www.sberbank.ru Open in urlscan Pro
194.54.14.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ndflka.ru/click/2074585612029193984?redirect_url=https%3A%2F%2Fvozvratnalogov.online%2Fpayment%2Funauthori...
Effective URL:
https://www.sberbank.ru/ru/person/dist_services/tax_refund
Submission Tags: falconsandbox
Submission: On February 03 via api (February 3rd 2022, 11:48:51 am UTC) from US — Scanned from DE

Summary HTTP 182 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 24 domains to perform 182 HTTP transactions. The main IP is 194.54.14.168, located in Samara, Russian Federation and belongs to SBERBANK, RU. The main domain is www.sberbank.ru. The Cisco Umbrella rank of the primary domain is 239533.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 27th 2021. Valid for: a year.

This is the only time www.sberbank.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	78.155.202.4 78.155.202.4	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 1	194.226.177.241 194.226.177.241	49063 (DTLN) (DTLN)
2 43	194.54.14.168 194.54.14.168	35237 (SBERBANK) (SBERBANK)
10	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	5.9.139.208 5.9.139.208	24940 (HETZNER-AS) (HETZNER-AS)
2 12	37.18.100.247 37.18.100.247	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 8	80.64.106.151 80.64.106.151	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
8	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
8	2.16.186.227 2.16.186.227	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
8 12	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 10	88.99.214.77 88.99.214.77	24940 (HETZNER-AS) (HETZNER-AS)
1 11	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	91.192.150.52 91.192.150.52	42481 (BEGUN-AS) (BEGUN-AS)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
10	2a03:90c0:b1:... 2a03:90c0:b1:2801::254	199524 (GCORE) (GCORE)
2	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
4	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
4	87.240.190.72 87.240.190.72	() ()
4	92.42.15.185 92.42.15.185	() ()
2	144.76.85.142 144.76.85.142	24940 (HETZNER-AS) (HETZNER-AS)
5 15	2a02:6b8::1:119 2a02:6b8::1:119	() ()
182	28

1 78.155.202.4 (Russian Federation) 1 redirects

ASN50340 (SELECTEL-MSK, RU)

ndflka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.226.177.241 (Russian Federation) 1 redirects

ASN49063 (DTLN, RU)

vozvratnalogov.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 194.54.14.168 (Samara, Russian Federation) 2 redirects

ASN35237 (SBERBANK, RU)

www.sberbank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.9.139.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz-s-fr59.rutarget.ru

cdn.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.18.100.247 (Russian Federation) 2 redirects

ASN208677 (SBERCLOUD-AS, RU)

dmp.sbermarketing.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp-profiles.sbermarketing.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 80.64.106.151 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr6.rutarget.ru

tag.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

site.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.227 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-227.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.166 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9966367.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10311401.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 88.99.214.77 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.192.150.52 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:90c0:b1:2801::254 (Yekaterinburg, Russian Federation)

ASN199524 (GCORE, LU)

cdn-app.sberdevices.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.17 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.19.89.16 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.240.190.72 (None, )

ASN- ()

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.42.15.185 (None, )

ASN- ()

partners.sbermarketing.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.85.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.85.76.144.clients.your-server.de

statad.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (None, ) 5 redirects

ASN- ()

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	sberbank.ru 2 redirects www.sberbank.ru — Cisco Umbrella Rank: 239533	2 MB
16	sbermarketing.ru 2 redirects dmp.sbermarketing.ru — Cisco Umbrella Rank: 579770 dmp-profiles.sbermarketing.ru — Cisco Umbrella Rank: 656986 partners.sbermarketing.ru	60 KB
15	doubleclick.net 10 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 96 ad.doubleclick.net — Cisco Umbrella Rank: 195 9966367.fls.doubleclick.net — Cisco Umbrella Rank: 662916 10311401.fls.doubleclick.net — Cisco Umbrella Rank: 877466 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	4 KB
12	yandex.com 4 redirects mc.yandex.com	7 KB
12	rutarget.ru 1 redirects cdn.rutarget.ru — Cisco Umbrella Rank: 67427 tag.rutarget.ru — Cisco Umbrella Rank: 70534 creative.rutarget.ru Failed	10 KB
11	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 10227	30 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	121 KB
10	sberdevices.ru cdn-app.sberdevices.ru — Cisco Umbrella Rank: 438829	4 MB
10	1dmp.io 3 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	6 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	666 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	841 B
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1300	172 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	289 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
6	rambler.ru sync.rambler.ru — Cisco Umbrella Rank: 71556 kraken.rambler.ru — Cisco Umbrella Rank: 27066	3 KB
5	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 3286 mc.yandex.ru	98 KB
4	vk.com vk.com	47 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8028 www.google.de — Cisco Umbrella Rank: 5557	2 KB
2	statad.ru statad.ru — Cisco Umbrella Rank: 92313	700 B
2	top100.ru st.top100.ru — Cisco Umbrella Rank: 30883	131 KB
1	yastatic.net yastatic.net — Cisco Umbrella Rank: 6518	28 KB
1	yandex.net site.yandex.net — Cisco Umbrella Rank: 120399	15 KB
1	vozvratnalogov.online 1 redirects vozvratnalogov.online	226 B
1	ndflka.ru 1 redirects ndflka.ru	211 B
182	24

	Domain	Requested by
43	www.sberbank.ru	2 redirects www.sberbank.ru
12	mc.yandex.com	4 redirects mc.yandex.ru
11	top-fwz1.mail.ru	1 redirects www.sberbank.ru sync.1dmp.io top-fwz1.mail.ru
11	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.sberbank.ru
10	cdn-app.sberdevices.ru
10	sync.1dmp.io	3 redirects www.sberbank.ru sync.1dmp.io
10	www.googletagmanager.com	www.sberbank.ru www.googletagmanager.com
8	www.facebook.com	www.sberbank.ru
8	analytics.tiktok.com	www.sberbank.ru analytics.tiktok.com
8	connect.facebook.net	www.googletagmanager.com connect.facebook.net
8	tag.rutarget.ru	1 redirects cdn.rutarget.ru www.sberbank.ru
8	dmp.sbermarketing.ru	2 redirects www.sberbank.ru dmp.sbermarketing.ru
6	adservice.google.com	1 redirects 10311401.fls.doubleclick.net 9966367.fls.doubleclick.net www.sberbank.ru
4	partners.sbermarketing.ru	www.sberbank.ru partners.sbermarketing.ru
4	vk.com	www.sberbank.ru
4	kraken.rambler.ru	st.top100.ru
4	dmp-profiles.sbermarketing.ru	www.sberbank.ru
4	10311401.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	9966367.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	ad.doubleclick.net	4 redirects
4	cdn.rutarget.ru	www.sberbank.ru
3	mc.yandex.ru	1 redirects www.sberbank.ru
3	adservice.google.de	www.sberbank.ru adservice.google.com
2	statad.ru
2	st.top100.ru	www.sberbank.ru
2	cm.g.doubleclick.net	2 redirects
2	an.yandex.ru	1 redirects sync.1dmp.io
2	sync.rambler.ru	www.sberbank.ru
1	yastatic.net	site.yandex.net
1	www.google.de	www.sberbank.ru
1	www.google.com	www.sberbank.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	site.yandex.net	www.sberbank.ru
1	vozvratnalogov.online	1 redirects
1	ndflka.ru	1 redirects
0	creative.rutarget.ru Failed	www.sberbank.ru
182	36

This site contains links to these domains. Also see Links.

Domain
sber.ru
sbermarket.ru
okko.tv
domclick.ru
spasibosberbank.ru
catalog.smartmarket.sber.ru
sblogistica.ru
www.delivery-club.ru
zvk.onelink.me
sberdevices.ru
www.sber.ru
www.sberbank.com
rabota.sber.ru
developers.sber.ru
online.sberbank.ru
sberprime.sber.ru
help.domclick.ru
ipoteka.domclick.ru
promo.domclick.ru
t.me
osago.sberbank.ru
sberbank.ru
sber-solutions.ru
press.sber.ru
www.facebook.com
twitter.com
www.youtube.com
instagram.com
vk.com
ok.ru
vm.tiktok.com
appgallery.huawei.com

Subject Issuer	Validity	Valid
sberbank.ru GlobalSign RSA OV SSL CA 2018	`2021-08-27` - `2022-09-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.rutarget.ru Thawte RSA CA 2018	`2021-05-17` - `2022-06-17`	a year	crt.sh
*.sbermarketing.ru GlobalSign RSA OV SSL CA 2018	`2021-05-13` - `2022-06-14`	a year	crt.sh
*.yastatic.net Yandex CA	`2022-01-22` - `2022-07-23`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-12` - `2022-02-10`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
sync.1dmp.io R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
sync.rambler.ru R3	`2022-01-22` - `2022-04-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.sberdevices.ru Sectigo RSA Organization Validation Secure Server CA	`2020-04-15` - `2022-04-15`	2 years	crt.sh
*.top100.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-15` - `2022-02-14`	a year	crt.sh
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
partners.sbermarketing.ru ZeroSSL RSA Domain Secure Site CA	`2021-12-10` - `2022-03-10`	3 months	crt.sh
statad.ru R3	`2021-12-14` - `2022-03-14`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Frame ID: 294E175EBB664FCCC925A6C957E6EF34
Requests: 110 HTTP requests in this frame

Frame: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html
Frame ID: 4C3821A1AB4773231CCB9A81F182520E
Requests: 66 HTTP requests in this frame

Frame: https://cdn.rutarget.ru/static/sharecookie/index.html
Frame ID: 9F7F77148362FC9F77C00EB1A88B4975
Requests: 2 HTTP requests in this frame

Frame: https://cdn.rutarget.ru/static/sharecookie/index.html
Frame ID: FCCBC82D87F7FC274D9AAE2D32F872EC
Requests: 1 HTTP requests in this frame

Frame: https://9966367.fls.doubleclick.net/activityi;dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund
Frame ID: 16932F5D72015237BB6A917EA361F3ED
Requests: 1 HTTP requests in this frame

Frame: https://10311401.fls.doubleclick.net/activityi;dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund
Frame ID: 17C76E68DB2CC58983B8E12BBD6C9642
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund
Frame ID: A081D03BFD59385792ECCE053042B089
Requests: 1 HTTP requests in this frame

Frame: https://sync.1dmp.io/supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836
Frame ID: D6279B1E3A0AD0E510268ABF67C268FC
Requests: 5 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund
Frame ID: 151E829D338E7B9468BF41176D3CF21D
Requests: 1 HTTP requests in this frame

Frame: https://9966367.fls.doubleclick.net/activityi;dc_pre=CLPF7Lu74_UCFReTGwodbUMMlA;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html
Frame ID: 151DF923C568BC513E0729534C876D66
Requests: 2 HTTP requests in this frame

Frame: https://10311401.fls.doubleclick.net/activityi;dc_pre=CMW-7bu74_UCFRUTGwodjs8L_w;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html
Frame ID: ECA90598E2C0D3B4A6348DA9246E73E4
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund
Frame ID: D48976BA059F96DA885A981A0B35AAFB
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund
Frame ID: ABDD6B96AAB39F133BE9AC22E300EDEB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3DDA6488055940049EE9F1068C697049
Requests: 1 HTTP requests in this frame

Frame: https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836
Frame ID: 182EC68F14879AD2203F7E95AA8CCE89
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Возврат налогов — СберБанк

Page URL History Show full URLs

https://ndflka.ru/click/2074585612029193984?redirect_url=https%3A%2F%2Fvozvratnalogov.online%2... HTTP 302
https://vozvratnalogov.online/payment/unauthorized?oid=2320524 HTTP 301
https://www.sberbank.ru/ru/person/dist_services/tax_refund Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

92 %
HTTPS

43 %
IPv6

24
Domains

36
Subdomains

28
IPs

5
Countries

7148 kB
Transfer

15996 kB
Size

42
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://sber.ru/
Title: Сбер

Search URL Search Domain Scan URL

URL: https://sber.ru/sberprime
Title: СберПрайм

Search URL Search Domain Scan URL

URL: https://sbermarket.ru/
Title: СберМаркет

Search URL Search Domain Scan URL

URL: https://okko.tv/
Title: Okko

Search URL Search Domain Scan URL

URL: https://domclick.ru/
Title: ДомКлик

Search URL Search Domain Scan URL

URL: https://spasibosberbank.ru/
Title: Спасибо

Search URL Search Domain Scan URL

URL: https://catalog.smartmarket.sber.ru/
Title: SmartMarket

Search URL Search Domain Scan URL

URL: https://sblogistica.ru/
Title: СберЛогистика

Search URL Search Domain Scan URL

URL: https://www.delivery-club.ru/
Title: Delivery Club

Search URL Search Domain Scan URL

URL: https://zvk.onelink.me/dd8d/f429c97e
Title: СберЗвук

Search URL Search Domain Scan URL

URL: https://sberdevices.ru/
Title: СберДевайсы

Search URL Search Domain Scan URL

URL: https://www.sber.ru/ecosystem
Title: Больше об экосистеме

Search URL Search Domain Scan URL

URL: https://www.sberbank.com/ru/
Title: Акционерам и инвесторам

Search URL Search Domain Scan URL

URL: https://rabota.sber.ru/
Title: Вакансии

Search URL Search Domain Scan URL

URL: https://developers.sber.ru/?utm_campaign=smartmarket_menu_sberbank-ru&utm_source=sberbank-ru&utm_medium=owned
Title: Разработчикам

Search URL Search Domain Scan URL

URL: https://online.sberbank.ru/CSAFront/index.do
Title: СберБанк Онлайн

Search URL Search Domain Scan URL

URL: https://sberprime.sber.ru/plus
Title: СберПрайм+

Search URL Search Domain Scan URL

URL: https://domclick.ru/ipoteka/calculator?prod=16&_ga=2.71302928.1632823386.1622036134-1499274624.1620971806
Title: Оформить ипотеку онлайн

Search URL Search Domain Scan URL

URL: https://help.domclick.ru/
Title: Вопросы по ипотеке

Search URL Search Domain Scan URL

URL: https://ipoteka.domclick.ru/?openAuth=true
Title: Личный кабинет Домклик

Search URL Search Domain Scan URL

URL: https://domclick.ru/search/on-map
Title: Найти квартиру

Search URL Search Domain Scan URL

URL: https://promo.domclick.ru/razmestit-obyavlenie-o-prodazhe-nedvijimosty
Title: Продать недвижимость

Search URL Search Domain Scan URL

URL: https://t.me/SberInvestments
Title: Телеграм-канал «СберИнвестиции»

Search URL Search Domain Scan URL

URL: https://osago.sberbank.ru/
Title: ОСАГО

Search URL Search Domain Scan URL

URL: https://sberbank.ru/sms/pt

Search URL Search Domain Scan URL

URL: https://sber-solutions.ru/services/legal/nv?utm_source=Bank&utm_medium=website&utm_campaign=standalone
Title: Вернуть налоги

Search URL Search Domain Scan URL

URL: https://www.sberbank.com/ru
Title: Акционерам и инвесторам

Search URL Search Domain Scan URL

URL: https://press.sber.ru/
Title: Пресс-центр

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bankdruzey
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/sberbank
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.youtube.com/sberbank
Title: Youtube

Search URL Search Domain Scan URL

URL: http://instagram.com/sberbank
Title: Instagram

Search URL Search Domain Scan URL

URL: http://vk.com/sberbank
Title: Вконтакте

Search URL Search Domain Scan URL

URL: https://ok.ru/sberbank
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://vm.tiktok.com/JJPQR5x/
Title: TikTok

Search URL Search Domain Scan URL

URL: https://t.me/sberbank
Title: Telegram

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C100994843?appId=C100994843&source=appshare&subsource=C100994843
Title: Откройте вAppGallery

Search URL Search Domain Scan URL

URL: https://www.sberbank.com/ru/investor-relations/reports-and-publications/ras#vklad
Title: Информация о процентных ставках по договорам банковского вклада с физическими лицами

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ndflka.ru/click/2074585612029193984?redirect_url=https%3A%2F%2Fvozvratnalogov.online%2Fpayment%2Funauthorized%3Foid%3D2320524 HTTP 302
https://vozvratnalogov.online/payment/unauthorized?oid=2320524 HTTP 301
https://www.sberbank.ru/ru/person/dist_services/tax_refund Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=5863959476086&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html HTTP 302
https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=5863959476086&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html&check-cookie=true

Request Chain 62

https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/OpenSans-SemiBold.woff2 HTTP 301
https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/opensans-semibold.woff2

Request Chain 63

https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/OpenSans-Regular.woff2 HTTP 301
https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/opensans-regular.woff2

Request Chain 69

https://ad.doubleclick.net/activity;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined HTTP 302
https://ad.doubleclick.net/activity;dc_pre=COLUw7u74_UCFehKkQUdKkYGUQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined HTTP 302
https://adservice.google.com/ddm/fls/p/dc_pre=COLUw7u74_UCFehKkQUdKkYGUQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https://www.sberbank.ru/ HTTP 302
https://adservice.google.de/ddm/fls/p/dc_pre=COLUw7u74_UCFehKkQUdKkYGUQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https://www.sberbank.ru/

Request Chain 78

https://9966367.fls.doubleclick.net/activityi;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund HTTP 302
https://9966367.fls.doubleclick.net/activityi;dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund

Request Chain 81

https://10311401.fls.doubleclick.net/activityi;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund HTTP 302
https://10311401.fls.doubleclick.net/activityi;dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund

Request Chain 87

https://dmp.sbermarketing.ru/?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=tm.supersync&tc=f940199e-3e2e-4fac-a636-01f1f5bf88e9&ru=%2F%2Fsync.1dmp.io%2Fsupersync%3Fo%3Dns%26cid%3D453f8fd1-8969-4742-9d5a-bc772f37f381%26brid%3Dc38af82e-ea38-4b1e-8e48-6351319a3d3c%26pid%3Dw%26uid%3Dc3c4f987-244f-4f51-9a55-f51fec58441a HTTP 302
https://sync.1dmp.io/supersync?o=ns&cid=453f8fd1-8969-4742-9d5a-bc772f37f381&brid=c38af82e-ea38-4b1e-8e48-6351319a3d3c&pid=w&uid=c3c4f987-244f-4f51-9a55-f51fec58441a HTTP 302
https://sync.1dmp.io/supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836

Request Chain 92

https://top-fwz1.mail.ru/counter?id=2866471;pid=GA1.1.203429629.1643888924 HTTP 302
https://top-fwz1.mail.ru/counter2?id=2866471;pid=GA1.1.203429629.1643888924

Request Chain 99

https://ad.doubleclick.net/activity;src=9966367;type=visit0;cat=sberb0;ord=1;num=8649598992862;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CLHv2Lu74_UCFYbhsgodqUMMQQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=8649598992862;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CLHv2Lu74_UCFYbhsgodqUMMQQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=8649598992862;gtm=2wg220;auiddc=*;u5=203429629.1643888924;u6=DdsxdrOXc7EH

Request Chain 111

https://9966367.fls.doubleclick.net/activityi;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html HTTP 302
https://9966367.fls.doubleclick.net/activityi;dc_pre=CLPF7Lu74_UCFReTGwodbUMMlA;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html

Request Chain 112

https://10311401.fls.doubleclick.net/activityi;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html HTTP 302
https://10311401.fls.doubleclick.net/activityi;dc_pre=CMW-7bu74_UCFRUTGwodjs8L_w;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html

Request Chain 123

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&uid=3e250c90-84e7-11ec-9752-901b0e8d9836 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/3e250c90-84e7-11ec-9752-901b0e8d9836?sign=4138179446 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/3e250c90-84e7-11ec-9752-901b0e8d9836?redir-setuniq=1&sign=4138179446

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_gid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_cver=1

Request Chain 132

https://dmp.sbermarketing.ru/?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=tm.supersync&tc=f940199e-3e2e-4fac-a636-01f1f5bf88e9&ru=%2F%2Fsync.1dmp.io%2Fsupersync%3Fo%3Dns%26cid%3D453f8fd1-8969-4742-9d5a-bc772f37f381%26brid%3Dc38af82e-ea38-4b1e-8e48-6351319a3d3c%26pid%3Dw%26uid%3Dc3c4f987-244f-4f51-9a55-f51fec58441a HTTP 302
https://sync.1dmp.io/supersync?o=ns&cid=453f8fd1-8969-4742-9d5a-bc772f37f381&brid=c38af82e-ea38-4b1e-8e48-6351319a3d3c&pid=w&uid=c3c4f987-244f-4f51-9a55-f51fec58441a HTTP 302
https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm HTTP 302
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_gid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_cver=1

Request Chain 191

https://mc.yandex.com/watch/1175048?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A254976958571%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A649278851%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/1175048/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A254976958571%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A649278851%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 192

https://mc.yandex.com/watch/31643078?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A0%3Als%3A222320768425%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A152520566%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/31643078/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A0%3Als%3A222320768425%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A152520566%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 193

https://mc.yandex.com/watch/34972370?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A3%3Adp%3A0%3Als%3A426329204747%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A390546982%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/34972370/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A3%3Adp%3A0%3Als%3A426329204747%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A390546982%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 197

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9538.xaNEfPTdWs5IzXDka4SSRzT4gvctlbfXc3gC4dGvqUmdXJBT-5AaLtfaunHoETyM.JYn6v2JOdLX4_y-xJ-HQf86nwaU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9538.Z4y9rLWbUw1sij_pIfJA3O33eZuLY9LfQPWMyASuMR13UhmiQRqjqiTAYHQfQ681pDz5MQZeHn8W0_lc0SH3QfVb4Ti09zhK63PSMsCKqe0%2C.A6JMutq2BUqQgEIgJQ-HNa9CAE8%2C

182 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tax_refund Show response
www.sberbank.ru/ru/person/dist_services/
Redirect Chain

https://ndflka.ru/click/2074585612029193984?redirect_url=https%3A%2F%2Fvozvratnalogov.online%2Fpayment%2Funauthorized%3Foid%3D2320524
https://vozvratnalogov.online/payment/unauthorized?oid=2320524
https://www.sberbank.ru/ru/person/dist_services/tax_refund

246 KB
59 KB

517ms
200ms

Document
text/html

194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

48941b9291539e301efacafbdcc4b44fb8fef4438b126a512419ff629a29193d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 03 Feb 2022 11:48:43 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 1; mode=block
pragma: No-cache
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
content-language: de-DE
allow: GET, HEAD, OPTIONS
content-encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 03 Feb 2022 11:48:43 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.sberbank.ru/ru/person/dist_services/tax_refund

GET
H2 200 vendors.evergreen.js Show response
www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailPlatform/ 159 KB
53 KB 71ms
70ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailPlatform/vendors.evergreen.js?v=5660b95dcd48c60e6d8d6876ed5e06f52a8996cf

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

8be4dc0925303fd5556a13ab9f4fc5f758e26c37040dc57edc50c18013706d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Origin: https://www.sberbank.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 platform.live.evergreen.js Show response
www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailPlatform/ 19 KB
8 KB 69ms
69ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailPlatform/platform.live.evergreen.js?v=5660b95dcd48c60e6d8d6876ed5e06f52a8996cf

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

767e524ff4d2cb0a17063a377dce5c8b7418c762571f6506d08cfbd0562b2e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Origin: https://www.sberbank.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:34 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 449 KB
101 KB 176ms
91ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e928483f86ff55a7ca9016457c1ced684d91a4ae0b772f906d39bf7bcc5947cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103474
x-xss-protection: 0
expires: Thu, 03 Feb 2022 11:48:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 456 KB
101 KB 134ms
49ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFPPM5

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

496a631b06f3de4557b22a4efde6c2164767d7654dbcf9d96147417281faae33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102892
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Feb 2022 11:48:44 GMT

GET
H2 200 RetailContentCommon.css
www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailContentCommon/ 124 KB
24 KB 119ms
119ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailContentCommon/RetailContentCommon.css?v=ccd93a110782b08ab5a95f233d8e6a0d17ed5b97

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

95d8a184b7f8aa24ee066aed4f8b98805f7bdb1687f1cdfaa341119d2a5ca2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 RetailContentCommon.js Show response
www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailContentCommon/ 259 KB
51 KB 109ms
107ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailContentCommon/RetailContentCommon.js?v=ccd93a110782b08ab5a95f233d8e6a0d17ed5b97

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

d4dc5cc524f56cab02b8461374b0c89737c93b6944fe3b378be88f7e5850abf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 TabsContainer.css
www.sberbank.ru/portalserver/static/containers/%5BBBHOST%5D/TabsContainer/ 3 KB
1 KB 119ms
118ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/containers/%5BBBHOST%5D/TabsContainer/TabsContainer.css?v=e5fce8431de87c3a89e528ab8efc1472076afd6b

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

b48eb03f907e33e2baf94f0be7498c66e178109ca4011f711e0ce692aa8ff1ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:32:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 TabsContainer.js Show response
www.sberbank.ru/portalserver/static/containers/%5BBBHOST%5D/TabsContainer/ 13 KB
5 KB 111ms
109ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/containers/%5BBBHOST%5D/TabsContainer/TabsContainer.js?v=e5fce8431de87c3a89e528ab8efc1472076afd6b

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

32b172b0a678fe9739d5946e31cb503108157ae8c4ae1fdab73a3072fb1c2961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:32:00 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 RetailKit.css
www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailKit/ 82 KB
12 KB 119ms
119ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailKit/RetailKit.css?v=a3a67b86ff501729c1f845c9385645db3284c8a9

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

b09e8fd3f8133925dff3b1af546e587b116dc6386bdfb10365eb49c50f0d24e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:30:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 RetailKit.js Show response
www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailKit/ 106 KB
27 KB 109ms
107ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailKit/RetailKit.js?v=a3a67b86ff501729c1f845c9385645db3284c8a9

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

14db26234c6530a9f84bda614309a47d2a41ee54d8662e165c925119f1c603eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:30:57 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 UniversalTable.js Show response
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/UniversalTable/ 6 KB
3 KB 110ms
109ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/UniversalTable/UniversalTable.js?v=8ea40bcd8e6836572ff83cee81109d7040ae67bb

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

5d8c424fc63b3ac408139bbe3f26374c64c1a30a4e035f8d66f6a5a30fc96f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:30:46 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 UniversalTable.css
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/UniversalTable/ 11 KB
3 KB 118ms
118ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/UniversalTable/UniversalTable.css?v=8ea40bcd8e6836572ff83cee81109d7040ae67bb

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

e2b2e7b3916859ab867f2d26f70d403b558c69884c3b48c3f4d0218e63df7520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:30:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 IframeResizer.js Show response
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/IframeResizer/ 27 KB
10 KB 110ms
108ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/IframeResizer/IframeResizer.js?v=e20f93e434a1ccded9a0aa7704fb8f945ed3eab5

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

3b57b98df06700b837a9a0a7172c797b9ef39d8a7af9c12f8b27b73911669167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:39 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 IframeResizer.css
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/IframeResizer/ 114 B
612 B 120ms
119ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/IframeResizer/IframeResizer.css?v=e20f93e434a1ccded9a0aa7704fb8f945ed3eab5

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

97114cb04fac9b6885b7e3b5b17911c711f72182744f8984d1b0c6ad18de4643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 07:30:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
allow: GET, HEAD, OPTIONS
content-length: 114
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 BenefitListIce.css
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/BenefitListIce/ 18 KB
3 KB 120ms
119ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/BenefitListIce/BenefitListIce.css?v=6d51225012de429a64ffddb2e561ce37ab4aa9b6

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

343d039865f534cfada3ac7b4d090770357c50d4c42d8aba82920ae8880c26ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 BenefitListIce.js Show response
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/BenefitListIce/ 9 KB
4 KB 111ms
109ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/BenefitListIce/BenefitListIce.js?v=6d51225012de429a64ffddb2e561ce37ab4aa9b6

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

70533fe147dea80d90ad541e0aaa63139df668072a36b025d6cde7d3547bf674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:31 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 RetailContentCommon.css
www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailContentCommon/ 124 KB
24 KB 119ms
118ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailContentCommon/RetailContentCommon.css?v={{RetailContentCommon_hash}}

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

95d8a184b7f8aa24ee066aed4f8b98805f7bdb1687f1cdfaa341119d2a5ca2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 RetailContentCommon.js Show response
www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailContentCommon/ 259 KB
51 KB 109ms
108ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/RetailContentCommon/RetailContentCommon.js?v={{RetailContentCommon_hash}}

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

d4dc5cc524f56cab02b8461374b0c89737c93b6944fe3b378be88f7e5850abf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:42 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 PageTeaserDict.css
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/PageTeaserDict/ 15 KB
5 KB 120ms
119ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/PageTeaserDict/PageTeaserDict.css?v=cc8bd207923b0fd64b7fbbad68fada107c1f8540

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

9d676b935466757317d5ec273912570a305b9795d7f576b140c744f92237f43e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:30:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 PageTeaserDict.js Show response
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/PageTeaserDict/ 7 KB
3 KB 110ms
109ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/PageTeaserDict/PageTeaserDict.js?v=cc8bd207923b0fd64b7fbbad68fada107c1f8540

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

dad94479cd1440a252c6ff478710d39d6a78ef83e1eab1da5ac96fbc77f6a9ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:30:26 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 5da192f6-297e-4354-8115-9215eff38225
www.sberbank.ru/portalserver/content/api/contentstream-id/adbb65af-4773-43ee-aaa9-8999c8d514e7/ 83 KB
84 KB 109ms
108ms Image
image/jpeg 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sberbank.ru/portalserver/content/api/contentstream-id/adbb65af-4773-43ee-aaa9-8999c8d514e7/5da192f6-297e-4354-8115-9215eff38225?&_=1600161427179

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

8f75e85012d862c40072a3b74d38b1340d5ee7a8055b3796c3d88b6a9461b2c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
referrer-policy: origin-when-cross-origin
last-modified: Tue, 15 Sep 2020 12:16:08 GMT
etag: adbb65af-4773-43ee-aaa9-8999c8d514e7.5da192f6-297e-4354-8115-9215eff38225@2020-09-15T12:16:08[85321]
x-frame-options: SAMEORIGIN
content-type: image/jpeg; charset=UTF-8
content-range: bytes 0-85320/85321
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
allow: GET, HEAD, OPTIONS
content-length: 85321
x-content-type-options: nosniff
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 SiteFooter.css
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/SiteFooter/ 43 KB
13 KB 108ms
107ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/SiteFooter/SiteFooter.css?v=9fa341746b943a4c19cca2e8804028bb5d0c0f7d

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

1da3296e11d156325fc1f915a46748d0a066c9ebd08f9c575439ec5ece8a225e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:32:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2de33ca2d2cfb7f437aa190ecdd4b3991ff2879604c0e24aaf02849ae1f360b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74e54f503582825b07d59a633ad44eefda6b7c6575712911b68a00c57047fce6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 index.html Show response
www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/ Frame 4C38 17 KB
5 KB 56ms
56ms Document
text/html 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

d88377f92693840574d7ce567505a98c85ce38c1b205ab4a30c9dbf1e71fb5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 11 Jan 2022 13:59:21 GMT
etag: W/"f3cac14e466e99dd7d8e9e2dbc6b18c0"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT
cache-control: max-age=31536000 public immutable
x-forwarded-site: fs
content-encoding: gzip

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 830
date: Thu, 03 Feb 2022 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 03 Feb 2022 13:34:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2TDLL4T53E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fa9c2d5b278cd1fd18d39c24701ed3cf534161f8ecff33ce87a822f0a1e53fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62463
x-xss-protection: 0
expires: Thu, 03 Feb 2022 11:48:44 GMT

GET
H2 200 index.html Show response
cdn.rutarget.ru/static/sharecookie/ Frame 9F7F 1 KB
816 B 54ms
11ms Document
text/html 5.9.139.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rutarget.ru/static/sharecookie/index.html
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.139.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz-s-fr59.rutarget.ru
Software: nginx /
Resource Hash: 7352ede0c8c9c0c12b89952f01c051c77cf384e8ecce8ee8960de7de72a2314f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/

Response headers

server: nginx
date: Thu, 03 Feb 2022 11:48:44 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 04 Mar 2021 13:45:02 GMT
etag: W/"6040e45e-439"
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
content-encoding: gzip

GET
DATA 200
OK truncated
/ 844 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8285e568b3bbcb8bd39a13076176675c5bb3c5956835397aba9004835535f592

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 454 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45a1ab862bbc5e2921553773fa55546fbfc3344ef67859dfb560a7ffac37c6e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 498 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19b280e9a4238e0f1cc15da79adf8de3525467b4867e21712fe4233a097f75c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 252 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b302e06a228844811eb12170cc1239688be6872887e9127f7fb6b268061afed4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 SBSansUI-Regular.woff2
www.sberbank.ru/portalserver/static/features/[BBHOST]/RetailPlatform/fonts/ 36 KB
37 KB 55ms
53ms Font
application/font-woff2 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/[BBHOST]/RetailPlatform/fonts/SBSansUI-Regular.woff2

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

80609d8dfb4069766a0abec53f07bef0dd343321e696c493efd68580461e20f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Origin: https://www.sberbank.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:33 GMT
x-frame-options: SAMEORIGIN
content-type: application/font-woff2; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 SBSansUI-Semibold.woff2
www.sberbank.ru/portalserver/static/features/[BBHOST]/RetailPlatform/fonts/ 36 KB
36 KB 55ms
55ms Font
application/font-woff2 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/[BBHOST]/RetailPlatform/fonts/SBSansUI-Semibold.woff2

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

0706c01d615fed46fe31a9947936dded545a759882c7ae17152972a3c580c097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Origin: https://www.sberbank.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:31:33 GMT
x-frame-options: SAMEORIGIN
content-type: application/font-woff2; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 955143711fef785e69cd5397c1c730b2f575a30c382af9e147590d18fdada566

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 622 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f48845684cf362ce27771e41855b88ba44b3eafbc9f8b1d40a623a339eebf8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1b61a0b3def1515da077e27a1ea877793fdf8f73e8dbb236d7ed18d004d11e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 618 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97393ac04f540688e548f4747f00cfeae73961859247cf733bb9d7f9eea7aa24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 967 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7560a306e7964932fd72a82e6c9bb220f186e0d303756e70c4ed5fad17b67d09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ffba24d937852ac28e21e6a974bb1bad2a215b26092bafac8b1fff2f932a369

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 388 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb0c214aa0d38db5ae1a0c50ed523158b19b6ffd010379ff9629092421d3ecb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ec0144b33f5673fb07ea4d459b4e391d9473c1aab6ab869e3563be68bfa0248

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 664 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 747464eb44f1a37cef212e07e47d0b0a6c4ed477fc0af69a432d94bea2e72057

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c19998b016d0161846060867fb4264022b34b860878f24a242b9101cfaf9920a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4202343c059f9bd13d3bbd07f54f6ff2674f2207eecde6d580e535512dd0786

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 470 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a28cf8c2e625cac25c2b524ff85d77344703b7be690f7d6a9d04e8e8705821f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 SBSansDisplay-SemiBold.woff2
www.sberbank.ru/portalserver/static/features/[BBHOST]/RetailPlatform/fonts/ 39 KB
40 KB 54ms
53ms Font
application/font-woff2 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/[BBHOST]/RetailPlatform/fonts/SBSansDisplay-SemiBold.woff2

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

775385a8548e6152479b8ca570fbc3cf6b2261895b10085e2be54a5900970383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Origin: https://www.sberbank.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 07:29:53 GMT
x-frame-options: SAMEORIGIN
content-type: application/font-woff2; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 SiteFooter.js Show response
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/SiteFooter/ 97 KB
29 KB 54ms
54ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/SiteFooter/SiteFooter.js?v=9fa341746b943a4c19cca2e8804028bb5d0c0f7d

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

f55dc63204146265630a3c182776bd87099d904387d6a828264303f5ea50cf6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:32:03 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 RetailChat.min.js Show response
www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/RetailChat/ 180 KB
52 KB 55ms
55ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/widgets/%5BBBHOST%5D/RetailChat/RetailChat.min.js?v=f98e52ec5a943391eeb3c756aad860fc75324a79

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

53c30bcaf7d44775ccf20fe9abc5ebee3c3e6cc2bd8b19d5d4adca94614678a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:30:20 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:44 GMT

GET
H2 200 header-footer.css
www.sberbank.ru/common/img/uploaded/redirected/person/main_menu/css/ Frame 4C38 178 KB
29 KB 73ms
72ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/redirected/person/main_menu/css/header-footer.css

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

b1fd088b793316879a49d704fca95a03173da1d78071661c7acb0bde67bf704b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 23 Jan 2021 10:16:50 GMT
etag: W/"8fb22000af8b8aa52d716e0ad598c3b4"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Fri, 03 Feb 2023 11:48:44 GMT
cache-control: max-age=31536000, public, immutable
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H2 200 default.css
www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/css/ Frame 4C38 22 KB
4 KB 73ms
73ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/css/default.css?744298

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

fddcfb47b0261be38638b3fc8f206b01753369e51903c6ed868a45b801d46627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jan 2022 13:59:19 GMT
etag: W/"f059f29ee71e020dfd6b2ff73c74896a"
x-frame-options: SAMEORIGIN
content-type: text/css
expires: Fri, 03 Feb 2023 11:48:44 GMT
cache-control: max-age=31536000, public, immutable
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H2 200 jquery-1.8.3.min.js Show response
www.sberbank.ru/common/img/uploaded/js/landing/ Frame 4C38 91 KB
33 KB 59ms
58ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/js/landing/jquery-1.8.3.min.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 23 Jan 2021 08:54:20 GMT
etag: W/"3576a6e73c9dccdbbc4a2cf8ff544ad7"
x-frame-options: SAMEORIGIN
content-type: application/javascript
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H2 200 vue-libs.min.js Show response
www.sberbank.ru/common/img/uploaded/js/landing/ Frame 4C38 132 KB
43 KB 73ms
72ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/js/landing/vue-libs.min.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

f04db1f9a1c9a28f9b093cad101b4493b242bdba5c03fb76828276d396ed2312

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 23 Jan 2021 10:01:57 GMT
etag: W/"33f7bf0226f6496e1c8447182be585be"
x-frame-options: SAMEORIGIN
content-type: application/javascript
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H2 200 bundle.js Show response
www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/js/ Frame 4C38 49 KB
17 KB 108ms
107ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/js/bundle.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

e61dabb3281977d3a5f1d3f8517b7054243b403f4f5148d113bc72abb2765dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jan 2022 13:59:20 GMT
etag: W/"19061ef7202db4bc5da87c698c88179d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Fri, 03 Feb 2023 11:48:44 GMT
cache-control: max-age=31536000, public, immutable
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H/1.1 200
OK tm.js Show response
dmp.sbermarketing.ru/ 295 KB
24 KB 203ms
51ms Script
application/javascript 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.sbermarketing.ru/tm.js?id=f940199e-3e2e-4fac-a636-01f1f5bf88e9
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: 25202d146a1beff8cca5a501cd2b9f48e8bc0ffffd102600f762bf5191fb5049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:45 GMT
Content-Encoding: gzip
Server: elb
ETag: "154"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: application/javascript
Cache-Control: public, max-age=120
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
Content-Length: 23079
Expires: Thu, 03 Feb 2022 11:50:45 GMT

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4417bff4920d72006c73bf2042c2474320e60dfb6b08704cb4a70da26759fb0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 93ms
46ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2TDLL4T53E&gtm=2oe220&_p=418784986&sr=1600x1200&ul=en-us&cid=203429629.1643888924&_s=1&dl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&dt=%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA&sid=1643888923&sct=1&seg=0&en=page_view&_fv=2&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TDLL4T53E&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sberbank.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 115 KB
41 KB 95ms
59ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-TZ5JZ8Z&t=gtmTracker&cid=203429629.1643888924

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b3bb994ef5b5f76a838a1e638083d9b7bd82ccd7d901d97ee43e0f18defcd50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41755
x-xss-protection: 0
expires: Thu, 03 Feb 2022 11:48:44 GMT

GET
H/1.1

200
OK

tag
tag.rutarget.ru/ Frame 9F7F
Redirect Chain

https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=5863959476086&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html
https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=5863959476086&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html&check-cookie=true

35 B
548 B

140ms
140ms

Image
image/gif

80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=5863959476086&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html&check-cookie=true
Requested by: Host: cdn.rutarget.ru
URL: https://cdn.rutarget.ru/static/sharecookie/index.html
Protocol: HTTP/1.1
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr6.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:45 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

Redirect headers

Location: https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=5863959476086&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html&check-cookie=true
Date: Thu, 03 Feb 2022 11:48:45 GMT
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 4C38 449 KB
101 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

420330adb1e6c6d733e841670e895c8960cca9dbbd1826534b6f4b383e911a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103471
x-xss-protection: 0
expires: Thu, 03 Feb 2022 11:48:44 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 4C38 456 KB
101 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFPPM5

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

496a631b06f3de4557b22a4efde6c2164767d7654dbcf9d96147417281faae33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102892
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Feb 2022 11:48:44 GMT

GET
H2 200 all.js Show response
site.yandex.net/v2.0/js/ Frame 4C38 56 KB
15 KB 192ms
60ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/all.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15151
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "a144f832184afae15f82138151d89089"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Feb 2022 23:46:01 GMT

GET
H2

200

opensans-semibold.woff2
www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/ Frame 4C38
Redirect Chain

https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/OpenSans-SemiBold.woff2
https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/opensans-semibold.woff2

22 KB
23 KB

55ms
55ms

Font
font/woff2

194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/opensans-semibold.woff2

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/css/default.css?744298

Protocol

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

04264f23aae592697cacd9ad4084bac8fabd907896724c8901c85c2e437cc9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/css/default.css?744298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Jan 2022 13:59:20 GMT
etag: "5d2d952215b164c397ca8f5d80045a8d"
x-frame-options: SAMEORIGIN
content-type: font/woff2
expires: Fri, 03 Feb 2023 11:48:45 GMT
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
content-length: 22668
x-xss-protection: 1; mode=block
x-forwarded-site: fs

Redirect headers

date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/opensans-semibold.woff2
expires: Fri, 03 Feb 2023 11:48:45 GMT
cache-control: max-age=31536000, public, immutable
content-length: 169
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H2

200

opensans-regular.woff2
www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/ Frame 4C38
Redirect Chain

https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/OpenSans-Regular.woff2
https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/opensans-regular.woff2

22 KB
22 KB

55ms
55ms

Font
font/woff2

194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/opensans-regular.woff2

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/css/default.css?744298

Protocol

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

7b187fc99298c3c2749771da6086840cf677f696f2848e69de824eb72a371885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/css/default.css?744298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Jan 2022 13:59:20 GMT
etag: "bda959f6ac54bd38fc87ce7836aea8cc"
x-frame-options: SAMEORIGIN
content-type: font/woff2
expires: Fri, 03 Feb 2023 11:48:45 GMT
cache-control: max-age=31536000, public, immutable
accept-ranges: bytes
content-length: 22040
x-xss-protection: 1; mode=block
x-forwarded-site: fs

Redirect headers

date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/assets/fonts/open_sans/opensans-regular.woff2
expires: Fri, 03 Feb 2023 11:48:45 GMT
cache-control: max-age=31536000, public, immutable
content-length: 169
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 63ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFPPM5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: QawLA6njWZbnSG2immdjxM4NbIuVVA5MnMdpzohgiOMhKw90z9UIh8aLieT01fTSY8VE4JeyrVhQod9ZK/R20Q==
x-fb-trip-id: 720026100
x-frame-options: DENY
date: Thu, 03 Feb 2022 11:48:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 119 KB
35 KB 138ms
100ms Script
application/javascript 2.16.186.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T98D1U9OSLU1GBO4KG&lib=ttq
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-227.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 6f2b5dcf.d1e52df
date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-198.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-223.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 90,2.16.186.223
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022020311484501011300608606FC1AB1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,23.220.104.198
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3cf33c9dfbcea70df479a137472eff96b687fb24f7db27fa154f732b94d4bde898a445776db678454defe2732488baa3e792c99e6be7ce198480a5434a9370bd7bfc0ccb3350d0f26f123c2036489d35083767d246c5b5ffa27504d1f7c3ef1ed
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9966367

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce60d50c5483ac8770535b04dc266eeb9cc051c55e66d4eacb480cd04308b0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35757
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10311401

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

633a8467aa5d8c826c96712ef5de52bcd6953099cd9b585c6c0d0502d0284847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35831
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Feb 2022 11:48:45 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 68ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-21169438-1&cid=203429629.1643888924&jid=217610837&gjid=910517096&_gid=83583677.1643888924&_u=aCDAiEADRAAAAE~&z=1853256105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 03 Feb 2022 11:48:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.sberbank.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adservice.google.de/ddm/fls/p/dc_pre=COLUw7u74_UCFehKkQUdKkYGUQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefine...
Redirect Chain

https://ad.doubleclick.net/activity;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined?
https://ad.doubleclick.net/activity;dc_pre=COLUw7u74_UCFehKkQUdKkYGUQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=un...
https://adservice.google.com/ddm/fls/p/dc_pre=COLUw7u74_UCFehKkQUdKkYGUQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6...
https://adservice.google.de/ddm/fls/p/dc_pre=COLUw7u74_UCFehKkQUdKkYGUQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=...

42 B
737 B

169ms
74ms

Image
image/gif

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/dc_pre=COLUw7u74_UCFehKkQUdKkYGUQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https://www.sberbank.ru/

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://adservice.google.de/ddm/fls/p/dc_pre=COLUw7u74_UCFehKkQUdKkYGUQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=1259316342145;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https://www.sberbank.ru/
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=418784986&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&ul=en-us&de=UTF-8&dt=%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEADR~&jid=217610837&gjid=910517096&cid=203429629.1643888924&tid=UA-21169438-1&_gid=83583677.1643888924&gtm=2wg220NRDX7Z&cd13=1643888923864.91jd4mdk&cd39=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd57=_4emo4mk53tf&cd72=038&cd2=203429629.1643888924&z=1795273716

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 20:40:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54466
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 147ms
63ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21169438-1&cid=203429629.1643888924&jid=217610837&_u=aCDAiEADRAAAAE~&z=344405401

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 152ms
63ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21169438-1&cid=203429629.1643888924&jid=217610837&_u=aCDAiEADRAAAAE~&z=344405401

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4C38 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 831
date: Thu, 03 Feb 2022 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 03 Feb 2022 13:34:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 4C38 165 KB
61 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2TDLL4T53E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b67a63ba0c33e16e6babaf441f972486f48f1bb31af575c0928943432871425e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62454
x-xss-protection: 0
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H2 200 index.html Show response
cdn.rutarget.ru/static/sharecookie/ Frame FCCB 1 KB
815 B 11ms
11ms Document
text/html 5.9.139.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rutarget.ru/static/sharecookie/index.html
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.139.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz-s-fr59.rutarget.ru
Software: nginx /
Resource Hash: 7352ede0c8c9c0c12b89952f01c051c77cf384e8ecce8ee8960de7de72a2314f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/

Response headers

server: nginx
date: Thu, 03 Feb 2022 11:48:45 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 04 Mar 2021 13:45:02 GMT
etag: W/"6040e45e-439"
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
content-encoding: gzip

GET
H/1.1 200
OK tm.js Show response
dmp.sbermarketing.ru/ Frame 4C38 295 KB
24 KB 51ms
51ms Script
application/javascript 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.sbermarketing.ru/tm.js?id=f940199e-3e2e-4fac-a636-01f1f5bf88e9
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: 25202d146a1beff8cca5a501cd2b9f48e8bc0ffffd102600f762bf5191fb5049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:45 GMT
Content-Encoding: gzip
Server: elb
ETag: "154"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: application/javascript
Cache-Control: public, max-age=120
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
Content-Length: 23079
Expires: Thu, 03 Feb 2022 11:50:45 GMT

GET
H2 200 jquery.min.js Show response
yastatic.net/jquery/1.6.2/ Frame 4C38 89 KB
28 KB 44ms
38ms Script
application/x-javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/jquery/1.6.2/jquery.min.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 28368
x-nginx-request-id: 9c44e56572353e5b
last-modified: Mon, 12 Nov 2018 13:13:42 GMT
server: nginx/1.17.9
etag: "57f5e4ce99f95e1eb0f18d52b65b6769"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 14:04:26 GMT

GET
H3

200

activityi;dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u... Show response
9966367.fls.doubleclick.net/ Frame 1693
Redirect Chain

https://9966367.fls.doubleclick.net/activityi;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924...
https://9966367.fls.doubleclick.net/activityi;dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341....

592 B
464 B

99ms
51ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9966367.fls.doubleclick.net/activityi;dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9966367

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

8d830cf5dd4162b0addd1e08ce9fd8fc008f08bc53f2f83a59ab1277b4202178

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 439
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9966367.fls.doubleclick.net/activityi;dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 37ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: dCmgRK1S/fGn/jLQF4L8h4o3phZhz3znI/pKp1u3MNYW64zaaSGmYOQDwyxeBR6ZvyaNHXmnKI+kNPHvXoXWIQ==
x-frame-options: DENY
date: Thu, 03 Feb 2022 11:48:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 515925933055779 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 54ms
35ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/515925933055779?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f646bb24935a37525ece29f69c2abcc996ce2c426a714a38a11a6a1bcd703099

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89180
x-xss-protection: 0
pragma: public
x-fb-debug: QsyFqtZzO8E8AHVOYmrWtv+MQKIrJZQTbd6ek3+gPpEsdATad5wwzcGKf5I5otK1yijH+LBQMlGuhBsCcUfZbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 03 Feb 2022 11:48:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;... Show response
10311401.fls.doubleclick.net/ Frame 17C7
Redirect Chain

https://10311401.fls.doubleclick.net/activityi;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.16438889...
https://10311401.fls.doubleclick.net/activityi;dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=77519734...

593 B
468 B

52ms
51ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10311401.fls.doubleclick.net/activityi;dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10311401

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

004d28e4e267510163f5a8c350456d11cf86329002307733a7fa9b431d1dfe23

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10311401.fls.doubleclick.net/activityi;dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 101ms
100ms Script
application/javascript 2.16.186.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T98D1U9OSLU1GBO4KG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-227.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 15aebee5.d1e551b
date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-25-225-31.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-223.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 92,2.16.186.223
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=5, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 20220203114845010113135200000322CE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,184.25.225.31
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3134e1464abab5b9f4b3c8a49a2ca420cd6c62580d8d32ed2394e53e79ba7dc38b2e9518021ee279492b9614608a13267a147a79b27b506dfba5c6b90fd0e87b726fd9df218a39a680a0c33c4893541def5434e531a09a678729fcb5b47ccae0a
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 60 KB
20 KB 99ms
99ms Script
application/javascript 2.16.186.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3T98D1U9OSLU1GBO4KG&hostname=www.sberbank.ru
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T98D1U9OSLU1GBO4KG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-227.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4acfa835a53c60a1677c82cbb7e1b3b6a6dc135bc678a1d79dff5aaff3f292dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 1bc3fcc3.d1e557a
date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a184-25-225-36.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-223.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 90,2.16.186.223
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=4, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 2022020311484501011313507918EBA9FD
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,184.25.225.36
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3134e1464abab5b9f4b3c8a49a2ca420c6d6b6cf3e51d485564e241bc7651bd2a73cb3ec04199e4bb623705e565ad845e7c4b57365fd5eb35587f9cbea4cad1effd236ebe7925b5c011e05247b22fc80a45e26bb0f709e106eff29b10054661e4
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ Frame 4C38 115 KB
41 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-TZ5JZ8Z&t=gtmTracker&cid=203429629.1643888924

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a676a42b8b656fc55815f6e6e43970bfc835d3185e481941fb821f440217a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41757
x-xss-protection: 0
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 61ms
18ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515925933055779&ev=PageView&dl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&rl=&if=false&ts=1643888924773&sw=1600&sh=1200&ud[external_id]=3153b0ea28632cbc9b3ef90f68759d493137f9f9fa7cbf8befef949c1ab1a452&v=2.9.52&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1643888924772.465121845&it=1643888924610&coo=false&tm=1&rqm=GET

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H2 200 dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefin... Show response
adservice.google.com/ddm/fls/i/ Frame A081 592 B
512 B 124ms
76ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund

Requested by

Host: 10311401.fls.doubleclick.net
URL: https://10311401.fls.doubleclick.net/activityi;dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cba026ae4b0a8321907cb43f9c9f7f09527717e95b1eb799cd7d172a52eb03b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10311401.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

supersync Show response
sync.1dmp.io/ Frame D627
Redirect Chain

https://dmp.sbermarketing.ru/?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=tm.supersync&tc=f940199e-3e2e-4fac-a636-01f1f5bf88e9&ru=%2F%2Fsync.1dmp.io%2Fsupersync%3Fo%3Dns%26cid%3D453f8fd1-8969-4742...
https://sync.1dmp.io/supersync?o=ns&cid=453f8fd1-8969-4742-9d5a-bc772f37f381&brid=c38af82e-ea38-4b1e-8e48-6351319a3d3c&pid=w&uid=c3c4f987-244f-4f51-9a55-f51fec58441a
https://sync.1dmp.io/supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836

678 B
1020 B

11ms
11ms

Document
text/html

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1dmp.io/supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 4f47458c8000714661ae45862034425a85c09a9d404dfb7a75398d9b0a263e9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/

Response headers

server: nginx
date: Thu, 03 Feb 2022 11:48:45 GMT
content-type: text/html
content-length: 678
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate

Redirect headers

server: nginx
date: Thu, 03 Feb 2022 11:48:45 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
location: /supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836

OPTIONS
H/1.1 204
No Content products
dmp-profiles.sbermarketing.ru/v2/ Frame 0
0 210ms
51ms Preflight
text/html 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp-profiles.sbermarketing.ru/v2/products?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=10008&sid=10031&uid=c3c4f987-244f-4f51-9a55-f51fec58441a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://www.sberbank.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 03 Feb 2022 11:48:45 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.sberbank.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With,x-dmpkit-onbehalf-of
Server: elb

POST
H/1.1 200
OK / Show response
dmp.sbermarketing.ru/ Frame 4C38 35 B
1 KB 101ms
51ms XHR
image/gif 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_tgt=tm.load&dmpkit_ctid=f940199e-3e2e-4fac-a636-01f1f5bf88e9&dmpkit_evn=PageLoad&dmpkit_p=tm&dmpkit_uids%5B10006%5D%5B10001%5D=c3c4f987-244f-4f51-9a55-f51fec58441a
Requested by: Host: dmp.sbermarketing.ru
URL: https://dmp.sbermarketing.ru/tm.js?id=f940199e-3e2e-4fac-a636-01f1f5bf88e9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 03 Feb 2022 11:48:45 GMT
Server: elb
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.sberbank.ru
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
Content-Length: 35
Expires: 0

GET
H/1.1 200
OK products Show response
dmp-profiles.sbermarketing.ru/v2/ Frame 4C38 485 B
1 KB 154ms
51ms XHR
application/json 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp-profiles.sbermarketing.ru/v2/products?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=10008&sid=10031&uid=c3c4f987-244f-4f51-9a55-f51fec58441a
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: 4c0bbacbbd3522c316e60a63342bcd98cefc0bf4cb68514a2e75d23607c74bda

Request headers

authorization: APIKEY a422a83d-0102-4341-9841-27111f26ba3e
Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:45 GMT
Server: elb
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: application/json;utf-8
Access-Control-Allow-Origin: https://www.sberbank.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
Content-Length: 485

POST
H/1.1 200
OK / Show response
dmp.sbermarketing.ru/ Frame 4C38 35 B
1 KB 149ms
50ms XHR
image/gif 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_tgt=tm.load&dmpkit_ctid=f940199e-3e2e-4fac-a636-01f1f5bf88e9&dmpkit_evn=person&dmpkit_p=tm&dmpkit_uids%5B10006%5D%5B10001%5D=c3c4f987-244f-4f51-9a55-f51fec58441a
Requested by: Host: dmp.sbermarketing.ru
URL: https://dmp.sbermarketing.ru/tm.js?id=f940199e-3e2e-4fac-a636-01f1f5bf88e9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 03 Feb 2022 11:48:45 GMT
Server: elb
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.sberbank.ru
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
Content-Length: 35
Expires: 0

GET
H2

200

counter2
top-fwz1.mail.ru/ Frame 4C38
Redirect Chain

https://top-fwz1.mail.ru/counter?id=2866471;pid=GA1.1.203429629.1643888924
https://top-fwz1.mail.ru/counter2?id=2866471;pid=GA1.1.203429629.1643888924

43 B
958 B

56ms
56ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=2866471;pid=GA1.1.203429629.1643888924

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=2866471;pid=GA1.1.203429629.1643888924
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 set
sync.rambler.ru/ Frame 4C38 0
172 B 242ms
137ms Image
text/plain 91.192.150.52
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=8871dc51-9be2-4c94-9b3e-a5d3153a0ec5&id=c3c4f987-244f-4f51-9a55-f51fec58441a

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.52 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
x-passed: 0bal2
server: nginx
content-length: 0
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2 200 dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefine... Show response
adservice.google.com/ddm/fls/i/ Frame 151E 591 B
907 B 110ms
74ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund

Requested by

Host: 9966367.fls.doubleclick.net
URL: https://9966367.fls.doubleclick.net/activityi;dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bcad9fc043e154bb3ee69e425f774004b750b2957113f0327266d682b475a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9966367.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 438
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 4C38 87 KB
35 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9966367

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce60d50c5483ac8770535b04dc266eeb9cc051c55e66d4eacb480cd04308b0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35757
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 4C38 87 KB
35 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10311401

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

633a8467aa5d8c826c96712ef5de52bcd6953099cd9b585c6c0d0502d0284847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35831
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 4C38 99 KB
26 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFPPM5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: QawLA6njWZbnSG2immdjxM4NbIuVVA5MnMdpzohgiOMhKw90z9UIh8aLieT01fTSY8VE4JeyrVhQod9ZK/R20Q==
x-frame-options: DENY
date: Thu, 03 Feb 2022 11:48:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 4C38 119 KB
35 KB 97ms
96ms Script
application/javascript 2.16.186.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T98D1U9OSLU1GBO4KG&lib=ttq
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-227.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 6b194d7d.d1e56dd
date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-215.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-223.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 88,2.16.186.223
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=2, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022020311484501011300613302029FF8
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 2,23.220.104.215
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3cf33c9dfbcea70df479a137472eff96b6d33af6e72cca5dbc991b418a4adaaa717720673ac1d3951fb75d8a8e460807c03e76b32b587fbbf81bf09c698fe266420b2739cccf301006f37f0063eff21d146a64cc0ac3faa790a9a4460c37520b1
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H3

200

dc_pre=CLHv2Lu74_UCFYbhsgodqUMMQQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=8649598992862;gtm=2wg220;auiddc=*;u5=203429629.1643888924;u6=DdsxdrOXc7EH
adservice.google.com/ddm/fls/z/ Frame 4C38
Redirect Chain

https://ad.doubleclick.net/activity;src=9966367;type=visit0;cat=sberb0;ord=1;num=8649598992862;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH?
https://ad.doubleclick.net/activity;dc_pre=CLHv2Lu74_UCFYbhsgodqUMMQQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=8649598992862;gtm=2wg220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=Dd...
https://adservice.google.com/ddm/fls/z/dc_pre=CLHv2Lu74_UCFYbhsgodqUMMQQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=8649598992862;gtm=2wg220;auiddc=*;u5=203429629.1643888924;u6=DdsxdrOXc7EH

42 B
63 B

122ms
75ms

Image
image/gif

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLHv2Lu74_UCFYbhsgodqUMMQQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=8649598992862;gtm=2wg220;auiddc=*;u5=203429629.1643888924;u6=DdsxdrOXc7EH

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/dc_pre=CLHv2Lu74_UCFYbhsgodqUMMQQ;src=9966367;type=visit0;cat=sberb0;ord=1;num=8649598992862;gtm=2wg220;auiddc=*;u5=203429629.1643888924;u6=DdsxdrOXc7EH
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 4C38 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=345403696&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&ul=en-us&de=UTF-8&dt=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&sd=24-bit&sr=1600x1200&vp=1600x200&je=0&_u=SCCAiEADR~&jid=&gjid=&cid=203429629.1643888924&tid=UA-21169438-1&_gid=83583677.1643888924&gtm=2wg220NRDX7Z&cd13=1643888924520.0uzpjqq5s&cd39=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd57=_3jqu9opc536&cd69=%2Fru%2Fperson%2Fdist_services%2Ftax_refund&cd2=203429629.1643888924&z=1918491275

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 20:40:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54466
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
705 B 105ms
105ms Ping
application/octet-stream 2.16.186.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T98D1U9OSLU1GBO4KG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-227.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1a692761.d1e56f2
date: Thu, 03 Feb 2022 11:48:45 GMT
x-cache-remote: TCP_MISS from a184-25-225-6.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-223.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 97,2.16.186.223
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=9, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022020311484501011313509818CF3F23
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,184.25.225.6
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3134e1464abab5b9f4b3c8a49a2ca420ccb0d71fee183e5c5f49265ea58cc8f994379d744f71d4ad6a2e4b8f522a17cc20b27404af4a97825e638919b5eb2f9bdf5ba67d78e2c209c908173498427226a9bc0b985262d2ab59f24f2338f5f441b
expires: Thu, 03 Feb 2022 11:48:45 GMT

GET
H2 200 tag.js Show response
cdn.rutarget.ru/static/tag/ Frame 4C38 4 KB
2 KB 11ms
11ms Script
application/x-javascript 5.9.139.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rutarget.ru/static/tag/tag.js
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.139.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz-s-fr59.rutarget.ru
Software: nginx /
Resource Hash: f3e974f42bddaac647ada00e08552cec3c12f9e45c733bed6d06f3e83f8368a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 14:00:14 GMT
server: nginx
etag: W/"60d48fee-f73"
access-control-allow-methods: OPTIONS
content-type: application/x-javascript
cache-control: max-age=900
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
expires: Thu, 03 Feb 2022 11:56:47 GMT

GET creative
creative.rutarget.ru/ Frame 4C38 0
0

GET
H2 200 virtualassistant.js Show response
www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/ Frame 4C38 2 MB
400 KB 68ms
66ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/virtualassistant.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

5c6726ae06bb7bb6c3aee5e38758958c41577bdde60be39bdafa7427ed8b4164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Dec 2021 12:31:07 GMT
etag: W/"5b396ca80ee05a538480e820f1967d3f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H2 200 virtualassistant.css
www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/ Frame 4C38 326 B
722 B 124ms
123ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/virtualassistant.css

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

d6bbde826b16316e01324a9fba24f595658c003c6b89280e6e81a6adf1e74bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Dec 2021 12:31:06 GMT
etag: "3555ced530cf600592d50ff890cca2fa"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 326
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H2 200 SberAnalytics.js Show response
www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/SberAnalytics/ Frame 4C38 16 KB
6 KB 134ms
134ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/portalserver/static/features/%5BBBHOST%5D/SberAnalytics/SberAnalytics.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

7bb9e438f9c387ee5f1011421009a414c53e2e8ee973db3f474209ce451dda56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Jan 2022 08:30:59 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000, public, immutable
allow: GET, HEAD, OPTIONS
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 11:48:45 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 4C38 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=345403696&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&ul=en-us&de=UTF-8&dt=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&sd=24-bit&sr=1600x1200&vp=1600x200&je=0&ec=SITE_Person_person.dist_services.return_nalog_calc_new.index.html&ea=informing_leads&el=scroll%2050%20percent&_u=SCCAiEADR~&jid=&gjid=&cid=203429629.1643888924&tid=UA-21169438-1&_gid=83583677.1643888924&gtm=2wg220NRDX7Z&cd13=1643888924520.0uzpjqq5s&cd39=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd57=_3jqu9opc536&cd69=%2Fru%2Fperson%2Fdist_services%2Ftax_refund&cd72=undefined&cd2=203429629.1643888924&z=1291256355

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 20:40:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54466
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 4C38 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=345403696&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&ul=en-us&de=UTF-8&dt=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&sd=24-bit&sr=1600x1200&vp=1600x200&je=0&ec=SITE_Person_person.dist_services.return_nalog_calc_new.index.html&ea=informing_leads&el=scroll%2075%20percent&_u=SCCAiEADR~&jid=&gjid=&cid=203429629.1643888924&tid=UA-21169438-1&_gid=83583677.1643888924&gtm=2wg220NRDX7Z&cd13=1643888924520.0uzpjqq5s&cd39=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd57=_3jqu9opc536&cd69=%2Fru%2Fperson%2Fdist_services%2Ftax_refund&cd72=undefined&cd2=203429629.1643888924&z=2131277537

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 20:40:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54466
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ Frame 4C38 64 KB
20 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: dCmgRK1S/fGn/jLQF4L8h4o3phZhz3znI/pKp1u3MNYW64zaaSGmYOQDwyxeBR6ZvyaNHXmnKI+kNPHvXoXWIQ==
x-frame-options: DENY
date: Thu, 03 Feb 2022 11:48:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 515925933055779 Show response
connect.facebook.net/signals/config/ Frame 4C38 307 KB
87 KB 18ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/515925933055779?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f646bb24935a37525ece29f69c2abcc996ce2c426a714a38a11a6a1bcd703099

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89180
x-xss-protection: 0
pragma: public
x-fb-debug: QsyFqtZzO8E8AHVOYmrWtv+MQKIrJZQTbd6ek3+gPpEsdATad5wwzcGKf5I5otK1yijH+LBQMlGuhBsCcUfZbA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 03 Feb 2022 11:48:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CLPF7Lu74_UCFReTGwodbUMMlA;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u... Show response
9966367.fls.doubleclick.net/ Frame 151D
Redirect Chain

https://9966367.fls.doubleclick.net/activityi;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924...
https://9966367.fls.doubleclick.net/activityi;dc_pre=CLPF7Lu74_UCFReTGwodbUMMlA;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=775197341....

565 B
454 B

58ms
58ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9966367.fls.doubleclick.net/activityi;dc_pre=CLPF7Lu74_UCFReTGwodbUMMlA;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9966367

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

daea91f4c14dd44be208c5f3f5859578a0a04794a4da4371cc2d2590e48c0e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:46 GMT
expires: Thu, 03 Feb 2022 11:48:46 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9966367.fls.doubleclick.net/activityi;dc_pre=CLPF7Lu74_UCFReTGwodbUMMlA;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CMW-7bu74_UCFRUTGwodjs8L_w;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;... Show response
10311401.fls.doubleclick.net/ Frame ECA9
Redirect Chain

https://10311401.fls.doubleclick.net/activityi;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.16438889...
https://10311401.fls.doubleclick.net/activityi;dc_pre=CMW-7bu74_UCFRUTGwodjs8L_w;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=77519734...

566 B
456 B

56ms
56ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10311401.fls.doubleclick.net/activityi;dc_pre=CMW-7bu74_UCFRUTGwodjs8L_w;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10311401

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

6c7ee4d9b342dc38a34319dd037b5b090e964672357e649a7edbc54151b5290a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:46 GMT
expires: Thu, 03 Feb 2022 11:48:46 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 433
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10311401.fls.doubleclick.net/activityi;dc_pre=CMW-7bu74_UCFRUTGwodjs8L_w;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 4C38 114 KB
31 KB 102ms
101ms Script
application/javascript 2.16.186.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T98D1U9OSLU1GBO4KG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-227.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 11f3608a.d1e5a6f
date: Thu, 03 Feb 2022 11:48:46 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-207.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-223.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 93,2.16.186.223
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=3, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022020311484501011313504414070818
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,23.220.104.207
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3cf33c9dfbcea70df479a137472eff96b101173a9fdbc0abe69901e07a1826b3b3d9d1b5cceff6ece9904143f6b238e5f613be5a74f28c6176ed6354f3984857f41e7899c6d929eeaa5dd4bbecda4cf86a9e508125d8b06bd50597c1985075764
expires: Thu, 03 Feb 2022 11:48:46 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 4C38 60 KB
20 KB 97ms
96ms Script
application/javascript 2.16.186.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C3T98D1U9OSLU1GBO4KG&hostname=www.sberbank.ru
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T98D1U9OSLU1GBO4KG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-227.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4acfa835a53c60a1677c82cbb7e1b3b6a6dc135bc678a1d79dff5aaff3f292dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: 11f35fb6.d1e5abf
date: Thu, 03 Feb 2022 11:48:46 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-207.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-223.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 88,2.16.186.223
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=3, inner; dur=1
pragma: no-cache
server: nginx
x-tt-logid: 2022020311484601011313517426F39528
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 3,23.220.104.207
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3cf33c9dfbcea70df479a137472eff96b101173a9fdbc0abe69901e07a1826b3b3d9d1b5cceff6ece9904143f6b238e5f56ecac181a9ae09d364e1268c55f3cb12826f1a9a86681eb0d37c967d8d38086d0d4d05839a9980489925346f7ea8475
expires: Thu, 03 Feb 2022 11:48:46 GMT

GET
H2 200 dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefine... Show response
adservice.google.de/ddm/fls/i/ Frame D489 194 B
306 B 80ms
80ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPKHyru74_UCFfFEHQkdOLkLDw;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6447896829375;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:46 GMT
expires: Thu, 03 Feb 2022 11:48:46 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefin... Show response
adservice.google.de/ddm/fls/i/ Frame ABDD 194 B
242 B 81ms
80ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIGyzLu74_UCFUtmGwodRNQJMA;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=9531975185450;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=undefined;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 03 Feb 2022 11:48:46 GMT
expires: Thu, 03 Feb 2022 11:48:46 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK tag
tag.rutarget.ru/ Frame 4C38 35 B
422 B 141ms
141ms Image
image/gif 80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&syncwith=mts&__r=47035285291266600000&__location=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&__referrer=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&__title=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&__keywords=&_usertz=0
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr6.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:46 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
OK tag
tag.rutarget.ru/ Frame 4C38 35 B
422 B 211ms
139ms Image
image/gif 80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.rutarget.ru/tag?event=thankYou&conv_id=SITE_Person_person.dist_services.return_nalog_calc_new.index.html_informing_leads_scroll%2050%20percent&check=true&syncwith=mts&__r=56148971650330060000&__location=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&__referrer=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&__title=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&__keywords=&_usertz=0
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr6.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:46 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
OK tag
tag.rutarget.ru/ Frame 4C38 35 B
422 B 213ms
142ms Image
image/gif 80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.rutarget.ru/tag?event=addToSegment&name=sberbank&value=SITE_Person_person.dist_services.return_nalog_calc_new.index.html_informing_leads_scroll%2050%20percent&check=true&syncwith=mts&__r=17015002498062404000&__location=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&__referrer=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&__title=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&__keywords=&_usertz=0
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr6.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:46 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
OK tag
tag.rutarget.ru/ Frame 4C38 35 B
422 B 225ms
153ms Image
image/gif 80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.rutarget.ru/tag?event=thankYou&conv_id=SITE_Person_person.dist_services.return_nalog_calc_new.index.html_informing_leads_scroll%2075%20percent&check=true&syncwith=mts&__r=30740009737688620000&__location=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&__referrer=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&__title=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&__keywords=&_usertz=0
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr6.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:46 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
OK tag
tag.rutarget.ru/ Frame 4C38 35 B
422 B 213ms
141ms Image
image/gif 80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.rutarget.ru/tag?event=addToSegment&name=sberbank&value=SITE_Person_person.dist_services.return_nalog_calc_new.index.html_informing_leads_scroll%2075%20percent&check=true&syncwith=mts&__r=78421612735365700000&__location=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&__referrer=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&__title=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&__keywords=&_usertz=0
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr6.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:46 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame D627 35 B
376 B 12ms
11ms Image
image/gif 88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=e8610170-b6a0-4a0d-ab5f-68d104af7a7e&pid=w&uid=3e250c90-84e7-11ec-9752-901b0e8d9836
Requested by: Host: sync.1dmp.io
URL: https://sync.1dmp.io/supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.1dmp.io/supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

GET
H2

200

3e250c90-84e7-11ec-9752-901b0e8d9836
an.yandex.ru/mapuid/dmpcleverdata/ Frame D627
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&uid=3e250c90-84e7-11ec-9752-901b0e8d9836
https://an.yandex.ru/mapuid/dmpcleverdata/3e250c90-84e7-11ec-9752-901b0e8d9836?sign=4138179446
https://an.yandex.ru/mapuid/dmpcleverdata/3e250c90-84e7-11ec-9752-901b0e8d9836?redir-setuniq=1&sign=4138179446

43 B
108 B

57ms
57ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/3e250c90-84e7-11ec-9752-901b0e8d9836?redir-setuniq=1&sign=4138179446

Requested by

Host: sync.1dmp.io
URL: https://sync.1dmp.io/supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.1dmp.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:46 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 11:48:46 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 11:48:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:46 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 11:48:46 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/dmpcleverdata/3e250c90-84e7-11ec-9752-901b0e8d9836?redir-setuniq=1&sign=4138179446
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 11:48:46 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ Frame D627 43 B
874 B 58ms
57ms Image
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3201865;pid=3e250c90-84e7-11ec-9752-901b0e8d9836

Requested by

Host: sync.1dmp.io
URL: https://sync.1dmp.io/supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.1dmp.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame D627
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_gid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_cver=1

35 B
476 B

11ms
11ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_gid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_cver=1
Requested by: Host: sync.1dmp.io
URL: https://sync.1dmp.io/supersync?t=3e250c91-84e7-11ec-9752-901b0e8d9836
Protocol: H2
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.1dmp.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_gid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 4C38 44 B
91 B 37ms
18ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515925933055779&ev=PageView&dl=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&rl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&if=true&ts=1643888925265&sw=1600&sh=1200&ud[external_id]=3153b0ea28632cbc9b3ef90f68759d493137f9f9fa7cbf8befef949c1ab1a452&v=2.9.52&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1643888924772.465121845&it=1643888925161&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 03 Feb 2022 11:48:46 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3DDA 0
15 B 18ms
18ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.sberbank.ru
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.sberbank.ru
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Thu, 03 Feb 2022 11:48:46 GMT

GET
H3 200 dc_pre=CLPF7Lu74_UCFReTGwodbUMMlA;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=*;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A...
adservice.google.com/ddm/fls/z/ Frame 151D 42 B
63 B 85ms
84ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLPF7Lu74_UCFReTGwodbUMMlA;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=*;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html

Requested by

Host: 9966367.fls.doubleclick.net
URL: https://9966367.fls.doubleclick.net/activityi;dc_pre=CLPF7Lu74_UCFReTGwodbUMMlA;src=9966367;type=visit0;cat=match0;match_id=203429629.1643888924;ord=1;num=6463419500833;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9966367.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CMW-7bu74_UCFRUTGwodjs8L_w;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=*;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3...
adservice.google.com/ddm/fls/z/ Frame ECA9 42 B
63 B 75ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMW-7bu74_UCFRUTGwodjs8L_w;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=*;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html

Requested by

Host: 10311401.fls.doubleclick.net
URL: https://10311401.fls.doubleclick.net/activityi;dc_pre=CMW-7bu74_UCFRUTGwodjs8L_w;src=10311401;type=visits;cat=mainw0;match_id=203429629.1643888924;ord=1;num=6077667473260;gtm=2od220;auiddc=775197341.1643888924;u5=203429629.1643888924;u6=DdsxdrOXc7EH;~oref=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10311401.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 4C38 0
707 B 105ms
105ms Ping
application/octet-stream 2.16.186.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3T98D1U9OSLU1GBO4KG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-227.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6b195dfb.d1e5bfa
date: Thu, 03 Feb 2022 11:48:46 GMT
x-cache-remote: TCP_MISS from a23-220-104-215.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38102849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-223.deploy.akamaitechnologies.com (AkamaiGHost/10.7.1-38761473) (-)
x-parent-response-time: 98,2.16.186.223
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=8, inner; dur=7
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202202031148460101130061330202A053
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.215
x-tt-trace-host: 01cb60dede288504f6278ad57ccf6d3bc3cf33c9dfbcea70df479a137472eff96b6d33af6e72cca5dbc991b418a4adaaa717720673ac1d3951fb75d8a8e460807c03e76b32b587fbbf81bf09c698fe2664cf4938de1bd592896822aae13650d77e3b7880b08afab93432d0916b00ea3fed
expires: Thu, 03 Feb 2022 11:48:46 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
874 B 56ms
55ms Image
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=2866471;pid=GA1.1.203429629.1643888924

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

supersync Show response
sync.1dmp.io/ Frame 182E
Redirect Chain

https://dmp.sbermarketing.ru/?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=tm.supersync&tc=f940199e-3e2e-4fac-a636-01f1f5bf88e9&ru=%2F%2Fsync.1dmp.io%2Fsupersync%3Fo%3Dns%26cid%3D453f8fd1-8969-4742...
https://sync.1dmp.io/supersync?o=ns&cid=453f8fd1-8969-4742-9d5a-bc772f37f381&brid=c38af82e-ea38-4b1e-8e48-6351319a3d3c&pid=w&uid=c3c4f987-244f-4f51-9a55-f51fec58441a
https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836

678 B
1020 B

11ms
11ms

Document
text/html

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 4f47458c8000714661ae45862034425a85c09a9d404dfb7a75398d9b0a263e9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/

Response headers

server: nginx
date: Thu, 03 Feb 2022 11:48:46 GMT
content-type: text/html
content-length: 678
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate

Redirect headers

server: nginx
date: Thu, 03 Feb 2022 11:48:46 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
location: /supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836

OPTIONS
H/1.1 204
No Content products
dmp-profiles.sbermarketing.ru/v2/ Frame 0
0 51ms
50ms Preflight
text/html 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp-profiles.sbermarketing.ru/v2/products?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=10008&sid=10031&uid=c3c4f987-244f-4f51-9a55-f51fec58441a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://www.sberbank.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 03 Feb 2022 11:48:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.sberbank.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With,x-dmpkit-onbehalf-of
Server: elb

POST
H/1.1 200
OK / Show response
dmp.sbermarketing.ru/ 35 B
1 KB 51ms
50ms XHR
image/gif 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_tgt=tm.load&dmpkit_ctid=f940199e-3e2e-4fac-a636-01f1f5bf88e9&dmpkit_evn=PageLoad&dmpkit_p=tm&dmpkit_uids%5B10006%5D%5B10001%5D=c3c4f987-244f-4f51-9a55-f51fec58441a
Requested by: Host: dmp.sbermarketing.ru
URL: https://dmp.sbermarketing.ru/tm.js?id=f940199e-3e2e-4fac-a636-01f1f5bf88e9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 03 Feb 2022 11:48:46 GMT
Server: elb
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.sberbank.ru
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
Content-Length: 35
Expires: 0

GET
H/1.1 200
OK products Show response
dmp-profiles.sbermarketing.ru/v2/ 485 B
1 KB 52ms
51ms XHR
application/json 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp-profiles.sbermarketing.ru/v2/products?cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&pid=10008&sid=10031&uid=c3c4f987-244f-4f51-9a55-f51fec58441a
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: 4c0bbacbbd3522c316e60a63342bcd98cefc0bf4cb68514a2e75d23607c74bda

Request headers

authorization: APIKEY a422a83d-0102-4341-9841-27111f26ba3e
Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:46 GMT
Server: elb
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: application/json;utf-8
Access-Control-Allow-Origin: https://www.sberbank.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
Content-Length: 485

POST
H/1.1 200
OK / Show response
dmp.sbermarketing.ru/ 35 B
1 KB 51ms
51ms XHR
image/gif 37.18.100.247
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_tgt=tm.load&dmpkit_ctid=f940199e-3e2e-4fac-a636-01f1f5bf88e9&dmpkit_evn=person&dmpkit_p=tm&dmpkit_uids%5B10006%5D%5B10001%5D=c3c4f987-244f-4f51-9a55-f51fec58441a
Requested by: Host: dmp.sbermarketing.ru
URL: https://dmp.sbermarketing.ru/tm.js?id=f940199e-3e2e-4fac-a636-01f1f5bf88e9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.18.100.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 03 Feb 2022 11:48:46 GMT
Server: elb
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.sberbank.ru
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
Content-Length: 35
Expires: 0

GET
H2 200 set
sync.rambler.ru/ 0
171 B 48ms
48ms Image
text/plain 91.192.150.52
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=8871dc51-9be2-4c94-9b3e-a5d3153a0ec5&id=c3c4f987-244f-4f51-9a55-f51fec58441a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.52 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
x-passed: 0bal2
server: nginx
content-length: 0
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2 200 tag.js Show response
cdn.rutarget.ru/static/tag/ 4 KB
2 KB 11ms
11ms Script
application/x-javascript 5.9.139.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rutarget.ru/static/tag/tag.js
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.139.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz-s-fr59.rutarget.ru
Software: nginx /
Resource Hash: f3e974f42bddaac647ada00e08552cec3c12f9e45c733bed6d06f3e83f8368a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 14:00:14 GMT
server: nginx
etag: W/"60d48fee-f73"
access-control-allow-methods: OPTIONS
content-type: application/x-javascript
cache-control: max-age=900
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
expires: Thu, 03 Feb 2022 11:56:47 GMT

GET creative
creative.rutarget.ru/ 0
0

GET
H2 200 virtualassistant.js Show response
www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/ 2 MB
399 KB 65ms
64ms Script
application/javascript 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/virtualassistant.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

5c6726ae06bb7bb6c3aee5e38758958c41577bdde60be39bdafa7427ed8b4164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Dec 2021 12:31:07 GMT
etag: W/"5b396ca80ee05a538480e820f1967d3f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
H2 200 virtualassistant.css
www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/ 326 B
444 B 121ms
121ms Stylesheet
text/css 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/virtualassistant.css

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

d6bbde826b16316e01324a9fba24f595658c003c6b89280e6e81a6adf1e74bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Dec 2021 12:31:06 GMT
etag: "3555ced530cf600592d50ff890cca2fa"
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 326
x-xss-protection: 1; mode=block
x-forwarded-site: fs

GET
DATA 200
OK truncated
/ 854 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb1f40bbd22907e6d662dadb93dae34a1524be7a856d9b63cd1ed3792e7aae25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK tag
tag.rutarget.ru/ 35 B
422 B 142ms
141ms Image
image/gif 80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&syncwith=mts&__r=12888875107409525000&__location=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&__referrer=&__title=%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA&__keywords=&_usertz=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr6.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:46 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame 182E 35 B
376 B 11ms
11ms Image
image/gif 88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=e8610170-b6a0-4a0d-ab5f-68d104af7a7e&pid=w&uid=3e250c90-84e7-11ec-9752-901b0e8d9836
Requested by: Host: sync.1dmp.io
URL: https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame 182E 35 B
376 B 12ms
11ms Image
image/gif 88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&uid=3e250c90-84e7-11ec-9752-901b0e8d9836
Requested by: Host: sync.1dmp.io
URL: https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

GET
H2 200 counter
top-fwz1.mail.ru/ Frame 182E 43 B
876 B 56ms
56ms Image
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3201865;pid=3e250c90-84e7-11ec-9752-901b0e8d9836

Requested by

Host: sync.1dmp.io
URL: https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.1dmp.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 182E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_gid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_cver=1

35 B
476 B

11ms
11ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_gid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_cver=1
Requested by: Host: sync.1dmp.io
URL: https://sync.1dmp.io/supersync?t=3e92c281-84e7-11ec-9752-901b0e8d9836
Protocol: H2
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.1dmp.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:46 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_gid=CAESEKm0uAhntDiFPzjXAsb0p1U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 confVar Show response
www.sberbank.ru/proxy/services/dict-services/ 78 B
2 KB 54ms
54ms Fetch
application/json 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/proxy/services/dict-services/confVar?name[]=va_serviceUrl

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/virtualassistant.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

1d3e268337f0eed93fa6fd5b076cb933c59b8c977885a0d89ea83b9bd5a48a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
accept-encoding: gzip, deflate, br
accept-language: ru
x-region-id: 29
cookie: JSESSIONID=fnowbviH82iWW7dGH8PQunWointb3cMqW4YR3SF5.gateway-21-5dls6; _ga=GA1.1.1850955931.1643880516; _ga_2TDLL4T53E=GS1.1.1643888072.2.1.1643888836.0; _gac_UA-21169438-1=1.1643888261.CjwKCAiAl-6PBhBCEiwAc2GOVF8xkRw2FC6tKOarjVDKHtKLpLSqgT2AiHl-RKyprw-ZNJmlUbmmCRoCoBQQAvD_BwE; _gid=GA1.2.79352276.1643880516; _gcl_aw=GCL.1643888261.CjwKCAiAl-6PBhBCEiwAc2GOVF8xkRw2FC6tKOarjVDKHtKLpLSqgT2AiHl-RKyprw-ZNJmlUbmmCRoCoBQQAvD_BwE; _gcl_dc=GCL.1643888261.CjwKCAiAl-6PBhBCEiwAc2GOVF8xkRw2FC6tKOarjVDKHtKLpLSqgT2AiHl-RKyprw-ZNJmlUbmmCRoCoBQQAvD_BwE; t1_sid_3122244=s1.611725277.1643888076941.1643888836780.2.36.41; tmr_reqNum=24; user-id_1.0.5_lr_lruid=pQ8AAEig%2B2FjZH%2BVAdtZBwA%3D; product_page=; BBTracking="Mw=="; BBXSRF=6a88ad0e-62c7-42aa-b834-38d85f1667e1; JSESSIONID=5WTuAn-ruzPxPvGupzrKb9mM8fRT_pmtB9gMjIQ0.portalserver-live-13-89vcx; X-Session-ID=a5e982d40d40f46e0867f0d11bc3f967; sbrf.region_set=true; cf44ad4bdad05ee181f953b4c4e5e921=e1c58cdbc59855d253f59cddc32dcfbb; tmr_detect=0%7C1643888620394; _fbp=fb.1.1643880516693.88757610; tmr_lvid=99d14dc7510d1cb333edcc7af85a4aa8; tmr_lvidTS=1643880521345; adtech_uid=de899a8f-7d8f-4c01-8041-af6075e1a95d%3Asberbank.ru; last_visit=1643877816944::1643888616944; top100_id=t1.3122244.1201845291.1643880520464; rcuid=61fbbf3f0c813e0001787c38; rrpvid=951100992039825; GST-TOKEN=8c01ea4e-5997-4a9e-8a2d-6878296285ce; UFS-SESSION=SVULgBALQOaWEe-gnFaGdV-Mf3zfKZQx_Mjr2BEt3Z6S4DuIKemBtm5unT0M3O1h; _sa=SA1.ceb716f2-f9d0-4da1-be06-8461f54e19b7.1643880546; _ym_d=1643880522; _ym_isad=2; _ym_uid=1643880522887355351; ___dmpkit___=a9503e94-8220-4954-ae68-f4e00ebfa56c; _gcl_au=1.1.1213522000.1643880516; anonymousUserId=2aa18f18-d869-4a8d-8ae6-4a0e7f38487d
x-session-id: a5e982d40d40f46e0867f0d11bc3f967
x-xss-protection: 1; mode=block
x-request-id: 443bae0e3c2b592cb88a732a6e85480d
allow: GET, HEAD, OPTIONS, POST
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
accept: */*
cache-control: public, max-age=300

GET
H2 200 getNLPToken Show response
www.sberbank.ru/proxy/services/va-user-identification/ 1 KB
2 KB 66ms
65ms Fetch
application/json 194.54.14.168
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sberbank.ru/proxy/services/va-user-identification/getNLPToken?userId=1dUR59AS3XYboQwZUqpokE

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/virtualassistant.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.54.14.168 Samara, Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

13d3276a8af19e94028c1a4762cf15b75090a1bd4d46f4367a204674f16d935f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/ru/person/dist_services/tax_refund
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

sec-fetch-mode: cors
date: Thu, 03 Feb 2022 11:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-region-id: 77
sec-fetch-dest: empty
cookie: BBTracking="Mw=="; BBXSRF=f1ab9353-8ef4-42c7-8622-1206f596156f; JSESSIONID=XJ_0aaldGmex9HYmTxI8eOuZBlQHcsyFp6j-Ulzp.portalserver-live-13-4zqsc; anonymousUserId=547e14d4-2bbe-476f-a328-3ad2aa24ff07; _gcl_au=1.1.775197341.1643888924; product_page=; _gid=GA1.2.83583677.1643888924; _dc_gtm_UA-21169438-1=1; ___dmpkit___=c3c4f987-244f-4f51-9a55-f51fec58441a; Segmento_UID=DdsxdrOXc7EH; _ga=GA1.1.203429629.1643888924; _fbp=fb.1.1643888924772.465121845; _ga_2TDLL4T53E=GS1.1.1643888923.1.1.1643888925.0; X-Session-ID=512597ee2ac1083a3d14c14144446d88; sbrf.region_set=true
x-session-id: 512597ee2ac1083a3d14c14144446d88
x-xss-protection: 1; mode=block
x-request-id: bca9bbb12d95509431d28cc30c01eea1
allow: GET, HEAD, OPTIONS, POST
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
accept: */*
cache-control: max-age=300, private
sec-fetch-site: same-origin

GET
H2 200 sber_32.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/ 174 KB
175 KB 464ms
81ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/sber_32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ab0e13d2429a3e9327c1b5536f7190dfaaaec0ea95bc98056711b67f37f253e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9-up-gc58, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:47 GMT
x-amz-request-id: 0a00e602:17ddf9e1d98:45d2f:3391
x-cached-since: 2022-01-31T08:46:31+00:00, 2022-01-31T08:46:44+00:00
content-length: 178453
x-amz-id-2: 79280bc11a819b2f2140c3294dec1ebd666e10ac369125465320ed9f3c8f8e5b
last-modified: Mon, 31 Jan 2022 08:27:06 GMT
server: nginx
etag: "4f292ba5f2d6b9cf5f94458223ab0aac"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617626243
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 /
www.facebook.com/tr/ Frame 4C38 44 B
88 B 18ms
17ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515925933055779&ev=Microdata&dl=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&rl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&if=true&ts=1643888926767&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=3153b0ea28632cbc9b3ef90f68759d493137f9f9fa7cbf8befef949c1ab1a452&v=2.9.52&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1643888924772.465121845&it=1643888925161&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 03 Feb 2022 11:48:47 GMT

GET
H2 200 sber.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/ 478 KB
479 KB 89ms
89ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/sber.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7daf6ca541fcb3fe983c531922933f9144c6085f631905959fc9582958dbe7c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9-up-gc53, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:47 GMT
x-amz-request-id: 0a00e602:17ddf9e1d98:45d3b:2c99
x-cached-since: 2022-01-31T08:46:32+00:00, 2022-01-31T08:47:08+00:00
content-length: 489317
x-amz-id-2: 0fdf19f5dabc2a64eef59b3b9d00f5c5c8f00f22fa5f18d33579538ee1720618
last-modified: Mon, 31 Jan 2022 08:27:06 GMT
server: nginx
x-amz-meta-s3cmd-attrs: atime:1626092050/ctime:1626092050/gid:20/gname:staff/md5:c101f7cc210f0db6c5665d70214752b0/mode:33188/mtime:1623849371/uid:503/uname:a18692448
etag: "d747a5973d33b8755c6f4c92417022a5"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617626207
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sber_32.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/idle/ 195 KB
195 KB 78ms
78ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/idle/sber_32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0530941821315a4c31d16949e842835842d50bd1f7f57ee9a0c608da00c60606

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9p-up-gc10, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:48 GMT
x-amz-request-id: 0a00e602:17ddf9e1d98:45c6e:a38b
x-cached-since: 2022-01-31T08:46:31+00:00, 2022-01-31T08:46:45+00:00
content-length: 199221
x-amz-id-2: 09d6c20cb5221c77ea67780614505891383e0d230e65c49f9d762fb6ce08ddb7
last-modified: Mon, 31 Jan 2022 08:27:01 GMT
server: nginx
etag: "3a596ef8e5eca24f67a78ecc1583442c"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617621769
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sber.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/idle/ 533 KB
534 KB 81ms
80ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/idle/sber.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f23fc41d9a785677bc3de05daadf67847d6f7c966ec9bca2219eb4e645d0f980

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9-up-gc53, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:48 GMT
x-amz-request-id: 0a00e605:17ddfb4b115:45d82:31ed
x-cached-since: 2022-01-31T08:46:31+00:00, 2022-01-31T08:47:08+00:00
content-length: 545864
x-amz-id-2: 2b4d550537ac1da4ea08853c24a6f066ad5eee5dd9920166810866ce973513ca
last-modified: Mon, 31 Jan 2022 08:27:01 GMT
server: nginx
x-amz-meta-s3cmd-attrs: atime:1626092050/ctime:1626092050/gid:20/gname:staff/md5:f70ed58685510c17773422513bd99b38/mode:33188/mtime:1623849371/uid:503/uname:a18692448
etag: "cdb402d8cc2352795bf9dd4557a9572a"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617621735
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sber_32.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/idle/ 195 KB
195 KB 154ms
153ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/idle/sber_32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0530941821315a4c31d16949e842835842d50bd1f7f57ee9a0c608da00c60606

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9p-up-gc10, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:48 GMT
x-amz-request-id: 0a00e602:17ddf9e1d98:45c6e:a38b
x-cached-since: 2022-01-31T08:46:31+00:00, 2022-01-31T08:46:45+00:00
content-length: 199221
x-amz-id-2: 09d6c20cb5221c77ea67780614505891383e0d230e65c49f9d762fb6ce08ddb7
last-modified: Mon, 31 Jan 2022 08:27:01 GMT
server: nginx
etag: "3a596ef8e5eca24f67a78ecc1583442c"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617621769
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=418784986&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&ul=en-us&de=UTF-8&dt=%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Segmento_UID&ea=cookie_set&el=.....&_u=aCDAiEADRAAAAE~&jid=&gjid=&cid=203429629.1643888924&tid=UA-21169438-1&_gid=83583677.1643888924&gtm=2wg220NRDX7Z&cd13=1643888923864.91jd4mdk&cd24=DdsxdrOXc7EH&cd39=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&cd57=_4emo4mk53tf&cd72=038&cd2=203429629.1643888924&z=1182210774

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 20:40:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sber.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/listen/ 589 KB
590 KB 79ms
78ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/listen/sber.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: cdfb6a97d1a5a2d38a6475a8c408b09d92ba4d4612a78e87ca4cf428149db999

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9-up-gc52, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:48 GMT
x-amz-request-id: 0a00e602:17ddf9e1d98:45993:19003
x-cached-since: 2022-01-31T08:46:31+00:00, 2022-01-31T08:47:08+00:00
content-length: 602939
x-amz-id-2: 38e25abd94ce586584eafad06fa1ceca095fe04c995ae940a5bbda7f4c33cbe0
last-modified: Mon, 31 Jan 2022 08:27:05 GMT
server: nginx
x-amz-meta-s3cmd-attrs: atime:1626092050/ctime:1626092050/gid:20/gname:staff/md5:56eef1411d24f9d3e98d0057c818425a/mode:33188/mtime:1623849371/uid:503/uname:a18692448
etag: "54b5d46dbcf440c2e50ec667b740a223"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617625199
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sber.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/talk/ 639 KB
640 KB 78ms
78ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/talk/sber.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1aa638aeb56102a3f6958b9447c0440cfafb36fb32d3f4c15240da80151e714b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9-up-gc66, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:48 GMT
x-amz-request-id: 0a00e602:17ddf9e1d98:45d6b:390
x-cached-since: 2022-01-31T08:46:32+00:00, 2022-01-31T08:47:09+00:00
content-length: 654456
x-amz-id-2: 8ea49e0af3645f95ee9643c99868c34efd30c03330aa5898c2aec4835ba66a93
last-modified: Mon, 31 Jan 2022 08:27:19 GMT
server: nginx
x-amz-meta-s3cmd-attrs: atime:1626092050/ctime:1626092050/gid:20/gname:staff/md5:9800d54fe37609603588223c3602d05b/mode:33188/mtime:1623849296/uid:503/uname:a18692448
etag: "cb813015ee60db20cb6b801460b2f49b"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617639330
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 top100.js Show response
st.top100.ru/top100/ Frame 4C38 197 KB
66 KB 214ms
99ms Script
application/javascript 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 7e03a1243b492223d8179294dff77ab536861ee52355094cbdf186ca44b65edd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:48 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 09:55:08 GMT
server: nginx/1.19.4
x-amz-request-id: tx000000000000098143ec7-0061fbc0cb-f8aa9c-default
etag: W/"21893060bcde03ed2b25d5068a0027e2"
vary: Accept-Encoding
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=3600
x-rgw-object-type: Normal
content-type: application/javascript
expires: Thu, 03 Feb 2022 12:48:48 GMT

GET
H2 200 joy.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/ 417 KB
418 KB 79ms
78ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/joy.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a426aa44b4daf1eb536419c636ef44c880b595b637dd1aa966510618fb0eb68b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9p-up-gc10, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:48 GMT
x-amz-request-id: 0a00e605:17ddfb4b115:45ced:5d55
x-cached-since: 2022-01-31T08:46:31+00:00, 2022-01-31T08:47:09+00:00
content-length: 427260
x-amz-id-2: e5f4e015046b917a3033e6bf6c967f95ced87771f0cc25bf4d4254c9890f9b55
last-modified: Mon, 31 Jan 2022 08:27:05 GMT
server: nginx
x-amz-meta-s3cmd-attrs: atime:1626092050/ctime:1626092050/gid:20/gname:staff/md5:4339f8dfe0ba63d570008d92c3011e90/mode:33188/mtime:1623849371/uid:503/uname:a18692448
etag: "0086682932c196d6ae4946704f224599"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617625952
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 userip Show response
kraken.rambler.ru/ Frame 4C38 15 B
421 B 144ms
45ms XHR
text/plain 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 5a5992a9bdab7deb24298733244340f6426fd5e5431004f5800e8e522878ebcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.sberbank.ru
date: Thu, 03 Feb 2022 11:48:49 GMT
x-srv: 2node0042.top100.rambler.tech
content-type: application/octet-stream, text/plain
content-length: 15
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 eva.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/ 441 KB
442 KB 77ms
76ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/eva.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a1f13cd2ad7792bad0f26936727555369f1f1e9d8db75b9153410bef74bd0359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9-up-gc58, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:49 GMT
x-amz-request-id: 0a00e605:17ddfb4b115:45dcb:1465
x-cached-since: 2022-01-31T08:46:31+00:00, 2022-01-31T08:47:09+00:00
content-length: 451614
x-amz-id-2: 16c25b089920c03d14a5e21fe3fe7b286b9ede31c7911679fdddfd17803578ec
last-modified: Mon, 31 Jan 2022 08:27:05 GMT
server: nginx
x-amz-meta-s3cmd-attrs: atime:1626092050/ctime:1626092050/gid:20/gname:staff/md5:36672772a3425cc16d43a1c1fb84ec08/mode:33188/mtime:1623849371/uid:503/uname:a18692448
etag: "30b3d31e80111c4b9ebc96fc564dc7f8"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617625615
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 /
kraken.rambler.ru/cnt/ Frame 4C38 595 B
1 KB 137ms
46ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=3122244&rid=1643888928.333-592479906&tid=t1.3122244.685943965.1643888928335&v=1.28.4&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cd&aduid=e058aa5d-f3f6-48d1-9bb3-fb26d7455a7d&aduidsc=sberbank.ru&uid=203429629.1643888924&rn=738021424&bs=1600x855&ce=1&rf=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&en=1&pt=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&fv&sv&lv&url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&eid=6111889283455355&stid=810033338_1643888928336&sn=1&sen=1&fp_scope=1&fid=pA8AAENKs1cor5khAUa0uQA%3D&fip=pA8AAENKs1fKVboDAV032QA%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:49 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
x-srv: 2node0042.top100.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
access-control-allow-headers: content-type
content-length: 595
server: nginx/1.19.4

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 197 KB
66 KB 53ms
52ms Script
application/javascript 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 7e03a1243b492223d8179294dff77ab536861ee52355094cbdf186ca44b65edd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:49 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 09:55:08 GMT
server: nginx/1.19.4
x-amz-request-id: tx000000000000098143ec7-0061fbc0cb-f8aa9c-default
etag: W/"21893060bcde03ed2b25d5068a0027e2"
vary: Accept-Encoding
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=3600
x-rgw-object-type: Normal
content-type: application/javascript
expires: Thu, 03 Feb 2022 12:48:49 GMT

GET
H2 200 userip Show response
kraken.rambler.ru/ 15 B
420 B 45ms
44ms XHR
text/plain 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 5a5992a9bdab7deb24298733244340f6426fd5e5431004f5800e8e522878ebcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.sberbank.ru
date: Thu, 03 Feb 2022 11:48:49 GMT
x-srv: 2node0042.top100.rambler.tech
content-type: application/octet-stream, text/plain
content-length: 15
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
989 B 46ms
46ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=3122244&rid=1643888928.692-462431663&tid=t1.3122244.685943965.1643888928335&v=1.28.4&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cd&aduid=e058aa5d-f3f6-48d1-9bb3-fb26d7455a7d&aduidsc=sberbank.ru&uid=203429629.1643888924&rn=1473365730&bs=1600x1200&ce=1&rf&en=2&pt=%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&fv&sv&lv=1643888928339%3A%3A1643888928339&url=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&eid=4533889286987247&stid=810033338_1643888928336&sn=1&sen=2&fp_scope=0&fid=pA8AAENKs1cor5khAUa0uQA%3D&fip=pA8AAENKs1fKVboDAV032QA%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:49 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
x-srv: 2node0042.top100.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
access-control-allow-headers: content-type
content-length: 595
server: nginx/1.19.4

GET
H3 200 1895428390692450 Show response
connect.facebook.net/signals/config/ 40 KB
11 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1895428390692450?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1096b697971f191bacedba2fc0f367814f7ea41422caf4b039caf91ff0e5b461

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11094
x-xss-protection: 0
pragma: public
x-fb-debug: U8L4VhEZf4gsQ/9E5Reb4GVxcD7OR3gce3+Rwbk+VGEkkdaT9hAOklDb6FDFR7xXjp3BxuQiId5hm5F+5ZcU5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 03 Feb 2022 11:48:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 27 KB
11 KB 57ms
56ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 22 Dec 2021 12:22:53 GMT
server: nginx
etag: W/"61c3189d-6a23"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Thu, 03 Feb 2022 12:48:50 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 102 KB
23 KB 114ms
37ms Script
application/x-javascript 87.240.190.72

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?161
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.72 -, , ASN (),
Reverse DNS
Software: kittenx /
Resource Hash: 2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
content-encoding: br
x-frontend: front224206
last-modified: Thu, 07 Oct 2021 11:12:43 GMT
server: kittenx
etag: "615ed62b-5a1f"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23071
expires: Mon, 07 Feb 2022 11:48:50 GMT

GET
H2 200 sdk.js Show response
partners.sbermarketing.ru/api/tracker/ 3 KB
2 KB 209ms
49ms Script
application/javascript 92.42.15.185

General

Check archive.org

Show headers Download Go to

Full URL

https://partners.sbermarketing.ru/api/tracker/sdk.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.42.15.185 -, , ASN (),

Reverse DNS

Software

nginx / Express

Resource Hash

a4fb4786446d1746c7765efd37bd524a81816e164d06d4533b80c560d5b5b8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Express
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: deny
strict-transport-security: max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: undefined
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=7200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With,Content-Type, Accept, Authorization

GET
H/1.1 200
OK pixel.gif
statad.ru/ 43 B
365 B 55ms
11ms Image
image/gif 144.76.85.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statad.ru/pixel.gif?rnd=0.2504199834625094&u=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&r=&v=4&w=1&h=0&gW=1600&gH=1200&gDH=3018&gDW=1600&sW=1600&sH=1200&daw=1600&dah=1200&ga=GA1.1.203429629.1643888924&dpr=1&c=eff:4g&t=1643888929400&rc=0&tn=0&dc=205&wGLRen=Intel%20Inc.
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.85.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.142.85.76.144.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:50 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
21ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515925933055779&ev=PageView&dl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&rl=&if=false&ts=1643888929439&sw=1600&sh=1200&ud[external_id]=3153b0ea28632cbc9b3ef90f68759d493137f9f9fa7cbf8befef949c1ab1a452&v=2.9.52&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1643888924772.465121845&it=1643888924610&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 03 Feb 2022 11:48:50 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 22ms
21ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1895428390692450&ev=PageView&dl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&rl=&if=false&ts=1643888929441&sw=1600&sh=1200&ud[external_id]=3153b0ea28632cbc9b3ef90f68759d493137f9f9fa7cbf8befef949c1ab1a452&v=2.9.52&r=stable&ec=0&o=28&fbp=fb.1.1643888924772.465121845&it=1643888924610&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 03 Feb 2022 11:48:50 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
927 B 57ms
56ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2866471;u=https%3A//www.sberbank.ru/ru/person/dist_services/tax_refund;st=1643888924002;title=%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=c46220375039fbad;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9//4g/0/0/;lvid=1643888929466%3A1643888929473%3A1%3Ad8fca2c7774d8d505abb747a698035d0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.5500308848990705

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://www.sberbank.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.sberbank.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://www.sberbank.ru
access-control-allow-headers: *

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
926 B 56ms
56ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2866471;u=https%3A//www.sberbank.ru/ru/person/dist_services/tax_refund;st=1643888924002;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=c46220375039fbad;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1643888922360/////381/382/535/535/698/586/699/898/1053/1095/1642/1691/1697/3204/3205/3213;ni=9//4g/0/0/;lvid=1643888929466%3A1643888929476%3A2%3Ad8fca2c7774d8d505abb747a698035d0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.04151799601860917;e=RT/load;et=1643888929475

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://www.sberbank.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.sberbank.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://www.sberbank.ru
access-control-allow-headers: *

GET
H3 200 rtrg
vk.com/ 49 B
494 B 136ms
50ms Image
image/gif 87.240.190.72

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-493688-1yP0E&metatag_url=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&metatag_title=%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA

Protocol

Security

QUIC, , AES_128_GCM

Server

87.240.190.72 -, , ASN (),

Reverse DNS

Software

kittenx / KPHP/7.4.110091

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
content-encoding: gzip
x-frontend: front220206
server: kittenx
x-powered-by: KPHP/7.4.110091
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 65

POST
H2 204 hit
partners.sbermarketing.ru//api/tracker/ 0
380 B 1061ms
1060ms Ping
text/plain 92.42.15.185

General

Check archive.org

Show headers Download Go to

Full URL

https://partners.sbermarketing.ru//api/tracker/hit?url=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&ref=&sw=1600&sh=1200&rnd=0.609535467994601&uid=20342962916438889240000000000000

Requested by

Host: partners.sbermarketing.ru
URL: https://partners.sbermarketing.ru/api/tracker/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.42.15.185 -, , ASN (),

Reverse DNS

Software

nginx / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Feb 2022 11:48:51 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: Express
x-frame-options: deny
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
access-control-allow-origin: https://www.sberbank.ru
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Origin, X-Requested-With,Content-Type, Accept, Authorization
x-xss-protection: 1; mode=block

POST
H3 204 collect
www.google-analytics.com/g/ Frame 4C38 0
17 B 46ms
46ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2TDLL4T53E&gtm=2oe220&_p=345403696&sr=1600x1200&ul=en-us&cid=203429629.1643888924&dl=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&dr=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&dt=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&sid=1643888923&sct=1&seg=1&_s=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2TDLL4T53E&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sberbank.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
partners.sbermarketing.ru/api/tracker/ Frame 4C38 3 KB
2 KB 56ms
55ms Script
application/javascript 92.42.15.185

General

Check archive.org

Show headers Download Go to

Full URL

https://partners.sbermarketing.ru/api/tracker/sdk.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.42.15.185 -, , ASN (),

Reverse DNS

Software

nginx / Express

Resource Hash

a4fb4786446d1746c7765efd37bd524a81816e164d06d4533b80c560d5b5b8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Express
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: deny
strict-transport-security: max-age=31536000
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: undefined
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=7200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With,Content-Type, Accept, Authorization

GET
H/1.1 200
OK pixel.gif
statad.ru/ Frame 4C38 43 B
335 B 11ms
11ms Image
image/gif 144.76.85.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statad.ru/pixel.gif?rnd=0.724399608917802&u=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&r=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&v=4&w=0&h=0&gW=1600&gH=855&gDH=855&gDW=1600&sW=1600&sH=1200&daw=1600&dah=1200&ga=GA1.1.203429629.1643888924&dpr=1&c=eff:4g&t=1643888929400&rc=0&tn=0&dc=0&wGLRen=Intel%20Inc.
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.85.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.142.85.76.144.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 11:48:50 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 1895428390692450 Show response
connect.facebook.net/signals/config/ Frame 4C38 40 KB
11 KB 18ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1895428390692450?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1096b697971f191bacedba2fc0f367814f7ea41422caf4b039caf91ff0e5b461

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11094
x-xss-protection: 0
pragma: public
x-fb-debug: U8L4VhEZf4gsQ/9E5Reb4GVxcD7OR3gce3+Rwbk+VGEkkdaT9hAOklDb6FDFR7xXjp3BxuQiId5hm5F+5ZcU5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 03 Feb 2022 11:48:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ Frame 4C38 27 KB
11 KB 57ms
57ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 22 Dec 2021 12:22:53 GMT
server: nginx
etag: W/"61c3189d-6a23"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Thu, 03 Feb 2022 12:48:50 GMT

GET
H3 200 openapi.js Show response
vk.com/js/api/ Frame 4C38 102 KB
23 KB 49ms
49ms Script
application/x-javascript 87.240.190.72

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?161
Requested by: Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 87.240.190.72 -, , ASN (),
Reverse DNS
Software: kittenx /
Resource Hash: 2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
content-encoding: br
x-frontend: front220206
last-modified: Thu, 07 Oct 2021 11:12:43 GMT
server: kittenx
etag: "615ed62b-5a1f"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23071
expires: Mon, 07 Feb 2022 11:48:50 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 4C38 44 B
88 B 29ms
29ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=515925933055779&ev=PageView&dl=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&rl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&if=true&ts=1643888929876&sw=1600&sh=1200&ud[external_id]=3153b0ea28632cbc9b3ef90f68759d493137f9f9fa7cbf8befef949c1ab1a452&v=2.9.52&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1643888924772.465121845&it=1643888925161&coo=false&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 03 Feb 2022 11:48:50 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 4C38 44 B
88 B 32ms
32ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1895428390692450&ev=PageView&dl=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&rl=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&if=true&ts=1643888929877&sw=1600&sh=1200&ud[external_id]=3153b0ea28632cbc9b3ef90f68759d493137f9f9fa7cbf8befef949c1ab1a452&v=2.9.52&r=stable&ec=0&o=28&fbp=fb.1.1643888924772.465121845&it=1643888925161&coo=false&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 03 Feb 2022 11:48:50 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 4C38 137 KB
49 KB 141ms
62ms Script
application/javascript 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
content-encoding: br
last-modified: Tue, 01 Feb 2022 13:59:59 GMT
etag: "61f912af-c1c4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 49604
expires: Thu, 03 Feb 2022 12:48:50 GMT

POST
H2 204 hit
partners.sbermarketing.ru//api/tracker/ Frame 4C38 0
380 B 1063ms
1062ms Ping
text/plain 92.42.15.185

General

Check archive.org

Show headers Download Go to

Full URL

https://partners.sbermarketing.ru//api/tracker/hit?url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&sw=1600&sh=1200&rnd=0.46226806606799564&uid=20342962916438889240000000000000

Requested by

Host: partners.sbermarketing.ru
URL: https://partners.sbermarketing.ru/api/tracker/sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.42.15.185 -, , ASN (),

Reverse DNS

Software

nginx / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Feb 2022 11:48:51 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: Express
x-frame-options: deny
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
access-control-allow-origin: https://www.sberbank.ru
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Origin, X-Requested-With,Content-Type, Accept, Authorization
x-xss-protection: 1; mode=block

POST
H2 200 counter
top-fwz1.mail.ru/ Frame 4C38 43 B
925 B 57ms
56ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2866471;u=https%3A//www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html;r=https%3A//www.sberbank.ru/ru/person/dist_services/tax_refund;st=1643888924321;title=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB;s=1600*1200;vp=1600*855;touch=0;hds=1;frame=1;flash=;sid=0eddadfb520f6a74;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9//4g/0/0/;lvid=1643888929466%3A1643888929961%3A3%3Ad8fca2c7774d8d505abb747a698035d0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.6093765021050623

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://www.sberbank.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.sberbank.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://www.sberbank.ru
access-control-allow-headers: *

POST
H2 200 tracker
top-fwz1.mail.ru/ Frame 4C38 43 B
925 B 57ms
56ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2866471;u=https%3A//www.sberbank.ru/common/img/uploaded/redirected/person/dist_services/return_nalog_calc_new/index.html;r=https%3A//www.sberbank.ru/ru/person/dist_services/tax_refund;st=1643888924321;s=1600*1200;vp=1600*855;touch=0;hds=1;frame=1;flash=;sid=0eddadfb520f6a74;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1643888923833/////1/1/1/1/1//2/58/70/85/488/488/510/986/986/996;ni=9//4g/0/0/;lvid=1643888929466%3A1643888929965%3A4%3Ad8fca2c7774d8d505abb747a698035d0;opts=dl%2Cjst-gtag-ga;visible=true;_=0.9463673968213699;e=RT/load;et=1643888929963

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sberbank.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://www.sberbank.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.sberbank.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://www.sberbank.ru
access-control-allow-headers: *

GET
H3 200 rtrg
vk.com/ Frame 4C38 49 B
412 B 52ms
51ms Image
image/gif 87.240.190.72

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-493688-1yP0E&metatag_url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&metatag_title=%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB

Protocol

Security

QUIC, , AES_128_GCM

Server

87.240.190.72 -, , ASN (),

Reverse DNS

Software

kittenx / KPHP/7.4.110091

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
content-encoding: gzip
x-frontend: front220206
server: kittenx
x-powered-by: KPHP/7.4.110091
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 65

GET
H2

200

1 Show response
mc.yandex.com/watch/1175048/ Frame 4C38
Redirect Chain

https://mc.yandex.com/watch/1175048?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=http...
https://mc.yandex.com/watch/1175048/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=ht...

395 B
430 B

33ms
32ms

XHR
application/json

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1175048/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A254976958571%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A649278851%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

33dad52204ae0194906bb01afe0c6ed5332d82198deee76c2ac1a8bb8b9d8134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Feb-2022 11:48:50 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 395
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 11:48:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:50 GMT
last-modified: Thu, 03-Feb-2022 11:48:50 GMT
location: /watch/1175048/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A254976958571%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A649278851%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 11:48:50 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/31643078/ Frame 4C38
Redirect Chain

https://mc.yandex.com/watch/31643078?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=htt...
https://mc.yandex.com/watch/31643078/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=h...

350 B
606 B

33ms
32ms

XHR
application/json

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/31643078/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A0%3Als%3A222320768425%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A152520566%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

bd4ff88bbcc062fccea3b1a8bf7799630a303e478041430eca2cd81671169637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Feb-2022 11:48:50 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 11:48:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:50 GMT
last-modified: Thu, 03-Feb-2022 11:48:50 GMT
location: /watch/31643078/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A0%3Als%3A222320768425%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A152520566%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 11:48:50 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/34972370/ Frame 4C38
Redirect Chain

https://mc.yandex.com/watch/34972370?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=htt...
https://mc.yandex.com/watch/34972370/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=h...

331 B
366 B

33ms
32ms

XHR
application/json

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/34972370/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A3%3Adp%3A0%3Als%3A426329204747%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A390546982%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

83c2318e4c87f00a3564b6e23e68a7cc97c20e0b774c79194bbf2d70e9fe6ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Feb-2022 11:48:50 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 11:48:50 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:50 GMT
last-modified: Thu, 03-Feb-2022 11:48:50 GMT
location: /watch/34972370/1?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fcommon%2Fimg%2Fuploaded%2Fredirected%2Fperson%2Fdist_services%2Freturn_nalog_calc_new%2Findex.html&page-ref=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A3%3Adp%3A0%3Als%3A426329204747%3Ahid%3A781758183%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888930%3Ac%3A1%3Arn%3A390546982%3Arqn%3A1%3Au%3A1643888930120065566%3Aw%3A1600x855%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1643888923833%3Ads%3A0%2C0%2C56%2C11%2C1%2C0%2C%2C419%2C21%2C986%2C986%2C10%2C489%3Aco%3A0%3Arqnl%3A1%3Ast%3A1643888930%3At%3A%C2%AB%D0%A1%D0%B1%D0%B5%D1%80%D0%B1%D0%B0%D0%BD%D0%BA%C2%BB&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 11:48:50 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 4C38 43 B
205 B 32ms
31ms Image
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:50 GMT
last-modified: Wed, 26 Jan 2022 15:48:14 GMT
etag: "61f1430e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 03 Feb 2022 12:48:50 GMT

GET
H2 200 sber_32.png
cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/ 174 KB
175 KB 76ms
76ms Image
image/png 2a03:90c0:b1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-app.sberdevices.ru/misc/0.0.0/assistant-web-sdk/kpss/animations/load/sber_32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:b1:2801::254 Yekaterinburg, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ab0e13d2429a3e9327c1b5536f7190dfaaaec0ea95bc98056711b67f37f253e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-id: m9-up-gc58, dh-up-gc21
date: Thu, 03 Feb 2022 11:48:51 GMT
x-amz-request-id: 0a00e602:17ddf9e1d98:45d2f:3391
x-cached-since: 2022-01-31T08:46:31+00:00, 2022-01-31T08:46:44+00:00
content-length: 178453
x-amz-id-2: 79280bc11a819b2f2140c3294dec1ebd666e10ac369125465320ed9f3c8f8e5b
last-modified: Mon, 31 Jan 2022 08:27:06 GMT
server: nginx
etag: "4f292ba5f2d6b9cf5f94458223ab0aac"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cache: HIT, HIT
x-emc-mtime: 1643617626243
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 137 KB
49 KB 33ms
32ms Script
application/javascript 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.sberbank.ru
URL: https://www.sberbank.ru/ru/person/dist_services/tax_refund

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:51 GMT
content-encoding: br
last-modified: Tue, 01 Feb 2022 13:59:59 GMT
etag: "61f912af-c1c4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 49604
expires: Thu, 03 Feb 2022 12:48:51 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9538.xaNEfPTdWs5IzXDka4SSRzT4gvctlbfXc3gC4dGvqUmdXJBT-5AaLtfaunHoETyM.JYn6v2JOdLX4_y-xJ-HQf86nwaU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9538.Z4y9rLWbUw1sij_pIfJA3O33eZuLY9LfQPWMyASuMR13UhmiQRqjqiTAYHQfQ681pDz5MQZeHn8W0_lc0SH3QfVb4Ti09zhK63PSMsCKqe0%2C.A6JMutq2BUqQgEIgJQ-HNa9CAE8%2C

43 B
569 B

31ms
31ms

Image
image/gif

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9538.Z4y9rLWbUw1sij_pIfJA3O33eZuLY9LfQPWMyASuMR13UhmiQRqjqiTAYHQfQ681pDz5MQZeHn8W0_lc0SH3QfVb4Ti09zhK63PSMsCKqe0%2C.A6JMutq2BUqQgEIgJQ-HNa9CAE8%2C

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 11:48:51 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9538.Z4y9rLWbUw1sij_pIfJA3O33eZuLY9LfQPWMyASuMR13UhmiQRqjqiTAYHQfQ681pDz5MQZeHn8W0_lc0SH3QfVb4Ti09zhK63PSMsCKqe0%2C.A6JMutq2BUqQgEIgJQ-HNa9CAE8%2C
date: Thu, 03 Feb 2022 11:48:51 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 31643078 Show response
mc.yandex.com/watch/ 350 B
724 B 33ms
32ms XHR
application/json 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/31643078?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A1555%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A2%3Adp%3A0%3Als%3A222320768425%3Ahid%3A722467302%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888931%3Ac%3A1%3Arn%3A40842376%3Arqn%3A2%3Au%3A1643888930120065566%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643888922360%3Ads%3A154%2C163%2C200%2C154%2C382%2C0%2C%2C590%2C6%2C3204%2C3205%2C8%2C1691%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643888931%3At%3A%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

574df30753736dfa3a1c6308762ad0a59a556b387e2d6b6b7d6d768d711fd955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Feb-2022 11:48:51 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 11:48:51 GMT

GET
H2 200 34972370 Show response
mc.yandex.com/watch/ 331 B
547 B 34ms
33ms XHR
application/json 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/34972370?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A1555%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A3%3Adp%3A0%3Als%3A426329204747%3Ahid%3A722467302%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888931%3Ac%3A1%3Arn%3A809834316%3Arqn%3A2%3Au%3A1643888930120065566%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643888922360%3Ads%3A154%2C163%2C200%2C154%2C382%2C0%2C%2C590%2C6%2C3204%2C3205%2C8%2C1691%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643888931%3At%3A%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

2af553f2e6fb8fb56094a8247a8e6a6bc563bc4739cdbf1e5b9e734d3b2eee13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Feb-2022 11:48:51 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 11:48:51 GMT

GET
H2 200 1175048 Show response
mc.yandex.com/watch/ 395 B
582 B 34ms
33ms XHR
application/json 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1175048?wmode=7&page-url=https%3A%2F%2Fwww.sberbank.ru%2Fru%2Fperson%2Fdist_services%2Ftax_refund&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf3qo6c2s0fzz%3Afp%3A1555%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A741%3Acn%3A1%3Adp%3A0%3Als%3A254976958571%3Ahid%3A722467302%3Az%3A0%3Ai%3A20220203114850%3Aet%3A1643888931%3Ac%3A1%3Arn%3A816628488%3Arqn%3A2%3Au%3A1643888930120065566%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1643888922360%3Ads%3A154%2C163%2C200%2C154%2C382%2C0%2C%2C590%2C6%2C3204%2C3205%2C8%2C1691%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1643888931%3At%3A%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%20%E2%80%94%20%D0%A1%D0%B1%D0%B5%D1%80%D0%91%D0%B0%D0%BD%D0%BA&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

ea8cffb61d2c50afd3432c20992a929b371514559af15a6d4c04dcbb649aebd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sberbank.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Feb 2022 11:48:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Feb-2022 11:48:51 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sberbank.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 395
x-xss-protection: 1; mode=block
expires: Thu, 03-Feb-2022 11:48:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: creative.rutarget.ru
URL: https://creative.rutarget.ru/creative?name=creative&cid=20655&shop_id=sberbank_ru&bid_value=0.001&ssp=sberbank&rid=1643888924876&t=99492&pub=sberbank

Domain: creative.rutarget.ru
URL: https://creative.rutarget.ru/creative?name=creative&cid=20655&shop_id=sberbank_ru&bid_value=0.001&ssp=sberbank&rid=1643888925583&t=99492&pub=sberbank

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sberbank.ru/ru/person/dist_services	1969-12-31 23:59:59	Name: va_id Value: 1dUR59AS3XYboQwZUqpokE
www.sberbank.ru/dict-services	1969-12-31 23:59:59	Name: JSESSIONID Value: fnowbviH82iWW7dGH8PQunWointb3cMqW4YR3SF5.dict-services-768d489875-t5rgl
www.sberbank.ru/dict-services	1969-12-31 23:59:59	Name: TS013951fb Value: 013ade28994ae2cde208eee6f1808273297788d4314e89afbd8f451ff19854af29e598c5abfbce78d5aeb542b18e4c70ac9b7e63ee5e4e95beed627ce6215ed21c8d76707339f6bf5c35151485c96879ac7dc70b1bca03148e0f12a67ae26c0e2540642adbd09292d1f7a5b7c759ed056832ee8ff5ba63c0d384ffa804de559ed8f3eeea8c6eb31f6757d6c0aa2248f1fcf009856f
www.sberbank.ru/proxy	1969-12-31 23:59:59	Name: JSESSIONID Value: XJ_0aaldGmex9HYmTxI8eOuZBlQHcsyFp6j-Ulzp.gateway-21-5dls6
www.sberbank.ru/proxy	1969-12-31 23:59:59	Name: TS019fab19 Value: 013ade289953f4cf689f453cbc9fd39001fde165604e89afbd8f451ff19854af29e598c5abfbce78d5aeb542b18e4c70ac9b7e63ee5e4e95beed627ce6215ed21c8d76707339f6bf5c35151485c96879ac7dc70b1b522dd7a9850a5fda525eb899b8a420c3630cb87dfcc5e6923e6d86c00e3eab471e38dc16d42b12d28b5b0422c89a305490650054c177e1daa8b013ee15716bcc
www.sberbank.ru/	1970-01-20 09:23:44	Name: BBTracking Value: "Mw=="
www.sberbank.ru/	1969-12-31 23:59:59	Name: BBXSRF Value: f1ab9353-8ef4-42c7-8622-1206f596156f
www.sberbank.ru/	1969-12-31 23:59:59	Name: JSESSIONID Value: XJ_0aaldGmex9HYmTxI8eOuZBlQHcsyFp6j-Ulzp.portalserver-live-13-4zqsc
www.sberbank.ru/	1970-01-20 09:10:47	Name: anonymousUserId Value: 547e14d4-2bbe-476f-a328-3ad2aa24ff07
.sberbank.ru/	1970-01-20 02:47:44	Name: _gcl_au Value: 1.1.775197341.1643888924
.www.sberbank.ru/	1969-12-31 23:59:59	Name: product_page Value:
.sberbank.ru/	1970-01-20 00:39:35	Name: _gid Value: GA1.2.83583677.1643888924
.sbermarketing.ru/	1970-01-20 09:23:44	Name: dmpuid Value: ypUisdBGQNG77kOBdjeOlQ
.sberbank.ru/	1970-01-20 00:38:08	Name: _dc_gtm_UA-21169438-1 Value: 1
.sberbank.ru/	1970-02-07 06:38:08	Name: ___dmpkit___ Value: c3c4f987-244f-4f51-9a55-f51fec58441a
.rutarget.ru/	1970-01-20 04:57:20	Name: userId Value: DdsxdrOXc7EH
.sberbank.ru/	1970-01-25 20:31:23	Name: Segmento_UID Value: DdsxdrOXc7EH
.sberbank.ru/	1970-01-20 18:09:20	Name: _ga Value: GA1.1.203429629.1643888924
.sberbank.ru/	1970-01-20 02:47:44	Name: _fbp Value: fb.1.1643888924772.465121845
.1dmp.io/	1970-01-20 09:23:44	Name: uid Value: 3e250c90-84e7-11ec-9752-901b0e8d9836
.1dmp.io/	1970-01-20 00:38:08	Name: 3e250c91-84e7-11ec-9752-901b0e8d9836 Value: bz1ucyZjaWQ9NDUzZjhmZDEtODk2OS00NzQyLTlkNWEtYmM3NzJmMzdmMzgxJmJyaWQ9YzM4YWY4MmUtZWEzOC00YjFlLThlNDgtNjM1MTMxOWEzZDNjJnBpZD13JnVpZD1jM2M0Zjk4Ny0yNDRmLTRmNTEtOWE1NS1mNTFmZWM1ODQ0MWE=
.doubleclick.net/	1970-01-20 09:59:44	Name: IDE Value: AHWqTUkqOY08HG-6ToTdMj9FDrFqeuFqqD3nCKqdDMl6OcCKWUVzSrtJpiuoEiyPVBI
.sberbank.ru/	1970-01-20 18:09:20	Name: _ga_2TDLL4T53E Value: GS1.1.1643888923.1.1.1643888925.0
.1dmp.io/	1970-01-20 00:38:09	Name: ru-seq Value: null
.yandex.ru/	1970-01-23 16:14:08	Name: yuidss Value: 6724845101643888926
.yandex.ru/	1970-01-23 16:14:08	Name: yandexuid Value: 6724845101643888926
.1dmp.io/	1970-01-20 00:38:08	Name: 3e92c281-84e7-11ec-9752-901b0e8d9836 Value: bz1ucyZjaWQ9NDUzZjhmZDEtODk2OS00NzQyLTlkNWEtYmM3NzJmMzdmMzgxJmJyaWQ9YzM4YWY4MmUtZWEzOC00YjFlLThlNDgtNjM1MTMxOWEzZDNjJnBpZD13JnVpZD1jM2M0Zjk4Ny0yNDRmLTRmNTEtOWE1NS1mNTFmZWM1ODQ0MWE=
www.sberbank.ru/	1970-01-20 00:39:35	Name: X-Session-ID Value: 512597ee2ac1083a3d14c14144446d88
www.sberbank.ru/	1970-01-20 00:38:09	Name: sbrf.region_set Value: true
www.sberbank.ru/	1969-12-31 23:59:59	Name: abc4e19df5455fc72f51575e0d5bd928 Value: fbeac55f87d8ae45141d7084f8f60985
www.sberbank.ru/	1969-12-31 23:59:59	Name: TS011f2bf6 Value: 013ade2899e25b85b6ecdef16757c0a3ac63df32f24e89afbd8f451ff19854af29e598c5abfbce78d5aeb542b18e4c70ac9b7e63ee5e4e95beed627ce6215ed21c8d76707339f6bf5c35151485c96879ac7dc70b1bff66432e31fefb20f9f9ac8132bb63f80f2754b1a5d7a05b8af0f4bc2aa520ae34a43deb1b6db929b761693ad1d063b94670c0d160da324bfe3fdd5e681ac14005b1eb9ecf28544830f411a6da406d8a
.sberbank.ru/	1970-01-20 09:23:44	Name: top100_id Value: t1.3122244.685943965.1643888928335
.sberbank.ru/	1970-01-20 09:23:44	Name: adtech_uid Value: e058aa5d-f3f6-48d1-9bb3-fb26d7455a7d%3Asberbank.ru
.sberbank.ru/	1970-01-20 01:21:20	Name: user-id_1.0.5_lr_lruid Value: pQ8AACDB%2B2HTAdHTAVBMtAA%3D
.rambler.ru/	1970-01-25 20:05:16	Name: ruid Value: 1CIAACHB+2EPMrbCAfcZBgB=
.sberbank.ru/	1970-01-21 00:38:08	Name: last_visit Value: 1643888928696::1643888928696
.sberbank.ru/	1970-01-20 09:23:44	Name: t1_sid_3122244 Value: s1.810033338.1643888928336.1643888928699.1.2.2
.sberbank.ru/	1970-01-20 08:37:40	Name: tmr_lvid Value: d8fca2c7774d8d505abb747a698035d0
.sberbank.ru/	1970-01-20 08:37:40	Name: tmr_lvidTS Value: 1643888929466
.sberbank.ru/	1970-01-20 08:37:40	Name: tmr_reqNum Value: 2
.statad.ru/	1970-01-23 16:14:08	Name: uid Value: fd9e114755437c21d21d1523b09f1f38
.mail.ru/	1970-01-20 09:25:11	Name: VID Value: 2MX2QZ15PJo700000a18H4Y7:::0-0-0-71619dd:CAASEDjk5Y0ydrI8SalJqhUpCEwaYEpBxO27RZ85XiOHrkpCQqPBvyXnHW-_WSEmxnoz1mPWTSpO0mIRJRxy0g46aFFv3eUcD78QlUN1pxWl3DCcpRO7f71jf-CesYztLrcmO_xHgok6YdA8COg8XYUkJkK8Yw

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z(Line 64) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z(Line 64) Message: Unrecognized feature: 'conversion-measurement'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-9966367(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-9966367(Line 40) Message: Unrecognized feature: 'conversion-measurement'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10311401(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10311401(Line 40) Message: Unrecognized feature: 'conversion-measurement'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z(Line 64) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRDX7Z(Line 64) Message: Unrecognized feature: 'conversion-measurement'.
javascript	error	(Line 1) Message: Access to XMLHttpRequest at 'https://creative.rutarget.ru/creative?name=creative&cid=20655&shop_id=sberbank_ru&bid_value=0.001&ssp=sberbank&rid=1643888924876&t=99492&pub=sberbank' from origin 'https://www.sberbank.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	(Line 1) Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-9966367(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-9966367(Line 40) Message: Unrecognized feature: 'conversion-measurement'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10311401(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10311401(Line 40) Message: Unrecognized feature: 'conversion-measurement'.
javascript	error	(Line 1) Message: Access to XMLHttpRequest at 'https://creative.rutarget.ru/creative?name=creative&cid=20655&shop_id=sberbank_ru&bid_value=0.001&ssp=sberbank&rid=1643888925583&t=99492&pub=sberbank' from origin 'https://www.sberbank.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	(Line 1) Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.sberbank.ru/common/img/uploaded/promo/virtual-assistant/0.39.0/virtualassistant.js(Line 1) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10311401.fls.doubleclick.net
9966367.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
an.yandex.ru
analytics.tiktok.com
cdn-app.sberdevices.ru
cdn.rutarget.ru
cm.g.doubleclick.net
connect.facebook.net
creative.rutarget.ru
dmp-profiles.sbermarketing.ru
dmp.sbermarketing.ru
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
ndflka.ru
partners.sbermarketing.ru
site.yandex.net
st.top100.ru
statad.ru
stats.g.doubleclick.net
sync.1dmp.io
sync.rambler.ru
tag.rutarget.ru
top-fwz1.mail.ru
vk.com
vozvratnalogov.online
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.sberbank.ru
yastatic.net
creative.rutarget.ru
142.250.185.166
142.250.185.98
144.76.85.142
194.226.177.241
194.54.14.168
2.16.186.227
217.69.133.145
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:829::2002
2a00:1450:400c:c07::9a
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a03:90c0:b1:2801::254
37.18.100.247
5.9.139.208
78.155.202.4
80.64.106.151
81.19.89.16
81.19.89.17
87.240.190.72
88.99.214.77
91.192.150.52
92.42.15.185
004d28e4e267510163f5a8c350456d11cf86329002307733a7fa9b431d1dfe23
04264f23aae592697cacd9ad4084bac8fabd907896724c8901c85c2e437cc9f9
0530941821315a4c31d16949e842835842d50bd1f7f57ee9a0c608da00c60606
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0706c01d615fed46fe31a9947936dded545a759882c7ae17152972a3c580c097
0b3bb994ef5b5f76a838a1e638083d9b7bd82ccd7d901d97ee43e0f18defcd50
1096b697971f191bacedba2fc0f367814f7ea41422caf4b039caf91ff0e5b461
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13d3276a8af19e94028c1a4762cf15b75090a1bd4d46f4367a204674f16d935f
14db26234c6530a9f84bda614309a47d2a41ee54d8662e165c925119f1c603eb
19b280e9a4238e0f1cc15da79adf8de3525467b4867e21712fe4233a097f75c4
1aa638aeb56102a3f6958b9447c0440cfafb36fb32d3f4c15240da80151e714b
1d3e268337f0eed93fa6fd5b076cb933c59b8c977885a0d89ea83b9bd5a48a88
1da3296e11d156325fc1f915a46748d0a066c9ebd08f9c575439ec5ece8a225e
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25202d146a1beff8cca5a501cd2b9f48e8bc0ffffd102600f762bf5191fb5049
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2af553f2e6fb8fb56094a8247a8e6a6bc563bc4739cdbf1e5b9e734d3b2eee13
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677
2de33ca2d2cfb7f437aa190ecdd4b3991ff2879604c0e24aaf02849ae1f360b3
2f3ee8524a05db8a30e14cfbe98175341508f92759804299364e97848f4a0148
2f48845684cf362ce27771e41855b88ba44b3eafbc9f8b1d40a623a339eebf8f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32b172b0a678fe9739d5946e31cb503108157ae8c4ae1fdab73a3072fb1c2961
33dad52204ae0194906bb01afe0c6ed5332d82198deee76c2ac1a8bb8b9d8134
343d039865f534cfada3ac7b4d090770357c50d4c42d8aba82920ae8880c26ea
3a676a42b8b656fc55815f6e6e43970bfc835d3185e481941fb821f440217a53
3b57b98df06700b837a9a0a7172c797b9ef39d8a7af9c12f8b27b73911669167
3ffba24d937852ac28e21e6a974bb1bad2a215b26092bafac8b1fff2f932a369
420330adb1e6c6d733e841670e895c8960cca9dbbd1826534b6f4b383e911a7b
4417bff4920d72006c73bf2042c2474320e60dfb6b08704cb4a70da26759fb0c
45a1ab862bbc5e2921553773fa55546fbfc3344ef67859dfb560a7ffac37c6e3
48941b9291539e301efacafbdcc4b44fb8fef4438b126a512419ff629a29193d
496a631b06f3de4557b22a4efde6c2164767d7654dbcf9d96147417281faae33
4acfa835a53c60a1677c82cbb7e1b3b6a6dc135bc678a1d79dff5aaff3f292dc
4c0bbacbbd3522c316e60a63342bcd98cefc0bf4cb68514a2e75d23607c74bda
4f47458c8000714661ae45862034425a85c09a9d404dfb7a75398d9b0a263e9c
53c30bcaf7d44775ccf20fe9abc5ebee3c3e6cc2bd8b19d5d4adca94614678a0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
574df30753736dfa3a1c6308762ad0a59a556b387e2d6b6b7d6d768d711fd955
5a5992a9bdab7deb24298733244340f6426fd5e5431004f5800e8e522878ebcd
5bcad9fc043e154bb3ee69e425f774004b750b2957113f0327266d682b475a2f
5c6726ae06bb7bb6c3aee5e38758958c41577bdde60be39bdafa7427ed8b4164
5d8c424fc63b3ac408139bbe3f26374c64c1a30a4e035f8d66f6a5a30fc96f7c
5fa9c2d5b278cd1fd18d39c24701ed3cf534161f8ecff33ce87a822f0a1e53fa
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
633a8467aa5d8c826c96712ef5de52bcd6953099cd9b585c6c0d0502d0284847
6c7ee4d9b342dc38a34319dd037b5b090e964672357e649a7edbc54151b5290a
70533fe147dea80d90ad541e0aaa63139df668072a36b025d6cde7d3547bf674
70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711
7352ede0c8c9c0c12b89952f01c051c77cf384e8ecce8ee8960de7de72a2314f
747464eb44f1a37cef212e07e47d0b0a6c4ed477fc0af69a432d94bea2e72057
74e54f503582825b07d59a633ad44eefda6b7c6575712911b68a00c57047fce6
7560a306e7964932fd72a82e6c9bb220f186e0d303756e70c4ed5fad17b67d09
767e524ff4d2cb0a17063a377dce5c8b7418c762571f6506d08cfbd0562b2e6b
775385a8548e6152479b8ca570fbc3cf6b2261895b10085e2be54a5900970383
7b187fc99298c3c2749771da6086840cf677f696f2848e69de824eb72a371885
7bb9e438f9c387ee5f1011421009a414c53e2e8ee973db3f474209ce451dda56
7daf6ca541fcb3fe983c531922933f9144c6085f631905959fc9582958dbe7c4
7e03a1243b492223d8179294dff77ab536861ee52355094cbdf186ca44b65edd
7ec0144b33f5673fb07ea4d459b4e391d9473c1aab6ab869e3563be68bfa0248
80609d8dfb4069766a0abec53f07bef0dd343321e696c493efd68580461e20f1
8285e568b3bbcb8bd39a13076176675c5bb3c5956835397aba9004835535f592
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c2318e4c87f00a3564b6e23e68a7cc97c20e0b774c79194bbf2d70e9fe6ebd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a28cf8c2e625cac25c2b524ff85d77344703b7be690f7d6a9d04e8e8705821f
8be4dc0925303fd5556a13ab9f4fc5f758e26c37040dc57edc50c18013706d9b
8d830cf5dd4162b0addd1e08ce9fd8fc008f08bc53f2f83a59ab1277b4202178
8f75e85012d862c40072a3b74d38b1340d5ee7a8055b3796c3d88b6a9461b2c2
955143711fef785e69cd5397c1c730b2f575a30c382af9e147590d18fdada566
95d8a184b7f8aa24ee066aed4f8b98805f7bdb1687f1cdfaa341119d2a5ca2ce
97114cb04fac9b6885b7e3b5b17911c711f72182744f8984d1b0c6ad18de4643
97393ac04f540688e548f4747f00cfeae73961859247cf733bb9d7f9eea7aa24
9d676b935466757317d5ec273912570a305b9795d7f576b140c744f92237f43e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b61a0b3def1515da077e27a1ea877793fdf8f73e8dbb236d7ed18d004d11e4
a1f13cd2ad7792bad0f26936727555369f1f1e9d8db75b9153410bef74bd0359
a426aa44b4daf1eb536419c636ef44c880b595b637dd1aa966510618fb0eb68b
a4fb4786446d1746c7765efd37bd524a81816e164d06d4533b80c560d5b5b8e8
ab0e13d2429a3e9327c1b5536f7190dfaaaec0ea95bc98056711b67f37f253e8
aecd66de64a91bd038f02e05bc08c812daff75b691a66fe76dc0e9f3ebd5b596
b09e8fd3f8133925dff3b1af546e587b116dc6386bdfb10365eb49c50f0d24e8
b1fd088b793316879a49d704fca95a03173da1d78071661c7acb0bde67bf704b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b302e06a228844811eb12170cc1239688be6872887e9127f7fb6b268061afed4
b48eb03f907e33e2baf94f0be7498c66e178109ca4011f711e0ce692aa8ff1ec
b67a63ba0c33e16e6babaf441f972486f48f1bb31af575c0928943432871425e
bd4ff88bbcc062fccea3b1a8bf7799630a303e478041430eca2cd81671169637
bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e
c19998b016d0161846060867fb4264022b34b860878f24a242b9101cfaf9920a
c4202343c059f9bd13d3bbd07f54f6ff2674f2207eecde6d580e535512dd0786
cb0c214aa0d38db5ae1a0c50ed523158b19b6ffd010379ff9629092421d3ecb4
cb1f40bbd22907e6d662dadb93dae34a1524be7a856d9b63cd1ed3792e7aae25
cba026ae4b0a8321907cb43f9c9f7f09527717e95b1eb799cd7d172a52eb03b0
cdfb6a97d1a5a2d38a6475a8c408b09d92ba4d4612a78e87ca4cf428149db999
ce60d50c5483ac8770535b04dc266eeb9cc051c55e66d4eacb480cd04308b0ab
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d4dc5cc524f56cab02b8461374b0c89737c93b6944fe3b378be88f7e5850abf0
d6bbde826b16316e01324a9fba24f595658c003c6b89280e6e81a6adf1e74bf1
d88377f92693840574d7ce567505a98c85ce38c1b205ab4a30c9dbf1e71fb5b1
dad94479cd1440a252c6ff478710d39d6a78ef83e1eab1da5ac96fbc77f6a9ba
daea91f4c14dd44be208c5f3f5859578a0a04794a4da4371cc2d2590e48c0e42
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
e2b2e7b3916859ab867f2d26f70d403b558c69884c3b48c3f4d0218e63df7520
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61dabb3281977d3a5f1d3f8517b7054243b403f4f5148d113bc72abb2765dba
e928483f86ff55a7ca9016457c1ced684d91a4ae0b772f906d39bf7bcc5947cd
ea8cffb61d2c50afd3432c20992a929b371514559af15a6d4c04dcbb649aebd9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04db1f9a1c9a28f9b093cad101b4493b242bdba5c03fb76828276d396ed2312
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f23fc41d9a785677bc3de05daadf67847d6f7c966ec9bca2219eb4e645d0f980
f3e974f42bddaac647ada00e08552cec3c12f9e45c733bed6d06f3e83f8368a7
f55dc63204146265630a3c182776bd87099d904387d6a828264303f5ea50cf6e
f646bb24935a37525ece29f69c2abcc996ce2c426a714a38a11a6a1bcd703099
fddcfb47b0261be38638b3fc8f206b01753369e51903c6ed868a45b801d46627

www.sberbank.ru Open in urlscan Pro 194.54.14.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

92 %HTTPS

43 %IPv6

24 Domains

36 Subdomains

28 IPs

5 Countries

7148 kBTransfer

15996 kBSize

42 Cookies

38 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sberbank.ru Open in urlscan Pro
194.54.14.168 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

92 %
HTTPS

43 %
IPv6

24
Domains

36
Subdomains

28
IPs

5
Countries

7148 kB
Transfer

15996 kB
Size

42
Cookies

182 HTTP transactions
20 data transactions