nlb-clickstream.sberbank.ru Open in urlscan Pro
185.157.97.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nlb-clickstream.sberbank.ru/
Effective URL:
https://nlb-clickstream.sberbank.ru/
Submission Tags: l4ing ru sub h8 com Search All
Submission: On April 23 via api (April 23rd 2023, 10:03:28 am UTC) from UA — Scanned from DE

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 55 HTTP transactions. The main IP is 185.157.97.112, located in Russian Federation and belongs to SBERBANK, RU. The main domain is nlb-clickstream.sberbank.ru.
TLS certificate: Issued by SberCA Ext on January 19th 2023. Valid for: 3 years.

This is the only time nlb-clickstream.sberbank.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	185.157.97.112 185.157.97.112	35237 (SBERBANK) (SBERBANK)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
6 17	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	151.236.71.248 151.236.71.248	204720 (CDNETWORKS) (CDNETWORKS)
4	37.18.110.198 37.18.110.198	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 4	84.252.144.107 84.252.144.107	35237 (SBERBANK) (SBERBANK)
2	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	84.252.146.96 84.252.146.96	35237 (SBERBANK) (SBERBANK)
1 2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
55	10

27 185.157.97.112 (Russian Federation) 1 redirects

ASN35237 (SBERBANK, RU)

nlb-clickstream.sberbank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.236.71.248 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

8kwky1agm3.a.trbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.18.110.198 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

dmp.sbermarketing.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp-profiles.sbermarketing.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.252.144.107 (Russian Federation) 1 redirects

ASN35237 (SBERBANK, RU)

visor.sberbank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.18 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.252.146.96 (Russian Federation)

ASN35237 (SBERBANK, RU)

sve.online.sberbank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	sberbank.ru 2 redirects nlb-clickstream.sberbank.ru visor.sberbank.ru — Cisco Umbrella Rank: 101755 sve.online.sberbank.ru — Cisco Umbrella Rank: 367614	2 MB
13	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 7652	5 KB
4	sbermarketing.ru dmp.sbermarketing.ru — Cisco Umbrella Rank: 98682 dmp-profiles.sbermarketing.ru — Cisco Umbrella Rank: 597039	2 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 2437	131 KB
3	trbcdn.net 8kwky1agm3.a.trbcdn.net	86 KB
2	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 6293	2 KB
2	rambler.ru kraken.rambler.ru — Cisco Umbrella Rank: 26829	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	131 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1180	6 KB
55	9

	Domain	Requested by
27	nlb-clickstream.sberbank.ru	1 redirects nlb-clickstream.sberbank.ru
13	mc.yandex.com	4 redirects nlb-clickstream.sberbank.ru mc.yandex.ru
4	visor.sberbank.ru	1 redirects nlb-clickstream.sberbank.ru
4	mc.yandex.ru	2 redirects nlb-clickstream.sberbank.ru
3	8kwky1agm3.a.trbcdn.net	nlb-clickstream.sberbank.ru www.googletagmanager.com
2	top-fwz1.mail.ru	1 redirects
2	dmp-profiles.sbermarketing.ru	nlb-clickstream.sberbank.ru
2	sve.online.sberbank.ru	8kwky1agm3.a.trbcdn.net
2	kraken.rambler.ru	8kwky1agm3.a.trbcdn.net nlb-clickstream.sberbank.ru
2	dmp.sbermarketing.ru	8kwky1agm3.a.trbcdn.net
2	www.googletagmanager.com	nlb-clickstream.sberbank.ru
1	unpkg.com	nlb-clickstream.sberbank.ru
55	12

This site contains links to these domains. Also see Links.

Domain
www.sberbank.ru
sberlead.ru

Subject Issuer	Validity	Valid
nlb-clickstream.sberbank.ru SberCA Ext	`2023-01-19` - `2026-01-18`	3 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.a.trbcdn.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-13` - `2023-05-31`	a year	crt.sh
*.sbermarketing.ru AlphaSSL CA - SHA256 - G2	`2022-08-04` - `2023-09-05`	a year	crt.sh
visor.sberbank.ru HARICA DV TLS RSA	`2023-01-20` - `2024-01-20`	a year	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-04-17` - `2024-05-18`	a year	crt.sh
webclickstream.online.sberbank.ru Actalis Domain Validation Server CA G3	`2023-01-16` - `2024-01-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://nlb-clickstream.sberbank.ru/
Frame ID: 944DFB8EA04CF727A9E9A0A416C992CD
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

СберЛид

Page URL History Show full URLs

http://nlb-clickstream.sberbank.ru/ HTTP 301
https://nlb-clickstream.sberbank.ru/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

55
Requests

42 %
HTTPS

30 %
IPv6

9
Domains

12
Subdomains

10
IPs

3
Countries

2681 kB
Transfer

3504 kB
Size

23
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sberbank.ru/ru/s_m_business/clickform
Title: Связаться со мной

Search URL Search Domain Scan URL

URL: https://sberlead.ru/
Title: https://sberlead.ru

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nlb-clickstream.sberbank.ru/ HTTP 301
https://nlb-clickstream.sberbank.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9982.NxBpV0LeZhD5r4ZIXtp8-RrGLlfb5ie8T3LoUxHPOGHuYuyljXUjguldc0yEwnFu.4pb6Q_M6BQ-1JrB1tse15nk3VN8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9982.RM9mA0zQk2ASJR68BsqF-qrJqyHq8McpPh2Ppq_izYyWR8tIB1qZh2MFinnfTLOxb0teF-qk7WzyV9vqf12ZO24UCua-TNbnnBxSV7jzNwU%2C.5DSkn2bVbiHv0xYTpLjSSrk_auQ%2C

Request Chain 38

https://visor.sberbank.ru/get HTTP 302
https://visor.sberbank.ru/get?try=1

Request Chain 41

https://mc.yandex.com/watch/88976314?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A1142378307888%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100323%3Aet%3A1682244203%3Ac%3A1%3Arn%3A865968808%3Arqn%3A1%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C311%2C50%2C1%2C107%2C0%2C%2C105%2C1%2C%2C%2C%2C575%3Aco%3A0%3Acpf%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244204%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%9B%D0%B8%D0%B4&t=gdpr(14%2C14)clc(0-0-0)rqnt(1)aw(1)ecs(0)ti(2) HTTP 302
https://mc.yandex.com/watch/88976314/1?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A1142378307888%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100323%3Aet%3A1682244203%3Ac%3A1%3Arn%3A865968808%3Arqn%3A1%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C311%2C50%2C1%2C107%2C0%2C%2C105%2C1%2C%2C%2C%2C575%3Aco%3A0%3Acpf%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244204%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%9B%D0%B8%D0%B4&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%282%29

Request Chain 42

https://mc.yandex.com/watch/69330883?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1215902449822%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100323%3Aet%3A1682244203%3Ac%3A1%3Arn%3A547888016%3Arqn%3A1%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C311%2C50%2C1%2C107%2C0%2C%2C105%2C1%2C%2C%2C%2C575%3Aco%3A0%3Acpf%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244204%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%9B%D0%B8%D0%B4&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(0)ti(2) HTTP 302
https://mc.yandex.com/watch/69330883/1?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1215902449822%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100323%3Aet%3A1682244203%3Ac%3A1%3Arn%3A547888016%3Arqn%3A1%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C311%2C50%2C1%2C107%2C0%2C%2C105%2C1%2C%2C%2C%2C575%3Aco%3A0%3Acpf%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244204%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%9B%D0%B8%D0%B4&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%282%29

Request Chain 43

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9982.gcpbV0G3omeqSAw2LyY-znvhJIy070MCpZDyxqXcxZLjqjGEn4mi7wSrBCYBACln.4gpdnnL6FhK-XPKyTKCNWL5F51g%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9982.mIR1Vc5IrssM4C0o8RIMRLXQ9tTppdwvhZmd1kXnwUBW8riWZxo3MNiQt51jX7IcHszzOjiglW8sDRvpbU_bCqT0X4Bx_tuFTvIjqyaKi5I%2C.s1QzDZ8gAQARrTLS2xsoZ6-RfB0%2C

Request Chain 49

https://top-fwz1.mail.ru/counter?id=3259092;pid=b1b72a8d-45bd-4760-8d52-252fb0d13441 HTTP 302
https://top-fwz1.mail.ru/counter2?id=3259092;pid=b1b72a8d-45bd-4760-8d52-252fb0d13441

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
nlb-clickstream.sberbank.ru/
Redirect Chain

http://nlb-clickstream.sberbank.ru/
https://nlb-clickstream.sberbank.ru/

20 KB
6 KB

361ms
50ms

Document
text/html

185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: a4c80d7a9c9345a5d020fa13eb5cd9fb8d1168b37a6f4fec1da1022803e4f40e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 23 Apr 2023 10:03:22 GMT
ETag: W/"641157ba-4f8c"
Expires: Sat, 22 Apr 2023 10:03:22 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Sun, 23 Apr 2023 10:03:22 GMT
Location: https://nlb-clickstream.sberbank.ru/
Server: nginx/1.20.1

GET
H/1.1 200
OK style.css
nlb-clickstream.sberbank.ru/assets/landing/ 26 KB
4 KB 50ms
49ms Stylesheet
text/css 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 5423d758022c513f3bb0926bf8fdb1e79e194834238104e786900797b338019e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: W/"641157ba-6949"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: no-cache
Connection: keep-alive
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H2 200 es5.js Show response
unpkg.com/bowser@2.9.0/ 25 KB
6 KB 67ms
25ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bowser@2.9.0/es5.js

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645f8619ec1d62cb885b9bc5569bf40f30c9b150c6cd5663982f18d88ad6eca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 307941
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GYDKD855ARDT9GH0S5HPQ1JW-fra
server: cloudflare
etag: W/"6411-3yAu1fNzGsHYDcJb4APDT7c47M8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bc546bcfa852c02-FRA

GET
H/1.1 200
OK burger.svg
nlb-clickstream.sberbank.ru/assets/landing/ 306 B
613 B 461ms
48ms Image
image/svg+xml 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/burger.svg
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: ca246a97cffca9b97eacbec148fddbf4a970428c8f953f1133cac87490062e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-132"
Content-Type: image/svg+xml
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 306
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK close.svg
nlb-clickstream.sberbank.ru/assets/landing/ 307 B
614 B 459ms
50ms Image
image/svg+xml 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/close.svg
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: ef4d29656da5c359af6f2f16f4867db4ce5a1d3725a43de681383f4113c6760f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-133"
Content-Type: image/svg+xml
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK mobile-laptop.png
nlb-clickstream.sberbank.ru/assets/landing/ 265 KB
265 KB 516ms
99ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/mobile-laptop.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 5897a28a9504d9d6f476cd9ba5f0cec482e2d9a9a05f10c8d8589bba33a73a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-423db"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 271323
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK laptop.png
nlb-clickstream.sberbank.ru/assets/landing/ 94 KB
95 KB 502ms
49ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/laptop.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6254d63eaee71656192327eb0fed73e17cfdff09a80989bce4b8cbb969be096b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-179b0"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96688
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK first-step.png
nlb-clickstream.sberbank.ru/assets/landing/ 61 KB
61 KB 507ms
49ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/first-step.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6a048b8db2317718f7c69dabe6cb6b3689dc140f378b00a7820a141c6988b940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-f435"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62517
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK second-step.png
nlb-clickstream.sberbank.ru/assets/landing/ 44 KB
44 KB 342ms
98ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/second-step.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: a0136745f5f7d091cb9cc0f5d01384d461359cca17af8aa8b6596953e33d5d18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-afd2"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45010
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK third-step.png
nlb-clickstream.sberbank.ru/assets/landing/ 48 KB
48 KB 378ms
99ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/third-step.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 0cdd3ce27171bab8931e3341378afb5b04fa6532c077cd1ee0ed4ec0e8d34957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-c0a6"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49318
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK fourth-step.png
nlb-clickstream.sberbank.ru/assets/landing/ 47 KB
47 KB 300ms
100ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/fourth-step.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 14d91fd8c833b2b1e60f3d89b01844adae9eda1ca1102765ea0249ea5e19f44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-bbcb"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48075
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK mobile-finished-widgets.png
nlb-clickstream.sberbank.ru/assets/landing/ 353 KB
354 KB 100ms
100ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/mobile-finished-widgets.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 5ee9312f63aeaffb7f4c908f0222bd1bc637c5e7c18a1707770e3ee0db6b5c72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-5850b"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 361739
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK finished-widgets.png
nlb-clickstream.sberbank.ru/assets/landing/ 168 KB
168 KB 50ms
50ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/finished-widgets.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 3cfc3e5707a28dada35e4153e06d2323f2a37d25eb8f907d779b50fdaca3d0a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-29fd1"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 171985
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK mobile-widget-constructor.png
nlb-clickstream.sberbank.ru/assets/landing/ 301 KB
301 KB 50ms
50ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/mobile-widget-constructor.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1162f42facb98003723bf7068f35118e64c8ba00f9b076faf7be4b6191d902db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-4b20a"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307722
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK widget-constructor.png
nlb-clickstream.sberbank.ru/assets/landing/ 85 KB
85 KB 50ms
50ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/widget-constructor.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 08744b40f3ff48a7025f161651071487c8927c26a8d613f2fe626564e20cebb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-1535f"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86879
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK blind-zones.png
nlb-clickstream.sberbank.ru/assets/landing/ 27 KB
27 KB 50ms
49ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/blind-zones.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: d30f5a842c23da0e01522395167bb1cab03890bc61e87ff2eaae75a22ab55c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-6b53"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27475
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK instructor.png
nlb-clickstream.sberbank.ru/assets/landing/ 46 KB
46 KB 49ms
49ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/instructor.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: eed6b4b72b002f0c1c5bf5a26f3248fb727559c9547fd44cd797b01107cc6f85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:24 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-b838"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47160
Expires: Sat, 22 Apr 2023 10:03:24 GMT

GET
H/1.1 200
OK white-dropdown.svg
nlb-clickstream.sberbank.ru/assets/landing/ 263 B
570 B 50ms
49ms Image
image/svg+xml 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/white-dropdown.svg
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: a95da1ca9821925b0361c2c642c69cb6f4125c044e43a0cee3329382e7a0f109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:24 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-107"
Content-Type: image/svg+xml
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 263
Expires: Sat, 22 Apr 2023 10:03:24 GMT

GET
H/1.1 200
OK close.png
nlb-clickstream.sberbank.ru/assets/landing/ 269 B
572 B 142ms
50ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/close.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 46217336beb30f97577f8123ff1fbff3f249358aef976a20a78c95a41bfee81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-10d"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 269
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK index.js Show response
nlb-clickstream.sberbank.ru/assets/scripts/ 4 KB
2 KB 49ms
49ms Script
application/javascript 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://nlb-clickstream.sberbank.ru/assets/scripts/index.js
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: b2273e99c6bae79685125efd8ed0039581eff144f4d8aa303289a286782cff15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: W/"641157ba-101c"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 313 KB
73 KB 211ms
102ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQX7VQ

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b126c5aaa30e4134c899fb11f905f974b37704d13e8c82188bc2c373df58e8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74767
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 Apr 2023 10:03:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
58 KB 156ms
47ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLLMLP

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

331b8bfa153cdada8e1914e1b59af1cec9eec2ac9bc5fac83d92871aae5494af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58934
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 23 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK background.png
nlb-clickstream.sberbank.ru/assets/landing/ 517 KB
517 KB 193ms
99ms Image
image/png 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/background.png
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 5f2e2ef200a6207f823fcd8582b1b0d2d72e64d33f0a4e1694ee6c47525f5373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-8126e"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 529006
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK checkmark.svg
nlb-clickstream.sberbank.ru/assets/landing/ 985 B
1 KB 341ms
50ms Image
image/svg+xml 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/checkmark.svg
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 26edea8beec20a4805a32d10f7f3ee9801e8c59568160c62bd50b4dfafebcf84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-3d9"
Content-Type: image/svg+xml
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 985
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK SBSansUI-Regular.woff
nlb-clickstream.sberbank.ru/assets/fonts/ 50 KB
50 KB 120ms
97ms Font
font/woff 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://nlb-clickstream.sberbank.ru/assets/fonts/SBSansUI-Regular.woff
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 95e4c10b8571c6e05fb73ce82643e97c78cd8c9d24878af88111234c6390f81e

Request headers

Referer: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Origin: https://nlb-clickstream.sberbank.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-c67c"
Content-Type: font/woff
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50812
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK SBSansUI-Semibold.woff
nlb-clickstream.sberbank.ru/assets/fonts/ 49 KB
50 KB 194ms
96ms Font
font/woff 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://nlb-clickstream.sberbank.ru/assets/fonts/SBSansUI-Semibold.woff
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 2cc906a8c111eeefece1168392aa2bdda91e002356e88b620e992161ea08c36e

Request headers

Referer: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Origin: https://nlb-clickstream.sberbank.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-c57c"
Content-Type: font/woff
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50556
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK SBSansUI-Light.woff
nlb-clickstream.sberbank.ru/assets/fonts/ 49 KB
49 KB 202ms
100ms Font
font/woff 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://nlb-clickstream.sberbank.ru/assets/fonts/SBSansUI-Light.woff
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 755daeedd60eab1194fe7298215795783cd53eb97f9e52cab20533bc4f5c160b

Request headers

Referer: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Origin: https://nlb-clickstream.sberbank.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-c474"
Content-Type: font/woff
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50292
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK Inter-Regular.woff2
nlb-clickstream.sberbank.ru/assets/fonts/ 90 KB
90 KB 201ms
98ms Font
font/woff2 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://nlb-clickstream.sberbank.ru/assets/fonts/Inter-Regular.woff2
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: d4884935e40dcfa0aafa8ed6a8ee28f9d2211ef08dc196b07ce4b7e01d685084

Request headers

Referer: https://nlb-clickstream.sberbank.ru/assets/landing/style.css
Origin: https://nlb-clickstream.sberbank.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-16610"
Content-Type: font/woff2
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91664
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H/1.1 200
OK leadLogo.svg
nlb-clickstream.sberbank.ru/assets/landing/ 6 KB
6 KB 370ms
50ms Image
image/svg+xml 185.157.97.112
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlb-clickstream.sberbank.ru/assets/landing/leadLogo.svg
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.112 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f3593d76fda83fef52dac8946057e7597592af1340886f96b77b10f084edd4aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Last-Modified: Wed, 15 Mar 2023 05:29:30 GMT
Server: nginx/1.20.1
ETag: "641157ba-1608"
Content-Type: image/svg+xml
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5640
Expires: Sat, 22 Apr 2023 10:03:23 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 213 KB
73 KB 260ms
85ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e29f972527fba502ab11e9a889538d35368a7280215e478297fb1c30d1d7e044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 21 Apr 2023 13:01:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64425ee6-1231f"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74527
expires: Sun, 23 Apr 2023 11:03:23 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 164 KB
58 KB 53ms
52ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b36eed2ff1854ba9e4d5ca5c7273a917ba754c4925fa481164a91c822a797c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 21 Apr 2023 13:01:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64425ee6-e5f4"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58868
expires: Sun, 23 Apr 2023 11:03:23 GMT

GET
H2 200 top100.js Show response
8kwky1agm3.a.trbcdn.net/gtm/ 175 KB
58 KB 79ms
7ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://8kwky1agm3.a.trbcdn.net/gtm/top100.js
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dd839a9666bb46326e873180af2282f4788f8e32df945822bc3d02a84659daf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
content-encoding: gzip
last-modified: Fri, 01 Apr 2022 09:32:02 GMT
server: nginx
x-amz-request-id: 0a0c64b9:187a53e093f:16df:1407
etag: W/"17ba63075bb60f322bb610f111998f43"
x-cdn-edge-id: 2315
x-amz-meta-sha256: dd839a9666bb46326e873180af2282f4788f8e32df945822bc3d02a84659daf9
content-type: application/javascript
cache-control: max-age=900
x-cdn-edge-cache: HIT
x-emc-mtime: 1648805522244
x-cdn-request-id: c46ac85e20dc5db6573179ffa2c0d680
x-amz-id-2: 4ad1c04b1f6a678d81db4158b28816776690957a0c389a225aabb27a25fb4455
x-amz-meta-s3b-last-modified: 20220401T093024Z

GET
H2 200 sv152.js Show response
8kwky1agm3.a.trbcdn.net/gtm/ 41 KB
15 KB 80ms
14ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://8kwky1agm3.a.trbcdn.net/gtm/sv152.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQX7VQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: bad583455e403d0bfd1e953119c892ac820c90aab92c90c57354aa99f82e289b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 08:43:26 GMT
server: nginx
x-amz-request-id: 0a0c64b8:1879e5eea86:2a86:2b
etag: W/"4ef207556cea991af1e9d77e7699163a"
x-cdn-edge-id: 2315
x-amz-meta-sha256: bad583455e403d0bfd1e953119c892ac820c90aab92c90c57354aa99f82e289b
content-type: application/javascript
cache-control: max-age=900
x-cdn-edge-cache: HIT
x-emc-mtime: 1648716206192
x-cdn-request-id: 4e83491b763f55ad7828f5a04983d56e
x-amz-id-2: 327313e504e8e185311ea49b3795ee348cf2da4d1c3ef5fb2d8e2ba2f9c6a1f0
x-amz-meta-s3b-last-modified: 20220124T114430Z

GET
H2 200 tm.js Show response
8kwky1agm3.a.trbcdn.net/gtm/ 49 KB
13 KB 74ms
15ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://8kwky1agm3.a.trbcdn.net/gtm/tm.js
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8c1433e573ef6f9edcdfa69658f888fda3232c3e9920fd811ca0d31efe1dd0c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
content-encoding: gzip
last-modified: Mon, 13 Feb 2023 13:22:08 GMT
server: nginx
x-amz-request-id: 0a0c64bb:187a59f7563:13d2:5697
etag: W/"9a70cc7189d18ad857a4d9c1c0abe4e3"
x-cdn-edge-id: 2315
x-amz-meta-sha256: 8c1433e573ef6f9edcdfa69658f888fda3232c3e9920fd811ca0d31efe1dd0c9
content-type: application/javascript
cache-control: max-age=900
x-cdn-edge-cache: HIT
x-emc-mtime: 1676294528762
x-cdn-request-id: 5b76a4614639811053b05d90bd4f22a7
x-amz-id-2: 371272444ee3a121fe5eee13babae7c1efa0b6b56284c61017b87ebb27f43dd9
x-amz-meta-s3b-last-modified: 20230213T132224Z

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9982.NxBpV0LeZhD5r4ZIXtp8-RrGLlfb5ie8T3LoUxHPOGHuYuyljXUjguldc0yEwnFu.4pb6Q_M6BQ-1JrB1tse15nk3VN8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9982.RM9mA0zQk2ASJR68BsqF-qrJqyHq8McpPh2Ppq_izYyWR8tIB1qZh2MFinnfTLOxb0teF-qk7WzyV9vqf12ZO24UCua-TNbnnBxSV7jzNwU%2C.5DSkn2bVbiHv0xYTpLjSSrk_auQ%2C

43 B
67 B

50ms
50ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9982.RM9mA0zQk2ASJR68BsqF-qrJqyHq8McpPh2Ppq_izYyWR8tIB1qZh2MFinnfTLOxb0teF-qk7WzyV9vqf12ZO24UCua-TNbnnBxSV7jzNwU%2C.5DSkn2bVbiHv0xYTpLjSSrk_auQ%2C

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9982.RM9mA0zQk2ASJR68BsqF-qrJqyHq8McpPh2Ppq_izYyWR8tIB1qZh2MFinnfTLOxb0teF-qk7WzyV9vqf12ZO24UCua-TNbnnBxSV7jzNwU%2C.5DSkn2bVbiHv0xYTpLjSSrk_auQ%2C
date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 57ms
56ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 21 Apr 2023 13:01:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64425ee6-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 23 Apr 2023 11:03:23 GMT

POST
H2 200 / Show response
dmp.sbermarketing.ru/ 35 B
712 B 134ms
40ms XHR
image/gif 37.18.110.198
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_tgt=tm.js&dmpkit_ctid=f940199e-3e2e-4fac-a636-01f1f5bf88e9&dmpkit_evn=page_view&dmpkit_p=tm&dmpkit_uids%5B10006%5D%5B10001%5D=b1b72a8d-45bd-4760-8d52-252fb0d13441

Requested by

Host: 8kwky1agm3.a.trbcdn.net
URL: https://8kwky1agm3.a.trbcdn.net/gtm/tm.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.110.198 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://nlb-clickstream.sberbank.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/gif
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 35
expires: 0

POST
H2 200 / Show response
dmp.sbermarketing.ru/ 35 B
711 B 129ms
40ms XHR
image/gif 37.18.110.198
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_tgt=sber_event&dmpkit_ctid=f940199e-3e2e-4fac-a636-01f1f5bf88e9&dmpkit_evn=sber_event&dmpkit_p=tm&dmpkit_uids%5B10006%5D%5B10001%5D=b1b72a8d-45bd-4760-8d52-252fb0d13441

Requested by

Host: 8kwky1agm3.a.trbcdn.net
URL: https://8kwky1agm3.a.trbcdn.net/gtm/tm.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.110.198 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://nlb-clickstream.sberbank.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/gif
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 35
expires: 0

OPTIONS
H/1.1 200 get
visor.sberbank.ru/ 0
0 180ms
75ms Preflight 84.252.144.107
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://visor.sberbank.ru/get

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.252.144.107 , Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

SOWA /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://nlb-clickstream.sberbank.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH
Access-Control-Allow-Origin: https://nlb-clickstream.sberbank.ru
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sun, 23 Apr 2023 10:03:23 GMT
Expires: 0
Pragma: no-cache
Server: SOWA
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H/1.1

200

get Show response
visor.sberbank.ru/
Redirect Chain

https://visor.sberbank.ru/get
https://visor.sberbank.ru/get?try=1

60 B
837 B

73ms
73ms

XHR
application/json

84.252.144.107
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://visor.sberbank.ru/get?try=1

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

HTTP/1.1

Server

84.252.144.107 , Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

SOWA /

Resource Hash

2425aa39ad807f6c0330841e4433f2becc287899358ad94fa074821127f62165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 23 Apr 2023 10:03:23 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 60
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: SOWA
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://nlb-clickstream.sberbank.ru
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 23 Apr 2023 10:03:23 GMT
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
Server: SOWA
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: DENY
Access-Control-Allow-Origin: https://nlb-clickstream.sberbank.ru
Location: /get?try=1
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

POST
H2 200 /
kraken.rambler.ru/cnt/ 3 B
574 B 152ms
48ms Ping
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/cnt/
Requested by: Host: 8kwky1agm3.a.trbcdn.net
URL: https://8kwky1agm3.a.trbcdn.net/gtm/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer: https://nlb-clickstream.sberbank.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:23 GMT
server: nginx/1.19.4
x-srv: 2kraken-prod0001.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream, image/gif
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
1 KB 152ms
49ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=3122244&rid=1682244203.523-615848758&tid=t1.3122244.1956101627.1682244203524&v=2.0.9&ct=web&aduid=199e79a7-133f-43e1-a621-3b6bfddf2b53&aduidsc=sberbank.ru&rn=789949612&bs=1600x1200&ce=1&rf&en=2&pt=%D0%A1%D0%B1%D0%B5%D1%80%D0%9B%D0%B8%D0%B4&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&sv&lv&url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&eid=8631442035281237&stid=873965610_1682244203524&sn=1&sen=2&fid=pA8AAENKs1c8BYrjAUflKAA%3D&fip
Requested by: Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
server: nginx/1.19.4
x-srv: 2kraken-prod0001.ad.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 595

GET
H2

200

1 Show response
mc.yandex.com/watch/88976314/
Redirect Chain

https://mc.yandex.com/watch/88976314?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A...
https://mc.yandex.com/watch/88976314/1?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%...

435 B
527 B

54ms
53ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/88976314/1?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A1142378307888%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100323%3Aet%3A1682244203%3Ac%3A1%3Arn%3A865968808%3Arqn%3A1%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C311%2C50%2C1%2C107%2C0%2C%2C105%2C1%2C%2C%2C%2C575%3Aco%3A0%3Acpf%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244204%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%9B%D0%B8%D0%B4&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%282%29

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5907feaf7133cd3f591e0716baffc6c64188c68d9b87e67b9205a032f44c39a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 23-Apr-2023 10:03:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sun, 23-Apr-2023 10:03:23 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23-Apr-2023 10:03:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/88976314/1?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A0%3Als%3A1142378307888%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100323%3Aet%3A1682244203%3Ac%3A1%3Arn%3A865968808%3Arqn%3A1%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C311%2C50%2C1%2C107%2C0%2C%2C105%2C1%2C%2C%2C%2C575%3Aco%3A0%3Acpf%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244204%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%9B%D0%B8%D0%B4&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%282%29
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 23-Apr-2023 10:03:23 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/69330883/
Redirect Chain

https://mc.yandex.com/watch/69330883?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A...
https://mc.yandex.com/watch/69330883/1?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%...

468 B
504 B

57ms
57ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/69330883/1?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1215902449822%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100323%3Aet%3A1682244203%3Ac%3A1%3Arn%3A547888016%3Arqn%3A1%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C311%2C50%2C1%2C107%2C0%2C%2C105%2C1%2C%2C%2C%2C575%3Aco%3A0%3Acpf%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244204%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%9B%D0%B8%D0%B4&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%282%29

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f393c63a652c91e1c3938edeb622a269a4c05156972cd1e1172404a3c9951760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 23-Apr-2023 10:03:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 468
x-xss-protection: 1; mode=block
expires: Sun, 23-Apr-2023 10:03:23 GMT

Redirect headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23-Apr-2023 10:03:23 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/69330883/1?wmode=7&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afp%3A566%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A1215902449822%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100323%3Aet%3A1682244203%3Ac%3A1%3Arn%3A547888016%3Arqn%3A1%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C311%2C50%2C1%2C107%2C0%2C%2C105%2C1%2C%2C%2C%2C575%3Aco%3A0%3Acpf%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244204%3At%3A%D0%A1%D0%B1%D0%B5%D1%80%D0%9B%D0%B8%D0%B4&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%282%29
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 23-Apr-2023 10:03:23 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9982.gcpbV0G3omeqSAw2LyY-znvhJIy070MCpZDyxqXcxZLjqjGEn4mi7wSrBCYBACln.4gpdnnL6FhK-XPKyTKCNWL5F51g%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9982.mIR1Vc5IrssM4C0o8RIMRLXQ9tTppdwvhZmd1kXnwUBW8riWZxo3MNiQt51jX7IcHszzOjiglW8sDRvpbU_bCqT0X4Bx_tuFTvIjqyaKi5I%2C.s1QzDZ8gAQARrTLS2x...

43 B
79 B

58ms
58ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9982.mIR1Vc5IrssM4C0o8RIMRLXQ9tTppdwvhZmd1kXnwUBW8riWZxo3MNiQt51jX7IcHszzOjiglW8sDRvpbU_bCqT0X4Bx_tuFTvIjqyaKi5I%2C.s1QzDZ8gAQARrTLS2xsoZ6-RfB0%2C

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9982.mIR1Vc5IrssM4C0o8RIMRLXQ9tTppdwvhZmd1kXnwUBW8riWZxo3MNiQt51jX7IcHszzOjiglW8sDRvpbU_bCqT0X4Bx_tuFTvIjqyaKi5I%2C.s1QzDZ8gAQARrTLS2xsoZ6-RfB0%2C
date: Sun, 23 Apr 2023 10:03:23 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200 get
visor.sberbank.ru/ 0
0 74ms
74ms Preflight 84.252.144.107
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://visor.sberbank.ru/get?try=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.252.144.107 , Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

SOWA /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://nlb-clickstream.sberbank.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH
Access-Control-Allow-Origin: https://nlb-clickstream.sberbank.ru
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sun, 23 Apr 2023 10:03:23 GMT
Expires: 0
Pragma: no-cache
Server: SOWA
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK partners
sve.online.sberbank.ru/metrics/ 0
0 201ms
49ms Preflight 84.252.146.96
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://sve.online.sberbank.ru/metrics/partners
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 84.252.146.96 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: SOWA /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nlb-clickstream.sberbank.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: https://nlb-clickstream.sberbank.ru
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Date: Sun, 23 Apr 2023 10:03:24 GMT
Server: SOWA

POST
H/1.1 204
No Content partners Show response
sve.online.sberbank.ru/metrics/ 0
174 B 53ms
53ms XHR
text/plain 84.252.146.96
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://sve.online.sberbank.ru/metrics/partners
Requested by: Host: 8kwky1agm3.a.trbcdn.net
URL: https://8kwky1agm3.a.trbcdn.net/gtm/sv152.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 84.252.146.96 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: SOWA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://nlb-clickstream.sberbank.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 23 Apr 2023 10:03:24 GMT
Access-Control-Allow-Credentials: true
Server: SOWA
Connection: keep-alive

OPTIONS
H2 204 products
dmp-profiles.sbermarketing.ru/v2/ 0
0 146ms
44ms Preflight 37.18.110.198
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp-profiles.sbermarketing.ru/v2/products?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=10008&sid=10031&uid=b1b72a8d-45bd-4760-8d52-252fb0d13441

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.110.198 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://nlb-clickstream.sberbank.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With,X-CustomHeader,x-dmpkit-onbehalf-of
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
access-control-max-age: 1728000
content-length: 0
date: Sun, 23 Apr 2023 10:03:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 products Show response
dmp-profiles.sbermarketing.ru/v2/ 417 B
843 B 42ms
41ms XHR
application/json 37.18.110.198
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp-profiles.sbermarketing.ru/v2/products?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=10008&sid=10031&uid=b1b72a8d-45bd-4760-8d52-252fb0d13441

Requested by

Host: nlb-clickstream.sberbank.ru
URL: https://nlb-clickstream.sberbank.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.110.198 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

Software

Resource Hash

8093f23cf3a4da1ee92948d40d5bf58ee1a6a5f7e53de7409e7f6086d17eea88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://nlb-clickstream.sberbank.ru/
accept-language: de-DE,de;q=0.9
authorization: APIKEY a422a83d-0102-4341-9841-27111f26ba3e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json;utf-8
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With,X-CustomHeader,x-dmpkit-onbehalf-of
content-length: 417

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=3259092;pid=b1b72a8d-45bd-4760-8d52-252fb0d13441
https://top-fwz1.mail.ru/counter2?id=3259092;pid=b1b72a8d-45bd-4760-8d52-252fb0d13441

43 B
960 B

48ms
48ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3259092;pid=b1b72a8d-45bd-4760-8d52-252fb0d13441

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlb-clickstream.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 10:03:24 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Sun, 23 Apr 2023 10:03:24 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=3259092;pid=b1b72a8d-45bd-4760-8d52-252fb0d13441
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

POST
H2 200 69330883 Show response
mc.yandex.com/webvisor/ 43 B
191 B 155ms
155ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/69330883?wmode=0&wv-part=1&wv-hit=700444214&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&rn=1718111&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1682244206%3Aw%3A1600x1200%3Av%3A1030%3Az%3A0%3Ai%3A20230423100326%3Au%3A1682244203174920950%3Avf%3A10ym9geic8i73flq82iod0f%3Ast%3A1682244206&t=gdpr(14%2C14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nlb-clickstream.sberbank.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23-Apr-2023 10:03:26 GMT
content-type: image/gif
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 23-Apr-2023 10:03:26 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/69330883/ 43 B
74 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/69330883/1?page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&hittoken=1682244203_e272a37a0ba52771a4bf6d5ceac6d25f61c74c0bc1a9a57e73cc3a348035cfa6&browser-info=pa%3A1%3Aar%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A1%3Als%3A1215902449822%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100326%3Aet%3A1682244206%3Ac%3A1%3Arn%3A100231642%3Arqn%3A2%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1854%2C1854%2C4%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244206&t=gdpr(14%2C14)mc(ci-1)clc(0-0-0)rqnt(2)aw(1)ecs(0)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nlb-clickstream.sberbank.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23-Apr-2023 10:03:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 23-Apr-2023 10:03:26 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/88976314/ 43 B
74 B 54ms
53ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/88976314/1?page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&charset=utf-8&hittoken=1682244203_ffbf813d4a2844319ce8e6dafdbf6ba29f8f76241048b2ed2a7b0de91696ee77&browser-info=pa%3A1%3Aar%3A1%3Avf%3A10ym9geic8i73flq82iod0f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A2%3Adp%3A1%3Als%3A1142378307888%3Ahid%3A700444214%3Az%3A0%3Ai%3A20230423100326%3Aet%3A1682244206%3Ac%3A1%3Arn%3A462922735%3Arqn%3A2%3Au%3A1682244203174920950%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1854%2C1854%2C4%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1682244202519%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682244206&t=gdpr(14%2C14)mc(ci-2-p-1-up-1)clc(0-0-0)rqnt(2)aw(1)ecs(0)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nlb-clickstream.sberbank.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23-Apr-2023 10:03:26 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 23-Apr-2023 10:03:26 GMT

POST
H2 200 69330883 Show response
mc.yandex.com/webvisor/ 43 B
73 B 52ms
51ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/69330883?wmode=0&wv-part=1&wv-hit=700444214&page-url=https%3A%2F%2Fnlb-clickstream.sberbank.ru%2F&rn=971671968&wv-type=3&browser-info=we%3A1%3Aet%3A1682244207%3Aw%3A1600x1200%3Av%3A1030%3Az%3A0%3Ai%3A20230423100326%3Au%3A1682244203174920950%3Avf%3A10ym9geic8i73flq82iod0f%3Ast%3A1682244207&t=gdpr(14%2C14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nlb-clickstream.sberbank.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 10:03:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23-Apr-2023 10:03:26 GMT
content-type: image/gif
access-control-allow-origin: https://nlb-clickstream.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 23-Apr-2023 10:03:26 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sberbank.ru/	1970-01-20 20:03:00	Name: _ym_uid Value: 1682244203174920950
.sberbank.ru/	1970-01-20 20:03:00	Name: _ym_d Value: 1682244203
nlb-clickstream.sberbank.ru/	1970-01-20 20:53:24	Name: ___dmpkit___ Value: b1b72a8d-45bd-4760-8d52-252fb0d13441
.sberbank.ru/	1970-01-20 20:03:00	Name: _sa Value: SA1.cf13bc48-8416-45d0-9627-38c3c45262e0.1682244203
.mc.yandex.com/	1970-01-20 11:17:24	Name: sync_cookie_csrf Value: 1277014847fake
nlb-clickstream.sberbank.ru/	1969-12-31 23:59:59	Name: top100_id Value: t1.3122244.1956101627.1682244203524
nlb-clickstream.sberbank.ru/	1969-12-31 23:59:59	Name: last_visit Value: 1682244203526::1682244203526
.sberbank.ru/	1970-01-20 20:03:00	Name: adtech_uid Value: 199e79a7-133f-43e1-a621-3b6bfddf2b53%3Asberbank.ru
.sberbank.ru/	1970-01-20 12:00:36	Name: user-id_1.0.5_lr_lruid Value: pQ8AAGwCRWTQd1cjAWGBmwA%3D
nlb-clickstream.sberbank.ru/	1969-12-31 23:59:59	Name: t1_sid_3122244 Value: s1.873965610.1682244203524.1682244203532.1.2.2
.sberbank.ru/	1970-01-20 11:18:36	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 11:17:24	Name: sync_cookie_csrf Value: 54291724fake
.sbermarketing.ru/	1970-01-20 20:03:00	Name: dmpuid Value: nwgpR2RxQgmJG55bSI-oxg
.rambler.ru/	1970-01-20 20:53:24	Name: ruid Value: 1CIAAGsCRWTbrv0MAV9ArQB=
.yandex.com/	1970-01-20 20:03:00	Name: ymex Value: 1713780203.yc.1682244203#1713780203.yrts.1682244203#1713780203.yrtsi.1682244203
.yandex.com/	1970-01-20 20:03:00	Name: bh Value: KgI/MA==
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2256535531682244203
.yandex.com/	1970-01-20 20:53:24	Name: i Value: KRcfda4JX/vZHfkoCJLakxhYThMXkfNQGwkDRfaueReEU0d1Id9Pul+Gz/dqczMopITCQuMQ0gFjfEO+SfnwyueZh6U=
.yandex.com/	1970-01-20 20:53:24	Name: yandexuid Value: 7829731221682244203
.yandex.com/	1970-01-20 20:03:00	Name: yuidss Value: 7829731221682244203
.sberbank.ru/	1970-01-20 11:17:26	Name: _ym_visorc Value: w
.sberbank.ru/	1970-01-20 20:03:00	Name: _sv Value: SA1.a7b6231d-7dde-45b4-9e01-af3a29faf9b0.1682244224
.mail.ru/	1970-01-20 20:04:26	Name: VID Value: 2r6UCV0m2YYH00000q1eP4YH:::0-0-0-95f5b2c:CAASEH2Kf9nvk-MLMLdNCEyDgVMaYATy3Kd0EX0difsNDbLvqYULglGAqLfUTeh45ZlbI6lGvs28XT8bVYReVWkG23dxvNRK3PiDyVrDgmOPcAbdUsgqwO0K385C4wUEUSeiqq7G6Muj4PvoEG8gsg1jfgQEeA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8kwky1agm3.a.trbcdn.net
dmp-profiles.sbermarketing.ru
dmp.sbermarketing.ru
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
nlb-clickstream.sberbank.ru
sve.online.sberbank.ru
top-fwz1.mail.ru
unpkg.com
visor.sberbank.ru
www.googletagmanager.com
151.236.71.248
185.157.97.112
2606:4700::6810:7eaf
2a00:1450:4001:831::2008
2a02:6b8::1:119
37.18.110.198
81.19.89.18
84.252.144.107
84.252.146.96
95.163.52.67
08744b40f3ff48a7025f161651071487c8927c26a8d613f2fe626564e20cebb7
0cdd3ce27171bab8931e3341378afb5b04fa6532c077cd1ee0ed4ec0e8d34957
1162f42facb98003723bf7068f35118e64c8ba00f9b076faf7be4b6191d902db
14d91fd8c833b2b1e60f3d89b01844adae9eda1ca1102765ea0249ea5e19f44a
2425aa39ad807f6c0330841e4433f2becc287899358ad94fa074821127f62165
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26edea8beec20a4805a32d10f7f3ee9801e8c59568160c62bd50b4dfafebcf84
2cc906a8c111eeefece1168392aa2bdda91e002356e88b620e992161ea08c36e
331b8bfa153cdada8e1914e1b59af1cec9eec2ac9bc5fac83d92871aae5494af
3cfc3e5707a28dada35e4153e06d2323f2a37d25eb8f907d779b50fdaca3d0a4
46217336beb30f97577f8123ff1fbff3f249358aef976a20a78c95a41bfee81b
5423d758022c513f3bb0926bf8fdb1e79e194834238104e786900797b338019e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5897a28a9504d9d6f476cd9ba5f0cec482e2d9a9a05f10c8d8589bba33a73a07
5907feaf7133cd3f591e0716baffc6c64188c68d9b87e67b9205a032f44c39a8
5ee9312f63aeaffb7f4c908f0222bd1bc637c5e7c18a1707770e3ee0db6b5c72
5f2e2ef200a6207f823fcd8582b1b0d2d72e64d33f0a4e1694ee6c47525f5373
6254d63eaee71656192327eb0fed73e17cfdff09a80989bce4b8cbb969be096b
645f8619ec1d62cb885b9bc5569bf40f30c9b150c6cd5663982f18d88ad6eca4
6a048b8db2317718f7c69dabe6cb6b3689dc140f378b00a7820a141c6988b940
755daeedd60eab1194fe7298215795783cd53eb97f9e52cab20533bc4f5c160b
8093f23cf3a4da1ee92948d40d5bf58ee1a6a5f7e53de7409e7f6086d17eea88
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c1433e573ef6f9edcdfa69658f888fda3232c3e9920fd811ca0d31efe1dd0c9
95e4c10b8571c6e05fb73ce82643e97c78cd8c9d24878af88111234c6390f81e
a0136745f5f7d091cb9cc0f5d01384d461359cca17af8aa8b6596953e33d5d18
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a4c80d7a9c9345a5d020fa13eb5cd9fb8d1168b37a6f4fec1da1022803e4f40e
a95da1ca9821925b0361c2c642c69cb6f4125c044e43a0cee3329382e7a0f109
b126c5aaa30e4134c899fb11f905f974b37704d13e8c82188bc2c373df58e8e0
b2273e99c6bae79685125efd8ed0039581eff144f4d8aa303289a286782cff15
b36eed2ff1854ba9e4d5ca5c7273a917ba754c4925fa481164a91c822a797c5c
bad583455e403d0bfd1e953119c892ac820c90aab92c90c57354aa99f82e289b
bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e
ca246a97cffca9b97eacbec148fddbf4a970428c8f953f1133cac87490062e99
d30f5a842c23da0e01522395167bb1cab03890bc61e87ff2eaae75a22ab55c16
d4884935e40dcfa0aafa8ed6a8ee28f9d2211ef08dc196b07ce4b7e01d685084
dd839a9666bb46326e873180af2282f4788f8e32df945822bc3d02a84659daf9
e29f972527fba502ab11e9a889538d35368a7280215e478297fb1c30d1d7e044
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed6b4b72b002f0c1c5bf5a26f3248fb727559c9547fd44cd797b01107cc6f85
ef4d29656da5c359af6f2f16f4867db4ce5a1d3725a43de681383f4113c6760f
f3593d76fda83fef52dac8946057e7597592af1340886f96b77b10f084edd4aa
f393c63a652c91e1c3938edeb622a269a4c05156972cd1e1172404a3c9951760

nlb-clickstream.sberbank.ru Open in urlscan Pro 185.157.97.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

42 %HTTPS

30 %IPv6

9 Domains

12 Subdomains

10 IPs

3 Countries

2681 kBTransfer

3504 kBSize

23 Cookies

2 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nlb-clickstream.sberbank.ru Open in urlscan Pro
185.157.97.112 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

42 %
HTTPS

30 %
IPv6

9
Domains

12
Subdomains

10
IPs

3
Countries

2681 kB
Transfer

3504 kB
Size

23
Cookies

55 HTTP transactions
0 data transactions