auth.sberbank.ru Open in urlscan Pro
84.252.150.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hr-uat.sber.ru/
Effective URL:
https://auth.sberbank.ru/auth/realms/sigma/protocol/openid-connect/auth?scope=openid+extended&state=S8ykM8hUywJqeFPLoj1K7...
Submission Tags: l4ing sub sber bank ru gov h8 Search All
Submission: On November 26 via manual (November 26th 2023, 10:07:45 am UTC) from UA — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 84.252.150.15, located in Russian Federation and belongs to SBERBANK, RU. The main domain is auth.sberbank.ru.
TLS certificate: Issued by SberCA Ext on March 29th 2023. Valid for: a year.

This is the only time auth.sberbank.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 13	185.157.97.83 185.157.97.83	35237 (SBERBANK) (SBERBANK)
1	84.252.150.15 84.252.150.15	35237 (SBERBANK) (SBERBANK)
10	2

13 185.157.97.83 (Russian Federation) 4 redirects

ASN35237 (SBERBANK, RU)

hr-uat.sber.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hr-uat.sberbank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.252.150.15 (Russian Federation)

ASN35237 (SBERBANK, RU)

auth.sberbank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	sber.ru 2 redirects hr-uat.sber.ru	699 KB
3	sberbank.ru 2 redirects hr-uat.sberbank.ru auth.sberbank.ru	4 KB
10	2

	Domain	Requested by
11	hr-uat.sber.ru	2 redirects hr-uat.sber.ru
2	hr-uat.sberbank.ru	2 redirects
1	auth.sberbank.ru	hr-uat.sber.ru
10	3

This site contains no links.

Subject Issuer	Validity	Valid
hr-test.sber.ru Russian Trusted Sub CA	`2023-03-28` - `2024-03-27`	a year	crt.sh
auth.sberbank.ru SberCA Ext	`2023-03-29` - `2024-03-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://auth.sberbank.ru/auth/realms/sigma/protocol/openid-connect/auth?scope=openid+extended&state=S8ykM8hUywJqeFPLoj1K786cWpKHHoFW1CFZj7j3hp0.eo7643AJetA.oshY1dPuQdCoFfJwNtwfGQ&response_type=code&client_id=CI01978215&redirect_uri=https%3A%2F%2Fhr-uat.sberbank.ru%2Fauth%2Frealms%2FPAOSberbank%2Fbroker%2Fngam-ext%2Fendpoint&nonce=_CBKKrVm4SjbW_x0qAZRuw
Frame ID: 06A92A7BA048B92E3101CC2BFAD5CA34
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

400 No required SSL certificate was sent

Page URL History Show full URLs

http://hr-uat.sber.ru/ HTTP 302
https://hr-uat.sber.ru/ Page URL
https://hr-uat.sber.ru/platform/ HTTP 302
https://hr-uat.sberbank.ru/auth/realms/PAOSberbank/protocol/openid-connect/auth?response_type=code&kc_i... HTTP 303
https://hr-uat.sberbank.ru/auth/realms/PAOSberbank/broker/ngam-ext/login?session_code=Ujt4BRSuSvwSzOB82... HTTP 303
https://auth.sberbank.ru/auth/realms/sigma/protocol/openid-connect/auth?scope=openid+extended&state=S... Page URL

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

699 kB
Transfer

697 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hr-uat.sber.ru/ HTTP 302
https://hr-uat.sber.ru/ Page URL
https://hr-uat.sber.ru/platform/ HTTP 302
https://hr-uat.sberbank.ru/auth/realms/PAOSberbank/protocol/openid-connect/auth?response_type=code&kc_idp_hint=ngam-ext&client_id=paosberbank&redirect_uri=https%3A%2F%2Fhr-uat.sberbank.ru%2Fredirect&state=04336b523ecde41d45d6313a0e2f7209&nonce=e1f1eec72ffa93b859468ba6467d5c5e&scope=openid HTTP 303
https://hr-uat.sberbank.ru/auth/realms/PAOSberbank/broker/ngam-ext/login?session_code=Ujt4BRSuSvwSzOB82NRcw5errWMSspqfnlYtZPiqs2k&client_id=paosberbank&tab_id=eo7643AJetA HTTP 303
https://auth.sberbank.ru/auth/realms/sigma/protocol/openid-connect/auth?scope=openid+extended&state=S8ykM8hUywJqeFPLoj1K786cWpKHHoFW1CFZj7j3hp0.eo7643AJetA.oshY1dPuQdCoFfJwNtwfGQ&response_type=code&client_id=CI01978215&redirect_uri=https%3A%2F%2Fhr-uat.sberbank.ru%2Fauth%2Frealms%2FPAOSberbank%2Fbroker%2Fngam-ext%2Fendpoint&nonce=_CBKKrVm4SjbW_x0qAZRuw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hr-uat.sber.ru/ HTTP 302
https://hr-uat.sber.ru/

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response hr-uat.sber.ru/ Redirect Chain http://hr-uat.sber.ru/ https://hr-uat.sber.ru/	3 KB 2 KB	20324ms 84ms	Document text/html	185.157.97.83 SBERBANK
General Check archive.org Show headers Download Go to Full URL https://hr-uat.sber.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.157.97.83 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software / Resource Hash `0aca2a11ac60a2e236c6872bb2b49bdeede68398ec7574924688284261d2b3b5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Connection keep-alive Content-Encoding gzip Content-Length 1582 Content-Type text/html Date Sun, 26 Nov 2023 10:07:18 GMT Last-Modified Sunday, 26-Nov-2023 10:07:18 GMT X-B3-TraceId ba2adba930ef43923f2a202bcb50923a ba2adba930ef43923f2a202bcb50923a Redirect headers Connection Keep-Alive Content-Length 0 Location https://hr-uat.sber.ru/
GET H/1.1	200 OK	fonts.css hr-uat.sber.ru/	2 KB 2 KB	79ms 78ms	Stylesheet text/css	185.157.97.83 SBERBANK
General Check archive.org Show headers Download Go to Full URL https://hr-uat.sber.ru/fonts.css Requested by Host: hr-uat.sber.ru URL: https://hr-uat.sber.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.157.97.83 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software / Resource Hash `48edabd5a178e1fc7455d72a6d17e6fbab81714f9a5e7fbdfe15905b188050ed` Request headers accept-language de-DE,de;q=0.9 Referer https://hr-uat.sber.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Date Sun, 26 Nov 2023 10:07:18 GMT Last-Modified Wed, 11 Oct 2023 12:26:11 GMT X-B3-TraceId 0969c400563a957a04767609b082cd91, 0969c400563a957a04767609b082cd91 ETag "65269463-874" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2164
GET H/1.1	200 OK	main.bf38d1b4.chunk.css hr-uat.sber.ru/static/css/	4 KB 4 KB	160ms 80ms	Stylesheet text/css	185.157.97.83 SBERBANK
General Check archive.org Show headers Download Go to Full URL https://hr-uat.sber.ru/static/css/main.bf38d1b4.chunk.css Requested by Host: hr-uat.sber.ru URL: https://hr-uat.sber.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.157.97.83 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software / Resource Hash `53c0d4b75f8d7b208e4771d1ab5c21b4171524f53d255e326fb1cf09b4e6bc73` Request headers accept-language de-DE,de;q=0.9 Referer https://hr-uat.sber.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Date Sun, 26 Nov 2023 10:07:18 GMT Last-Modified Wed, 11 Oct 2023 12:26:45 GMT X-B3-TraceId a6bfbc0c5912a2edb85d7a4a16ac8e85, a6bfbc0c5912a2edb85d7a4a16ac8e85 ETag "65269485-105e" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 4190
GET H/1.1	200 OK	warning.css hr-uat.sber.ru/	981 B 1 KB	161ms 79ms	Stylesheet text/css	185.157.97.83 SBERBANK
General Check archive.org Show headers Download Go to Full URL https://hr-uat.sber.ru/warning.css?v3 Requested by Host: hr-uat.sber.ru URL: https://hr-uat.sber.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.157.97.83 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software / Resource Hash `34778b9faba575edd34e56b70026069ee33fa3551a7f030e678b83b2ca7fefb9` Request headers accept-language de-DE,de;q=0.9 Referer https://hr-uat.sber.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Date Sun, 26 Nov 2023 10:07:18 GMT Last-Modified Wed, 11 Oct 2023 12:26:11 GMT X-B3-TraceId 82fbda81cdc8cc51c19d521e33b0042d, 82fbda81cdc8cc51c19d521e33b0042d ETag "65269463-3d5" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 981
GET H/1.1	200 OK	warning-api.js Show response hr-uat.sber.ru/	4 KB 4 KB	168ms 82ms	Script application/javascript	185.157.97.83 SBERBANK
General Check archive.org Show headers Download Go to Full URL https://hr-uat.sber.ru/warning-api.js?v3 Requested by Host: hr-uat.sber.ru URL: https://hr-uat.sber.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.157.97.83 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software / Resource Hash `338cd1728c8dc80cd01e86fbce5fc5440583bc9a504f8328d1cceffc81a59483` Request headers accept-language de-DE,de;q=0.9 Referer https://hr-uat.sber.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Date Sun, 26 Nov 2023 10:07:18 GMT Last-Modified Wed, 11 Oct 2023 12:26:11 GMT X-B3-TraceId a392a9f88a680890ebb13c16840886bd, a392a9f88a680890ebb13c16840886bd ETag "65269463-fa8" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 4008
GET H/1.1	200 OK	2.6732c6dc.chunk.js Show response hr-uat.sber.ru/static/js/	467 KB 468 KB	248ms 162ms	Script application/javascript	185.157.97.83 SBERBANK
General Check archive.org Show headers Download Go to Full URL https://hr-uat.sber.ru/static/js/2.6732c6dc.chunk.js Requested by Host: hr-uat.sber.ru URL: https://hr-uat.sber.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.157.97.83 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software / Resource Hash `7c49b9e5c0e51e4d8625ebe7545ef33dc2ed352d75386450a2fba0fc1e452a24` Request headers accept-language de-DE,de;q=0.9 Referer https://hr-uat.sber.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Date Sun, 26 Nov 2023 10:07:18 GMT Last-Modified Wed, 11 Oct 2023 12:26:45 GMT X-B3-TraceId 62906db8ebe15551d9608b423c4b3083, 62906db8ebe15551d9608b423c4b3083 ETag "65269485-74d95" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 478613
GET H/1.1	200 OK	main.6de00123.chunk.js Show response hr-uat.sber.ru/static/js/	147 KB 147 KB	246ms 153ms	Script application/javascript	185.157.97.83 SBERBANK
General Check archive.org Show headers Download Go to Full URL https://hr-uat.sber.ru/static/js/main.6de00123.chunk.js Requested by Host: hr-uat.sber.ru URL: https://hr-uat.sber.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.157.97.83 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software / Resource Hash `feb6f52f205c052fefbea022943f32dfb30447387af5eff87d1c64eed43e1bbb` Request headers accept-language de-DE,de;q=0.9 Referer https://hr-uat.sber.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Date Sun, 26 Nov 2023 10:07:18 GMT Last-Modified Wed, 11 Oct 2023 12:26:45 GMT X-B3-TraceId 136cd34367cfedf23ff2b204472ff72a, 136cd34367cfedf23ff2b204472ff72a ETag "65269485-24b24" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 150308
GET H/1.1	200 OK	logoLightMode.d2ca07f0.jpg hr-uat.sber.ru/static/media/	31 KB 31 KB	76ms 75ms	Image image/jpeg	185.157.97.83 SBERBANK
General Check archive.org Show headers Download Go to Show image Full URL https://hr-uat.sber.ru/static/media/logoLightMode.d2ca07f0.jpg Requested by Host: hr-uat.sber.ru URL: https://hr-uat.sber.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.157.97.83 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://hr-uat.sber.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Date Sun, 26 Nov 2023 10:07:19 GMT Last-Modified Wed, 11 Oct 2023 12:26:45 GMT X-B3-TraceId 55317c11e3e6ba3e3b428f10de7bf5f2, 55317c11e3e6ba3e3b428f10de7bf5f2 ETag "65269485-7bd4" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 31700
GET H/1.1	200 OK	SBSansText-Semibold.woff2 hr-uat.sber.ru/fonts/	37 KB 37 KB	84ms 83ms	Font font/woff2	185.157.97.83 SBERBANK
General Check archive.org Show headers Download Go to Full URL https://hr-uat.sber.ru/fonts/SBSansText-Semibold.woff2 Requested by Host: hr-uat.sber.ru URL: https://hr-uat.sber.ru/fonts.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.157.97.83 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software / Resource Hash Request headers Referer https://hr-uat.sber.ru/fonts.css Origin https://hr-uat.sber.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Response headers Date Sun, 26 Nov 2023 10:07:19 GMT Last-Modified Wed, 11 Oct 2023 12:26:11 GMT X-B3-TraceId 59027dca8175306b0decab6054ac7b47, 59027dca8175306b0decab6054ac7b47 ETag "65269463-945c" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 37980
GET H/1.1	400 Bad Request	Primary Request auth Show response auth.sberbank.ru/auth/realms/sigma/protocol/openid-connect/ Redirect Chain https://hr-uat.sber.ru/platform/ https://hr-uat.sberbank.ru/auth/realms/PAOSberbank/protocol/openid-connect/auth?response_type=code&kc_idp_hint=ngam-ext&client_id=paosberbank&redirect_uri=https%3A%2F%2Fhr-uat.sberbank.ru%2Fredirec... https://hr-uat.sberbank.ru/auth/realms/PAOSberbank/broker/ngam-ext/login?session_code=Ujt4BRSuSvwSzOB82NRcw5errWMSspqfnlYtZPiqs2k&client_id=paosberbank&tab_id=eo7643AJetA https://auth.sberbank.ru/auth/realms/sigma/protocol/openid-connect/auth?scope=openid+extended&state=S8ykM8hUywJqeFPLoj1K786cWpKHHoFW1CFZj7j3hp0.eo7643AJetA.oshY1dPuQdCoFfJwNtwfGQ&response_type=code...	631 B 775 B	641ms 50ms	Document text/html	84.252.150.15 SBERBANK
General Check archive.org Show headers Download Go to Full URL https://auth.sberbank.ru/auth/realms/sigma/protocol/openid-connect/auth?scope=openid+extended&state=S8ykM8hUywJqeFPLoj1K786cWpKHHoFW1CFZj7j3hp0.eo7643AJetA.oshY1dPuQdCoFfJwNtwfGQ&response_type=code&client_id=CI01978215&redirect_uri=https%3A%2F%2Fhr-uat.sberbank.ru%2Fauth%2Frealms%2FPAOSberbank%2Fbroker%2Fngam-ext%2Fendpoint&nonce=_CBKKrVm4SjbW_x0qAZRuw Requested by Host: hr-uat.sber.ru URL: https://hr-uat.sber.ru/static/js/main.6de00123.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 84.252.150.15 , Russian Federation, ASN35237 (SBERBANK, RU), Reverse DNS Software SOWA / Resource Hash `e36b041a7204386a7ede71249df44e1e45ea8d4bdcf0376df615a28bb07bf636` Request headers Referer https://hr-uat.sber.ru/#/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 11_5_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Length 631 Content-Type text/html Date Sun, 26 Nov 2023 10:07:40 GMT Server SOWA Redirect headers Connection keep-alive Content-Length 0 Date Sun, 26 Nov 2023 10:07:39 GMT Location https://auth.sberbank.ru/auth/realms/sigma/protocol/openid-connect/auth?scope=openid+extended&state=S8ykM8hUywJqeFPLoj1K786cWpKHHoFW1CFZj7j3hp0.eo7643AJetA.oshY1dPuQdCoFfJwNtwfGQ&response_type=code&client_id=CI01978215&redirect_uri=https%3A%2F%2Fhr-uat.sberbank.ru%2Fauth%2Frealms%2FPAOSberbank%2Fbroker%2Fngam-ext%2Fendpoint&nonce=_CBKKrVm4SjbW_x0qAZRuw Referrer-Policy no-referrer Strict-Transport-Security max-age=31536000; includeSubDomains X-B3-SpanId 0000000002626219 X-B3-TraceId 1f2cc3ee117809cec1537fcf493e4219 1f2cc3ee117809cec1537fcf493e4219 X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hr-uat.sberbank.ru/auth/realms/PAOSberbank/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 07a63aa6-bc9e-4667-960c-83bb53f97044.spine-id-ids-27-jqzx4-61168
hr-uat.sberbank.ru/auth/realms/PAOSberbank/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 07a63aa6-bc9e-4667-960c-83bb53f97044.spine-id-ids-27-jqzx4-61168
hr-uat.sberbank.ru/auth/realms/PAOSberbank/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJjYmEyM2QyNi0wZjQxLTQwMjctYjQ4ZC1jMWNhN2FlZmY1NWQifQ.eyJjaWQiOiJwYW9zYmVyYmFuayIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vaHItdWF0LnNiZXJiYW5rLnJ1L3JlZGlyZWN0IiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL2hyLXVhdC5zYmVyYmFuay5ydS9hdXRoL3JlYWxtcy9QQU9TYmVyYmFuayIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9oci11YXQuc2JlcmJhbmsucnUvcmVkaXJlY3QiLCJzdGF0ZSI6IjA0MzM2YjUyM2VjZGU0MWQ0NWQ2MzEzYTBlMmY3MjA5Iiwibm9uY2UiOiJlMWYxZWVjNzJmZmE5M2I4NTk0NjhiYTY0NjdkNWM1ZSIsImtjX2lkcF9oaW50IjoibmdhbS1leHQifX0.dLTVt6cH-QHgv2arakPC66eCEjYJQC6gJSFRkHPN0Hg
hr-uat.sberbank.ru/auth/realms/PAOSberbank/	1969-12-31 23:59:59	Name: TS0160529b Value: 01763927f7dbe6e65fb0e9192958d14da698eb69079bbeabb1b8c303964fe091a22e630f116ca88ee87a866016136a0997233357b5508b07a1897bb5f419aaaa3bb1d6e0bdf9d63dc29eeb6c8cec365e0cdc04abfffd720ae9cc5af3022fd10d508f666945
hr-uat.sber.ru/	1969-12-31 23:59:59	Name: hrp-uat-external-paosberbank Value: 3QHUwDvPOJCJSyRvBrXVmA\|1700996839\|B9dJ0P2p8C4oA5jR6UcYXJuHabE
hr-uat.sber.ru/	1970-01-20 16:29:53	Name: hrp-challenge-_mj-Ck45dBpp0XGzjV5K-aLijqjchoyQQJZP07H7EXy-nQKYzQHCkc_LiLwZn7lamwhv_iTmUozD5ufBC3vCng Value: J5KYCon2HYLp-uXy89WzL1q7Rmdloq6hnYYiFR0anQmaaAzTBjMeAhIXpQAWpPN0cxs4cD3bcluK-Pnmfu5LmU4v8U0BUjeHGSqyGxz3A6mSmYFtlB_7eTuk8zSYhs5R
hr-uat.sber.ru/	1970-01-20 16:29:53	Name: X-HRP-SessionId Value: 54522ac63a6c65565540237ebbbd05dd
.hr-uat.sber.ru/	1969-12-31 23:59:59	Name: TS01e9a304 Value: 01763927f79e52335071c51d24a098c9bc01c47905a048a575b933e6d745c2a0c654724af941072657c686915dd843d70fdf3448231d2424e6d836a7ab5d9bb37e1cf9b5e4a4415fb119ba2287536a080a2d516978b516f3ea1f6118c4a5ee2f577cd5ebfc
.hr-uat.sberbank.ru/	1969-12-31 23:59:59	Name: TS0159ad52 Value: 01763927f7487500a757470be157250010a04e909a9bbeabb1b8c303964fe091a22e630f11ebe7f8221dae835e9dc3418ea7ddf972

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth.sberbank.ru/auth/realms/sigma/protocol/openid-connect/auth?scope=openid+extended&state=S8ykM8hUywJqeFPLoj1K786cWpKHHoFW1CFZj7j3hp0.eo7643AJetA.oshY1dPuQdCoFfJwNtwfGQ&response_type=code&client_id=CI01978215&redirect_uri=https%3A%2F%2Fhr-uat.sberbank.ru%2Fauth%2Frealms%2FPAOSberbank%2Fbroker%2Fngam-ext%2Fendpoint&nonce=_CBKKrVm4SjbW_x0qAZRuw#/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.sberbank.ru
hr-uat.sber.ru
hr-uat.sberbank.ru
185.157.97.83
84.252.150.15
0aca2a11ac60a2e236c6872bb2b49bdeede68398ec7574924688284261d2b3b5
338cd1728c8dc80cd01e86fbce5fc5440583bc9a504f8328d1cceffc81a59483
34778b9faba575edd34e56b70026069ee33fa3551a7f030e678b83b2ca7fefb9
48edabd5a178e1fc7455d72a6d17e6fbab81714f9a5e7fbdfe15905b188050ed
53c0d4b75f8d7b208e4771d1ab5c21b4171524f53d255e326fb1cf09b4e6bc73
7c49b9e5c0e51e4d8625ebe7545ef33dc2ed352d75386450a2fba0fc1e452a24
e36b041a7204386a7ede71249df44e1e45ea8d4bdcf0376df615a28bb07bf636
feb6f52f205c052fefbea022943f32dfb30447387af5eff87d1c64eed43e1bbb

auth.sberbank.ru Open in urlscan Pro 84.252.150.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

699 kBTransfer

697 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

9 Cookies

1 Console Messages

Indicators

auth.sberbank.ru Open in urlscan Pro
84.252.150.15 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

699 kB
Transfer

697 kB
Size

9
Cookies

10 HTTP transactions
0 data transactions