iam.ads.sber.ru
185.163.159.100 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://lk.ssp.rambler.ru/ 4yr old
Effective URL:
https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bbb19605&scope=openid%... 2yr old
Submission: On July 02 via api (July 2nd 2024, 2:29:29 pm UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 21 HTTP transactions. The main IP is 185.163.159.100, located in Russian Federation and belongs to BIZONE-AS, RU. The main domain is iam.ads.sber.ru. 2yr old
TLS certificate: Issued by R3 on April 24th 2024. Valid for: 3mo.

This is the only time iam.ads.sber.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.192.148.14 91.192.148.14	42481 (BEGUN-AS) (BEGUN-AS)
3 7	87.242.127.163 87.242.127.163	208677 (CLOUDRU-AS) (CLOUDRU-AS)
14	185.163.159.100 185.163.159.100	207104 (BIZONE-AS) (BIZONE-AS)
2	151.236.71.248 151.236.71.248	204720 (CDNETWORKS) (CDNETWORKS)
1	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
21	4

1 91.192.148.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

lk.ssp.rambler.ru 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 87.242.127.163 (Russian Federation) 3 redirects

ASN208677 (CLOUDRU-AS, RU)

octo.ad-tech.ru 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
st.ad-tech.ru 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

14 185.163.159.100 (Russian Federation)

ASN207104 (BIZONE-AS, RU)

iam.ads.sber.ru 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 151.236.71.248 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

st.top100.ru 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
14	sber.ru iam.ads.sber.ru 2yr old	3 MB
7	ad-tech.ru 3 redirects octo.ad-tech.ru 2yr old st.ad-tech.ru 3yr old	82 KB
2	top100.ru st.top100.ru — Cisco Umbrella Rank: 47458 13yr old	43 KB
2	rambler.ru 1 redirects lk.ssp.rambler.ru 4yr old kraken.rambler.ru — Cisco Umbrella Rank: 37452 10yr old	902 B
21	4

	Domain	Requested by
14	iam.ads.sber.ru	iam.ads.sber.ru
4	st.ad-tech.ru	iam.ads.sber.ru st.ad-tech.ru
3	octo.ad-tech.ru	3 redirects
2	st.top100.ru	iam.ads.sber.ru st.top100.ru
1	kraken.rambler.ru	iam.ads.sber.ru
1	lk.ssp.rambler.ru	1 redirects
21	6

This site contains no links.

Subject Issuer	Validity	Valid
iam.ads.sber.ru R3	`2024-04-24` - `2024-07-23`	3mo	crt.sh
*.ad-tech.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-10-25` - `2024-11-25`	1yr	crt.sh
*.top100.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-02-14` - `2025-03-17`	1yr	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-05-02` - `2025-06-03`	1yr	crt.sh

This page contains 1 frames:

Primary Page: https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bbb19605&scope=openid%20profile%20email%20roles&response_type=code&approval_prompt=auto&redirect_uri=http%3A%2F%2Focto.ad-tech.ru%2Fauth%2Fconnect-check%2Fkeycloak&client_id=sspui
Frame ID: 031ABDC723042B93047EDD050E843EA0
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Добро пожаловать

Page URL History Show full URLs

https://lk.ssp.rambler.ru/ HTTP 301
https://octo.ad-tech.ru/ HTTP 301
https://octo.ad-tech.ru/dashboard HTTP 307
https://octo.ad-tech.ru/auth/connect/keycloak HTTP 302
https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bb... Page URL

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

2739 kB
Transfer

2829 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lk.ssp.rambler.ru/ HTTP 301
https://octo.ad-tech.ru/ HTTP 301
https://octo.ad-tech.ru/dashboard HTTP 307
https://octo.ad-tech.ru/auth/connect/keycloak HTTP 302
https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bbb19605&scope=openid%20profile%20email%20roles&response_type=code&approval_prompt=auto&redirect_uri=http%3A%2F%2Focto.ad-tech.ru%2Fauth%2Fconnect-check%2Fkeycloak&client_id=sspui Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request auth Show response
iam.ads.sber.ru/realms/sberads/protocol/openid-connect/
Redirect Chain

https://lk.ssp.rambler.ru/
https://octo.ad-tech.ru/
https://octo.ad-tech.ru/dashboard
https://octo.ad-tech.ru/auth/connect/keycloak
https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bbb19605&scope=openid%20profile%20email%20roles&response_type=code&approval_prompt=auto&redirect_ur...

6 KB
4 KB

1506ms
1057ms

Document
text/html

185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bbb19605&scope=openid%20profile%20email%20roles&response_type=code&approval_prompt=auto&redirect_uri=http%3A%2F%2Focto.ad-tech.ru%2Fauth%2Fconnect-check%2Fkeycloak&client_id=sspui

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

65a6f754f887f7b3f7e5ce06e52090fb475d296313239dfd5f3c13253d4ea0b6

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en
Content-Security-Policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Tue, 02 Jul 2024 14:29:32 GMT
Keep-Alive: timeout=15
Referrer-Policy: no-referrer
Server: QRATOR
Strict-Transport-Security: max-age=15724800; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
x-sca-elb: int-keycloak

Redirect headers

cache-control: max-age=0, must-revalidate, private
content-type: text/html; charset=UTF-8
date: Tue, 02 Jul 2024 14:29:30 GMT
expires: Tue, 02 Jul 2024 14:29:30 GMT
location: https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bbb19605&scope=openid%20profile%20email%20roles&response_type=code&approval_prompt=auto&redirect_uri=http%3A%2F%2Focto.ad-tech.ru%2Fauth%2Fconnect-check%2Fkeycloak&client_id=sspui
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: PHP/7.4.33
x-sca-elb: ext
x-srv-addr: 172.16.1.212:8080

GET
H2 200 SBSansDisplay.css
st.ad-tech.ru/css/ 1 KB
2 KB 300ms
84ms Stylesheet
text/css 87.242.127.163
CLOUDRU-AS

General

Check archive.org

Download Go to

Full URL

https://st.ad-tech.ru/css/SBSansDisplay.css

Requested by

Host: iam.ads.sber.ru
URL: https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bbb19605&scope=openid%20profile%20email%20roles&response_type=code&approval_prompt=auto&redirect_uri=http%3A%2F%2Focto.ad-tech.ru%2Fauth%2Fconnect-check%2Fkeycloak&client_id=sspui

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.242.127.163 , Russian Federation, ASN208677 (CLOUDRU-AS, RU),

Reverse DNS

Software

Resource Hash

c3a359717910cd9b5adfb433f9272bf46f999a38daf15736fcef0a022ceedfd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:29:32 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS6Peadl7zwkUFcWylz4c3bQCfV3e4AN
strict-transport-security: max-age=31536000; includeSubDomains
x-sca-elb: ext
x-cache-status: HIT
access-control-allow-methods: OPTIONS,GET
content-type: text/css
access-control-allow-origin: *
x-obs-request-id: bdefe3877da78eeaeede90112ab54be8
access-control-allow-credentials: true
x-obs-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33206/mtime:1716366649/atime:1716366654/md5:9c47801959bd2c202684778eb9647b14/ctime:1716366649
x-obs-tagging-count: 0
content-length: 1106
access-control-allow-headers: DNT

GET
H2 200 SBSansText.css
st.ad-tech.ru/css/ 2 KB
3 KB 299ms
83ms Stylesheet
text/css 87.242.127.163
CLOUDRU-AS

General

Check archive.org

Download Go to

Full URL

https://st.ad-tech.ru/css/SBSansText.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.242.127.163 , Russian Federation, ASN208677 (CLOUDRU-AS, RU),

Reverse DNS

Software

Resource Hash

df78aa8321f12f25708c5daf766dc1efdac7d78506318d41ff7a18b0573020a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:29:32 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSDX2VLwkbnrJfXObTfrJ3Qk5qsEWJO9
strict-transport-security: max-age=31536000; includeSubDomains
x-sca-elb: ext
x-cache-status: HIT
access-control-allow-methods: OPTIONS,GET
content-type: text/css
access-control-allow-origin: *
x-obs-request-id: 5ad35cf670829e013e195ade0e8ef614
access-control-allow-credentials: true
x-obs-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33206/mtime:1716366649/atime:1716366654/md5:a7f9282dfbc8ff7a7cdec798cc302bef/ctime:1716366649
x-obs-tagging-count: 0
content-length: 2353
access-control-allow-headers: DNT

GET
H/1.1 200
OK base.css
iam.ads.sber.ru/resources/t9xsu/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 42 KB
42 KB 242ms
241ms Stylesheet
text/css 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/resources/t9xsu/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:32 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.css
iam.ads.sber.ru/resources/t9xsu/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 1 MB
1 MB 348ms
258ms Stylesheet
text/css 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/resources/t9xsu/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

99681f3f42a61c3eddd165a54808cac1d65ed5a2ed9348b2ddcf13a3087cb2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:32 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK patternfly.min.css
iam.ads.sber.ru/resources/t9xsu/common/keycloak/node_modules/patternfly/dist/css/ 178 KB
179 KB 388ms
285ms Stylesheet
text/css 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/resources/t9xsu/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:32 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK patternfly-additions.min.css
iam.ads.sber.ru/resources/t9xsu/common/keycloak/node_modules/patternfly/dist/css/ 220 KB
220 KB 367ms
264ms Stylesheet
text/css 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/resources/t9xsu/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:32 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK pficon.css
iam.ads.sber.ru/resources/t9xsu/common/keycloak/lib/pficon/ 540 B
955 B 321ms
218ms Stylesheet
text/css 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/resources/t9xsu/common/keycloak/lib/pficon/pficon.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

d84235c3a967dfe986e6bee6955bccbe3829feb6a823000385918aa0c312e5c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:32 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.css
iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/css/ 15 KB
15 KB 358ms
248ms Stylesheet
text/css 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/css/main.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

4b1b7a3476a3422a3a826f93b128c0ac143e4fe37cc568eca650bffedfafa4dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:32 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK login.css
iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/css/ 2 KB
3 KB 591ms
292ms Stylesheet
text/css 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/css/login.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

e9a7a90260825b2f36842765bccd370001c98668c5fb06c7af3f7f8c7bd09439

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:33 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/js/ 8 KB
9 KB 442ms
119ms Script
text/javascript 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/js/main.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

0151f2c70c30a52a726bdbfd3311d05a72028bc920dcbd3e3e3e0b40c6416614

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:32 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 124 KB
38 KB 301ms
41ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: iam.ads.sber.ru
URL: https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bbb19605&scope=openid%20profile%20email%20roles&response_type=code&approval_prompt=auto&redirect_uri=http%3A%2F%2Focto.ad-tech.ru%2Fauth%2Fconnect-check%2Fkeycloak&client_id=sspui
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 01c5d5578e5de5f61d77ad0006e7814f26e20596751b6afa301190f43336778e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:29:33 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2024 06:21:00 GMT
server: nginx
x-amz-meta-s3cmd-attrs: atime:1718949467/ctime:1718949466/gid:0/gname:root/md5:14eed72bedc1caf2c280d7ea3fd68c51/mode:33188/mtime:1718949464/uid:0/uname:root
x-amz-request-id: 0000019073B32ED6A8052BDFBB672ACE
etag: W/"14eed72bedc1caf2c280d7ea3fd68c51"
x-cdn-edge-id: 2315
content-type: application/javascript
x-cdn-edge-cache: HIT
x-amz-tagging-count: 0
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-cdn-request-id: 73c286b531dcd9d2472eedc21d94c7fc
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSWJv2LWsmIIuOU7HVD8YVtgjF8FAtyw

GET
H/1.1 200
OK bg.svg
iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/ 30 KB
31 KB 109ms
108ms Image
image/svg+xml 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to Show image

Full URL

https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/bg.svg

Requested by

Host: iam.ads.sber.ru
URL: https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

60da38edda96b1616c926e47ad6865a64e10fa859a194b5c099a556b43a45716

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:33 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sberads-logo.svg
iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/ 5 KB
6 KB 116ms
115ms Image
image/svg+xml 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to Show image

Full URL

https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/sberads-logo.svg

Requested by

Host: iam.ads.sber.ru
URL: https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

0ed34a128b6cc10d8e51e8686ff15ddca427b09ccb798da0a9a301ae1efe0849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:33 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sberads-logo-shadow.png
iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/ 836 KB
836 KB 180ms
180ms Image
image/png 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to Show image

Full URL

https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/sberads-logo-shadow.png

Requested by

Host: iam.ads.sber.ru
URL: https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

cdfefd1e70ba4cc46f506b96e6d3c74c59efe7783d5a0d2a8cb04cb2f2498a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:33 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H2 200 SBSansDisplay-Semibold.woff2
st.ad-tech.ru/fonts/SBSansDisplay/ 38 KB
38 KB 361ms
215ms Font
binary/octet-stream 87.242.127.163
CLOUDRU-AS

General

Check archive.org

Download Go to

Full URL

https://st.ad-tech.ru/fonts/SBSansDisplay/SBSansDisplay-Semibold.woff2

Requested by

Host: st.ad-tech.ru
URL: https://st.ad-tech.ru/css/SBSansDisplay.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.242.127.163 , Russian Federation, ASN208677 (CLOUDRU-AS, RU),

Reverse DNS

Software

Resource Hash

6ba3fcabad9f5cde5139956d3064e7fa0e44e8e14ad9f7867ef219e1da6ebe4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://st.ad-tech.ru/css/SBSansDisplay.css
Origin: https://iam.ads.sber.ru
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:29:33 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS2k3eXoCu063J2zirY5gDufEk9xY5y2
strict-transport-security: max-age=31536000; includeSubDomains
x-sca-elb: ext
x-cache-status: REVALIDATED
access-control-allow-methods: OPTIONS,GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-obs-request-id: f15ddb23625146025846be53b5971758
access-control-allow-credentials: true
x-obs-meta-s3cmd-attrs: atime:1683144150/ctime:1683144150/gid:0/gname:root/md5:569b01664a389bfe03abed46b69f5f02/mode:33206/mtime:1683144150/uid:0/uname:root
x-obs-tagging-count: 0
content-length: 38684
access-control-allow-headers: DNT

GET
H2 200 SBSansText-Regular.woff2
st.ad-tech.ru/fonts/SBSansText/ 38 KB
39 KB 232ms
87ms Font
binary/octet-stream 87.242.127.163
CLOUDRU-AS

General

Check archive.org

Download Go to

Full URL

https://st.ad-tech.ru/fonts/SBSansText/SBSansText-Regular.woff2

Requested by

Host: st.ad-tech.ru
URL: https://st.ad-tech.ru/css/SBSansText.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.242.127.163 , Russian Federation, ASN208677 (CLOUDRU-AS, RU),

Reverse DNS

Software

Resource Hash

0fa3820aca7811c216d50158ddc50ab028f59e8002c7c049fbe81b2403a9a56e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://st.ad-tech.ru/css/SBSansText.css
Origin: https://iam.ads.sber.ru
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:29:33 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSBwKXfR+M0GmNY0juCGDn71nF99FnkN
strict-transport-security: max-age=31536000; includeSubDomains
x-sca-elb: ext
x-cache-status: REVALIDATED
access-control-allow-methods: OPTIONS,GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-obs-request-id: 7f61018047fa38dbe7d92f39713ce8bb
access-control-allow-credentials: true
x-obs-meta-s3cmd-attrs: atime:1683144150/ctime:1683144150/gid:0/gname:root/md5:7a66b99f4dc2b2a51e1ff78484b6353a/mode:33206/mtime:1683144150/uid:0/uname:root
x-obs-tagging-count: 0
content-length: 39248
access-control-allow-headers: DNT

GET
H2 200 usability.js Show response
st.top100.ru/top100/3.16.7/ 14 KB
4 KB 43ms
43ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Download Go to

Full URL: https://st.top100.ru/top100/3.16.7/usability.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 45964e5bb571cc7531d0a2bdbc6d03b46a184d0b88f78352d02a2aed10f8a817

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 14:29:33 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2024 06:21:00 GMT
server: nginx
x-amz-meta-s3cmd-attrs: atime:1718949467/ctime:1718949466/gid:0/gname:root/md5:fe1e0216da292e97098b8ad2cd633336/mode:33188/mtime:1718949465/uid:0/uname:root
x-amz-request-id: 0000019073B33A7EB02750A14192AB57
etag: W/"fe1e0216da292e97098b8ad2cd633336"
x-cdn-edge-id: 2315
content-type: application/javascript
x-cdn-edge-cache: HIT
x-amz-tagging-count: 0
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-cdn-request-id: 19bb22885596b1bc7d1f0816564900a5
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS7uBslw/V+ndP1Cr53jQjPoxaVkgqW3

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
696 B 309ms
92ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=7715095&session_id=1005219406_1719930573444&session_number=1&session_event_number=1&version=3.16.7&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.7715095.1136214737.1719930573443&adtech_uid=0c32a828-2eca-441d-aeac-82f80fb3a445&adtech_uid_scope=sber.ru&publisher_uid=stat1.1977647585.1719930573091&publisher_uid_scope=ads.sber.ru&fingerprint_ip=pA8AAENKs1dNRnr6AWPqyQA%3D&url=https%3A%2F%2Fiam.ads.sber.ru%2Frealms%2Fsberads%2Fprotocol%2Fopenid-connect%2Fauth%3Fstate%3D3a5e2303373342bd28d5d599bbb19605%26scope%3Dopenid%2520profile%2520email%2520roles%26response_type%3Dcode%26approval_prompt%3Dauto%26redirect_uri%3Dhttp%253A%252F%252Focto.ad-tech.ru%252Fauth%252Fconnect-check%252Fkeycloak%26client_id%3Dsspui&request_id=1719930573.443-1428103520&event_id=928457344626130&meta=%7B%22title%22%3A%22%D0%94%D0%BE%D0%B1%D1%80%D0%BE%20%D0%BF%D0%BE%D0%B6%D0%B0%D0%BB%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22de-DE%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%22-120%22%7D&rn=951935415
Requested by: Host: iam.ads.sber.ru
URL: https://iam.ads.sber.ru/realms/sberads/protocol/openid-connect/auth?state=3a5e2303373342bd28d5d599bbb19605&scope=openid%20profile%20email%20roles&response_type=code&approval_prompt=auto&redirect_uri=http%3A%2F%2Focto.ad-tech.ru%2Fauth%2Fconnect-check%2Fkeycloak&client_id=sspui
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 14:29:33 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
x-srv: 0kraken-prod0003.ad.rambler.tech
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK icon-eye.svg
iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/ 941 B
1 KB 136ms
136ms Image
image/svg+xml 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to Show image

Full URL

https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/icon-eye.svg

Requested by

Host: iam.ads.sber.ru
URL: https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

cc31ef8fe9b4fc83588afae8c8dcefa4c4a69c6a0f24a299c88386bc19c7fadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:33 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/ 15 KB
15 KB 201ms
200ms Other
application/octet-stream 185.163.159.100
BIZONE-AS

General

Check archive.org

Download Go to

Full URL

https://iam.ads.sber.ru/resources/t9xsu/login/sberads-310675/img/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.163.159.100 , Russian Federation, ASN207104 (BIZONE-AS, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

a65490617c12c17b45b5ebf9ff37c7b9f8cabbcdfba24412e6dbc5ccf278ecb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 02 Jul 2024 14:29:33 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: QRATOR
x-sca-elb: int-keycloak
Transfer-Encoding: chunked
Content-Type: application/octet-stream
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=15
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
iam.ads.sber.ru/realms/sberads/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 9b0999d3-7aa6-4d34-a85f-ccca650bbacb.keycloak-0-6812
iam.ads.sber.ru/realms/sberads/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 9b0999d3-7aa6-4d34-a85f-ccca650bbacb.keycloak-0-6812
iam.ads.sber.ru/realms/sberads/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI0NWRmMGZlNi1lNTdjLTQzZWQtODM2ZS1lY2VjNWNiMmM4OTcifQ.eyJjaWQiOiJzc3B1aSIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHA6Ly9vY3RvLmFkLXRlY2gucnUvYXV0aC9jb25uZWN0LWNoZWNrL2tleWNsb2FrIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCByb2xlcyIsImlzcyI6Imh0dHBzOi8vaWFtLmFkcy5zYmVyLnJ1L3JlYWxtcy9zYmVyYWRzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJjbGllbnRfcmVxdWVzdF9wYXJhbV9hcHByb3ZhbF9wcm9tcHQiOiJhdXRvIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovL29jdG8uYWQtdGVjaC5ydS9hdXRoL2Nvbm5lY3QtY2hlY2sva2V5Y2xvYWsiLCJzdGF0ZSI6IjNhNWUyMzAzMzczMzQyYmQyOGQ1ZDU5OWJiYjE5NjA1In19.EGc19MERUV0xBx48bycWu43ro_VbYeMRRP3Fp2gBcqI
octo.ad-tech.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1269eeb9f25b9efd4914991cbaa71195
.ads.sber.ru/	1969-12-31 23:59:59	Name: stat_pubId Value: stat1.1977647585.1719930573091
.sber.ru/	1970-01-21 06:31:06	Name: adtech_uid Value: 0c32a828-2eca-441d-aeac-82f80fb3a445%3Asber.ru
.sber.ru/	1970-01-21 06:31:06	Name: top100_id Value: t1.7715095.1136214737.1719930573443
.sber.ru/	1970-01-21 06:31:06	Name: t3_sid_7715095 Value: s1.1005219406.1719930573444.1719930573446.1.2
.rambler.ru/	1970-01-21 07:21:30	Name: ruid Value: 1CIAAM0OhGbVmKoSAb4XrQB=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

iam.ads.sber.ru
kraken.rambler.ru
lk.ssp.rambler.ru
octo.ad-tech.ru
st.ad-tech.ru
st.top100.ru
151.236.71.248
185.163.159.100
81.19.89.16
87.242.127.163
91.192.148.14
0151f2c70c30a52a726bdbfd3311d05a72028bc920dcbd3e3e3e0b40c6416614
01c5d5578e5de5f61d77ad0006e7814f26e20596751b6afa301190f43336778e
0ed34a128b6cc10d8e51e8686ff15ddca427b09ccb798da0a9a301ae1efe0849
0fa3820aca7811c216d50158ddc50ab028f59e8002c7c049fbe81b2403a9a56e
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
45964e5bb571cc7531d0a2bdbc6d03b46a184d0b88f78352d02a2aed10f8a817
4891821ebc2db4c531ab849f7ce3231cde07f577c15656d7e0ace02e15f047ed
4b1b7a3476a3422a3a826f93b128c0ac143e4fe37cc568eca650bffedfafa4dd
60da38edda96b1616c926e47ad6865a64e10fa859a194b5c099a556b43a45716
65a6f754f887f7b3f7e5ce06e52090fb475d296313239dfd5f3c13253d4ea0b6
6ba3fcabad9f5cde5139956d3064e7fa0e44e8e14ad9f7867ef219e1da6ebe4c
99681f3f42a61c3eddd165a54808cac1d65ed5a2ed9348b2ddcf13a3087cb2b5
a65490617c12c17b45b5ebf9ff37c7b9f8cabbcdfba24412e6dbc5ccf278ecb0
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
c3a359717910cd9b5adfb433f9272bf46f999a38daf15736fcef0a022ceedfd7
cc31ef8fe9b4fc83588afae8c8dcefa4c4a69c6a0f24a299c88386bc19c7fadc
cdfefd1e70ba4cc46f506b96e6d3c74c59efe7783d5a0d2a8cb04cb2f2498a7d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d84235c3a967dfe986e6bee6955bccbe3829feb6a823000385918aa0c312e5c7
df78aa8321f12f25708c5daf766dc1efdac7d78506318d41ff7a18b0573020a9
e9a7a90260825b2f36842765bccd370001c98668c5fb06c7af3f7f8c7bd09439

iam.ads.sber.ru 185.163.159.100 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

4 IPs

1 Countries

2739 kBTransfer

2829 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Window variables

9 Cookies

Security Headers

Indicators

iam.ads.sber.ru
185.163.159.100 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

1
Countries

2739 kB
Transfer

2829 kB
Size

9
Cookies

21 HTTP transactions
0 data transactions