnAUXGpm1kkYNyRdgRDTjXK38NsS65SHN5K8JZPmSuZ-Ts5CEnMvgmfwf3w0w_oilmdV2MeYfC4Up3aJXNVHv3eOCCupyaf0Qx_86JQPBPI-HrQf9glL4DZXU0JMzi12XUv59LF-7WS9eRsHZOT2j-8nRACaTtDKCoDP4UD5dkJMvYhnmbwkyOEpFVKV5sdSZi6JSx85c2u4GcZwaKNcPof5IuUGZCOEypiIjXYeHmzoeaMrKnrpRse3bFx8YnAz5DLnj5BRVbUdVxepJPaNu5pTrC5n98F6_HHfAKPK0YWjXZaLO4Wf_JOIshMuinWJScunpzTkDxgSQ35x2LitCzzn08-eYoprrgJvR6jREKSCEy18PF_ZEm5s_W1Z2A9yn44uGWM3NqvpKn9wWSbOYYA5POTUuKu_RQNPH2NmQ1TLm3yyRRD8ryKOMiEQ1dDurHvZPeGsls3vuwyxWetcM2Fy-JEorLoR15tgkrLILw-nlTWEHgt3BhxaD37CGT9wxAk3GfY7CqjGWJF0YzkFq1mUHdOSAsunOPfRGTazjCjS3ZaAMD86kPXtgPN7BVMlL2KZdJoHjwN_tNSVQV-jEmkgYFA9h86KY6-2GjPxjH3lYGh699IbSLOO7yK6iCKVmQ2LFeWt1lrOFLAkgMmHUB-OlwaH61FtZKyqcnOuu65YWStR9YWSAHydZJSJkg3fGmET_eH3T0HuteBoQ&sai=AMfl-YRLz2tHDVni1qdl474JLJZxespCtommjj0mJQRZECKfuaNr_MfOj66S06cGga36dprKKkzv9iM0H9--WnOTFuefFkcC6mCeD3cwN2XZug1VbIhhG0VTfyGO2BGU3AS1pWFR_okEshsowVNwu_uhunFmz4auTNSBFDkhCFlripaLcTWpOvWzZZ2-EZBSrvpZm--WBdFHH3S9Sljegsy6xbXakh_vbam3XDIqPMJ-sQ&sig=Cg0ArKJSzIt-xrDMF0D5EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211011.07102&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 14 Oct 2021 15:49:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D2C 41 KB
15 KB 17ms
16ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 13 Oct 2022 21:29:08 GMT

GET
H2 200 300_x_250.jpg
s0.2mdn.net/6475642/ Frame 5D2C 84 KB
85 KB 44ms
19ms Image
image/jpeg 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6475642/300_x_250.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7131396095253182&output=html&h=330&slotname=3698587184&adk=3271766772&adf=3787883007&pi=t.ma~as.3698587184&w=330&lmt=1634226593&psa=0&format=330x330&url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634226592842&bpp=1&bdt=439&idt=208&shv=r20211011&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De1397016afe4c98f-227aedafeaca0044%3AT%3D1634226593%3ART%3D1634226593%3AS%3DALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA&prev_fmts=0x0%2C670x280%2C670x168%2C330x330&nras=1&correlator=809343491605&frm=20&pv=1&ga_vid=7324914.1634226593&ga_sid=1634226593&ga_hid=1716353230&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=619&ady=4654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31062937%2C31063156%2C31063128&oid=2&pvsid=2288844633579059&pem=320&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Ie9wtBSEFU&p=https%3A//bank-otkrytie-kabinet.ru&dtd=913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

sffe /

Resource Hash

c4b5f321485f13e1822b4a4e20502104dc9a104059b9e511dda7f19bff115d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:14:02 GMT
x-content-type-options: nosniff
age: 2152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86083
x-xss-protection: 0
last-modified: Thu, 30 Jul 2020 14:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 15:14:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C51
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

23ms
22ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: DSID=NO_DATA; IDE=AHWqTUnwi8jP9b6Rz0E9dvjHbBYe3ZNrjaTBeEYFqVk8HdVAau5swkxyNfszqcTxLC8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 15:49:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 14-Oct-2021 16:49:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 15:49:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 14 Oct 2021 15:49:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame B398 35 KB
13 KB 20ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 14 Oct 2022 14:23:53 GMT

GET
DATA 200
OK truncated
/ Frame 5D2C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a38eab2257ae31268c0ef783ac668996e82a48dd64d3470801620f3a8c5dc4f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8248 22 KB
8 KB 14ms
13ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 13 Oct 2021 21:29:08 GMT
expires: Thu, 13 Oct 2022 21:29:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 66046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5D2C 0
60 B 748ms
748ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 15:49:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 735ms
29ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f3543de19aa0b0078f042d0673e1224a46cc1258288bf47f8abc08f1a9c56f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 15:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8573
x-xss-protection: 0

GET
H3 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8248 35 KB
13 KB 697ms
697ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 14 Oct 2022 14:23:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 59DC 42 B
64 B 270ms
81ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthgLrRcQJy7ZkDmaWgAPkA5oURXz5JInRxqMYQJVeCNWfEGrjOUswlpTzhci_GTbzJkZFkWM6pHmztMFLZ-WD0JmhOHCprUS-J_E1epeUXO109aOn7RQ&sai=AMfl-YTRiksIwP6ongmt4-08mSIwOoS0TpSGf_JqbE2AhRKuGwQDqvtkwH_45a2YlQlG6388xnWETVyFM9vu&sig=Cg0ArKJSzHqiA3SHKgvTEAE&id=lidar2&mcvt=1026&p=0,125,280,545&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3869422495&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634226592978&rpt=1237&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C5A 42 B
64 B 170ms
81ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLCaEyOp8xuy1WDBwM5-xbvzyPJJnYc_QtyXen22S9EvUck7JJAIrdp1u0jNECYBeDIZqd_Q6Ihtlu9yl3FutgJD_lAF7TEPplJ5HiIWzMEU__-UCoGw&sai=AMfl-YSfD9RNUDFCnqP7g0AyCRUaDjCX264QtoW30GHgOk8ALP1a-8dwmg-N-2hUOBZOOlISMtjxTaFE4P3a&sig=Cg0ArKJSzEegLUiPftMGEAE&id=lidar2&mcvt=1026&p=0,0,124,1005&mtos=184,835,1026,1225,1264&tos=184,651,191,199,39&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634226593863&rpt=218&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
25ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 15:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 14 Oct 2021 15:49:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 13A6 12 KB
5 KB 15ms
14ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 14 Oct 2021 15:25:23 GMT
expires: Fri, 14 Oct 2022 15:25:23 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 45B0 783 B
536 B 17ms
17ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

c0ebfd1fdbbfe23db3645a0a06a6916bd039765d78e9c47f7796b21d01b1fb62

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ueQY6yCqkZNg5gypK2WwEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bank-otkrytie-kabinet.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 14 Oct 2021 15:49:55 GMT
date: Thu, 14 Oct 2021 15:49:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ueQY6yCqkZNg5gypK2WwEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 45B0 0
0 40ms
40ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=2288844633579059&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 13A6 35 KB
13 KB 17ms
17ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 14:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 14 Oct 2022 14:23:53 GMT

POST
H2 200 49313860 Show response
mc.yandex.com/webvisor/ 43 B
73 B 46ms
31ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/49313860?wmode=0&wv-part=3&wv-hit=184845316&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&rn=691651169&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634226596%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014154955%3Au%3A1634226593993310419%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634226596&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:55 GMT
last-modified: Thu, 14-Oct-2021 15:49:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:55 GMT

POST
H2 200 49313860 Show response
mc.yandex.com/webvisor/ 43 B
73 B 43ms
31ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/49313860?wmode=0&wv-part=1&wv-hit=184845316&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&rn=128675026&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1634226596%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014154955%3Au%3A1634226593993310419%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634226596&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:55 GMT
last-modified: Thu, 14-Oct-2021 15:49:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8248 0
20 B 57ms
56ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH3VNolFoYdTFHLbO7_UPneyE4A4AAAAAOAHgBAI&bg=!KSqlKm7NAAbGFvHlxhY7ACkAdvg8WlWKfYeSLXlFHfiKspV_wlBqhi3ji8vjsm5Arqh5ERFx8A-vfgIAAAB4UgAAAAxoAQeZAy1Z6aQCMh54GyTEJkvv2RgN-C2o_VWPavC00K2Y4kWJdHko9MpyE-gKs7F6Oa2xb5n9lzWhVpH0N2ALNKAYRzYOXAzPoZuVHt0NzBH0SCKvl4WpJrkE8NUQMjABNicvNj3F0KzbxbF1U3whpOydJVM42MeDhTveScDj-j3X_787bZwbdgt2y2pkNORKOXliT2yBT5wcpSjZQm_hDH72h1zr6PhP2hxMYUnvZ69OIIb8Mv8ZbHoQxFg2ouPfhvhsGgcfxqgAge0VPOUnyeRFiSUzzIRIyQqu14iKd4wyJTt4v2mBUzxvRktc1372n1UV4mYjvlSfbYRIsyQ-2u02ONqObgysSFq9v0N1UZPe2mwjfXbjJsnWMWpev8Ps_YZlLHOBGLFKDhxYbmszmjCEwYp51oL7PqstFUNH0UbOvPQNi_mrfeqW10epqeab7rCZPcl2LDYlek7VSzTLE8PPYRm8s0ISTQHofAhIoy3DRz_G8ufjg6tPAMLUWaOehXcpsV9UpzckCknS9Jh4d118Paa7CU6CwyiB6lM_QmO1Jb-W7sSarEqmSjEfjciAUB7Sm48-hS_rBgOFCxGMCO-otERP3Y220mCKy0T6ELMx_IndEqo7LOKyjAZHfVFNjq61koURgS0idnQIi54iJ2Ica2R8fLDyVmSKZvCfWyoycLPZRI9pSD3_5fafDq1IZeEz8A15UB8FkNXih8KeOQxA2KartIx_IbgciObYQ1RDg9Sz_fMHYmXIdfhGAxLo_vXFgn-rt2Z_0p-k4tdyjQcX7eUDdovnsij1hO77r2CeaGSMi-14ng2mK1HqW8H0qonOecd57oQ8-hRZVOFd0XM5PHZeEGdXjyPlB1YACIC1ZWaSnEqhkjaMGe0gWFeC7znjGa3zDzVXQb4XFuy9NbTj7RBhI8cs4yAeOa0I_YZ1jls1PCr94ZPTawDnL-bGRefB9YLobxFgN_mkwRffsoIxwLwhf5uykTLnPpBLmiMQ_6aZPpsbeRNN8_XrrO8MWdZ6EVbseUUxb0pDsxnz5ovbMcoXkI_wwPVTX-Ktb1IPgdk90FStu380bsZmvL3jBZM

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=2288844633579059&bg=!LC-lL2vNAAbGFvHlxhY7ACkAdvg8Wse6iUJBBmhSO2i4CrWMTlIvFqd00nMwRrawG9xH41oK9Cwy0QIAAABnUgAAAA1oAQcKAMNhGBpO-m6WxZXsMpr-FpmM5dAxhyP4k4jQtVL3F9kjcvtirpGZoK9wvdzi5RD7yePmtRth9T58Ndxfqk6IJh4uaalklTcjMcErPp_NDlQVeNOeHUh64Ves6pkmGB9v4xYE_YesKpwlDelCrHOq9SuBm2P0f_5nrLRcrSWs8m42d_f5oiaf4wxXYHWQ2cWttF4PpEJdXxg2XVvZA43OWl-wlZCMk0ufNSBnFdotzOyywElvHuhXLUawZLUDaXqNVOWgztCZAsdsS2ZDga2dK5G6u7xh2KmE267hA-esriZ8sy99wRacj9QlMfC9rhFZ1xQ5lPcNHzurwc3ioyaBhrQk0kf3vIJvpQt9-AVrXR42gSyKjMryZ_8n1a9IZEC93Qy5gddE_7gBU_AnK7-7NuNGSUdMfmkzQXlIjtUlOOHgE4C4OB3ygv_tf2LnnpmmJ8I_T9ZuLTKdRHKopPf1kdB_5DusgISmB7Aze5xh_Zfz0nlbEyeCEcbDcUE6jf9cqvPfwtkpT-ikyM5Elgw_Hif7q2wNIm9A7x_MyDDAQjjQs4ZEYcrOko-obZWoC0UBsMguct2W_oc9gaCi79Qzp8t8TthOlx1B84jhl0GHXKBimG8gQFAYg9Et-WmKWhSvAKmzrg0p2QSLs6viU0JiGm-Oc2vTalmea-fI0Ox7t5L8mg1ReqKM3aT9nODgr0pioXuPpKushh5ND3zIiQkhcrfaWSHux2MRE9WMy_OQsKAz6tVVKu-_vLP_7TEjodr0TJ9mDbCB8BXOki_t07N-y9SYMYAzq8SEaCqFSIar0g-AbRb_RBb4DaPFEzoURuFkmHAKVBZxF1vWmMhg4J2bW_YefoytrvslVBmBuoBupFI19Soalx3PPY8gHQKx04rq4AB1SL0ybO5mpJCDc_nJD15Q_7ou3Jr0LLOCjSKsY-NSDyQBvw7E4N3f6E7PsTeuw7wv-OtOWzGK7zB8JIxOiD6xJkLPgfviuuNY92h1PW84dn4-6RV22EV3V3aQl4QwV6HTkktHBv1ZvtCLDBNnV7cfy2d23Nrc750p0E6TSEMhoZPVFd6ZF8vrlKpSvhoBv_HTYxr0En8SCs_IvkBgn28rCTIGJzSPkbTEh6CyYEqbcHAj57ADGR_wQzvUQsftqRPtc_bMPZxUusVC4cbd-GTe-tma55I9T3kHUMO4Q-jPWUwagwtrrx2qTY1JUbI

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bank-otkrytie-kabinet.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 49313860 Show response
mc.yandex.com/webvisor/ 43 B
145 B 32ms
32ms XHR
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/49313860?wmode=0&wv-part=4&wv-hit=184845316&page-url=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&rn=53364444&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634226598%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014154957%3Au%3A1634226593993310419%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634226598&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bank-otkrytie-kabinet.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 15:49:57 GMT
last-modified: Thu, 14-Oct-2021 15:49:57 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bank-otkrytie-kabinet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 15:49:57 GMT

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-20 15:28:18	Name: i Value: VszeumssyuzAH6rcn2RctFqfwJ0O3UEIdIV3FulpVLhZUvDR6LoBIT1tvIZ2nkPFyhiDLTA/FfiHAGfZY/Xg5zcwND8=
bank-otkrytie-kabinet.ru/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.bank-otkrytie-kabinet.ru/	1970-01-20 06:42:42	Name: _ym_uid Value: 1634226593993310419
.bank-otkrytie-kabinet.ru/	1970-01-20 06:42:42	Name: _ym_d Value: 1634226593
.mc.yandex.com/	1970-01-19 21:57:07	Name: sync_cookie_csrf Value: 348597413fake
.bank-otkrytie-kabinet.ru/	1970-01-19 21:58:18	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 21:57:07	Name: sync_cookie_csrf Value: 4148920366fake
.bank-otkrytie-kabinet.ru/	1970-01-20 07:18:42	Name: __gads Value: ID=e1397016afe4c98f-227aedafeaca0044:T=1634226593:RT=1634226593:S=ALNI_MZ8GI-8Y3pDKGzklMs2iI7jRFeQkA
.yadro.ru/	1970-01-20 06:41:34	Name: FTID Value: 1XQ56X1VlmeB1XQ56X000PTw
.yadro.ru/	1970-01-20 06:41:34	Name: VID Value: 0lVoE20UrPeB1XQ56X000E-v
.yandex.com/	1970-01-20 06:42:42	Name: ymex Value: 1665762593.yrts.1634226593#1665762593.yrtsi.1634226593
.yandex.com/	1970-01-20 06:42:42	Name: yandexuid Value: 5183634961634226593
.yandex.com/	1970-01-20 06:42:42	Name: yuidss Value: 5183634961634226593
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 317413101634226593
.yandex.com/	1970-01-23 13:33:06	Name: i Value: NE6xEPpmCKZ9Tedb6TWFKQwghK3uGQp9AJ6oot7sA+V1n6s2oBoWJr1GTEXkwImJLf1WUMYMufnd5ZMkuHe7SJ0LHWg=
.bank-otkrytie-kabinet.ru/	1970-01-19 21:57:08	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-19 21:57:10	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 15:28:18	Name: IDE Value: AHWqTUnwi8jP9b6Rz0E9dvjHbBYe3ZNrjaTBeEYFqVk8HdVAau5swkxyNfszqcTxLC8

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9426.KmiNDboMcTAYkO90wytJoOPC4iQSv121epRzAy9MZF-pjhU3x5wcYnSXJUvh5tvSpwurxi__2eQ_omeWwaQWNA%2C%2C.3nTlbR9RKicQk7Do3Dmzoa7f4fQ%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://an.yandex.ru/meta/663670?target-ref=https%3A%2F%2Fbank-otkrytie-kabinet.ru%2F&charset=utf-8&pcode-test-ids=431005%2C0%2C90%3B428759%2C0%2C12%3B435402%2C0%2C27%3B434271%2C0%2C76%3B434063%2C0%2C21%3B430925%2C0%2C69%3B434521%2C0%2C5%3B430931%2C0%2C64%3B428464%2C0%2C71%3B434214%2C0%2C12%3B437093%2C0%2C33%3B204299%2C0%2C53%3B426160%2C0%2C10&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22434485%22%2C%22testId%22%3A%22435340%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22435450%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22435450%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22435450%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22435450%22%7D%5D%2C%22DECODE_VAST%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22432455%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%5D%2C%22testId%22%3A%22436842%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22DISABLE_144P_QUALITY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22431005%22%7D%5D%2C%22TEST_EXP_VAS_CONFIG_IN_PCODE%22%3A%5B%7B%22value%22%3A%22EXP%22%2C%22testId%22%3A%22428759%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22435402%22%2C%22testId%22%3A%22435402%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22434271%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22434063%22%7D%5D%2C%22COMBO_INPAGE_LOAD_MODULE_DIRECT%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22430925%22%7D%5D%2C%22DISABLE_FONT_SYNC%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22434521%22%7D%5D%2C%22INPAGE_LOAD_MODULE_DIRECT%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22430931%22%7D%5D%2C%22ADFOX_AVAILABLE_SIZE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22428464%22%7D%5D%2C%22POSTER_COLLECTION%22%3A%5B%7B%22value%22%3A%22exp-icon-1%22%2C%22testId%22%3A%22434214%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2244908%22%2C%22testId%22%3A%22437093%22%7D%5D%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=Tkn0HdkpvCr19%2BxLY%2FcPszFMUNsvUXq6wUspeaBCSaV%2BoNYvU2TAj893wK%2BxjBMRNge8sSLZPZLRfclp1TmM6Oim7kM%3D&duid=MTYzNDIyNjU5Mzk5MzMxMDQxOQ%3D%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=481637632573442&ad-session-id=7945781634226593393&target-id=33655322&tga-with-creatives=1&pcode-version=44908&pcodever=44908&flash-ver=0&available-width=250&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A250%2C%22h%22%3A0%2C%22width%22%3A250%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A-250%2C%22top%22%3A1050%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=692&grab=dNCR0LDQvdC6INCe0YLQutGA0YvRgtC40LUg0LvQuNGH0L3Ri9C5INC60LDQsdC40L3QtdGCOiDRgNC10LPQuNGB0YLRgNCw0YbQuNGPLCDQstGF0L7QtCwg0YPRgdC70YPQs9C4INCx0LDQvdC60LAKMdCR0LDQvdC6INCe0YLQutGA0YvRgtC40LUg0LvQuNGH0L3Ri9C5INC60LDQsdC40L3QtdGCIAoy0KDQtdCz0LjRgdGC0YDQsNGG0LjRjyDQsiDQu9C40YfQvdC-0Lwg0LrQsNCx0LjQvdC10YLQtSAKMtCQ0LLRgtC-0YDQuNC30LDRhtC40Y8g0LIg0LvQuNGH0L3QvtC8INC60LDQsdC40L3QtdGC0LUgCjLQntCx0LfQvtGAINGE0YPQvdC60YbQuNC5INC4INCy0L7Qt9C80L7QttC90L7RgdGC0LXQuSAKMtCf0YDQvtCz0YDQsNC80LzRiyDQutGA0LXQtNC40YLQvtCy0LDQvdC40Y8gCjLQktC-0YHRgdGC0LDQvdC-0LLQu9C10L3QuNC1INC_0LDRgNC-0LvRjyAKMtCc0L7QsdC40LvRjNC90L7QtSDQv9GA0LjQu9C-0LbQtdC90LjQtSAKMtCa0L7QvdGC0LDQutGC0L3QsNGPINC40L3RhNC-0YDQvNCw0YbQuNGPIAo%3D&uniformat=true&callback=Ya%5B7738363031373%5D Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
an.yandex.ru
api-maps.yandex.ru
bank-otkrytie-kabinet.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
leadgidads.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
realpush.media
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
yastatic.net
104.21.18.182
142.250.181.226
142.250.184.195
142.250.184.196
142.250.184.202
142.250.185.163
142.250.185.98
142.250.186.106
142.250.186.130
142.250.186.33
142.250.186.66
159.69.75.12
172.217.23.102
178.154.131.217
216.58.212.162
87.250.251.134
88.212.201.216
93.158.134.119
93.158.134.90
94.26.236.170
021b5cb98a78c05acbfcce488dff6d28116ca76f8a17f9139db4cbbfe92570e7
039661683cd030136477dd700f6300331b3e625ad685e2a39ad299514e22fcb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c895814a665c6f34f6ecae968f6ffb0c930fe78b0d75bc75e404814fdf1fd50
0ef85555374c6902eccad1b67d6c74d13afb219a768ab8d6a7bddea1f601787d
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
12f595281b269087a1ed9b9c4cc6c8685a12d81ba1b6caf93917f280e6c46423
1319331a1eb2acd634aafd5c428659e212e9ba503ffef3751d726d1f65c33b66
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
1658582fd8c3291ee75ebd8fffe7b1b125bd73f71acf7c04edbc51a8a25ab6ed
1725c52315ddd4904d3ec6f701395b4e825b4a871e8d584fbcec1fd97c0db6f3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1bc898565504b604c3b74a633141b6ab6ea2b2677e7f04e29239930757bde7e1
1bf1f354f2fc01f58f53314b6b08f69f34058211d8dc0cedd73746481311821c
1da222840d0c513869093c5d892419db13bdbe9b2ee5a64ed96249edcfbca5b2
1f7ac379ead267382afe1258b1a23eb64bb01a4f320ca3f91a3220a01485ac96
20d4d2f621ed9db020d27bb66b63fc23a4af562b9de9a2e1a45aee101896b073
20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d
2462f4d85888c4301384d028b17cf96a5e6856f9639b3a0fa98b511b3cc2b0f5
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f0c4ae5203aaa3493eaeeaaec672a6386093128d64f362d10d8e3455ab5d26c
2f17f352985894cc81958fbb5e44f0eb5d1f0973a9da33e2b7bf6469307e9256
31495082e5e4277dd3d1db41ea9c0c60697475abbdd6a2c036405da69705b57b
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3aff9a1ebcc9288d03aefe8890c1c3d865fb1d51871ee9eae6ead3362b996904
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
43dd8340e927310f58e7b489c5d4c7998759ebdd0b97613cab11671af85644cf
473813f3e2c50e44564507539251a6228d9aef6caabdad35220854c0f0835070
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
49a25d21e02a70496a3f786e331184c1b552a102eb39f78fa68e6c9d2d62e249
4a196b115d9a635615fe9ed410f609b3ac35c8a44279c1fee1a8ddfb9a1faeda
4a722b708f14a1c799f46d53831de0d139c1fdc9ee61ae34934d2d8d176cb860
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f7f4169854b868f5c40040b7b00803782a0781ab3188e0e0e572e6597a4a37f
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570b114960a1c462fa6a31099768630b6a2dbec99057710df5a8896e872fdacf
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1521bd9c97e21379ee29be828ab88468deaf8f52d845baeafb3cab8c4917a7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67b74d329d1fdfccbeb08c801422ad89d1ab11518f51ed5ff9bc4793863ea3c8
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
75d4e1f91df020fd4c9caf87da7ba0c8febc6a40e0880d2852da7f5f30664434
777b5231470dbaf1a2dbd7839e7f7c7de4ff64a28fe3bb9656205a82aa043c7e
7dafb742c2b6191760cc1f87dc34dc07e4dc3bf60cc26e957e73879b99f09db6
81c1ba8cb3693236155e0ecf842d29622ebb5c47e92b303b6bfadaf0c99ed22a
8250f65127f9a58a72ea10c7d75296efa28708df144b684dbf2c94d7bcc04b9d
82faa7a5ead139ade1fa1b11387a6dfdf881c1c3fea161df3da52a039f3662bb
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85d798012bb94ef365680bd9439a927acd5280ff83c50ee323cc2a41eba5d1d0
89110229884d51983fa8a74fe2a17d1606b35b7fca08bce9ff3a4012046c3c69
8917e30efcc1260d758f2e67a6f5891da6c9ce8f2601a4446e868afc19ff9f9b
8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
92929a62869690b11dfc5b2e41d107314db34daf0bd1b990a04f95dfb3ebc377
936fb434a14b628a1c6f4f52cf995ad93adccd3fad1346955f29b80f05fa985c
97a02a812c7b65463a747b090788c3fcce060121e86fb46597799f7ff43766ab
9b658d32ab626de2971021c458ea3aa6cc131e79c1d4e4bdf1cc229b99bf7465
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6
9c54ba0bd3ece361e671851c96c48c896508c4ae5133ca44f36ecfc189122c40
9cbe2111eb50b721ea6f79e1cb61f6febc76795fd015a21593089bc1a3dfe490
9efb9eb2d0d3a02956c526db065129fa21b249296aae1180f67110633f943956
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
a2b96d6f1253a99039b4ced8ff14dfe080e6200783451e6a07b1bc936ef807e4
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a314c29d5dcce23cc726140820143658561b0f544c5bfb3810fe83ba4183ce7c
a38eab2257ae31268c0ef783ac668996e82a48dd64d3470801620f3a8c5dc4f3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4db66a9879e2176a4caedaaf6c14bb5645abc54ab7e0d9dde2725ea3d0ebed2
a5cabd806694695eeb10b48b8e5b1f4499ec46c19bbae6312284f40ce4b64b81
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a721065b733dcbcd059de184fcc1edd365eec8f60746e81223eef6663a17ea44
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
af57fb213d1cc58960d74737c24d93136cbf86f0f1194d563e02e013c406fdba
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b43cd2653b5cbc9875746d0d418d1cdce1c55de38b17ecd0e56614518259f71b
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
b98b46048d73e92b6ca203d9bfc2015ec3f37cd72dedd9696c35a6b3840e9433
bed542f8dde9593921a55619985affad6e77af3cf023012d02d3cbc7b7576ec0
bedbfebb1e570a307a3c53fa9922989a22aaae3602a306d66f8d1fd982496bf8
c06340de9f3beb799319aabe3751252dd687c2c194f44c3797afe72230192fdd
c0b378360d978b941fc0b5aebec61c375a11685a99ce540796f05a572dec1a7e
c0ebfd1fdbbfe23db3645a0a06a6916bd039765d78e9c47f7796b21d01b1fb62
c4b5f321485f13e1822b4a4e20502104dc9a104059b9e511dda7f19bff115d8b
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c685378c7f15fb7a809c8d36db127c1620294330405921a3a13c978c3415e403
c75670cc0f104a2aad9990ece265612b9fb496fa8f84d4eca097a26376a748aa
cab95834f7418dad87b4ff37953e5c02a9dd52416d45ef762cc46e3cad055413
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
ccb2de978f607c02c595632d38051c17978e018220b429c8ccd0ad4aca206032
d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab
d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af
df8b3e2f6daca44be06e59c1561e7743f3fbb3d5f7f006367c7fe9927aff3f06
e2e100dccf35fc8fbda8298d47d2719362a984ff46eebf871a878376224071df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fbc7d5ad26b24430edb279a7bc6c9c6d354b569988587c7bc02b5518d9dae2
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
ee9c8149c9c87eef99e3ee78aacd47bebd931818d6ca105d9ab4c49e8ec6aeab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3543de19aa0b0078f042d0673e1224a46cc1258288bf47f8abc08f1a9c56f00
f3bc26d03dc5313b9df615fc465f58c0a197a045ad900aebf84ca6e819929ddd
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
f9543bd5b9d6794a9fea4d9f555764271939b4338015cc6c6172d158738d743b

bank-otkrytie-kabinet.ru Open in urlscan Pro 104.21.18.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

161 Requests

100 %HTTPS

0 %IPv6

15 Domains

22 Subdomains

21 IPs

4 Countries

2908 kBTransfer

8893 kBSize

18 Cookies

17 Outgoing links

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bank-otkrytie-kabinet.ru Open in urlscan Pro
104.21.18.182 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

22
Subdomains

21
IPs

4
Countries

2908 kB
Transfer

8893 kB
Size

18
Cookies

161 HTTP transactions
10 data transactions