urlscan.io logo urlscan.io
SecurityTrails logo

auth.apibank.ru Open in urlscan Pro
95.163.211.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://smz-alfabank.ru/
Effective URL: https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-web&redirect_uri=htt...
Submission: On October 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 28 HTTP transactions. The main IP is 95.163.211.78, located in Russian Federation and belongs to VK-AS, RU. The main domain is auth.apibank.ru.
TLS certificate: Issued by R3 on October 23rd 2023. Valid for: 3 months.
This is the only time auth.apibank.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 79.137.174.252 47764 (VK-AS)
2 193.37.157.43 42024 (CRYPTOPRO-AS)
1 6 95.163.211.78 47764 (VK-AS)
28 4
Apex Domain
Subdomains		 Transfer
20 smz-alfabank.ru
smz-alfabank.ru
7 MB
6 apibank.ru
auth.apibank.ru
24 KB
2 cryptopro.ru
www.cryptopro.ru
17 KB
0 Failed
function sub() { [native code] }. Failed
28 4
Domain Requested by
20 smz-alfabank.ru 1 redirects smz-alfabank.ru
6 auth.apibank.ru 1 redirects smz-alfabank.ru
auth.apibank.ru
2 www.cryptopro.ru smz-alfabank.ru
0 iifchhfnnmpdbibifmljnfjhpififfog Failed www.cryptopro.ru
28 4

This site contains links to these domains. Also see Links.

Domain
smz-alfabank.ru
Subject Issuer Validity Valid
*.apibank.ru
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.cryptopro.ru
GlobalSign RSA OV SSL CA 2018		 2023-04-12 -
2024-05-13		 a year crt.sh
auth.apibank.ru
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-web&redirect_uri=https%3A%2F%2Fsmz-alfabank.ru%2F&state=b7e3a003-9ccc-4d0b-8857-d361bf6fd7c8&response_mode=fragment&response_type=code&scope=openid&nonce=5a4e695a-6982-455d-8dfe-5b04be522e5e
Frame ID: 141A68E70222388BEE4619F57B6561D3
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Вход в Alfa.Corporate

Page URL History Show full URLs

  1. http://smz-alfabank.ru/ HTTP 301
    https://smz-alfabank.ru/ Page URL
  2. https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-... HTTP 302
    https://smz-alfabank.ru/ Page URL
  3. https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-... Page URL

Page Statistics

28
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

6965 kB
Transfer

7096 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://smz-alfabank.ru/ HTTP 301
    https://smz-alfabank.ru/ Page URL
  2. https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-web&redirect_uri=https%3A%2F%2Fsmz-alfabank.ru%2F&state=08555055-446c-4277-a138-c91601c139b6&response_mode=fragment&response_type=code&scope=openid&nonce=8534c4b3-346b-4db2-a5ba-08a70c54307a&prompt=none HTTP 302
    https://smz-alfabank.ru/ Page URL
  3. https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-web&redirect_uri=https%3A%2F%2Fsmz-alfabank.ru%2F&state=b7e3a003-9ccc-4d0b-8857-d361bf6fd7c8&response_mode=fragment&response_type=code&scope=openid&nonce=5a4e695a-6982-455d-8dfe-5b04be522e5e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://smz-alfabank.ru/ HTTP 301
  • https://smz-alfabank.ru/
Request Chain 8
  • https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-web&redirect_uri=https%3A%2F%2Fsmz-alfabank.ru%2F&state=08555055-446c-4277-a138-c91601c139b6&response_mode=fragment&response_type=code&scope=openid&nonce=8534c4b3-346b-4db2-a5ba-08a70c54307a&prompt=none HTTP 302
  • https://smz-alfabank.ru/

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
smz-alfabank.ru/
Redirect Chain
  • http://smz-alfabank.ru/
  • https://smz-alfabank.ru/
1006 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
acc3996793bf4e120423f243c164ff9a4d85f804aa16635f7951b05e19ddaebc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Connection
keep-alive
Content-Type
text/html
Date
Mon, 30 Oct 2023 11:05:39 GMT
Server
nginx/1.24.0
Transfer-Encoding
chunked

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Connection
keep-alive
Content-Type
text/html
Date
Mon, 30 Oct 2023 11:05:39 GMT
Location
https://smz-alfabank.ru/
Server
nginx/1.24.0
Transfer-Encoding
chunked
styles.2ec65f573cdb3c5670dd.css
smz-alfabank.ru/ 		624 KB
624 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/styles.2ec65f573cdb3c5670dd.css
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
fb46c3cf3e112692394fb389dfeb53cce24d462ee52e64bc0f0a0033e999c948

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:39 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-9bf38"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/css
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
638776
runtime.0510311278cdb7ddd64a.js
smz-alfabank.ru/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/runtime.0510311278cdb7ddd64a.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
b5d9acb5047c661d21a35cdb9dd0439521ba89b7be548c05d6b01c2f8a2e1bfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:39 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-c90"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
3216
polyfills.ec3c748ef71564ff6616.js
smz-alfabank.ru/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/polyfills.ec3c748ef71564ff6616.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
9150e096e63ec5e4369b1c919ce3ead4437f2378747d2796a5847c81c750ffb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:39 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-afd2"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
45010
scripts.3b9ab9d618b784322c5c.js
smz-alfabank.ru/ 		770 KB
771 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/scripts.3b9ab9d618b784322c5c.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
6d34ae02f0cf79fbbfdf8a7f45e4ed0eb76be85b899a2b596d5a2459c8760646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:39 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-c0818"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
788504
main.0c6ba117e6c9fc3d1bfa.js
smz-alfabank.ru/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/main.0c6ba117e6c9fc3d1bfa.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:39 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-1e6787"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
1992583
cadesplugin_api.js
www.cryptopro.ru/sites/default/files/products/cades/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cryptopro.ru/sites/default/files/products/cades/cadesplugin_api.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.37.157.43 , Russian Federation, ASN42024 (CRYPTOPRO-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
94e1556265ce81487d7ef414506690d66691ef6540adaea51dc3b74ec71899c4
Security Headers
Name Value
Strict-Transport-Security max-age=3153600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:43 GMT
Strict-Transport-Security
max-age=3153600
Content-Encoding
gzip
Last-Modified
Thu, 22 Jun 2023 14:01:49 GMT
Server
nginx
ETag
W/"6494544d-847c"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
keep-alive
nmcades_plugin_api.js
iifchhfnnmpdbibifmljnfjhpififfog/ 		0
0
/
smz-alfabank.ru/
Redirect Chain
  • https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-web&redirect_uri=https%3A%2F%2Fsmz-alfabank.ru%2F&state=08555055-446c-4277-a138-c91601c139b6&resp...
  • https://smz-alfabank.ru/
1006 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/main.0c6ba117e6c9fc3d1bfa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
acc3996793bf4e120423f243c164ff9a4d85f804aa16635f7951b05e19ddaebc

Request headers

Referer
https://smz-alfabank.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Connection
keep-alive
Content-Type
text/html
Date
Mon, 30 Oct 2023 11:05:50 GMT
Server
nginx/1.24.0
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Mon, 30 Oct 2023 11:05:50 GMT
Location
https://smz-alfabank.ru/#error=login_required&state=08555055-446c-4277-a138-c91601c139b6
Referrer-Policy
no-referrer
Server
nginx/1.24.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block
styles.2ec65f573cdb3c5670dd.css
smz-alfabank.ru/ 		624 KB
624 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/styles.2ec65f573cdb3c5670dd.css
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
fb46c3cf3e112692394fb389dfeb53cce24d462ee52e64bc0f0a0033e999c948

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:50 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-9bf38"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/css
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
638776
runtime.0510311278cdb7ddd64a.js
smz-alfabank.ru/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/runtime.0510311278cdb7ddd64a.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
b5d9acb5047c661d21a35cdb9dd0439521ba89b7be548c05d6b01c2f8a2e1bfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:50 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-c90"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
3216
polyfills.ec3c748ef71564ff6616.js
smz-alfabank.ru/ 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/polyfills.ec3c748ef71564ff6616.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
9150e096e63ec5e4369b1c919ce3ead4437f2378747d2796a5847c81c750ffb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:50 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-afd2"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
45010
scripts.3b9ab9d618b784322c5c.js
smz-alfabank.ru/ 		770 KB
771 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/scripts.3b9ab9d618b784322c5c.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
6d34ae02f0cf79fbbfdf8a7f45e4ed0eb76be85b899a2b596d5a2459c8760646

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:50 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-c0818"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
788504
main.0c6ba117e6c9fc3d1bfa.js
smz-alfabank.ru/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/main.0c6ba117e6c9fc3d1bfa.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
8d2e80727d6c0dbe93bd45cd74823a082194fd1011380494b98533756755e9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:50 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-1e6787"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
1992583
cadesplugin_api.js
www.cryptopro.ru/sites/default/files/products/cades/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cryptopro.ru/sites/default/files/products/cades/cadesplugin_api.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.37.157.43 , Russian Federation, ASN42024 (CRYPTOPRO-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
94e1556265ce81487d7ef414506690d66691ef6540adaea51dc3b74ec71899c4
Security Headers
Name Value
Strict-Transport-Security max-age=3153600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:51 GMT
Strict-Transport-Security
max-age=3153600
Content-Encoding
gzip
Last-Modified
Thu, 22 Jun 2023 14:01:49 GMT
Server
nginx
ETag
W/"6494544d-847c"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
keep-alive
nmcades_plugin_api.js
iifchhfnnmpdbibifmljnfjhpififfog/ 		0
0
common.c9938ce004bbc682c584.js
smz-alfabank.ru/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/common.c9938ce004bbc682c584.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/runtime.0510311278cdb7ddd64a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
c03c46c02e8b888ee03b9c6dc891ffe20d1dcdec9372d58e492f3e21bc4bd007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:52 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-2568"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
9576
24.5445cbc95158838bb1a3.js
smz-alfabank.ru/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/24.5445cbc95158838bb1a3.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/runtime.0510311278cdb7ddd64a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
cc1ed9207d5311b51f5ae3f8ce9d173e6923d0772eeb79fe7bd43fc701186d81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:52 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-5f67"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
24423
38.f58e523d0ed646f63eb7.js
smz-alfabank.ru/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/38.f58e523d0ed646f63eb7.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/runtime.0510311278cdb7ddd64a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
ad98bbceed60bf588e20e7878cda19c94b3f5fe5a091ec2bd944ba60daeaad25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:52 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-45a"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
1114
30.a127e90cf71b2398c265.js
smz-alfabank.ru/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/30.a127e90cf71b2398c265.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/runtime.0510311278cdb7ddd64a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
3d5b5357e594916996997182cb429d29abf763f2a87066be535ab1dc8be24610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:52 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-7a1"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
1953
28.04fb5fb934bc8ede7307.js
smz-alfabank.ru/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/28.04fb5fb934bc8ede7307.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/runtime.0510311278cdb7ddd64a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
3c389814ad4b9c8e85e475c9e018296cfc00b1ffc619f2a78d104766da1cfcb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:52 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-232d"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
9005
1.d16655a4cefce2c9732d.js
smz-alfabank.ru/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/1.d16655a4cefce2c9732d.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/runtime.0510311278cdb7ddd64a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
11ceb18d3e89c5ae9477aa83d2863e48e845bd4eb8796108cb7a25e6360a2088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:52 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-ab19"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
43801
21.a987d8ad15812e153b3a.js
smz-alfabank.ru/ 		49 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smz-alfabank.ru/21.a987d8ad15812e153b3a.js
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/runtime.0510311278cdb7ddd64a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.137.174.252 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
252.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
7a003266ed14975ece8292d2e4b95d007ce3fc76337d4ccd50907ed4042414ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://smz-alfabank.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:52 GMT
Last-Modified
Wed, 24 May 2023 17:36:07 GMT
Server
nginx/1.24.0
ETag
"646e4b07-c563"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/javascript
Access-Control-Expose-Headers
X-CSRF-Token,Content-Length,Content-Range,Content-Disposition
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Api-Version,X-Csrf-Token,jwt-token,metadata,Baggage,Sentry-Trace,Referer
Content-Length
50531
Primary Request auth
auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/ 		3 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-web&redirect_uri=https%3A%2F%2Fsmz-alfabank.ru%2F&state=b7e3a003-9ccc-4d0b-8857-d361bf6fd7c8&response_mode=fragment&response_type=code&scope=openid&nonce=5a4e695a-6982-455d-8dfe-5b04be522e5e
Requested by
Host: smz-alfabank.ru
URL: https://smz-alfabank.ru/main.0c6ba117e6c9fc3d1bfa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.211.78 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
78.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
40decb4ecd086a728968a58b29ce7953b4e8f0b802a9fe4e18ae3fba9d4d2b76
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://smz-alfabank.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Language
ru
Content-Length
3506
Content-Security-Policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Mon, 30 Oct 2023 11:05:53 GMT
Referrer-Policy
no-referrer
Server
nginx/1.24.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Robots-Tag
none noindex
X-XSS-Protection
1; mode=block
styles.css
auth.apibank.ru/auth/resources/ettia/login/alfa-smz/css/ 		109 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.apibank.ru/auth/resources/ettia/login/alfa-smz/css/styles.css
Requested by
Host: auth.apibank.ru
URL: https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-web&redirect_uri=https%3A%2F%2Fsmz-alfabank.ru%2F&state=b7e3a003-9ccc-4d0b-8857-d361bf6fd7c8&response_mode=fragment&response_type=code&scope=openid&nonce=5a4e695a-6982-455d-8dfe-5b04be522e5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.211.78 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
78.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
ebca89a736d01fde1a4f7373f8e2e3d77bd4dac81e679c568092aa0b4a4a11de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:53 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx/1.24.0
X-Content-Type-Options
nosniff
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
14924
X-XSS-Protection
1; mode=block
index.js
auth.apibank.ru/auth/resources/ettia/login/alfa-smz/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.apibank.ru/auth/resources/ettia/login/alfa-smz/js/index.js
Requested by
Host: auth.apibank.ru
URL: https://auth.apibank.ru/auth/realms/alfa-production/protocol/openid-connect/auth?client_id=alfa-smz-web&redirect_uri=https%3A%2F%2Fsmz-alfabank.ru%2F&state=b7e3a003-9ccc-4d0b-8857-d361bf6fd7c8&response_mode=fragment&response_type=code&scope=openid&nonce=5a4e695a-6982-455d-8dfe-5b04be522e5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.211.78 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
78.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
a234f76aa0dea035681edaf05ae051bd6aa49f1a8f4e1cbb96fa9e29c9761e30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:53 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx/1.24.0
X-Content-Type-Options
nosniff
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2592000
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
841
X-XSS-Protection
1; mode=block
alfa-black-logo.svg
auth.apibank.ru/auth/resources/ettia/login/alfa-smz/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.apibank.ru/auth/resources/ettia/login/alfa-smz/icons/alfa-black-logo.svg
Requested by
Host: auth.apibank.ru
URL: https://auth.apibank.ru/auth/resources/ettia/login/alfa-smz/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.211.78 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
78.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
c99d5583378bee027f28e786ea92a217bd8b2c3524ba364759e7afefb2bc5e89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:53 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx/1.24.0
X-Content-Type-Options
nosniff
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
681
X-XSS-Protection
1; mode=block
alfa-password-hidden.svg
auth.apibank.ru/auth/resources/ettia/login/alfa-smz/icons/ 		815 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.apibank.ru/auth/resources/ettia/login/alfa-smz/icons/alfa-password-hidden.svg
Requested by
Host: auth.apibank.ru
URL: https://auth.apibank.ru/auth/resources/ettia/login/alfa-smz/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.163.211.78 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
78.mcs.mail.ru
Software
nginx/1.24.0 /
Resource Hash
592ab0061936efff09f8c90fc757924b4e9a0162c9e92fbde4be3b4fc7f54364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 11:05:53 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx/1.24.0
X-Content-Type-Options
nosniff
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
489
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
iifchhfnnmpdbibifmljnfjhpififfog
URL
chrome-extension://iifchhfnnmpdbibifmljnfjhpififfog/nmcades_plugin_api.js
Domain
iifchhfnnmpdbibifmljnfjhpififfog
URL
chrome-extension://iifchhfnnmpdbibifmljnfjhpififfog/nmcades_plugin_api.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| generateYear function| listenInputs function| togglePasswordVisibility function| setRegistrationLink

3 Cookies

Domain/Path Name / Value
auth.apibank.ru/auth/realms/alfa-production/ Name: AUTH_SESSION_ID
Value: 48ca69ad-4bf1-465b-a42e-bd01e821f920.prod01
auth.apibank.ru/auth/realms/alfa-production/ Name: AUTH_SESSION_ID_LEGACY
Value: 48ca69ad-4bf1-465b-a42e-bd01e821f920.prod01
auth.apibank.ru/auth/realms/alfa-production/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJiZjlmYjdmOC03YWMxLTQ5MTYtOGI4Zi1lZDI4MjRhYmY2ZGUifQ.eyJjaWQiOiJhbGZhLXNtei13ZWIiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL3Ntei1hbGZhYmFuay5ydS8iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCIsImlzcyI6Imh0dHBzOi8vYXV0aC5hcGliYW5rLnJ1L2F1dGgvcmVhbG1zL2FsZmEtcHJvZHVjdGlvbiIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9zbXotYWxmYWJhbmsucnUvIiwic3RhdGUiOiJiN2UzYTAwMy05Y2NjLTRkMGItODg1Ny1kMzYxYmY2ZmQ3YzgiLCJub25jZSI6IjVhNGU2OTVhLTY5ODItNDU1ZC04ZGZlLTViMDRiZTUyMmU1ZSIsInJlc3BvbnNlX21vZGUiOiJmcmFnbWVudCJ9fQ.5ClyThGMZ2w2OdS4iFnvbuloXUvenmRuAOn7M0KacC4

2 Console Messages

Source Level URL
Text
network error URL: chrome-extension://iifchhfnnmpdbibifmljnfjhpififfog/nmcades_plugin_api.js
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network error URL: chrome-extension://iifchhfnnmpdbibifmljnfjhpififfog/nmcades_plugin_api.js
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.apibank.ru
iifchhfnnmpdbibifmljnfjhpififfog
smz-alfabank.ru
www.cryptopro.ru
iifchhfnnmpdbibifmljnfjhpififfog
193.37.157.43
79.137.174.252
95.163.211.78
11ceb18d3e89c5ae9477aa83d2863e48e845bd4eb8796108cb7a25e6360a2088
3c389814ad4b9c8e85e475c9e018296cfc00b1ffc619f2a78d104766da1cfcb8
3d5b5357e594916996997182cb429d29abf763f2a87066be535ab1dc8be24610
40decb4ecd086a728968a58b29ce7953b4e8f0b802a9fe4e18ae3fba9d4d2b76
592ab0061936efff09f8c90fc757924b4e9a0162c9e92fbde4be3b4fc7f54364
6d34ae02f0cf79fbbfdf8a7f45e4ed0eb76be85b899a2b596d5a2459c8760646
7a003266ed14975ece8292d2e4b95d007ce3fc76337d4ccd50907ed4042414ef
8d2e80727d6c0dbe93bd45cd74823a082194fd1011380494b98533756755e9c6
9150e096e63ec5e4369b1c919ce3ead4437f2378747d2796a5847c81c750ffb5
94e1556265ce81487d7ef414506690d66691ef6540adaea51dc3b74ec71899c4
a234f76aa0dea035681edaf05ae051bd6aa49f1a8f4e1cbb96fa9e29c9761e30
acc3996793bf4e120423f243c164ff9a4d85f804aa16635f7951b05e19ddaebc
ad98bbceed60bf588e20e7878cda19c94b3f5fe5a091ec2bd944ba60daeaad25
b5d9acb5047c661d21a35cdb9dd0439521ba89b7be548c05d6b01c2f8a2e1bfb
c03c46c02e8b888ee03b9c6dc891ffe20d1dcdec9372d58e492f3e21bc4bd007
c99d5583378bee027f28e786ea92a217bd8b2c3524ba364759e7afefb2bc5e89
cc1ed9207d5311b51f5ae3f8ce9d173e6923d0772eeb79fe7bd43fc701186d81
ebca89a736d01fde1a4f7373f8e2e3d77bd4dac81e679c568092aa0b4a4a11de
fb46c3cf3e112692394fb389dfeb53cce24d462ee52e64bc0f0a0033e999c948