Submitted URL: https://clck.ru/37ohet
Effective URL: https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
Submission: On January 27 via manual from RU — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 5 domains to perform 19 HTTP transactions. The main IP is 84.252.144.65, located in Russian Federation and belongs to SBERBANK, RU. The main domain is vitrinadp.sber.ru.
TLS certificate: Issued by R3 on January 15th 2024. Valid for: 3 months.
This is the only time vitrinadp.sber.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:6b8::221 13238 (YANDEX)
1 1 2a02:6b8::232 13238 (YANDEX)
1 1 92.53.70.192 49505 (SELECTEL)
15 84.252.144.65 35237 (SBERBANK)
4 84.252.146.93 35237 (SBERBANK)
19 2
Apex Domain
Subdomains
Transfer
15 sber.ru
vitrinadp.sber.ru
1 MB
4 sberbank.ru
svi.online.sberbank.ru — Cisco Umbrella Rank: 386844
460 B
1 tymy.me
tymy.me
176 B
1 yandex.ru
sba.yandex.ru — Cisco Umbrella Rank: 390112
280 B
1 clck.ru
clck.ru — Cisco Umbrella Rank: 319416
823 B
19 5
Domain Requested by
15 vitrinadp.sber.ru vitrinadp.sber.ru
4 svi.online.sberbank.ru vitrinadp.sber.ru
1 tymy.me 1 redirects
1 sba.yandex.ru 1 redirects
1 clck.ru 1 redirects
19 5

This site contains no links.

Subject Issuer Validity Valid
vitrinadp.sber.ru
R3
2024-01-15 -
2024-04-14
3 months crt.sh
webclickstream.online.sberbank.ru
Actalis Domain Validation Server CA G3
2023-11-28 -
2024-11-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
Frame ID: 4200D7615B88F7639E4FB4C78296A95C
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Сбер

Page URL History Show full URLs

  1. https://clck.ru/37ohet HTTP 302
    https://sba.yandex.ru/redirect?url=https%3A%2F%2Ftymy.me%2F6QB4wk&client=clck&request_id=170635064... HTTP 302
    https://tymy.me/6QB4wk HTTP 307
    https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e... Page URL

Page Statistics

19
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

2
IPs

1
Countries

1058 kB
Transfer

2977 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clck.ru/37ohet HTTP 302
    https://sba.yandex.ru/redirect?url=https%3A%2F%2Ftymy.me%2F6QB4wk&client=clck&request_id=1706350644941551-10030511541811782299&sign=a083c4dc3a5bf64daf6525d3f6e2a529 HTTP 302
    https://tymy.me/6QB4wk HTTP 307
    https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
vitrinadp.sber.ru/
Redirect Chain
  • https://clck.ru/37ohet
  • https://sba.yandex.ru/redirect?url=https%3A%2F%2Ftymy.me%2F6QB4wk&client=clck&request_id=1706350644941551-10030511541811782299&sign=a083c4dc3a5bf64daf6525d3f6e2a529
  • https://tymy.me/6QB4wk
  • https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
3 KB
2 KB
Document
General
Full URL
https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
4307b64b7911919a972cc6d6432901b214e357c9f4489d1e9a12aba7c23e7d26
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 27 Jan 2024 10:17:25 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10368000; includeSubDomains
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
cache-control
max-age=0,no-store
etag
W/"65a56561-a25"
expires
Sat, 27 Jan 2024 10:17:25 GMT
last-modified
Mon, 15 Jan 2024 17:03:29 GMT
request-id
e60dc081b3907eb78828a870cb787617
x-envoy-upstream-service-time
1

Redirect headers

content-length
0
date
Sat, 27 Jan 2024 10:17:25 GMT
location
https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
strict-transport-security
max-age=15724800; includeSubDomains
2.54a1bc51.chunk.css
vitrinadp.sber.ru/static/css/
39 KB
24 KB
Stylesheet
General
Full URL
https://vitrinadp.sber.ru/static/css/2.54a1bc51.chunk.css
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
1955c7d78d28228c26c81a118b20a5f448fdc4714d447c4df1180b5c32f1d645
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:25 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10368000; includeSubDomains
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 28 Dec 2023 06:26:50 GMT
etag
W/"658d152a-9dd9"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
text/css
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
1
Connection
keep-alive
request-id
570e9765a4b840ff07271098a10332b3
X-XSS-Protection
1; mode=block
expires
Sun, 26 Jan 2025 10:17:25 GMT
main.7909dadc.chunk.css
vitrinadp.sber.ru/static/css/
163 KB
26 KB
Stylesheet
General
Full URL
https://vitrinadp.sber.ru/static/css/main.7909dadc.chunk.css
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
412d61e9807a0eb704d24ce29002e421f6a176fb830cedea6b4a50f2864b36f9
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:26 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10368000; includeSubDomains
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 28 Dec 2023 06:26:50 GMT
etag
W/"658d152a-28ca9"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
text/css
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
1
Connection
keep-alive
request-id
e94b841af8b06dd10d616ddbd5b40ece
X-XSS-Protection
1; mode=block
expires
Sun, 26 Jan 2025 10:17:26 GMT
2.614cfbb5.chunk.js
vitrinadp.sber.ru/static/js/
1 MB
312 KB
Script
General
Full URL
https://vitrinadp.sber.ru/static/js/2.614cfbb5.chunk.js
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
37c98e0e1b4ed265d3201032eac0f15c6e20155a131d3545caefd818d2a79352
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:26 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10368000; includeSubDomains
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 28 Dec 2023 06:26:50 GMT
etag
W/"658d152a-119a44"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
1
Connection
keep-alive
request-id
901f6397b809b61900cabdc40854f444
X-XSS-Protection
1; mode=block
expires
Sun, 26 Jan 2025 10:17:26 GMT
main.cacab12a.chunk.js
vitrinadp.sber.ru/static/js/
1 MB
280 KB
Script
General
Full URL
https://vitrinadp.sber.ru/static/js/main.cacab12a.chunk.js
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
b4d2683819a6143fc8eba112165a40ceb9881335373d6b8fed7ec14ab8da43aa
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:26 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10368000; includeSubDomains
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 28 Dec 2023 06:26:50 GMT
etag
W/"658d152a-13528f"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
1
Connection
keep-alive
request-id
36456054bee85f29f07ec4422edc780d
X-XSS-Protection
1; mode=block
expires
Sun, 26 Jan 2025 10:17:26 GMT
parameters
vitrinadp.sber.ru/distributor/mw/
655 B
1 KB
XHR
General
Full URL
https://vitrinadp.sber.ru/distributor/mw/parameters
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/js/2.614cfbb5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
25f4bff45caa91e9d7bcf3eaad367b26bc86fef654411a8d029dba45f46e03e7
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:27 GMT
Strict-Transport-Security
max-age=10368000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
x-envoy-upstream-service-time
3
Connection
keep-alive
request-id
a66c1113eabfcf6e1e6cfe79c030a901
Accept-Ranges
bytes
Content-Length
655
X-XSS-Protection
1; mode=block
qr
vitrinadp.sber.ru/distributor/login/
125 B
1 KB
XHR
General
Full URL
https://vitrinadp.sber.ru/distributor/login/qr
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/js/2.614cfbb5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
48708d6a87844319d39db0b700163064b2182f94fbea8d2bc98fe664fd0abb93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=10368000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://vitrinadp.sber.ru/?appCode=agents&externalId=samokat3&partnerNo=f69f842cfc754d72939cc420dd728e6f&resource=link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 27 Jan 2024 10:17:27 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=10368000; includeSubDomains
x-content-type-options
nosniff
x-envoy-upstream-service-time
52
Connection
keep-alive
request-id
8877860bc331240dc9fd5e4c7c1a04b2
Content-Length
125
x-xss-protection
0, 1; mode=block
pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY, SAMEORIGIN
Content-Type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
expires
0
vitrinadp
svi.online.sberbank.ru/metrics/inner-partners/
0
0
Preflight
General
Full URL
https://svi.online.sberbank.ru/metrics/inner-partners/vitrinadp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
84.252.146.93 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
SOWA /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vitrinadp.sber.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://vitrinadp.sber.ru
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Sat, 27 Jan 2024 10:17:28 GMT
Server
SOWA
vitrinadp
svi.online.sberbank.ru/metrics/inner-partners/
0
230 B
XHR
General
Full URL
https://svi.online.sberbank.ru/metrics/inner-partners/vitrinadp
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/js/2.614cfbb5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
84.252.146.93 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
SOWA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vitrinadp.sber.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 10:17:28 GMT
Server
SOWA
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
list
vitrinadp.sber.ru/distributor/settings/
699 B
1 KB
XHR
General
Full URL
https://vitrinadp.sber.ru/distributor/settings/list
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/js/2.614cfbb5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
1b895c03a49d191b7aad2476e59c720230147e0f0ec0ad01b4a4242a106a4fa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=10368000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
clientAppCode
agents
Referer
https://vitrinadp.sber.ru/apps/agents/qr-redirect?externalId=samokat3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:27 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=10368000; includeSubDomains
x-content-type-options
nosniff
x-envoy-upstream-service-time
16
Connection
keep-alive
request-id
7dab843a9f8ae59fdae1edb94da7e28e
Content-Length
699
x-xss-protection
0, 1; mode=block
pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY, SAMEORIGIN
Content-Type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
expires
0
filter
vitrinadp.sber.ru/distributor/promo-campaign/list/
4 KB
5 KB
XHR
General
Full URL
https://vitrinadp.sber.ru/distributor/promo-campaign/list/filter
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/js/2.614cfbb5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
85f27fd1e3d4d69ee892c6845b9119520f303dda7b84bcb89d0cd18ed9233a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=10368000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
clientAppCode
agents
Referer
https://vitrinadp.sber.ru/apps/agents/qr-redirect?externalId=samokat3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 27 Jan 2024 10:17:28 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=10368000; includeSubDomains
x-content-type-options
nosniff
x-envoy-upstream-service-time
69
Connection
keep-alive
request-id
c2ed681f43eec72b31ae36b04aed48d7
Content-Length
4379
x-xss-protection
0, 1; mode=block
pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY, SAMEORIGIN
Content-Type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
expires
0
filter
vitrinadp.sber.ru/distributor/promo-campaign/list/
4 KB
5 KB
XHR
General
Full URL
https://vitrinadp.sber.ru/distributor/promo-campaign/list/filter
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/js/2.614cfbb5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
21de73f1f6ff834279a2eafa2bc4ccc7217cfc981951588b17ebbd2e8122feda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=10368000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
clientAppCode
agents
Referer
https://vitrinadp.sber.ru/apps/agents/general/products/910
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 27 Jan 2024 10:17:28 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=10368000; includeSubDomains
x-content-type-options
nosniff
x-envoy-upstream-service-time
82
Connection
keep-alive
request-id
0624916fe5f590a4744780711505a3f7
Content-Length
4379
x-xss-protection
0, 1; mode=block
pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY, SAMEORIGIN
Content-Type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
expires
0
image-skeleton-shape.646a8ee7.svg
vitrinadp.sber.ru/static/media/
2 KB
2 KB
Image
General
Full URL
https://vitrinadp.sber.ru/static/media/image-skeleton-shape.646a8ee7.svg
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/css/main.7909dadc.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
04549d7d2383d79d1c77b12de46e0e8df8d2254e6069d3663bc369a901a9e14c
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vitrinadp.sber.ru/static/css/main.7909dadc.chunk.css
Origin
https://vitrinadp.sber.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:28 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10368000; includeSubDomains
last-modified
Thu, 28 Dec 2023 06:26:50 GMT
etag
W/"658d152a-8ea"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
image/svg+xml
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
0
Connection
keep-alive
request-id
1daa28345d27438185e2980130ee74ff
X-XSS-Protection
1; mode=block
expires
Sun, 26 Jan 2025 10:17:28 GMT
SBSansText-Medium.a2d43403.woff2
vitrinadp.sber.ru/static/media/
37 KB
37 KB
Font
General
Full URL
https://vitrinadp.sber.ru/static/media/SBSansText-Medium.a2d43403.woff2
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/css/main.7909dadc.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
e9d247693a763a50a98d5dcebd5619f30ecade84b8153dcd1cb16ed379686be4
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vitrinadp.sber.ru/static/css/main.7909dadc.chunk.css
Origin
https://vitrinadp.sber.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:28 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10368000; includeSubDomains
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 28 Dec 2023 06:26:50 GMT
etag
W/"658d152a-9320"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/octet-stream
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
1
Connection
keep-alive
request-id
0454db2a45cfc436313fa694fd6edd15
X-XSS-Protection
1; mode=block
expires
Sun, 26 Jan 2025 10:17:28 GMT
SBSansText-Regular.e8b803b8.woff2
vitrinadp.sber.ru/static/media/
34 KB
35 KB
Font
General
Full URL
https://vitrinadp.sber.ru/static/media/SBSansText-Regular.e8b803b8.woff2
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/css/main.7909dadc.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
0a4ee958b2ac8ea684468ee488d11c8cbba89c45ba8633f20e621b95d83ef271
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vitrinadp.sber.ru/static/css/main.7909dadc.chunk.css
Origin
https://vitrinadp.sber.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:28 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10368000; includeSubDomains
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 28 Dec 2023 06:26:50 GMT
etag
W/"658d152a-8754"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/octet-stream
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
0
Connection
keep-alive
request-id
b9d880eb422c3a24e6966ac60edb8d89
X-XSS-Protection
1; mode=block
expires
Sun, 26 Jan 2025 10:17:28 GMT
SBSansDisplay-Regular.cf2dfa9e.woff2
vitrinadp.sber.ru/static/media/
35 KB
35 KB
Font
General
Full URL
https://vitrinadp.sber.ru/static/media/SBSansDisplay-Regular.cf2dfa9e.woff2
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/css/main.7909dadc.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
40ca55fd2c2360126358237314b2282ca43bfdaa4eb86885ad223800d7eeb436
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vitrinadp.sber.ru/static/css/main.7909dadc.chunk.css
Origin
https://vitrinadp.sber.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:28 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=10368000; includeSubDomains
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 28 Dec 2023 06:26:50 GMT
etag
W/"658d152a-8af0"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/octet-stream
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
1
Connection
keep-alive
request-id
9da133dd3096179087054296972b45e4
X-XSS-Protection
1; mode=block
expires
Sun, 26 Jan 2025 10:17:28 GMT
file
vitrinadp.sber.ru/distributor/fs/
291 KB
291 KB
Image
General
Full URL
https://vitrinadp.sber.ru/distributor/fs/file?path=agents/promocampaign/banner/60f82675-a0cf-4b7f-8733-22525db9bd75.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
84.252.144.65 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
/
Resource Hash
b99472ba575eee4983804890d242a44be37a7b479ecf54be86bf939c13cb6116
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vitrinadp.sber.ru/apps/agents/general/products/910
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 10:17:28 GMT
Strict-Transport-Security
max-age=10368000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 01 Jan 1970 00:00:00 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
cache-control
max-age=10800, must-revalidate, public
x-envoy-upstream-service-time
6
Connection
keep-alive
request-id
b166b784610c7bd54e3adc5d9277aee6
Accept-Ranges
bytes
Content-Length
297571
X-XSS-Protection
1; mode=block
vitrinadp
svi.online.sberbank.ru/metrics/inner-partners/
0
230 B
XHR
General
Full URL
https://svi.online.sberbank.ru/metrics/inner-partners/vitrinadp
Requested by
Host: vitrinadp.sber.ru
URL: https://vitrinadp.sber.ru/static/js/2.614cfbb5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
84.252.146.93 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
SOWA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://vitrinadp.sber.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 27 Jan 2024 10:17:28 GMT
Server
SOWA
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
vitrinadp
svi.online.sberbank.ru/metrics/inner-partners/
0
0
Preflight
General
Full URL
https://svi.online.sberbank.ru/metrics/inner-partners/vitrinadp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
84.252.146.93 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software
SOWA /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://vitrinadp.sber.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST, GET
Access-Control-Allow-Origin
https://vitrinadp.sber.ru
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Sat, 27 Jan 2024 10:17:28 GMT
Server
SOWA

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __app_env__ object| webpackJsonpdistributor-web object| regeneratorRuntime function| setImmediate function| clearImmediate object| clickstream function| SberVisor function| SberidSDK

5 Cookies

Domain/Path Name / Value
vitrinadp.sber.ru/distributor Name: JSESSIONID
Value: YmJlMTE4ZGItZjE3ZS00YjBhLWE3ZjctNjlmNWQ2ZDZjMGJi
vitrinadp.sber.ru/distributor Name: TS01499977
Value: 013ade2899846765f6e19980f42e5fb6697f4a9c1c702f14668508e4388ca37582612140c6e603308249b306e70bac2f9c0b19839b0803d5e74c90a94ae0385909a4d07943
.clck.ru/ Name: _yasc
Value: fwVWRL9/HI36yBq8Wu+Ly4335spKw0yP3Micejg4xazdg8ZTWjUtZfGvH/MPmG0mZA==
.vitrinadp.sber.ru/ Name: TS017829fe
Value: 013ade289901bdbec293db0350ba763e685da1c1d7702f14668508e4388ca37582612140c641e21516cf6750fea3d2a1612b1146f0
.sber.ru/ Name: _sa
Value: SA1.3c21347b-0afb-478b-b21d-9b0aec58f391.1706350647

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block