rd-auth.esphere.ru Open in urlscan Pro
92.38.2.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://edi2.esphere.ru/
Effective URL:
https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%...
Submission: On May 29 via manual (May 29th 2022, 5:51:29 pm UTC) from SG — Scanned from DE

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 92.38.2.26, located in St Petersburg, Russian Federation and belongs to ALFATELECOM, CZ. The main domain is rd-auth.esphere.ru.
TLS certificate: Issued by Thawte TLS RSA CA G1 on August 31st 2021. Valid for: a year.

This is the only time rd-auth.esphere.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	92.38.2.26 92.38.2.26	44546 (ALFATELECOM) (ALFATELECOM)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
2	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
17	4

14 92.38.2.26 (St Petersburg, Russian Federation) 2 redirects

ASN44546 (ALFATELECOM, CZ)

edi2.esphere.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rd-auth.esphere.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	esphere.ru 2 redirects edi2.esphere.ru rd-auth.esphere.ru	2 MB
1	yandex.com mc.yandex.com — Cisco Umbrella Rank: 9388 Failed	184 B
1	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 3528	70 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2282	450 B
17	4

	Domain	Requested by
7	rd-auth.esphere.ru	1 redirects edi2.esphere.ru rd-auth.esphere.ru
7	edi2.esphere.ru	1 redirects edi2.esphere.ru
1	mc.yandex.com
1	mc.yandex.ru	edi2.esphere.ru
1	cdn.polyfill.io	edi2.esphere.ru
17	5

This site contains links to these domains. Also see Links.

Domain
edi2.esphere.ru

Subject Issuer	Validity	Valid
*.esphere.ru Thawte TLS RSA CA G1	`2021-08-31` - `2022-09-08`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%2Fauthorize%3Fclient_id%3Doidcapp%26redirect_uri%3Dhttps%253A%252F%252Fedi2.esphere.ru%252Flogin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520implied_consent%26state%3D86ea6f5a87344a9e86e7318c0659eb99%26nonce%3D4e3522e467bd49d8a2f1ab3239d57848
Frame ID: 79163F9ADCB1D5BEE5B9D6B6CF852203
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EDI - Авторизация

Page URL History Show full URLs

http://edi2.esphere.ru/ HTTP 301
https://edi2.esphere.ru/ Page URL
https://rd-auth.esphere.ru/openam/oauth2/ediora/authorize?client_id=oidcapp&redirect_uri=https%3A%2F%2F... HTTP 301
https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopena... Page URL

Detected technologies

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

17
Requests

88 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

2154 kB
Transfer

7113 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://edi2.esphere.ru/password-restore
Title: Забыли пароль?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://edi2.esphere.ru/ HTTP 301
https://edi2.esphere.ru/ Page URL
https://rd-auth.esphere.ru/openam/oauth2/ediora/authorize?client_id=oidcapp&redirect_uri=https%3A%2F%2Fedi2.esphere.ru%2Flogin-callback&response_type=id_token%20token&scope=openid%20implied_consent&state=86ea6f5a87344a9e86e7318c0659eb99&nonce=4e3522e467bd49d8a2f1ab3239d57848 HTTP 301
https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%2Fauthorize%3Fclient_id%3Doidcapp%26redirect_uri%3Dhttps%253A%252F%252Fedi2.esphere.ru%252Flogin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520implied_consent%26state%3D86ea6f5a87344a9e86e7318c0659eb99%26nonce%3D4e3522e467bd49d8a2f1ab3239d57848 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://edi2.esphere.ru/ HTTP 301
https://edi2.esphere.ru/

Request Chain 11

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9653.QppXJHNWUwWWMm5mZkFU5v7Cs_vnwPSEMDCWqavZnBl9yJZBEbum_FDcZbXxKP0X.mooLo4IjCw7JcRfPSG5R0JLL5e4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9653.yB3CHSFNG7Zz_ZbeYCnhLSPRK2-A9aOL-T-vH-7am0f2SGq76DcwkjOXzob0amhLsouAbm1X3kjBOS_BGWJeOg%2C%2C.ielx4eECV_BjUDqEvB6ND9DtfpQ%2C

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
edi2.esphere.ru/
Redirect Chain

http://edi2.esphere.ru/
https://edi2.esphere.ru/

1 KB
1 KB

183ms
58ms

Document
text/html

92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://edi2.esphere.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash: fac91d18d083eed752409d8892c2dd8511b7a6ca5192a969f96d4853e6bc2808

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 29 May 2022 17:51:23 GMT
ETag: W/"62612cd3-538"
Expires: Sun, 29 May 2022 17:51:22 GMT
Last-Modified: Thu, 21 Apr 2022 10:07:15 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache no-cache
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 29 May 2022 17:51:23 GMT
Expires: Sun, 29 May 2022 17:51:22 GMT
Location: https://edi2.esphere.ru/
Server: nginx

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 222 B
450 B 75ms
32ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v2/polyfill.min.js
Requested by: Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edi2.esphere.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 17:51:23 GMT
content-encoding: br
last-modified: Mon, 25 Apr 2022 20:56:29 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/102.0.0
server-timing: cache-mxp6924, PASS, fastly;desc="Edge time";dur=16
accept-ranges: bytes
content-length: 126

GET
H/1.1 200
OK style.4fbda4441df78e3d18ee.css
edi2.esphere.ru/css/ 396 KB
82 KB 121ms
120ms Stylesheet
text/css 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://edi2.esphere.ru/css/style.4fbda4441df78e3d18ee.css
Requested by: Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 2127ca313b8b1dc514d11ad114736aef5fd4a77d834afd9031b4966254e06bca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edi2.esphere.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 17:51:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 10:07:15 GMT
Server: nginx
ETag: W/"62612cd3-631db"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: no-cache, no-cache
Connection: keep-alive
Expires: Sun, 29 May 2022 17:51:22 GMT

GET
H/1.1 200
OK vendor.ea0d3b567a8b092c51da.dll.js Show response
edi2.esphere.ru/js/ 1 MB
372 KB 186ms
93ms Script
application/javascript 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://edi2.esphere.ru/js/vendor.ea0d3b567a8b092c51da.dll.js
Requested by: Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 74abe02ad48c90add74ce0f4978a7e298828a44d27b180b8bcbde0e533358b17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edi2.esphere.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 17:51:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 10:07:14 GMT
Server: nginx
ETag: W/"62612cd2-127b29"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache, no-cache
Connection: keep-alive
Expires: Sun, 29 May 2022 17:51:22 GMT

GET
H/1.1 200
OK kendo.ea0d3b567a8b092c51da.dll.js Show response
edi2.esphere.ru/js/ 3 MB
1 MB 213ms
109ms Script
application/javascript 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://edi2.esphere.ru/js/kendo.ea0d3b567a8b092c51da.dll.js
Requested by: Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash: cb8bbe74fc230bb5d5b102da8e9de59385a4ef36b5e9b31f281dae177eeb5172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edi2.esphere.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 17:51:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 10:07:15 GMT
Server: nginx
ETag: W/"62612cd3-343f4b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache, no-cache
Connection: keep-alive
Expires: Sun, 29 May 2022 17:51:22 GMT

GET
H/1.1 200
OK main.943511568bee03f81d9f.js Show response
edi2.esphere.ru/js/ 2 MB
493 KB 251ms
147ms Script
application/javascript 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://edi2.esphere.ru/js/main.943511568bee03f81d9f.js
Requested by: Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 5639729b4b73daec5f3e904c3846128efca2e2464337d5503edd65bffc52c3c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edi2.esphere.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 17:51:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 10:07:14 GMT
Server: nginx
ETag: W/"62612cd2-1e3a15"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache, no-cache
Connection: keep-alive
Expires: Sun, 29 May 2022 17:51:22 GMT

GET
H2 200 tag.js
mc.yandex.ru/metrika/ 203 KB
70 KB 252ms
121ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/js/vendor.ea0d3b567a8b092c51da.dll.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edi2.esphere.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 17:51:24 GMT
content-encoding: br
last-modified: Fri, 27 May 2022 12:02:51 GMT
etag: "629093bb-114fd"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70909
expires: Sun, 29 May 2022 18:51:24 GMT

GET
H/1.1 401 news
edi2.esphere.ru/edi/ 1016 B
1 KB 53ms
53ms XHR
text/html 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL

https://edi2.esphere.ru/edi/news?page=0&size=5

Requested by

Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/js/vendor.ea0d3b567a8b092c51da.dll.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://edi2.esphere.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 May 2022 17:51:24 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: DENY
Content-Language: en
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 1016
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK openid-configuration
rd-auth.esphere.ru/openam/oauth2/ediora/.well-known/ 1 KB
769 B 223ms
68ms XHR
application/json 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://rd-auth.esphere.ru/openam/oauth2/ediora/.well-known/openid-configuration
Requested by: Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/js/vendor.ea0d3b567a8b092c51da.dll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edi2.esphere.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 17:51:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK openid-configuration
rd-auth.esphere.ru/openam/oauth2/ediora/.well-known/ 1 KB
769 B 207ms
71ms XHR
application/json 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://rd-auth.esphere.ru/openam/oauth2/ediora/.well-known/openid-configuration
Requested by: Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/js/vendor.ea0d3b567a8b092c51da.dll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edi2.esphere.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 17:51:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET authorize
rd-auth.esphere.ru/openam/oauth2/ediora/ 0
0

GET
H/1.1

200
OK

Primary Request Login Show response
rd-auth.esphere.ru/openam/UI/
Redirect Chain

https://rd-auth.esphere.ru/openam/oauth2/ediora/authorize?client_id=oidcapp&redirect_uri=https%3A%2F%2Fedi2.esphere.ru%2Flogin-callback&response_type=id_token%20token&scope=openid%20implied_consent...
https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%2Fauthorize%3Fclient_id%3Doidcapp%26redirect_uri%3Dhttps%253A%252F%252Fedi...

9 KB
3 KB

56ms
55ms

Document
text/html

92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%2Fauthorize%3Fclient_id%3Doidcapp%26redirect_uri%3Dhttps%253A%252F%252Fedi2.esphere.ru%252Flogin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520implied_consent%26state%3D86ea6f5a87344a9e86e7318c0659eb99%26nonce%3D4e3522e467bd49d8a2f1ab3239d57848
Requested by: Host: edi2.esphere.ru
URL: https://edi2.esphere.ru/js/vendor.ea0d3b567a8b092c51da.dll.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash: fc53a02ec973a9cdf37efb1a26d5c30d287016bb56fa79c81259c38e05544aac

Request headers

Referer: https://edi2.esphere.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AM_CLIENT_TYPE: genericHTML
Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 29 May 2022 17:51:24 GMT
Expires: 0
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Accept-Ranges: bytes
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Sun, 29 May 2022 17:51:24 GMT
Location: https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%2Fauthorize%3Fclient_id%3Doidcapp%26redirect_uri%3Dhttps%253A%252F%252Fedi2.esphere.ru%252Flogin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520implied_consent%26state%3D86ea6f5a87344a9e86e7318c0659eb99%26nonce%3D4e3522e467bd49d8a2f1ab3239d57848
Pragma: no-cache
Server: nginx
Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept

GET

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9653.QppXJHNWUwWWMm5mZkFU5v7Cs_vnwPSEMDCWqavZnBl9yJZBEbum_FDcZbXxKP0X.mooLo4IjCw7JcRfPSG5R0JLL5e4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9653.yB3CHSFNG7Zz_ZbeYCnhLSPRK2-A9aOL-T-vH-7am0f2SGq76DcwkjOXzob0amhLsouAbm1X3kjBOS_BGWJeOg%2C%2C.ielx4eECV_BjUDqEvB6ND9DtfpQ%2C

0
0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
184 B 67ms
62ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://edi2.esphere.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 17:51:25 GMT
last-modified: Wed, 18 May 2022 10:11:23 GMT
etag: "62849c1b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 29 May 2022 18:51:25 GMT

GET
H/1.1 200
OK edisfera.css
rd-auth.esphere.ru/openam/css/ 2 KB
1017 B 55ms
53ms Stylesheet
text/css 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://rd-auth.esphere.ru/openam/css/edisfera.css
Requested by: Host: rd-auth.esphere.ru
URL: https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%2Fauthorize%3Fclient_id%3Doidcapp%26redirect_uri%3Dhttps%253A%252F%252Fedi2.esphere.ru%252Flogin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520implied_consent%26state%3D86ea6f5a87344a9e86e7318c0659eb99%26nonce%3D4e3522e467bd49d8a2f1ab3239d57848
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash: 17fbb881e2c73c450acf8e87e9d1aace21bb24ecf4db69dfb39a8cb2d735c903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%2Fauthorize%3Fclient_id%3Doidcapp%26redirect_uri%3Dhttps%253A%252F%252Fedi2.esphere.ru%252Flogin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520implied_consent%26state%3D86ea6f5a87344a9e86e7318c0659eb99%26nonce%3D4e3522e467bd49d8a2f1ab3239d57848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 17:51:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2019 12:12:08 GMT
Server: nginx
ETag: W/"1718-1558527128000"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK auth.js Show response
rd-auth.esphere.ru/openam/js/ 6 KB
2 KB 47ms
46ms Script
application/javascript 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://rd-auth.esphere.ru/openam/js/auth.js
Requested by: Host: rd-auth.esphere.ru
URL: https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%2Fauthorize%3Fclient_id%3Doidcapp%26redirect_uri%3Dhttps%253A%252F%252Fedi2.esphere.ru%252Flogin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520implied_consent%26state%3D86ea6f5a87344a9e86e7318c0659eb99%26nonce%3D4e3522e467bd49d8a2f1ab3239d57848
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash: df669c33e9c9c01875d595df3eadbbe518efbb61c05e2cb5f65a30fff35a3d0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rd-auth.esphere.ru/openam/UI/Login?realm=%2Fediora&goto=http%3A%2F%2Frd-auth.esphere.ru%2Fopenam%2Foauth2%2Fediora%2Fauthorize%3Fclient_id%3Doidcapp%26redirect_uri%3Dhttps%253A%252F%252Fedi2.esphere.ru%252Flogin-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520implied_consent%26state%3D86ea6f5a87344a9e86e7318c0659eb99%26nonce%3D4e3522e467bd49d8a2f1ab3239d57848
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 17:51:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jan 2016 18:19:46 GMT
Server: nginx
ETag: W/"6068-1452795586000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK edi-bgi.jpg
rd-auth.esphere.ru/openam/images/ 31 KB
32 KB 106ms
106ms Image
image/jpeg 92.38.2.26
ALFATELECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rd-auth.esphere.ru/openam/images/edi-bgi.jpg
Requested by: Host: rd-auth.esphere.ru
URL: https://rd-auth.esphere.ru/openam/css/edisfera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.2.26 St Petersburg, Russian Federation, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software: nginx /
Resource Hash: e039a89b35712d33efc553e3718a314f65051ce3e901b5abcda4d824f731a3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rd-auth.esphere.ru/openam/css/edisfera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 17:51:25 GMT
Last-Modified: Wed, 13 Mar 2019 10:13:55 GMT
Server: nginx
ETag: W/"32133-1552472035000"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32133

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rd-auth.esphere.ru
URL: https://rd-auth.esphere.ru/openam/oauth2/ediora/authorize?client_id=oidcapp&redirect_uri=https%3A%2F%2Fedi2.esphere.ru%2Flogin-callback&response_type=id_token%20token&scope=openid%20implied_consent&state=8ffe09e86ec447fc8e6a5d2f5edff2c9&nonce=af09c00226b444e3a737c04a1bf4e39a

Domain: mc.yandex.com
URL: https://mc.yandex.com/sync_cookie_image_decide?token=9653.yB3CHSFNG7Zz_ZbeYCnhLSPRK2-A9aOL-T-vH-7am0f2SGq76DcwkjOXzob0amhLsouAbm1X3kjBOS_BGWJeOg%2C%2C.ielx4eECV_BjUDqEvB6ND9DtfpQ%2C

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rd-auth.esphere.ru/openam/	1969-12-31 23:59:59	Name: JSESSIONID Value: ED0B241E2C7AF7017247464BE9E62EE0
.esphere.ru/	1970-01-20 12:09:42	Name: _ym_uid Value: 1653846685932951118
.esphere.ru/	1970-01-20 12:09:42	Name: _ym_d Value: 1653846685
.mc.yandex.com/	1970-01-20 03:24:07	Name: sync_cookie_csrf Value: 3909140582fake
.esphere.ru/	1970-01-20 03:25:18	Name: _ym_isad Value: 2
.esphere.ru/	1969-12-31 23:59:59	Name: AMAuthCookie Value: AQIC5wM2LY4Sfcz8txBYzUER1Qtyox9sp8BdqXlhOFgpU8s.AAJTSQACMDUAAlNLABMzNDE5Njg0MTc2MjMwMjM4NzUwAAJTMQAA
.esphere.ru/	1969-12-31 23:59:59	Name: amlbcookie Value: 05
.mc.yandex.ru/	1970-01-20 03:24:07	Name: sync_cookie_csrf Value: 901890769fake

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://edi2.esphere.ru/edi/news?page=0&size=5 Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.polyfill.io
edi2.esphere.ru
mc.yandex.com
mc.yandex.ru
rd-auth.esphere.ru
mc.yandex.com
rd-auth.esphere.ru
2a02:6b8::1:119
2a04:4e42:400::282
92.38.2.26
17fbb881e2c73c450acf8e87e9d1aace21bb24ecf4db69dfb39a8cb2d735c903
2127ca313b8b1dc514d11ad114736aef5fd4a77d834afd9031b4966254e06bca
5639729b4b73daec5f3e904c3846128efca2e2464337d5503edd65bffc52c3c7
74abe02ad48c90add74ce0f4978a7e298828a44d27b180b8bcbde0e533358b17
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb8bbe74fc230bb5d5b102da8e9de59385a4ef36b5e9b31f281dae177eeb5172
df669c33e9c9c01875d595df3eadbbe518efbb61c05e2cb5f65a30fff35a3d0d
e039a89b35712d33efc553e3718a314f65051ce3e901b5abcda4d824f731a3b4
fac91d18d083eed752409d8892c2dd8511b7a6ca5192a969f96d4853e6bc2808
fc53a02ec973a9cdf37efb1a26d5c30d287016bb56fa79c81259c38e05544aac

rd-auth.esphere.ru Open in urlscan Pro 92.38.2.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

88 %HTTPS

67 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

2154 kBTransfer

7113 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

8 Cookies

1 Console Messages

Indicators

rd-auth.esphere.ru Open in urlscan Pro
92.38.2.26 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

88 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

2154 kB
Transfer

7113 kB
Size

8
Cookies

17 HTTP transactions
0 data transactions