idp.sberbank.ru Open in urlscan Pro
194.54.14.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pulse.sber.ru/
Effective URL:
https://idp.sberbank.ru/isam/sps/sapsf/saml20/login?SAMLRequest=lVJbb9sgFP4rFu82GM9dguJIbqNpkbotStI99KXC9kmDioFxYJd%2FP%...
Submission Tags: sber ru terr l4ing gov bank sberbank sub Search All
Submission: On May 19 via manual (May 19th 2022, 1:28:39 pm UTC) from UA — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 194.54.14.5, located in Russian Federation and belongs to SBERBANK, RU. The main domain is idp.sberbank.ru.
TLS certificate: Issued by Sberbank External CA 2 on May 18th 2021. Valid for: a year.

This is the only time idp.sberbank.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 12	185.157.97.98 185.157.97.98	35237 (SBERBANK) (SBERBANK)
1	194.54.14.5 194.54.14.5	35237 (SBERBANK) (SBERBANK)
9	2

12 185.157.97.98 (Russian Federation) 4 redirects

ASN35237 (SBERBANK, RU)

pulse.sber.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hr.sberbank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.54.14.5 (Russian Federation)

ASN35237 (SBERBANK, RU)

idp.sberbank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	sber.ru 2 redirects pulse.sber.ru	268 KB
3	sberbank.ru 2 redirects hr.sberbank.ru idp.sberbank.ru	5 KB
9	2

	Domain	Requested by
10	pulse.sber.ru	2 redirects pulse.sber.ru
2	hr.sberbank.ru	2 redirects
1	idp.sberbank.ru	pulse.sber.ru
9	3

This site contains no links.

Subject Issuer	Validity	Valid
hr.sber.ru GlobalSign RSA OV SSL CA 2018	`2021-04-27` - `2022-05-29`	a year	crt.sh
idp.sberbank.ru Sberbank External CA 2	`2021-05-18` - `2022-06-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://idp.sberbank.ru/isam/sps/sapsf/saml20/login?SAMLRequest=lVJbb9sgFP4rFu82GM9dguJIbqNpkbotStI99KXC9kmDioFxYJd%2FP%2BK0avuwan1D8J3vdligHLUTbQxHs4UfETBkv0dtUEwPDYneCCtRoTByBBShF7v2y7XgBRPO22B7q8l55G2wRAQflDUka5%2BOV9ZgHMHvwP9UPdxsrxtyDMGhoPToC%2BzAd9I8FD5SmRxSD1KPSDftt93jE%2B28fQBPT9CYWCmYwVllAslWKYsy8qTzzKoG94pWpZgUHVKUDg%2F0FJozqu29Sj4%2FWd%2FDVE1DDlIjkGy9ash6dcfL6oIxgByqmuUfeFXn89lFnQ9Q8VnNStbxeQIjRlgbDNKEhnDGec7qvJzvy0rwmeDz4mM1uyXZ5rHHS2UGZe7f7rE7g1B83u83%2BRYG5aFPcb%2BDxylqApHl4pRETAb8i4X%2B74qW79vCgr6QO2s78TXxr1cbq1X%2FJ2u1tr%2Bu0mSAhgQfYWp3lOHfjsqinG7UkB8mqIgGHfTqoGAgdHkWff13l38B&RelayState=ZA9oFcA7NRluodjQT3ohdjEvXr-ef0GHjzl4qCDj6Pg.0FC1PKEillU.paosberbank&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CX46OS8tTakUpsqvayIQZWxRTvpe2AifL9uFQpfEVpNbfA4icuF%2Fe6rKkvCEP3QjNpD9iX7fnNT6xIm4eOWrMyD1PGPxvQibFG%2FOpVsy4Iq%2B49nKdqTQ0ZVtX3datG4q%2FvOQW854uewmYmZ7okC0%2FyigoZ9t1gXUX%2BeGySqQqy%2FHwIEr3SShmY1Ok%2F21MMaMSwFhltPF9WqwdanwGbuJn8Tof3eXSoQWgrMl%2FzNphvcY0UMRChdvYRjdzeoMsuInEbTBN%2BogsWBvgyH6TsWqD1%2BJZqAFsNcISjg1zCD31TbiyDqE3keQaBMUWMtuxY3JrRKbr%2BMaBIP30H%2FDeFjQyA%3D%3D
Frame ID: 67E2873487F846CB12193835F20B0F7A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zertifizierungsauthentifizierung fehlgeschlagen

Page URL History Show full URLs

http://pulse.sber.ru/ HTTP 302
https://pulse.sber.ru/ Page URL
https://pulse.sber.ru/platform/ HTTP 302
https://hr.sberbank.ru/auth/realms/PAOSberbank/protocol/openid-connect/auth?scope=openid&nonce=0697... HTTP 303
https://hr.sberbank.ru/auth/realms/PAOSberbank/broker/sberuser/login?session_code=_OOzR3v-aiAB0tEcH... HTTP 302
https://idp.sberbank.ru/isam/sps/sapsf/saml20/login?SAMLRequest=lVJbb9sgFP4rFu82GM9dguJIbqNpkbotStI9... Page URL

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

267 kB
Transfer

678 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pulse.sber.ru/ HTTP 302
https://pulse.sber.ru/ Page URL
https://pulse.sber.ru/platform/ HTTP 302
https://hr.sberbank.ru/auth/realms/PAOSberbank/protocol/openid-connect/auth?scope=openid&nonce=0697c280b8b875e19ee3002c2df962a6&response_type=code&client_id=paosberbank&redirect_uri=https%3A%2F%2Fpulse.sber.ru%2FredirectURI&state=6115f82b42c2e9507c886627757071f4&kc_idp_hint=sberuser HTTP 303
https://hr.sberbank.ru/auth/realms/PAOSberbank/broker/sberuser/login?session_code=_OOzR3v-aiAB0tEcH1AueyFiMElmuNihhzexp8wbDw0&client_id=paosberbank&tab_id=0FC1PKEillU HTTP 302
https://idp.sberbank.ru/isam/sps/sapsf/saml20/login?SAMLRequest=lVJbb9sgFP4rFu82GM9dguJIbqNpkbotStI99KXC9kmDioFxYJd%2FP%2BK0avuwan1D8J3vdligHLUTbQxHs4UfETBkv0dtUEwPDYneCCtRoTByBBShF7v2y7XgBRPO22B7q8l55G2wRAQflDUka5%2BOV9ZgHMHvwP9UPdxsrxtyDMGhoPToC%2BzAd9I8FD5SmRxSD1KPSDftt93jE%2B28fQBPT9CYWCmYwVllAslWKYsy8qTzzKoG94pWpZgUHVKUDg%2F0FJozqu29Sj4%2FWd%2FDVE1DDlIjkGy9ash6dcfL6oIxgByqmuUfeFXn89lFnQ9Q8VnNStbxeQIjRlgbDNKEhnDGec7qvJzvy0rwmeDz4mM1uyXZ5rHHS2UGZe7f7rE7g1B83u83%2BRYG5aFPcb%2BDxylqApHl4pRETAb8i4X%2B74qW79vCgr6QO2s78TXxr1cbq1X%2FJ2u1tr%2Bu0mSAhgQfYWp3lOHfjsqinG7UkB8mqIgGHfTqoGAgdHkWff13l38B&RelayState=ZA9oFcA7NRluodjQT3ohdjEvXr-ef0GHjzl4qCDj6Pg.0FC1PKEillU.paosberbank&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CX46OS8tTakUpsqvayIQZWxRTvpe2AifL9uFQpfEVpNbfA4icuF%2Fe6rKkvCEP3QjNpD9iX7fnNT6xIm4eOWrMyD1PGPxvQibFG%2FOpVsy4Iq%2B49nKdqTQ0ZVtX3datG4q%2FvOQW854uewmYmZ7okC0%2FyigoZ9t1gXUX%2BeGySqQqy%2FHwIEr3SShmY1Ok%2F21MMaMSwFhltPF9WqwdanwGbuJn8Tof3eXSoQWgrMl%2FzNphvcY0UMRChdvYRjdzeoMsuInEbTBN%2BogsWBvgyH6TsWqD1%2BJZqAFsNcISjg1zCD31TbiyDqE3keQaBMUWMtuxY3JrRKbr%2BMaBIP30H%2FDeFjQyA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pulse.sber.ru/ HTTP 302
https://pulse.sber.ru/

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
pulse.sber.ru/
Redirect Chain

http://pulse.sber.ru/
https://pulse.sber.ru/

3 KB
2 KB

491ms
113ms

Document
text/html

185.157.97.98
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.sber.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.98 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: /
Resource Hash: 2777c0a7496f16727876020fe6267034c736ed631f5a49935042bb2a1ad6b264

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 19 May 2022 13:28:27 GMT
Last-Modified: Thursday, 19-May-2022 13:28:27 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-B3-TraceId: 9bd0efd172e39b8ae05ced88d677e0f8

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Location: https://pulse.sber.ru/
Server: BigIP

GET
H/1.1 200
OK fonts.css
pulse.sber.ru/ 2 KB
753 B 114ms
114ms Stylesheet
text/css 185.157.97.98
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.sber.ru/fonts.css
Requested by: Host: pulse.sber.ru
URL: https://pulse.sber.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.98 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: /
Resource Hash: 48edabd5a178e1fc7455d72a6d17e6fbab81714f9a5e7fbdfe15905b188050ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pulse.sber.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 13:28:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 13:16:40 GMT
X-B3-TraceId: 6f71a14c167bfa5a9b476a814576f5a4
ETag: W/"62615938-874"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main.bf38d1b4.chunk.css
pulse.sber.ru/static/css/ 4 KB
2 KB 223ms
108ms Stylesheet
text/css 185.157.97.98
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.sber.ru/static/css/main.bf38d1b4.chunk.css
Requested by: Host: pulse.sber.ru
URL: https://pulse.sber.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.98 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: /
Resource Hash: 53c0d4b75f8d7b208e4771d1ab5c21b4171524f53d255e326fb1cf09b4e6bc73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pulse.sber.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 13:28:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 13:17:05 GMT
X-B3-TraceId: b1eb363ffefc92de05a804b4e0587443
ETag: W/"62615951-105e"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK warning.css
pulse.sber.ru/ 981 B
947 B 262ms
107ms Stylesheet
text/css 185.157.97.98
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.sber.ru/warning.css?v3
Requested by: Host: pulse.sber.ru
URL: https://pulse.sber.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.98 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: /
Resource Hash: 34778b9faba575edd34e56b70026069ee33fa3551a7f030e678b83b2ca7fefb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pulse.sber.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 13:28:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 13:16:40 GMT
X-B3-TraceId: 5dcc7ac39e7cc1231c7d30514407e0e2
ETag: W/"62615938-3d5"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK warning-api.js Show response
pulse.sber.ru/ 4 KB
2 KB 272ms
112ms Script
application/javascript 185.157.97.98
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.sber.ru/warning-api.js?v3
Requested by: Host: pulse.sber.ru
URL: https://pulse.sber.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.98 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: /
Resource Hash: 678a9580624b1d23bc0010e1ae53cae07cc6eaa991b75af0dff96435a47c8448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pulse.sber.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 13:28:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 13:16:40 GMT
X-B3-TraceId: 94d88b18330e092e0094215a99f15426
ETag: W/"62615938-f5f"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2.3413466a.chunk.js Show response
pulse.sber.ru/static/js/ 464 KB
141 KB 362ms
201ms Script
application/javascript 185.157.97.98
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.sber.ru/static/js/2.3413466a.chunk.js
Requested by: Host: pulse.sber.ru
URL: https://pulse.sber.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.98 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: /
Resource Hash: 893fb5171d2e1efd85ba31e67786d822eacdb4db6180c846ab380806a7a29c33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pulse.sber.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 13:28:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 13:17:05 GMT
X-B3-TraceId: e6584b3baa8d541a62317e32cadbb1fd
ETag: W/"62615951-73f88"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main.8d9ffbe6.chunk.js Show response
pulse.sber.ru/static/js/ 168 KB
87 KB 371ms
209ms Script
application/javascript 185.157.97.98
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.sber.ru/static/js/main.8d9ffbe6.chunk.js
Requested by: Host: pulse.sber.ru
URL: https://pulse.sber.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.98 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: /
Resource Hash: 28565e710a644ff047ef1695029fe927d4ee61195a28bde33c9b9abc4d212658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pulse.sber.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 13:28:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 13:17:05 GMT
X-B3-TraceId: 98c1ab87de74d3f2f733b80e7ef49240
ETag: W/"62615951-2a195"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK logoLightMode.d2ca07f0.jpg
pulse.sber.ru/static/media/ 31 KB
31 KB 186ms
186ms Image
image/jpeg 185.157.97.98
SBERBANK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pulse.sber.ru/static/media/logoLightMode.d2ca07f0.jpg
Requested by: Host: pulse.sber.ru
URL: https://pulse.sber.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.157.97.98 , Russian Federation, ASN35237 (SBERBANK, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pulse.sber.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 13:28:29 GMT
Last-Modified: Thu, 21 Apr 2022 13:17:05 GMT
X-B3-TraceId: 8a4abff5ddad4ace6f18ac210a53c62d
ETag: "62615951-7bd4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31700

GET
H/1.1

200
OK

Primary Request login Show response
idp.sberbank.ru/isam/sps/sapsf/saml20/
Redirect Chain

https://pulse.sber.ru/platform/
https://hr.sberbank.ru/auth/realms/PAOSberbank/protocol/openid-connect/auth?scope=openid&nonce=0697c280b8b875e19ee3002c2df962a6&response_type=code&client_id=paosberbank&redirect_uri=https%3A%2F%2Fp...
https://hr.sberbank.ru/auth/realms/PAOSberbank/broker/sberuser/login?session_code=_OOzR3v-aiAB0tEcH1AueyFiMElmuNihhzexp8wbDw0&client_id=paosberbank&tab_id=0FC1PKEillU
https://idp.sberbank.ru/isam/sps/sapsf/saml20/login?SAMLRequest=lVJbb9sgFP4rFu82GM9dguJIbqNpkbotStI99KXC9kmDioFxYJd%2FP%2BK0avuwan1D8J3vdligHLUTbQxHs4UfETBkv0dtUEwPDYneCCtRoTByBBShF7v2y7XgBRPO22B7q...

561 B
951 B

1093ms
81ms

Document
text/html

194.54.14.5
SBERBANK

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.sberbank.ru/isam/sps/sapsf/saml20/login?SAMLRequest=lVJbb9sgFP4rFu82GM9dguJIbqNpkbotStI99KXC9kmDioFxYJd%2FP%2BK0avuwan1D8J3vdligHLUTbQxHs4UfETBkv0dtUEwPDYneCCtRoTByBBShF7v2y7XgBRPO22B7q8l55G2wRAQflDUka5%2BOV9ZgHMHvwP9UPdxsrxtyDMGhoPToC%2BzAd9I8FD5SmRxSD1KPSDftt93jE%2B28fQBPT9CYWCmYwVllAslWKYsy8qTzzKoG94pWpZgUHVKUDg%2F0FJozqu29Sj4%2FWd%2FDVE1DDlIjkGy9ash6dcfL6oIxgByqmuUfeFXn89lFnQ9Q8VnNStbxeQIjRlgbDNKEhnDGec7qvJzvy0rwmeDz4mM1uyXZ5rHHS2UGZe7f7rE7g1B83u83%2BRYG5aFPcb%2BDxylqApHl4pRETAb8i4X%2B74qW79vCgr6QO2s78TXxr1cbq1X%2FJ2u1tr%2Bu0mSAhgQfYWp3lOHfjsqinG7UkB8mqIgGHfTqoGAgdHkWff13l38B&RelayState=ZA9oFcA7NRluodjQT3ohdjEvXr-ef0GHjzl4qCDj6Pg.0FC1PKEillU.paosberbank&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CX46OS8tTakUpsqvayIQZWxRTvpe2AifL9uFQpfEVpNbfA4icuF%2Fe6rKkvCEP3QjNpD9iX7fnNT6xIm4eOWrMyD1PGPxvQibFG%2FOpVsy4Iq%2B49nKdqTQ0ZVtX3datG4q%2FvOQW854uewmYmZ7okC0%2FyigoZ9t1gXUX%2BeGySqQqy%2FHwIEr3SShmY1Ok%2F21MMaMSwFhltPF9WqwdanwGbuJn8Tof3eXSoQWgrMl%2FzNphvcY0UMRChdvYRjdzeoMsuInEbTBN%2BogsWBvgyH6TsWqD1%2BJZqAFsNcISjg1zCD31TbiyDqE3keQaBMUWMtuxY3JrRKbr%2BMaBIP30H%2FDeFjQyA%3D%3D

Requested by

Host: pulse.sber.ru
URL: https://pulse.sber.ru/static/js/main.8d9ffbe6.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

194.54.14.5 , Russian Federation, ASN35237 (SBERBANK, RU),

Reverse DNS

Software

Resource Hash

623438e92834a7e471d89c5c0ab1211d52ac1d26c6cc1539a5617714d22e7e45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Referer: https://pulse.sber.ru/#/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
connection: close
content-length: 561
content-security-policy: frame-ancestors 'none'
content-type: text/html
date: Thu, 19 May 2022 13:28:30 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1

Redirect headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 19 May 2022 13:28:29 GMT
Location: https://idp.sberbank.ru/isam/sps/sapsf/saml20/login?SAMLRequest=lVJbb9sgFP4rFu82GM9dguJIbqNpkbotStI99KXC9kmDioFxYJd%2FP%2BK0avuwan1D8J3vdligHLUTbQxHs4UfETBkv0dtUEwPDYneCCtRoTByBBShF7v2y7XgBRPO22B7q8l55G2wRAQflDUka5%2BOV9ZgHMHvwP9UPdxsrxtyDMGhoPToC%2BzAd9I8FD5SmRxSD1KPSDftt93jE%2B28fQBPT9CYWCmYwVllAslWKYsy8qTzzKoG94pWpZgUHVKUDg%2F0FJozqu29Sj4%2FWd%2FDVE1DDlIjkGy9ash6dcfL6oIxgByqmuUfeFXn89lFnQ9Q8VnNStbxeQIjRlgbDNKEhnDGec7qvJzvy0rwmeDz4mM1uyXZ5rHHS2UGZe7f7rE7g1B83u83%2BRYG5aFPcb%2BDxylqApHl4pRETAb8i4X%2B74qW79vCgr6QO2s78TXxr1cbq1X%2FJ2u1tr%2Bu0mSAhgQfYWp3lOHfjsqinG7UkB8mqIgGHfTqoGAgdHkWff13l38B&RelayState=ZA9oFcA7NRluodjQT3ohdjEvXr-ef0GHjzl4qCDj6Pg.0FC1PKEillU.paosberbank&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=CX46OS8tTakUpsqvayIQZWxRTvpe2AifL9uFQpfEVpNbfA4icuF%2Fe6rKkvCEP3QjNpD9iX7fnNT6xIm4eOWrMyD1PGPxvQibFG%2FOpVsy4Iq%2B49nKdqTQ0ZVtX3datG4q%2FvOQW854uewmYmZ7okC0%2FyigoZ9t1gXUX%2BeGySqQqy%2FHwIEr3SShmY1Ok%2F21MMaMSwFhltPF9WqwdanwGbuJn8Tof3eXSoQWgrMl%2FzNphvcY0UMRChdvYRjdzeoMsuInEbTBN%2BogsWBvgyH6TsWqD1%2BJZqAFsNcISjg1zCD31TbiyDqE3keQaBMUWMtuxY3JrRKbr%2BMaBIP30H%2FDeFjQyA%3D%3D
Pragma: no-cache
Referrer-Policy: no-referrer
Server-Timing: dtRpid;desc="1137586015"
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-B3-SpanId: 0000000002626219
X-B3-TraceId: a9b5533cdd86d56f7c822f9a36006ba5
X-Content-Type-Options: nosniff
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hr.sberbank.ru/auth/realms/PAOSberbank/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 975feeac-760f-49ca-9d79-26e6ce1e3108.pvlss-hrplt0141
hr.sberbank.ru/auth/realms/PAOSberbank/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 975feeac-760f-49ca-9d79-26e6ce1e3108.pvlss-hrplt0141
hr.sberbank.ru/auth/realms/PAOSberbank/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI2MTQ4YzA0OC1hZGY0LTQwOWMtYmQ1ZC02M2RhMTI3MTI4NmYifQ.eyJjaWQiOiJwYW9zYmVyYmFuayIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vcHVsc2Uuc2Jlci5ydS9yZWRpcmVjdFVSSSIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9oci5zYmVyYmFuay5ydS9hdXRoL3JlYWxtcy9QQU9TYmVyYmFuayIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9wdWxzZS5zYmVyLnJ1L3JlZGlyZWN0VVJJIiwic3RhdGUiOiI2MTE1ZjgyYjQyYzJlOTUwN2M4ODY2Mjc3NTcwNzFmNCIsIm5vbmNlIjoiMDY5N2MyODBiOGI4NzVlMTllZTMwMDJjMmRmOTYyYTYiLCJrY19pZHBfaGludCI6InNiZXJ1c2VyIn19.hzC9UhWbQDe9qYSwRb2C3qxnJIlyx7BtIxePq7nJTSo
hr.sberbank.ru/auth/realms/PAOSberbank/	1969-12-31 23:59:59	Name: TS0115bea1 Value: 013ade2899bb886df881b2d3f9689230e09f4bfac14f1c322c29a1a3159e18098c58b58a24e75fbbe393c32c87f2b1eaf18c9d5f733b60a4bf437bc8c1090cc6b705c9d5f1f954a2fa3b9dca93649f8605d5c40635ceda98afbd6a16e87b0ccecddd812869
pulse.sber.ru/	1969-12-31 23:59:59	Name: hrprom_ext Value: BJ9jIuX7RywcLGgYooOGpg\|1652970509\|SAbPZlT334DeV-GefZr-L44iNxg
pulse.sber.ru/	1970-01-20 03:09:27	Name: hrp-challenge-c4PCz4oJCjBzWievS9PKgcnlriUsgxM65sGCxc9TCVlx50B89-3SNvrC5os2mRtwWGQBEjNvvs4za5WWPbJouw Value: gXo-2s2QmkW8dAGXiTGAeM5qCoO8et9yOCJ2oYUbj13OdSeHDlPGMgd4cgC3Dgl5AO3xX-WIpvhHY7t8NUZ4yfA-STSb2ybWTwlZnsv6sYbu6HP6lgTmVymmBKf-HEA2
pulse.sber.ru/	1970-01-20 03:09:27	Name: X-HRP-SessionId Value: 96946b21b984aafe9abcbb09ad11f029
.pulse.sber.ru/	1969-12-31 23:59:59	Name: TS01fb900a Value: 013ade2899773f3eaf52f5b7408f2e2503f96549d00c54b0198a5458c6188324b5f86dbcc3cedd5ef801ac8a533fb3e7ff30f41ee2
.sberbank.ru/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_15_sn_EC4DE9C0A8F38F117AD7367087F3AE6E_perc_100000_ol_0_mul_1_app-3A62856e6a8ef98f74_1
.hr.sberbank.ru/	1969-12-31 23:59:59	Name: TS0168f850 Value: 013ade28999be4f78ee4a0897cc85b3631ec8cd4954f1c322c29a1a3159e18098c58b58a24e5d0808f932b3ef4baf3cacacbdc4281377ac6b31aef4205ac24d5cfe14ca6b5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hr.sberbank.ru
idp.sberbank.ru
pulse.sber.ru
185.157.97.98
194.54.14.5
2777c0a7496f16727876020fe6267034c736ed631f5a49935042bb2a1ad6b264
28565e710a644ff047ef1695029fe927d4ee61195a28bde33c9b9abc4d212658
34778b9faba575edd34e56b70026069ee33fa3551a7f030e678b83b2ca7fefb9
48edabd5a178e1fc7455d72a6d17e6fbab81714f9a5e7fbdfe15905b188050ed
53c0d4b75f8d7b208e4771d1ab5c21b4171524f53d255e326fb1cf09b4e6bc73
623438e92834a7e471d89c5c0ab1211d52ac1d26c6cc1539a5617714d22e7e45
678a9580624b1d23bc0010e1ae53cae07cc6eaa991b75af0dff96435a47c8448
893fb5171d2e1efd85ba31e67786d822eacdb4db6180c846ab380806a7a29c33

idp.sberbank.ru Open in urlscan Pro 194.54.14.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

267 kBTransfer

678 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

10 Cookies

Indicators

idp.sberbank.ru Open in urlscan Pro
194.54.14.5 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

267 kB
Transfer

678 kB
Size

10
Cookies

9 HTTP transactions
0 data transactions