urlscan.io logo urlscan.io
SecurityTrails logo

sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com Open in urlscan Pro
178.62.240.208  Public Scan

Go To Rescan Add Verdict Report
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Submission: On November 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 29 HTTP transactions. The main IP is 178.62.240.208, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com.
TLS certificate: Issued by R3 on October 30th 2023. Valid for: 3 months.
This is the only time sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

12    178.62.240.208 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: limbo.omines.com
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
1    2607:f8b0:4008:809::200a (Bradenton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4008:805::2008 (Bradenton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4008:806::2003 (Bradenton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4008:813::200e (Bradenton, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400c:c05::9c (Charleston, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
va.tawk.to
Apex Domain
Subdomains		 Transfer
12 findanir.com
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
30 KB
10 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 9846
va.tawk.to — Cisco Umbrella Rank: 9510
142 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
173 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
289 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 157
289 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
29 7
Domain Requested by
12 sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
8 embed.tawk.to sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
embed.tawk.to
2 va.tawk.to embed.tawk.to
2 www.googletagmanager.com sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
29 8

This site contains links to these domains. Also see Links.

Domain
www.omines.nl
www.facebook.com
www.linkedin.com
Subject Issuer Validity Valid
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Frame ID: DFB0F3A3F88F0109F757D5F299634F7A
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com is gereserveerd - Omines Internetbureau

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

29
Requests

97 %
HTTPS

86 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

393 kB
Transfer

1209 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
55ab77a928815bd87a518c323dda55cbeadf61b294d99df8573bb4b7d3496494
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-length
3980
content-security-policy
block-all-mixed-content
content-type
text/html; charset=UTF-8
date
Mon, 27 Nov 2023 05:51:26 GMT
expires
-1
link
</build/placeholder.434055a4.css>; rel="preload"; as="style"
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1
placeholder.434055a4.css
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/build/ 		60 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/build/placeholder.434055a4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
c4d4d1812f115c8baae6a37e48df6163765057e1bb1e2c39cb92f2c4b66f4707
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:07 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
9300
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 10 Nov 2023 11:48:21 GMT
server
nginx
etag
"f0b8-609cae5ae0366-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Wed, 27 Dec 2023 05:00:07 GMT
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@100;300;400;500;600;700;800&display=swap
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:809::200a Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76887375e980af190252fc697b6d9b64f4eb50b1b7b07de4e01891862a6e0ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 07:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 07:49:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 07:49:03 GMT
omines_logo.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/app/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/app/omines_logo.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
cce03aed0f622051bc6351ee0f5f322ca0faba7d96790b3cd4d755a9ccd2b0b5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
1996
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Apr 2023 08:24:31 GMT
server
nginx
etag
"12d8-5f94792021e7c-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:07 GMT
mail.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/app/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/app/mail.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
f933ba0ebb7f507449f0bdba5bf3bd46c5ef5365c4a43fe8d5c5b1a9d143a3a0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
1465
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Apr 2023 08:24:31 GMT
server
nginx
etag
"cb1-5f94792021e7c-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:07 GMT
phone.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/app/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/app/phone.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
89768fbe25e19be601448e85ce22640f6a28441c739cd6e283c5c4c143fcc347
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
1043
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Apr 2023 08:24:31 GMT
server
nginx
etag
"81d-5f94792021e7c-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:07 GMT
team-koffie.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/team-koffie.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
4a2db0d9fdd55cf66a5a53abc1bae836c9a43415d1c8c5f7b6cf1d3bcae303bf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
2116
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Apr 2023 08:24:31 GMT
server
nginx
etag
"1750-5f9479206e140-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:07 GMT
line-horizontal-1.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/ 		740 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/line-horizontal-1.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
f27b14d28f09dd8820df30e3de9c72adfc495c278d32d2bbc61268e87a27d828
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
424
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Apr 2023 08:24:31 GMT
server
nginx
etag
"2e4-5f9479206e140-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:08 GMT
full-service.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/ 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/full-service.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
a05403277587c31d6df184fac2ce82fa393d9d6fa565275d3f2cfb16edfd2989
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
4764
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Apr 2023 08:24:31 GMT
server
nginx
etag
"28fb-5f9479206e140-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:08 GMT
experience.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/experience.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
0d8e2874445b977c2ce9685323ff7f209863f4e8a81a2c870c5a46ca9a902a79
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
1156
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Apr 2023 08:24:31 GMT
server
nginx
etag
"aa8-5f9479206e140-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:08 GMT
line-horizontal-2.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/ 		807 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/line-horizontal-2.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
3f566b9b397aff7659ecf7cfeb8658f523f7194985564dbb6ccbdc4eb0e8e9a4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
432
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Apr 2023 08:24:31 GMT
server
nginx
etag
"327-5f9479206e140-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:08 GMT
partnership.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/assets/placeholder/partnership.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
5bc01a22ae78aa900d870321267fe221884232be30082575b5cfe49f39cbbb7e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
1286
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Apr 2023 08:24:31 GMT
server
nginx
etag
"b19-5f9479206e140-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:08 GMT
gtm.js
www.googletagmanager.com/ 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5QG3V7
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::2008 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2faab12e5a8c98dad03f2b9897ea7e056e5afb6ca2fbdbbb333e421ef22aa856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84182
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Nov 2023 07:49:03 GMT
mouse.dbec4ddc.svg
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/build/images/ 		2 KB
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/build/images/mouse.dbec4ddc.svg
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/build/placeholder.434055a4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.62.240.208 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
limbo.omines.com
Software
nginx /
Resource Hash
58f4ae062e5e6d990030bf4e289c38c6599a6f3d8f479cf8dc37d552078bedd6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/build/placeholder.434055a4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Nov 2023 05:00:08 GMT
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000
x-dns-prefetch-control
on
content-length
762
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 10 Nov 2023 11:48:21 GMT
server
nginx
etag
"8a2-609cae5ada5a5-gzip"
x-download-options
noopen
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=84600, public
permissions-policy
geolocation=*, midi=(), sync-xhr=(self "https://omines.nl" "https://www.omines.nl"), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self "https://omines.nl" "https://www.omines.nl" )
accept-ranges
bytes
expires
Tue, 26 Nov 2024 05:00:08 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@100;300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:26:43 GMT
x-content-type-options
nosniff
age
84140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2024 08:26:43 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5JW4WKQJG1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QG3V7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::2008 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e467ab12dcde59e56da104eb82b368bca8056fda5447c3fcf0ff4edae69f927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92411
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 07:49:03 GMT
collect
analytics.google.com/g/ 		0
289 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5JW4WKQJG1&gtm=45je3b81v877654926z86301933&_p=1701244143407&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=425285917.1701244144&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701244143&sct=1&seg=0&dl=https%3A%2F%2Fsberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com%2F&dt=sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com%20is%20gereserveerd%20-%20Omines%20Internetbureau&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1190
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JW4WKQJG1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 07:49:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
289 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5JW4WKQJG1&cid=425285917.1701244144&gtm=45je3b81v877654926z86301933&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JW4WKQJG1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c05::9c Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 07:49:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default
embed.tawk.to/5d9caa326c1dde20ed059b49/ 		2 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5d9caa326c1dde20ed059b49/default
Requested by
Host: sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
URL: https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06aa74f5fcf7cd1e42765187fcdbf0d82d2ff3c3aede2426fe9b49cfa6da73d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
server
cloudflare
etag
W/"stable-v4-6549ac0173e"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
82d9408acdfa4bc9-BUF
alt-svc
h3=":443"; ma=86400
twk-main.js
embed.tawk.to/_s/v4/app/6549ac0173e/js/ 		121 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d9caa326c1dde20ed059b49/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 07 Nov 2023 03:18:38 GMT
server
cloudflare
content-encoding
br
etag
W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
82d9408c1e094bc9-BUF
alt-svc
h3=":443"; ma=86400
twk-vendor.js
embed.tawk.to/_s/v4/app/6549ac0173e/js/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d9caa326c1dde20ed059b49/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 07 Nov 2023 03:18:38 GMT
server
cloudflare
content-encoding
br
etag
W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
82d9408c1e0a4bc9-BUF
alt-svc
h3=":443"; ma=86400
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/6549ac0173e/js/ 		212 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d9caa326c1dde20ed059b49/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 07 Nov 2023 03:18:38 GMT
server
cloudflare
content-encoding
br
etag
W/"86b32a04921a039ace69980bacd1b639"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
82d9408c1e0b4bc9-BUF
alt-svc
h3=":443"; ma=86400
twk-chunk-common.js
embed.tawk.to/_s/v4/app/6549ac0173e/js/ 		215 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d9caa326c1dde20ed059b49/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5763be1c358cddc8cf28c7cd47453f683dc65d73ea724e19c85effdb0e2e56
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 07 Nov 2023 03:18:38 GMT
server
cloudflare
content-encoding
br
etag
W/"72cdc9849868f49ab20a7a4a581454f9"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
82d9408c1e0c4bc9-BUF
alt-svc
h3=":443"; ma=86400
twk-runtime.js
embed.tawk.to/_s/v4/app/6549ac0173e/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d9caa326c1dde20ed059b49/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd99011422a5bbbb1f6965cd19ff9f76e435e5bea6dd84a85767392e03ea42d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 07 Nov 2023 03:18:38 GMT
server
cloudflare
content-encoding
br
etag
W/"2369bd11bd41e47e53691438c8e45c5b"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
82d9408c1e0d4bc9-BUF
alt-svc
h3=":443"; ma=86400
twk-app.js
embed.tawk.to/_s/v4/app/6549ac0173e/js/ 		151 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d9caa326c1dde20ed059b49/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
Origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:06 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 07 Nov 2023 03:18:38 GMT
server
cloudflare
content-encoding
br
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
82d9408c1e0e4bc9-BUF
alt-svc
h3=":443"; ma=86400
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5d9caa326c1dde20ed059b49&widgetId=default&sv=undefined
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcfb6d1d23c9cb53f394912434bf8d2fb1ccbe4de14c1601b2641ba05b10405
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:07 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-served-by
visitor-application-preemptive-ndd5
server
cloudflare
etag
W/"2-13-0"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
82d9408e6e4c4bc9-BUF
access-control-allow-headers
content-type,x-tawk-token
start
va.tawk.to/v1/session/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82d9408e6e4b4bc9-BUF
date
Wed, 29 Nov 2023 07:49:07 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-frdc
start
va.tawk.to/v1/session/ 		0
0
nl.js
embed.tawk.to/_s/v4/app/6549ac0173e/languages/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6549ac0173e/languages/nl.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8beb909479319cf078ee921cfabdc92e342f2c0db0dde9a686f4ebfff59334ab
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:49:07 GMT
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
482973
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 07 Nov 2023 03:18:38 GMT
server
cloudflare
etag
W/"bf84df19010c984ba2e67ee36934315a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
cf-ray
82d940904e5d4bc9-BUF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
va.tawk.to
URL
https://va.tawk.to/v1/session/start

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer object| google_tag_manager object| google_tag_data object| Tawk_API object| Tawk_LoadStart function| dlpush function| getSelectionText function| onYouTubeIframeAPIReady object| gaGlobal string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window

5 Cookies

Domain/Path Name / Value
.findanir.com/ Name: _gcl_au
Value: 1.1.1862839888.1701244144
.findanir.com/ Name: _ga_5JW4WKQJG1
Value: GS1.1.1701244143.1.0.1701244143.60.0.0
.findanir.com/ Name: _ga
Value: GA1.1.425285917.1701244144
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/ Name: twk_idm_key
Value: T_5KicvCfuQ15rIq-vE3V
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com/ Name: TawkConnectionTime
Value: 1701244147735

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
sberbank.pay.avito.yandex.jp8wfyskyexld5p.pruebas.findanir.com
stats.g.doubleclick.net
va.tawk.to
www.googletagmanager.com
va.tawk.to
178.62.240.208
2606:4700:10::6816:1883
2607:f8b0:4008:805::2008
2607:f8b0:4008:806::2003
2607:f8b0:4008:809::200a
2607:f8b0:4008:813::200e
2607:f8b0:400c:c05::9c
0c5763be1c358cddc8cf28c7cd47453f683dc65d73ea724e19c85effdb0e2e56
0d8e2874445b977c2ce9685323ff7f209863f4e8a81a2c870c5a46ca9a902a79
0fcfb6d1d23c9cb53f394912434bf8d2fb1ccbe4de14c1601b2641ba05b10405
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
2e467ab12dcde59e56da104eb82b368bca8056fda5447c3fcf0ff4edae69f927
2faab12e5a8c98dad03f2b9897ea7e056e5afb6ca2fbdbbb333e421ef22aa856
3f566b9b397aff7659ecf7cfeb8658f523f7194985564dbb6ccbdc4eb0e8e9a4
4a2db0d9fdd55cf66a5a53abc1bae836c9a43415d1c8c5f7b6cf1d3bcae303bf
55ab77a928815bd87a518c323dda55cbeadf61b294d99df8573bb4b7d3496494
58f4ae062e5e6d990030bf4e289c38c6599a6f3d8f479cf8dc37d552078bedd6
5bc01a22ae78aa900d870321267fe221884232be30082575b5cfe49f39cbbb7e
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
76887375e980af190252fc697b6d9b64f4eb50b1b7b07de4e01891862a6e0ff0
89768fbe25e19be601448e85ce22640f6a28441c739cd6e283c5c4c143fcc347
8beb909479319cf078ee921cfabdc92e342f2c0db0dde9a686f4ebfff59334ab
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
a05403277587c31d6df184fac2ce82fa393d9d6fa565275d3f2cfb16edfd2989
c4d4d1812f115c8baae6a37e48df6163765057e1bb1e2c39cb92f2c4b66f4707
ccd99011422a5bbbb1f6965cd19ff9f76e435e5bea6dd84a85767392e03ea42d
cce03aed0f622051bc6351ee0f5f322ca0faba7d96790b3cd4d755a9ccd2b0b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f06aa74f5fcf7cd1e42765187fcdbf0d82d2ff3c3aede2426fe9b49cfa6da73d
f27b14d28f09dd8820df30e3de9c72adfc495c278d32d2bbc61268e87a27d828
f933ba0ebb7f507449f0bdba5bf3bd46c5ef5365c4a43fe8d5c5b1a9d143a3a0
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663