urlscan.io logo urlscan.io
SecurityTrails logo

www.bspb.ru Open in urlscan Pro
213.172.3.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sabibank.ru/
Effective URL: https://www.bspb.ru/
Submission: On May 09 via manual from SA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 101 HTTP transactions. The main IP is 213.172.3.49, located in Russian Federation and belongs to BANKSPB, RU. The main domain is www.bspb.ru.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on July 9th 2019. Valid for: 2 years.
This is the only time www.bspb.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700:3034::6815:37d7 (United States)

ASN13335 (CLOUDFLARENET, US)
sabibank.ru
www.sabibank.ru
1    2606:4700:3031::ac43:ad6e (United States)

ASN13335 (CLOUDFLARENET, US)
www.sabibank.ru
57    213.172.3.49 (Russian Federation)

ASN24913 (BANKSPB, RU)
www.bspb.ru
1    93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
vk.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    92.118.67.2 (Russian Federation)

ASN49031 (CALLTOUCH-AS, RU)
mod.calltouch.ru
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    92.223.124.254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.carrotquest.io
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
Domain Requested by
57 www.bspb.ru www.bspb.ru
mc.yandex.ru
connect.facebook.net
6 www.facebook.com www.bspb.ru
www.facebook.com
4 platform.twitter.com www.bspb.ru
platform.twitter.com
3 x01.aidata.io 1 redirects
3 www.google.com www.bspb.ru
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 syndication.twitter.com platform.twitter.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 connect.facebook.net www.bspb.ru
connect.facebook.net
2 mod.calltouch.ru www.bspb.ru
mod.calltouch.ru
2 www.googletagmanager.com www.bspb.ru
www.googletagmanager.com
2 www.googleadservices.com www.bspb.ru
www.googletagmanager.com
2 www.sabibank.ru 2 redirects
2 sabibank.ru 2 redirects
1 analytics.google.com www.googletagmanager.com
1 cdn.carrotquest.io www.bspb.ru
1 mc.yandex.ru www.bspb.ru
1 vk.com www.bspb.ru
0 mc.yandex.com Failed www.bspb.ru
mc.yandex.ru
0 www.google.de Failed www.bspb.ru
101 21
Subject Issuer Validity Valid
www.bspb.ru
GlobalSign Extended Validation CA - SHA256 - G3		 2019-07-09 -
2021-09-06		 2 years crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
calltouch.ru
R3		 2021-04-21 -
2021-07-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
cdn.carrotquest.io
R3		 2021-03-10 -
2021-06-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2020-02-25 -
2022-02-25		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://www.bspb.ru/
Frame ID: 270CFBCA366D598D8049942050698D0A
Requests: 92 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
Frame ID: 257D951CBE124BCFF0259034B608D4FB
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.bspb.ru
Frame ID: 0918A3CB28B844123133BF587BEC362A
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.ru.html
Frame ID: A6ACD4724A2F77BC14C1E3B282CD1F3B
Requests: 1 HTTP requests in this frame

Frame: https://x01.aidata.io/stats?pixel=BSPB&v=1620541739530&pid=BSPB&js=1&bounce=1&pid=BSPB&js=1&sid=447b6d7942bd4effbe72316e7734c5f7&__upin=EC0qJnxNpD4UDBqwyAM8MA&id=978315831.1620541739&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Frame ID: 7B0C1ED6E62A152057B0A2EDE53A4C85
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sabibank.ru/ HTTP 301
    https://sabibank.ru/ HTTP 301
    http://www.sabibank.ru/ HTTP 301
    https://www.sabibank.ru/ HTTP 302
    https://www.bspb.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

Page Statistics

101
Requests

92 %
HTTPS

63 %
IPv6

17
Domains

21
Subdomains

18
IPs

4
Countries

4871 kB
Transfer

7094 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sabibank.ru/ HTTP 301
    https://sabibank.ru/ HTTP 301
    http://www.sabibank.ru/ HTTP 301
    https://www.sabibank.ru/ HTTP 302
    https://www.bspb.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://x01.aidata.io/pixel.js?pixel=BSPB&id=978315831.1620541739&v=1620541739530 HTTP 302
  • https://x01.aidata.io/pixel.js?pixel=BSPB&id=978315831.1620541739&v=1620541739530&pid=BSPB&js=1&bounce=1

101 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.bspb.ru/
Redirect Chain
  • http://sabibank.ru/
  • https://sabibank.ru/
  • http://www.sabibank.ru/
  • https://www.sabibank.ru/
  • https://www.bspb.ru/
51 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
99e4a67b384e3f5a56b8a193847c6d912a06b046f64c683caaa4ba207fdca4e5
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.bspb.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Cache-Control
max-age=5
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
X-XSS-Protection
1; mode=block
Content-Language
ru
Vary
Accept-Encoding
Set-Cookie
PLAY_LANG=ru; Max-Age=864000000; Expires=Thu, 24 Sep 2048 06:28:58 GMT; Path=/;HttpOnly;Secure IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; Max-Age=86400; Path=/; secure
Content-Encoding
gzip

Redirect headers

date
Sun, 09 May 2021 06:28:57 GMT
content-type
text/html; charset=UTF-8
location
https://www.bspb.ru
cf-cache-status
DYNAMIC
cf-request-id
09f169a1c6000063f5fa938000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3KnXYhY5jiCjfgArh1sR6loR2BEWhtYP0LFLUYsvKGYBasnXLKM7MwAF%2BHcJvmBEK%2BIqMRjfpcC3DTRV%2BeXw3KH6%2BIglCJv%2FREV1QWYopiTbWrfJ2Pw0uG6xkaE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64c8dee2d89863f5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
web.css
www.bspb.ru/public/gen/ 		207 KB
207 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/gen/web.css?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
0f5533d08faa1622094f07d35b71896c1bac0a4201f44d1d5f880de33062f61d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
style.css
www.bspb.ru/public/fonts/icomoon/ 		11 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/fonts/icomoon/style.css
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
cb961e0a9250bbde328aaf60e66727be6e52b46c4ee5a07a7e382923a5ad516a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
style.css
www.bspb.ru/public/fonts/open-sans/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/fonts/open-sans/style.css
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
c33351bbb05db1e8dad4c261941ddd9cd89b1d3ddac6881ea7d3189adb43c615
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
web-model.css
www.bspb.ru/public/gen/ 		87 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/gen/web-model.css?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
d4fefa2b567d012c138632f8c455be60d131ee22628f98e1aa4401bfb8571c1f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
web.js
www.bspb.ru/public/gen/ 		271 KB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
fd60ce1b06bce2c5dde9baae020e263297c419753338522ace7359e8cbf2e922
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
277537
Cookie set session.js
www.bspb.ru/public/javascripts/ 		1 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/session.js?060b3768adb60133edfad23b5a36da97c410b339&ru
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
ba5c7f291e3351815af21a8971f3e24ce677f4156ba80e1895e796a7df797930
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/javascript; charset=UTF-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Cookie set i18n.js
www.bspb.ru/public/javascripts/ 		583 KB
588 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/i18n.js?ru&7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
3978ce5eb2fb9c46c2155b1d9e5a1a63d7691824f8205e96313ee3953b445eb8
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/javascript; charset=UTF-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
easyXDM.min.js
www.bspb.ru/public/javascripts/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/easyXDM.min.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
8014ded73aab32ee22a386a4a5f0f71cee82a2d7bfad71680085bcf89b5ed5e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19071
markerclusterer.js
www.bspb.ru/public/javascripts/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/markerclusterer.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
86e6e3ebab69edfec5ff7ac103a66358b2c7620393480f0de14ef2c20ef71729
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14626
slick.min.js
www.bspb.ru/public/javascripts/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/slick.min.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41953
play-web.js
www.bspb.ru/public/javascripts/ 		727 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/play-web.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
230d6891aa095bbad31c305ffd3f7f0b1a1a232c9aa4ed5771ad2522d1bbc21a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
727
map.css
www.bspb.ru/public/stylesheets/ 		781 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/stylesheets/map.css?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
18733c9eac516569879498b328f4d2933f849f62075ada1a3020779ceac17816
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
jquery.inputmask.bundle.min.js
www.bspb.ru/public/javascripts/ 		70 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/jquery.inputmask.bundle.min.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
eb2be616763feb85796751d12aab1c850bcbeed7006c4b446ad662951a24e4c9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
71335
jquery.inputmask-multi.min.js
www.bspb.ru/public/javascripts/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/jquery.inputmask-multi.min.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
d93e2460679ba909153b7c4ba6351489354006b698cf7ccd79ec0a82a1295838
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6459
bootstrap-hover-dropdown.js
www.bspb.ru/public/javascripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/bootstrap-hover-dropdown.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
aeb66ebdf5c5e902d2f3a56bf8f46173d219a220963762a0b1ab1696523c9339
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1323
bootstrap-slider.js
www.bspb.ru/public/javascripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/bootstrap-slider.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
b57b530c77e39bacb724db669c4b86d9ba48f09a393f49c6f04d97eed5b1a987
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7183
uikit-0.0.1.css
www.bspb.ru/public/stylesheets/ 		277 KB
277 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/stylesheets/uikit-0.0.1.css?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
26aae5346a5c4038dad7954706ba0b2b565477d5c82b47371ebfbf6d901859c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
logo-icon.svg
www.bspb.ru/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/public/images/logo-icon.svg
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
406bed06ea47fcbab162bc1b40656bf06ebd865e3150e3e894f5d9af41e68591
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2052
logo.svg
www.bspb.ru/public/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/public/images/logo.svg
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
4cd7c048f26b56fadda5684da672b1cc1cb2abf6adea07caf3e3b4f24f9b8876
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13602
web-map-icon.svg
www.bspb.ru/public/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/public/images/web-map-icon.svg
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
8883347b32792de59564cc6ce03fbb652f8c7fe968531aed2ee0c6916d2e099b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1389
contacts-icon.svg
www.bspb.ru/public/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/public/images/contacts-icon.svg
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
66ed467f9a62b285c1ffc40a7b296bb079ff237300d1d12da201c8cd23fdc1be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1166
search-icon.svg
www.bspb.ru/public/images/ 		678 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/public/images/search-icon.svg
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
95b1d0ec872fc50bb03f9131890e455bac9badfec4aa88a4153f41bb4fea4d90
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
678
Cookie set button.css
www.bspb.ru/promo/design/style/ 		6 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/promo/design/style/button.css
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
78f4a68e84acb13e977edf9bc8f56eb85f907fcf436c59ec5fffd1aa6156d8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Connection
keep-alive
Content-Language
ru
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Content-Disposition
inline; filename="button.css"
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Content-Type
text/css; charset=utf-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Cookie set main-banner.css
www.bspb.ru/promo/design/style/ 		2 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/promo/design/style/main-banner.css
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
01aa2d72a03612635ebbd7f10bbe72b2729bec42d442acb41cdba51e14fabbb0
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Connection
keep-alive
Content-Language
ru
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Content-Disposition
inline; filename="main-banner.css"
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:58 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Content-Type
text/css; charset=utf-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Cookie set 9may_main.png
www.bspb.ru/retail/ 		228 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/retail/9may_main.png
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
23d291a572fbf9a2428e19fdcad162b66b5398c68c87a0713319755c05c8b7be
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="9may_main.png"
Connection
keep-alive
Content-Length
233457
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Language
ru
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Accept-Ranges
bytes
Content-Type
image/png
Cookie set WN_main_bspb.png
www.bspb.ru/retail/ 		385 KB
390 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/retail/WN_main_bspb.png
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
86fc1475c20ac2113b7594b5ba1a9a7053321d8278675540acce0d60885233bb
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="WN_main_bspb.png"
Connection
keep-alive
Content-Length
394659
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Language
ru
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Accept-Ranges
bytes
Content-Type
image/png
Cookie set banner-ref.png
www.bspb.ru/retail/ 		229 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/retail/banner-ref.png
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
5504aad3aff6f70fe4870957b3eb9734ae966f71fbbd0c843d5704e317d97e01
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="banner-ref.png"
Connection
keep-alive
Content-Length
234678
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Language
ru
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Accept-Ranges
bytes
Content-Type
image/png
Cookie set banner-ekp.png
www.bspb.ru/retail/ 		434 KB
438 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/retail/banner-ekp.png
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
824c30e7419b38db4ca693ec605d69a779c9bbf4f52faf93a05a11acf56f1b65
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="banner-ekp.png"
Connection
keep-alive
Content-Length
444057
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Language
ru
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Accept-Ranges
bytes
Content-Type
image/png
Cookie set banner-100days.png
www.bspb.ru/retail/ 		335 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/retail/banner-100days.png
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
4ba665cae6e5b4028decc4f7b068d1d63a7c6169c0e4d1f8a13bb1a8b56423a8
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; _ga=GA1.1.978315831.1620541739; BSPB_MOBILE_COOKIE=false
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="banner-100days.png"
Connection
keep-alive
Content-Length
343494
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Language
ru
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Accept-Ranges
bytes
Content-Type
image/png
Cookie set banner-yaschit.png
www.bspb.ru/retail/ 		315 KB
319 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bspb.ru/retail/banner-yaschit.png
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
6708c811ec8f4bbcce2436ebfa07b3b8c42ff500dc721d6d88a17ee323f7d3da
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; _ga=GA1.1.978315831.1620541739; BSPB_MOBILE_COOKIE=false
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Content-Disposition
inline; filename="banner-yaschit.png"
Connection
keep-alive
Content-Length
322050
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Language
ru
Cache-Control
max-age=2592000
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Accept-Ranges
bytes
Content-Type
image/png
mini-calc.js
www.bspb.ru/public/javascripts/minicalc/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/minicalc/mini-calc.js
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
cc1eca25372fe32aeb85b5d8f33ab3ddadc3dd4113cc8ae82ebcc5e5452a57b5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4726
openapi.js
vk.com/js/api/ 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
kittenx /
Resource Hash
2f9424ce1a17a9784560c93a639819525f184fa1e00f3d6aff62b0bb0c4eaa2b

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:58 GMT
content-encoding
br
x-frontend
front605104
last-modified
Wed, 21 Apr 2021 15:16:58 GMT
server
kittenx
etag
"608041ea-5800"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22528
expires
Thu, 13 May 2021 06:28:58 GMT
LogoutInternetBank.js
www.bspb.ru/public/javascripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/LogoutInternetBank.js
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
7863cff68b0a527aab6262fa0e18e2f1b733dc8f3eb43869b846035eaa416ce4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1550
web-model.js
www.bspb.ru/public/javascripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/web-model.js?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
84c9ceacf30eeb1cb9d1034781809742a63213568e06ae17b373adae990540f5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7129
conversion.js
www.googleadservices.com/pagead/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8719e7caa8c8992a1d546c7a38c708d4929dd04bde1be9381def52752fd2a97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16618
x-xss-protection
0
server
cafe
etag
786077497703709746
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 09 May 2021 06:28:58 GMT
web-print.css
www.bspb.ru/public/stylesheets/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/stylesheets/web-print.css?7c4b628bf1
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
0b8daa909401d9f93ad2d352c04ffad383006bc5f6b4a2efcbe1265d2c107bfe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; _ga=GA1.1.978315831.1620541739; BSPB_MOBILE_COOKIE=false
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
gtm.js
www.googletagmanager.com/ 		214 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TQLR7P
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3afde4c902eb0c6d5f98e7c1fd4b50f71dff7bec92df7f942a1b50d2b13d9bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54975
x-xss-protection
0
last-modified
Sun, 09 May 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 May 2021 06:28:58 GMT
open-sans-v15-cyrillic_latin-600.woff2
www.bspb.ru/public/fonts/open-sans/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/fonts/open-sans/open-sans-v15-cyrillic_latin-600.woff2
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/fonts/open-sans/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
f790559b3c21a631e620e71355158b3ca23cba7beaeaf9bf96e2c65ab7c7391f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.bspb.ru/public/fonts/open-sans/style.css
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Origin
https://www.bspb.ru
Referer
https://www.bspb.ru/public/fonts/open-sans/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
open-sans-v15-cyrillic_latin-regular.woff2
www.bspb.ru/public/fonts/open-sans/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/fonts/open-sans/open-sans-v15-cyrillic_latin-regular.woff2
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/fonts/open-sans/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
e93ad2a262bebda5bb7d8c528230926eae26e6009c5d641134f8e99f45d15023
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.bspb.ru/public/fonts/open-sans/style.css
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Origin
https://www.bspb.ru
Referer
https://www.bspb.ru/public/fonts/open-sans/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:58 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
open-sans-v15-cyrillic_latin-700.woff2
www.bspb.ru/public/fonts/open-sans/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/fonts/open-sans/open-sans-v15-cyrillic_latin-700.woff2
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/fonts/open-sans/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
54c53408011a6c3340a497a4498a6b1108bb057f8e2da528cb9ffa9d8e0e0f72
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.bspb.ru/public/fonts/open-sans/style.css
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Origin
https://www.bspb.ru
Referer
https://www.bspb.ru/public/fonts/open-sans/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
icomoon.ttf
www.bspb.ru/public/fonts/icomoon/fonts/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/fonts/icomoon/fonts/icomoon.ttf?pf0tg3
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/fonts/icomoon/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
2df3cdcd2e9ef0061636c265e4134464efe4b61f521d4e329d8a0dd7d8bc9bde
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.bspb.ru/public/fonts/icomoon/style.css
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Origin
https://www.bspb.ru
Referer
https://www.bspb.ru/public/fonts/icomoon/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
js
www.googletagmanager.com/gtag/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B90JNR79DX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQLR7P
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb31bcb8448b1a07a233abf0a1e637a07193f34eeff2cb1b92565026476eee20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45131
x-xss-protection
0
expires
Sun, 09 May 2021 06:28:59 GMT
init.js
mod.calltouch.ru/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mod.calltouch.ru/init.js?id=qpv0ob7e
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
b1294825d13fe558e1e52ff378b8a220aea85419fd140d6391d2ca22aa623d3a

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
x-ct-fe
ct-mod-front01b
last-modified
Sunday, 09-May-2021 06:28:59 GMT
server
nginx
etag
W/"60895c59-f3ab"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
-1
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQLR7P
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13939
x-xss-protection
0
server
cafe
etag
16751590114636182394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 09 May 2021 06:28:59 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQLR7P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
127
date
Sun, 09 May 2021 06:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sun, 09 May 2021 08:26:52 GMT
watch.js
mc.yandex.ru/metrika/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
br
last-modified
Fri, 30 Apr 2021 17:14:07 GMT
etag
"608a4fd7-abe7"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
44007
expires
Sun, 09 May 2021 07:28:59 GMT
api.min.js
cdn.carrotquest.io/ 		516 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.carrotquest.io/api.min.js
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
366e131a207d8a6be21fc6ea578c7769cf695986d37f4d13159885162faa63df

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc31
date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
gzip
last-modified
Wed, 05 May 2021 06:35:13 GMT
server
nginx
etag
W/"60923ca1-80fbd"
x-cached-since
2021-05-05T06:46:43+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1800, must-revalidate
cache
HIT
expires
Sun, 09 May 2021 06:58:59 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23959
x-fb-rlafr
0
pragma
public
x-fb-debug
UIcDVfMPmWZSbF261ALylO5oD2hP4ZAiboViwQAAM3UdwirdWK503hOO8/BVcz+7asMpqQsZ8/IGiXoRPqbX9Q==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 09 May 2021 06:28:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/6723)
Age
1339
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
like.php
www.facebook.com/plugins/ Frame 257D 		46 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8470dc560bdb28b2d4bbcce47f2f653f1e5f2bbaf83adc0517d02ac57e8e133
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bspb.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.bspb.ru/

Response headers

vary
Accept-Encoding
x-fb-rlafr
0
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
6msmRzTDgNjiEZk8q72e3NKYyp2k/mz91jWQ/iKy+r59ayNaqv0NlCYYe3qq2eC5Bg4O7PMxP43xEGS99RVfcQ==
date
Sun, 09 May 2021 06:28:59 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Cookie set /
www.bspb.ru/webmobile/setMobileRedirectCookieNoRedirect/ 		0
848 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/webmobile/setMobileRedirectCookieNoRedirect/?cookieValue=false
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
Accept
*/*
Referer
https://www.bspb.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure BSPB_MOBILE_COOKIE=false; Max-Age=2592000; Expires=Tue, 08 Jun 2021 06:28:59 GMT; Path=/; Domain=.bspb.ru;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Connection
keep-alive
Content-Length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/936001829/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936001829/?random=1620541739072&cv=9&fst=1620541739072&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bspb.ru%2F&tiba=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
695e7d5ddf7eaf79de3ed73b3ecd73af332206ce980e55f5d7bc520e4c06ca24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1060
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set jsonCashRates
www.bspb.ru/BSPBWeb/ 		448 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/BSPBWeb/jsonCashRates
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
fb0503121cfdee1104ad0baf375bc4b40cca81405e30c84cd8f0a23f3844d328
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
Connection
keep-alive
Referer
https://www.bspb.ru/
Accept
*/*
Referer
https://www.bspb.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
js
www.google-analytics.com/gtm/ 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-P26XTRG&t=gtm7&cid=978315831.1620541739
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f118461c0106e0d0ca5705d4b48dbe8ac655d3a067981c3fe56da10038b07272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39015
x-xss-protection
0
expires
Sun, 09 May 2021 06:28:59 GMT
348754719767732
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/348754719767732?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe4d1b96507a793d4b8064d4aeb6f3c5f6018c8fe0a60ea0e8fda3bdaf3e39ea
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74052
x-fb-rlafr
0
pragma
public
x-fb-debug
tWjvWDa5RCtS4HiINvtWnwGTAsrKcdRcpwyZGp2kAMO4aGqfjKgb9com07utP9IavKsbGSJHbfYK75UsqiMcOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Sun, 09 May 2021 06:28:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame 0918 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.bspb.ru
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bspb.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.bspb.ru/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
44852
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 09 May 2021 06:28:59 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/830569265/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830569265/?random=1620541739128&cv=9&fst=1620541739128&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bspb.ru%2F&tiba=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d5c4cae0e26bd7d18beebdaa758cb67631ad1f1ac5202a2d86a72dd9d2e758e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1074
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-B90JNR79DX&gtm=2oe4s0&_p=777116547&sr=1600x1200&_gaz=1&ul=en-us&cid=978315831.1620541739&_s=1&dl=https%3A%2F%2Fwww.bspb.ru%2F&dt=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3&sid=1620541739&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_c=1&ep.debug_mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B90JNR79DX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bspb.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
366 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B90JNR79DX&cid=978315831.1620541739&gtm=2oe4s0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B90JNR79DX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bspb.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set cspreport
www.bspb.ru/application/ 		2 B
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/application/cspreport
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
report
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; _ga=GA1.1.978315831.1620541739; BSPB_MOBILE_COOKIE=false
Connection
keep-alive
Content-Length
4313
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
ga-audiences
www.google.de/ads/ 		0
0
/
www.google.com/pagead/1p-user-list/936001829/ 		42 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/936001829/?random=1620541739072&cv=9&fst=1620540000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bspb.ru%2F&tiba=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20&fmt=3&is_vtc=1&random=3636612034&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set cspreport
www.bspb.ru/application/ 		2 B
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/application/cspreport
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
report
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; _ga=GA1.1.978315831.1620541739; BSPB_MOBILE_COOKIE=false
Connection
keep-alive
Content-Length
4779
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
/
www.google.de/pagead/1p-user-list/936001829/ 		0
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=348754719767732&ev=PageView&dl=https%3A%2F%2Fwww.bspb.ru%2F&rl=&if=false&ts=1620541739244&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620541739243.1259435533&it=1620541739106&coo=false&exp=l1&rqm=GET
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sun, 09 May 2021 06:28:59 GMT
Cookie set currencyMiniCalc
www.bspb.ru/BSPBWeb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/BSPBWeb/currencyMiniCalc
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
45c16fe2b990f431ae842160e8c051ee008cd7bf7cdd93ae04d6c899645bbeba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; _ga=GA1.1.978315831.1620541739; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533
Connection
keep-alive
Referer
https://www.bspb.ru/
Accept
*/*
Referer
https://www.bspb.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/html; charset=utf-8
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Cookie set jsError
www.bspb.ru/ 		0
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/jsError
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; _ga=GA1.1.978315831.1620541739; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533
Connection
keep-alive
Content-Length
172
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.bspb.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Connection
keep-alive
Content-Length
0
/
www.google.com/pagead/1p-user-list/830569265/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/830569265/?random=1620541739128&cv=9&fst=1620540000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bspb.ru%2F&tiba=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20&async=1&fmt=3&is_vtc=1&random=1379539637&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set cspreport
www.bspb.ru/application/ 		2 B
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/application/cspreport
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
report
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739
Connection
keep-alive
Content-Length
4798
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
/
www.google.de/pagead/1p-user-list/830569265/ 		0
0
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 257D 		400 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
8a87CWOIm97srnFpa4r9xdPGYfxS0G3ueqr5sThFbmtkvFIZ3thMPF9PehAlJ0ymt6u9/q6i4X5O/lqwSz/e9g==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Sat, 08 May 2021 00:48:49 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
400
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Sun, 08 May 2022 00:48:49 GMT
KiJxuYSlQax.js
www.facebook.com/rsrc.php/v3iEpO4/y4/l/en_US/ Frame 257D 		503 KB
132 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/y4/l/en_US/KiJxuYSlQax.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b8c709460f85b0805002921be87801eccd28208805e086049aa7a0fee07c2c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 20:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3rlVIn0mXtPOCwHaqEkNew==
cross-origin-resource-policy
cross-origin
content-length
134884
x-fb-rlafr
0
x-fb-debug
Bt1fXxMd85nHIHCGqYa+MHlfr+q/XKdyZZgseSfIO1ohJV8ldkctD8+rL/POy3hlQO/wuql+vyrs+EGgjAstdg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 07 May 2022 20:40:10 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=777116547&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bspb.ru%2F&ul=en-us&de=UTF-8&dt=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=0sGndPNZSPue00AnlQGSaQ.0&_u=aGDAAEADQAAAAC~&jid=582352236&gjid=591566198&cid=978315831.1620541739&tid=UA-22394147-1&_gid=1437686179.1620541739&_r=1&gtm=2wg4s0TQLR7P&cd2=1620541739038.1hoect5h&cd5=2021-05-09T08%3A28%3A59.38%2B02%3A00&cd4=978315831.1620541739&z=1936042624
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bspb.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
d_client_new.js
mod.calltouch.ru/ 		0
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mod.calltouch.ru/d_client_new.js?param;client_id978315831.1620541739;fbpfb.1.1620541739243.1259435533;ref;urlhttps%3A%2F%2Fwww.bspb.ru%2F;cook&mod_id=qpv0ob7e&script_session_id=1794fd09116.243&ctObject=ct&uniq_req_id=1620541794971
Requested by
Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=qpv0ob7e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.118.67.2 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
access-control-allow-methods
GET, POST, HEAD, OPTIONS
server
nginx
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
vary
Accept-Encoding
x-ct-fe
ct-mod-front01b
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
x-ct-be
ct-mod-web04
expires
-1
Cookie set cspreport
www.bspb.ru/application/ 		2 B
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/application/cspreport
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
report
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739
Connection
keep-alive
Content-Length
4225
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
sync_cookie_image_check
mc.yandex.com/ 		0
0
KiJxuYSlQax.js
www.facebook.com/rsrc.php/v3iEpO4/y4/l/en_US/ Frame 257D 		503 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/y4/l/en_US/KiJxuYSlQax.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b8c709460f85b0805002921be87801eccd28208805e086049aa7a0fee07c2c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 May 2021 20:40:10 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
3rlVIn0mXtPOCwHaqEkNew==
cross-origin-resource-policy
cross-origin
content-length
134884
x-fb-rlafr
0
x-fb-debug
Bt1fXxMd85nHIHCGqYa+MHlfr+q/XKdyZZgseSfIO1ohJV8ldkctD8+rL/POy3hlQO/wuql+vyrs+EGgjAstdg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 07 May 2022 20:40:10 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-22394147-1&cid=978315831.1620541739&jid=582352236&gjid=591566198&_gid=1437686179.1620541739&_u=aGDAAEACQAAAAC~&z=614455627
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 09 May 2021 06:28:59 GMT
content-type
text/plain
access-control-allow-origin
https://www.bspb.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 0918 		183 B
420 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=f0bd7ee0a063062524f0e29e61051623a2962968
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.bspb.ru
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 06:28:59 GMT
server
tsa_devel
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
9c938577ac6cc09e3c5445d6ca54ef5d28415d03758404b5d41b2430504d7791
content-length
152
Cookie set cspreport
www.bspb.ru/application/ 		2 B
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/application/cspreport
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
report
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739
Connection
keep-alive
Content-Length
4220
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
advert.gif
mc.yandex.com/metrika/ 		0
0
Cookie set cspreport
www.bspb.ru/application/ 		2 B
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/application/cspreport
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
report
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739
Connection
keep-alive
Content-Length
5259
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
23949199
mc.yandex.com/watch/ 		0
0
mini-calc.css
www.bspb.ru/public/stylesheets/minicalc/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/stylesheets/minicalc/mini-calc.css
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
7830f84f5a2bde7d5f63854d764887f843dae9d0c8c77686b2e46f213b7ffa1a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.bspb.ru/
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739
Connection
keep-alive
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Vary
Accept-Encoding
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
mini-calc.js
www.bspb.ru/public/javascripts/minicalc/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/javascripts/minicalc/mini-calc.js
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
cc1eca25372fe32aeb85b5d8f33ab3ddadc3dd4113cc8ae82ebcc5e5452a57b5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739
Connection
keep-alive
Referer
https://www.bspb.ru/
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.bspb.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4726
Cookie set cspreport
www.bspb.ru/application/ 		2 B
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/application/cspreport
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
report
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739; _ym_isad=1
Connection
keep-alive
Content-Length
5291
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
23949199
mc.yandex.com/watch/ 		0
0
PFBeauSansPro-Regular.woff
www.bspb.ru/public/fonts/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/public/fonts/PFBeauSansPro-Regular.woff
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.css?7c4b628bf1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
e358232d9ca848c33d7eac1a73fb26db76c683bb840de313fc884421993eea0c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Host
www.bspb.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.bspb.ru/public/gen/web.css?7c4b628bf1
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739; _ym_isad=1
Connection
keep-alive
Origin
https://www.bspb.ru
Referer
https://www.bspb.ru/public/gen/web.css?7c4b628bf1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
font/woff
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99476
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-22394147-1&cid=978315831.1620541739&jid=582352236&_u=aGDAAEACQAAAAC~&z=940387455
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set cspreport
www.bspb.ru/application/ 		2 B
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/application/cspreport
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
report
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739; _ym_isad=1
Connection
keep-alive
Content-Length
4342
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
ga-audiences
www.google.de/ads/ 		0
0
cavalry_endpoint.php
www.facebook.com/common/ Frame 257D 		67 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1620541739260&t_start=1620541739260&t_domcontent=1620541739280&t_layout=1620541739451&t_onload=1620541739451&t_paint=1620541739451&t_creport=1620541739451&t_tti=1620541739280&lid=6960173772339480732-0
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.bspb.ru&send=false&layout=button_count&width=100&show_faces=false&font=trebuchet+ms&colorscheme=light&action=like&height=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
JSp1zDAo/SMclH22Riv5Gsd0DtTXFB3Kg+43VtaqAOEud0rydh41ukfNFN6N6DHBw3NIltPfysC6KDiMHShKsw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 09 May 2021 06:28:59 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
button.5573c974dc31bbdab5ea7923a0bd5cf3.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/6723)
Age
44857
Etag
"382be2960021b88f6ce982d997cdbd01+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
tweet_button.06c6ee58c3810956b7509218508c7b56.ru.html
platform.twitter.com/widgets/ Frame A6AC 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.ru.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
6750364b201caee4502eafcad6e07f6a7d0c9d30f26233452b8f88042e10c870

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bspb.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.bspb.ru/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
44853
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 09 May 2021 06:28:59 GMT
Etag
"b0f6f49d457d648ea54bbb555dd02b59+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12609
Cookie set jsError
www.bspb.ru/ 		0
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/jsError
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739; _ym_isad=1
Connection
keep-alive
Content-Length
172
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.bspb.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Connection
keep-alive
Content-Length
0
pixel.js
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/pixel.js?pixel=BSPB&id=978315831.1620541739&v=1620541739530
  • https://x01.aidata.io/pixel.js?pixel=BSPB&id=978315831.1620541739&v=1620541739530&pid=BSPB&js=1&bounce=1
17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x01.aidata.io/pixel.js?pixel=BSPB&id=978315831.1620541739&v=1620541739530&pid=BSPB&js=1&bounce=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
750c0a45a11a98675c9a66b96aceb672799193dab989c42e1be82754e4bbc284

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
gzip
last-modified
Sun, 09 May 2021 06:28:58 GMT
server
nginx
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript
expires
Sun, 09 May 2021 06:28:58 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 May 2021 06:28:59 GMT
last-modified
Sun, 09 May 2021 06:28:58 GMT
server
nginx
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/pixel.js?pixel=BSPB&id=978315831.1620541739&v=1620541739530&pid=BSPB&js=1&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sun, 09 May 2021 06:28:58 GMT
jot
syndication.twitter.com/i/ 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.bspb.ru%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22ru%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1620541739635%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Sun, 09 May 2021 06:28:59 GMT
server
tsa_devel
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
9c938577ac6cc09e3c5445d6ca54ef5d28415d03758404b5d41b2430504d7791
x-transaction
e9c83fb657b8efc8
expires
Tue, 31 Mar 1981 05:00:00 GMT
Cookie set cspreport
www.bspb.ru/application/ 		2 B
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/application/cspreport
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
report
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739; _ym_isad=1
Connection
keep-alive
Content-Length
4318
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Referer
https://www.bspb.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Language
ru
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Content-Security-Policy
default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security
max-age=31536000 max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Cookie set jsError
www.bspb.ru/ 		0
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bspb.ru/jsError
Requested by
Host: www.bspb.ru
URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.172.3.49 , Russian Federation, ASN24913 (BANKSPB, RU),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Origin
https://www.bspb.ru
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
PLAY_LANG=ru; IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; session-cookie=167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4; _gid=GA1.2.1437686179.1620541739; _ga_B90JNR79DX=GS1.1.1620541739.1.0.1620541739.60; BSPB_MOBILE_COOKIE=false; _fbp=fb.1.1620541739243.1259435533; _gaexp=GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0; _ga=GA1.2.978315831.1620541739; _gat_UA-22394147-1=1; cted=modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533; _ym_uid=162054173936058013; _ym_d=1620541739; _ym_isad=1
Connection
keep-alive
Content-Length
172
Pragma
no-cache
Host
www.bspb.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.bspb.ru/
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://www.bspb.ru/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 09 May 2021 06:28:59 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000;includeSubDomains
Content-Type
text/plain; charset=utf-8
Set-Cookie
IBANK_FLASH=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_ERRORS=; Max-Age=0; Expires=Sun, 09 May 2021 06:28:59 GMT; Path=/; Secure; HTTPOnly;HttpOnly;Secure IBANK_SESSION=75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=; Path=/; Secure; HTTPOnly;HttpOnly;Secure
Cache-Control
max-age=5
Connection
keep-alive
Content-Length
0
stats
x01.aidata.io/ Frame 7B0C 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/stats?pixel=BSPB&v=1620541739530&pid=BSPB&js=1&bounce=1&pid=BSPB&js=1&sid=447b6d7942bd4effbe72316e7734c5f7&__upin=EC0qJnxNpD4UDBqwyAM8MA&id=978315831.1620541739&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 May 2021 06:28:59 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B90JNR79DX&cid=978315831.1620541739&gtm=2oe4s0&aip=1&z=1775178787
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/936001829/?random=1620541739072&cv=9&fst=1620540000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bspb.ru%2F&tiba=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20&fmt=3&is_vtc=1&random=3636612034&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/830569265/?random=1620541739128&cv=9&fst=1620540000000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4s0&sendb=1&frm=0&url=https%3A%2F%2Fwww.bspb.ru%2F&tiba=%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20&async=1&fmt=3&is_vtc=1&random=1379539637&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Domain
mc.yandex.com
URL
https://mc.yandex.com/sync_cookie_image_check
Domain
mc.yandex.com
URL
https://mc.yandex.com/metrika/advert.gif
Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/23949199?wmode=7&page-url=https%3A%2F%2Fwww.bspb.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A1771%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1002095035369%3Ahid%3A222436836%3Az%3A120%3Ai%3A20210509082859%3Aet%3A1620541739%3Ac%3A1%3Arn%3A18446168%3Au%3A162054173936058013%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620541737206%3Anp%3ATGludXggeDg2XzY0%3Ads%3A113%2C200%2C415%2C2%2C348%2C0%2C%2C781%2C0%2C%2C%2C%2C1871%3Adsn%3A114%2C199%2C416%2C1%2C348%2C0%2C%2C785%2C0%2C%2C%2C%2C1871%3Arqnl%3A1%3Ati%3A2%3Ast%3A1620541739%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3
Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/23949199?callback=_ymjsp864716406&page-url=https%3A%2F%2Fwww.bspb.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A1771%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1002095035369%3Ahid%3A222436836%3Az%3A120%3Ai%3A20210509082859%3Aet%3A1620541739%3Ac%3A1%3Arn%3A18446168%3Au%3A162054173936058013%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620541737206%3Anp%3ATGludXggeDg2XzY0%3Ads%3A113%2C200%2C415%2C2%2C348%2C0%2C%2C781%2C0%2C%2C%2C%2C1871%3Adsn%3A114%2C199%2C416%2C1%2C348%2C0%2C%2C785%2C0%2C%2C%2C%2C1871%3Arqnl%3A1%3Ati%3A3%3Ast%3A1620541739%3At%3A%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%20%E2%80%93%20%D0%9E%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20-%20%D0%91%D0%B0%D0%BD%D0%BA%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3&wmode=5
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-22394147-1&cid=978315831.1620541739&jid=582352236&_u=aGDAAEACQAAAAC~&z=940387455

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| readonly function| formattedNumber function| parseDate function| changeLocale function| selectorSlider function| escapeHTML function| normalizeDecimalInPlace function| autocomplete function| autocompleteBIC function| enableAutofocusOnModal function| showAjaxDialog function| validatePhoneNumber function| validateEmail function| cleanPath function| addGaEventTracking function| bindCustomHandlers function| resizeScrollableTableHeaderColumns function| resizeScrollableTableHeight function| isAttributeDefined function| copyAttrIfDestinationNotSet function| convertNumberInputs function| toggleAccountAliasEditor function| handleDefaultFocus function| initMainBanner function| UTCDate function| UTCToday function| parseUrlParams function| breakLines function| prepareMultilineSelectPicker function| i18n function| preventEnter function| isAttributeUnsupported function| enableHtml5Support function| openHolder function| closeHolder function| openContactForm function| getParameter function| Session function| TableSorter function| SmartInputMask function| m$ object| validator object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate function| $ function| jQuery object| session object| MESSAGES object| easyXDM function| MarkerClusterer function| Cluster function| ClusterIcon object| playWeb string| gMapsKey function| Inputmask function| setCashRates function| setCardRates function| finalCashAndMiniCalcSetup function| setCurrencyRates function| setCurrencyBuyOrSell function| setupMinicalc function| MiniExchangeRates object| google_tag_manager string| CalltouchDataObject function| ct object| google_tag_data string| GoogleAnalyticsObject function| ga object| carrotquest object| carrotquestasync function| handlerMessage function| fbq function| _fbq function| obj2qs object| fastXDM object| VK function| LogoutInternetBank function| getSmsCode object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments number| lastShiftClickableIndex function| alertOnError object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr function| google_trackConversion object| GooglebQhCsO function| onYouTubeIframeAPIReady object| google_optimize object| webpackJsonpCt1619614799426 function| ct_create_session function| ct_goal function| ct_set_attrs object| Ya object| yaCounter23949199 object| miniCalc function| aidataSendEvent function| aidataRefreshEventListeners

15 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0iRvVBEL0YdqmKX9T..Bgl4Er...1.0.Bgl4Er.
.bspb.ru/ Name: _ym_isad
Value: 1
www.bspb.ru/ Name: PLAY_LANG
Value: ru
.bspb.ru/ Name: _ga
Value: GA1.2.978315831.1620541739
.bspb.ru/ Name: _gaexp
Value: GAX1.2.0sGndPNZSPue00AnlQGSaQ.18844.0
.bspb.ru/ Name: _fbp
Value: fb.1.1620541739243.1259435533
.bspb.ru/ Name: BSPB_MOBILE_COOKIE
Value: false
.bspb.ru/ Name: _ga_B90JNR79DX
Value: GS1.1.1620541739.1.0.1620541739.60
.bspb.ru/ Name: _ym_d
Value: 1620541739
.bspb.ru/ Name: _gat_UA-22394147-1
Value: 1
.bspb.ru/ Name: _gid
Value: GA1.2.1437686179.1620541739
.bspb.ru/ Name: _ym_uid
Value: 162054173936058013
www.bspb.ru/ Name: session-cookie
Value: 167d521fcf8a5483ab40f959beb261f5f150d42630842a2c822cbb72ec0669687f9605ceca1c98123e98cfa0c2cba2c4
www.bspb.ru/ Name: cted
Value: modId%3Dqpv0ob7e%3Bclient_id%3D978315831.1620541739%3Bfbp%3Dfb.1.1620541739243.1259435533
www.bspb.ru/ Name: IBANK_SESSION
Value: 75f901f617e0a26b76a5a9328716d16f74fc38d0-X19fQVQ9MDYwYjM3NjhhZGI2MDEzM2VkZmFkMjNiNWEzNmRhOTdjNDEwYjMzOSZfX19JRD1hYmM3NTBmMi00ZTE1LTQwNWItOThiZC0zYjkyNzZlOTUzNjM=

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.bspb.ru/public/gen/web.js?7c4b628bf1(Line 6)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://x01.aidata.io https://*.calltouch.ru https://cdn.carrotquest.io https://*.carrotquest.io https://connect.facebook.net https://optimize.google.com https://apis.google.com https://bspb.webim.ru https://ad.admitad.com https://px.adhigh.net https://*.adriver.ru https://*.artlebedev.ru https://cityadspix.com https://charts3.equitystory.com https://www.google-analytics.com https://*.google.com https://*.gstatic.com https://*.cdn.heapanalytics.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' 'unsafe-eval' https://code.jquery.com https://ru.fp.kaspersky-labs.com https://ad.cpahub.ru https://*.ggpht.com https://*.googleapis.com https://*.nanosemantics.ru https://*.marketcall.ru https://connect.ok.ru https://*.otm-r.com https://www.googleadservices.com https://*.googleapis.com https://*.googleads.g.doubleclick.net https://googleads.g.doubleclick.net https://cdn.rutarget.ru https://sravni.go2cloud.org https://www.googletagmanager.com https://*.tilda.cc https://maxcdn.bootstrapcdn.com https://promo.bspb.ru https://tracking.banki.ru https://platform.twitter.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com/ https://vk.com https://*.weborama.fr https://yastatic.net https://mc.yandex.ru; connect-src 'self' https://cdn.carrotquest.io https://*.carrotquest.app https://wss//*.carrotquest.app https://*.carrottrack.io https://i.bspb.ru https://localhost https://itest5.bspb.ru https://cms.bspb.ru https://itest6.bspb.ru https://127.0.0.1 https://charts3.equitystory.com https://*.google.com https://*.google.ru https://www.google-analytics.com https://europe-west1-i2id-ga-datastreaming.cloudfunctions.net/ https://*.heapanalytics.com https://heapanalytics.com https://ru.fp.kaspersky-labs.com https://*.nanosemantics.ru https://*.doubleclick.net https://tracking.banki.ru https://185.40.30.129:8243 https://mc.yandex.ru; style-src 'self' https://fonts.googleapis.com https://optimize.google.com 'unsafe-inline' https://fonts.googleapis.com https://*.heapanalytics.com https://heapanalytics.com 'unsafe-inline' https://*.nanosemantics.ru https://*.google.com https://google.com https://maxcdn.bootstrapcdn.com https://maxcdn.bootstrapcdn.com/; frame-src 'self' https://www.bspb.ru https://www.facebook.com https://staticxx.facebook.com https://optimize.google.com https://px.adhigh.net https://content.adriver.ru https://partners.cpaex.ru https://charts3.equitystory.com https://*.nanosemantics.ru https://connect.ok.ru https://*.doubleclick.net https://*.google.com https://*.google.ru https://tag.rutarget.ru https://*.tilda.ws https://promo.bspb.ru https://platform.twitter.com https://*.twitter.com https://185.40.30.129:8243 https://vk.com https://mc.yandex.ru https://mc.yandex.ru https://www.youtube.com; img-src 'self' https://x01.aidata.io https://*.carrotquest.io https://*.carrotquest.app https://www.facebook.com https://optimize.google.com https://bspb.webim.ru https://*.artlebedev.ru https://charts3.equitystory.com https://ga-bq-ii.appspot.com https://www.google-analytics.com https://developer.android.com https://*.heapanalytics.com https://heapanalytics.com data: https://r.planbmedia.com https://ad.cpahub.ru https://goto.cpahub.ru https://cpa.linkprofit.ru https://cpa.linkprofit.ru https://*.ggpht.com https://*.googleapis.com https://*.gstatic.com https://mastertarget.ru/ https://*.mastertarget.ru https://*.nanosemantics.ru https://*.otm-r.com https://*.doubleclick.net https://*.google.com https://*.google.ru https://sravni.go2cloud.org https://*.googletagmanager.com https://tracking.banki.ru https://*.twitter.com https://*.vk.me https://*.userapi.com https://vk.com https://vk.com https://mc.yandex.ru; font-src 'self' https://fonts.gstatic.com https://bspb.webim.ru https://fonts.gstatic.com https://*.heapanalytics.com https://heapanalytics.com https://*.nanosemantics.ru data:; report-uri https://www.bspb.ru/application/cspreport
Strict-Transport-Security max-age=31536000 max-age=15768000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.carrotquest.io
connect.facebook.net
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
mod.calltouch.ru
platform.twitter.com
sabibank.ru
stats.g.doubleclick.net
syndication.twitter.com
vk.com
www.bspb.ru
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.sabibank.ru
x01.aidata.io
mc.yandex.com
www.google.de
104.244.42.200
142.250.185.162
213.172.3.49
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3031::ac43:ad6e
2606:4700:3034::6815:37d7
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c04::9c
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
89.108.119.28
92.118.67.2
92.223.124.254
93.186.225.208
01aa2d72a03612635ebbd7f10bbe72b2729bec42d442acb41cdba51e14fabbb0
0b8daa909401d9f93ad2d352c04ffad383006bc5f6b4a2efcbe1265d2c107bfe
0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d
0f5533d08faa1622094f07d35b71896c1bac0a4201f44d1d5f880de33062f61d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18733c9eac516569879498b328f4d2933f849f62075ada1a3020779ceac17816
1d5c4cae0e26bd7d18beebdaa758cb67631ad1f1ac5202a2d86a72dd9d2e758e
230d6891aa095bbad31c305ffd3f7f0b1a1a232c9aa4ed5771ad2522d1bbc21a
23d291a572fbf9a2428e19fdcad162b66b5398c68c87a0713319755c05c8b7be
26aae5346a5c4038dad7954706ba0b2b565477d5c82b47371ebfbf6d901859c4
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2df3cdcd2e9ef0061636c265e4134464efe4b61f521d4e329d8a0dd7d8bc9bde
2f9424ce1a17a9784560c93a639819525f184fa1e00f3d6aff62b0bb0c4eaa2b
366e131a207d8a6be21fc6ea578c7769cf695986d37f4d13159885162faa63df
3978ce5eb2fb9c46c2155b1d9e5a1a63d7691824f8205e96313ee3953b445eb8
3afde4c902eb0c6d5f98e7c1fd4b50f71dff7bec92df7f942a1b50d2b13d9bfd
406bed06ea47fcbab162bc1b40656bf06ebd865e3150e3e894f5d9af41e68591
45c16fe2b990f431ae842160e8c051ee008cd7bf7cdd93ae04d6c899645bbeba
4ba665cae6e5b4028decc4f7b068d1d63a7c6169c0e4d1f8a13bb1a8b56423a8
4cd7c048f26b56fadda5684da672b1cc1cb2abf6adea07caf3e3b4f24f9b8876
54c53408011a6c3340a497a4498a6b1108bb057f8e2da528cb9ffa9d8e0e0f72
5504aad3aff6f70fe4870957b3eb9734ae966f71fbbd0c843d5704e317d97e01
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c64e98b7d26b27f3235a6b049f4da5a8b1ed471ee0f2d4508e342bcb216eb2e
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
66ed467f9a62b285c1ffc40a7b296bb079ff237300d1d12da201c8cd23fdc1be
6708c811ec8f4bbcce2436ebfa07b3b8c42ff500dc721d6d88a17ee323f7d3da
6750364b201caee4502eafcad6e07f6a7d0c9d30f26233452b8f88042e10c870
695e7d5ddf7eaf79de3ed73b3ecd73af332206ce980e55f5d7bc520e4c06ca24
6b8c709460f85b0805002921be87801eccd28208805e086049aa7a0fee07c2c1
750c0a45a11a98675c9a66b96aceb672799193dab989c42e1be82754e4bbc284
7830f84f5a2bde7d5f63854d764887f843dae9d0c8c77686b2e46f213b7ffa1a
7863cff68b0a527aab6262fa0e18e2f1b733dc8f3eb43869b846035eaa416ce4
78f4a68e84acb13e977edf9bc8f56eb85f907fcf436c59ec5fffd1aa6156d8ee
8014ded73aab32ee22a386a4a5f0f71cee82a2d7bfad71680085bcf89b5ed5e4
824c30e7419b38db4ca693ec605d69a779c9bbf4f52faf93a05a11acf56f1b65
84c9ceacf30eeb1cb9d1034781809742a63213568e06ae17b373adae990540f5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e6e3ebab69edfec5ff7ac103a66358b2c7620393480f0de14ef2c20ef71729
86fc1475c20ac2113b7594b5ba1a9a7053321d8278675540acce0d60885233bb
8719e7caa8c8992a1d546c7a38c708d4929dd04bde1be9381def52752fd2a97f
8883347b32792de59564cc6ce03fbb652f8c7fe968531aed2ee0c6916d2e099b
95b1d0ec872fc50bb03f9131890e455bac9badfec4aa88a4153f41bb4fea4d90
99e4a67b384e3f5a56b8a193847c6d912a06b046f64c683caaa4ba207fdca4e5
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeb66ebdf5c5e902d2f3a56bf8f46173d219a220963762a0b1ab1696523c9339
b1294825d13fe558e1e52ff378b8a220aea85419fd140d6391d2ca22aa623d3a
b57b530c77e39bacb724db669c4b86d9ba48f09a393f49c6f04d97eed5b1a987
ba5c7f291e3351815af21a8971f3e24ce677f4156ba80e1895e796a7df797930
c33351bbb05db1e8dad4c261941ddd9cd89b1d3ddac6881ea7d3189adb43c615
cb961e0a9250bbde328aaf60e66727be6e52b46c4ee5a07a7e382923a5ad516a
cc1eca25372fe32aeb85b5d8f33ab3ddadc3dd4113cc8ae82ebcc5e5452a57b5
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d4fefa2b567d012c138632f8c455be60d131ee22628f98e1aa4401bfb8571c1f
d8470dc560bdb28b2d4bbcce47f2f653f1e5f2bbaf83adc0517d02ac57e8e133
d93e2460679ba909153b7c4ba6351489354006b698cf7ccd79ec0a82a1295838
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e358232d9ca848c33d7eac1a73fb26db76c683bb840de313fc884421993eea0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93ad2a262bebda5bb7d8c528230926eae26e6009c5d641134f8e99f45d15023
eb2be616763feb85796751d12aab1c850bcbeed7006c4b446ad662951a24e4c9
eb31bcb8448b1a07a233abf0a1e637a07193f34eeff2cb1b92565026476eee20
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f118461c0106e0d0ca5705d4b48dbe8ac655d3a067981c3fe56da10038b07272
f790559b3c21a631e620e71355158b3ca23cba7beaeaf9bf96e2c65ab7c7391f
fb0503121cfdee1104ad0baf375bc4b40cca81405e30c84cd8f0a23f3844d328
fd60ce1b06bce2c5dde9baae020e263297c419753338522ace7359e8cbf2e922
fe4d1b96507a793d4b8064d4aeb6f3c5f6018c8fe0a60ea0e8fda3bdaf3e39ea