stsmid.beeline.ru
Open in
urlscan Pro
37.9.245.116
Public Scan
Effective URL: https://stsmid.beeline.ru/adfs/ls/IdpInitiatedSignOn.aspx?SAMLRequest=lZJPaxsxEMXv%2FhRBd69WXmG8wja4cf8suLaJ3Rx6CYo0TgRaaa...
Submission: On November 02 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on November 28th 2022. Valid for: a year.
This is the only time stsmid.beeline.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 4 | 37.9.245.170 37.9.245.170 | 16345 (BEE-AS Ru...) (BEE-AS Russia) | |
5 | 37.9.245.116 37.9.245.116 | 16345 (BEE-AS Ru...) (BEE-AS Russia) | |
1 | 37.9.245.92 37.9.245.92 | 16345 (BEE-AS Ru...) (BEE-AS Russia) | |
6 | 3 |
ASN16345 (BEE-AS Russia, RU)
PTR: bu-online.beeline.ru
stsmid.beeline.ru |
ASN16345 (BEE-AS Russia, RU)
PTR: static.beedgtl.ru
mobileid-domain-auth.beeline.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
beeline.ru
4 redirects
nextcloud.beeline.ru stsmid.beeline.ru mobileid-domain-auth.beeline.ru |
161 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
5 | stsmid.beeline.ru |
stsmid.beeline.ru
|
4 | nextcloud.beeline.ru | 4 redirects |
1 | mobileid-domain-auth.beeline.ru |
stsmid.beeline.ru
|
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.beeline.ru GlobalSign RSA OV SSL CA 2018 |
2022-11-28 - 2023-11-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://stsmid.beeline.ru/adfs/ls/IdpInitiatedSignOn.aspx?SAMLRequest=lZJPaxsxEMXv%2FhRBd69WXmG8wja4cf8suLaJ3Rx6CYo0TgRaaauRWvfbV95Nm6bQQOYg0NO8HzMPzVG2thOrFB%2FdDXxLgHF0levcWoeif1yQFJzwEg0KJ1tAEZU4rD5vxKQoRRd89Mpb8o%2FtdZdEhBCNd4OtWS%2FIbvt%2Bs%2FvYbO%2BqaQ2l4nrGNVelrBib8gnnVa35LAt1fWI1q2bTwXoLATNnQTKWjAYaYoLGYZQuZr2cVGPGxuXkyLhgtWD862Bd52WNk7G3P8bYoaAUI7ZGF%2FcA1jgoQqJSn5BapI3uGmeikRH0wTy4nSskdueBtX%2BK4Z1x2riH17e%2FH5pQfDoe9%2BP97nAcIKvfqVx7h6mFcIDw3Sj4crN5HtDBOSrr08sZuw5pyu67S%2Fa0P6RCsuy588td9LGE5Zs5LUSpZZRz%2BjfmGdyJbd6wWe%2B9Nepnr1%2Fqgw%2BtjP8PghWsV4wen%2FpWkRx2oMzJgCZ%2FMCtr%2FY%2FrADn1BYkhAbmiy9Ewy8t%2Fu%2FwF&RelayState=https%3A%2F%2Fnextcloud.beeline.ru%2Fapps%2Fuser_saml%2Fsaml%2Flogin
Frame ID: 543A7139EBDBBEF7C032C861C82A6C17
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Мобильный IDPage URL History Show full URLs
-
http://nextcloud.beeline.ru/
HTTP 307
https://nextcloud.beeline.ru/ HTTP 302
https://nextcloud.beeline.ru/login HTTP 302
https://nextcloud.beeline.ru/apps/user_saml/saml/login?originalUrl=&idp=1&requesttoken=SDuYMNBuDVqps3O16S... HTTP 303
https://stsmid.beeline.ru/adfs/ls/IdpInitiatedSignOn.aspx?SAMLRequest=lZJPaxsxEMXv%2FhRBd69WXmG8wja4cf... Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://nextcloud.beeline.ru/
HTTP 307
https://nextcloud.beeline.ru/ HTTP 302
https://nextcloud.beeline.ru/login HTTP 302
https://nextcloud.beeline.ru/apps/user_saml/saml/login?originalUrl=&idp=1&requesttoken=SDuYMNBuDVqps3O16S3U4EERl0AsgZrCMCJ9wXTHryc%3D:AGOqVJsYezWe%2BRiAs0uDjBFF0TVCya%2BIYEMtqRuMw34%3D HTTP 303
https://stsmid.beeline.ru/adfs/ls/IdpInitiatedSignOn.aspx?SAMLRequest=lZJPaxsxEMXv%2FhRBd69WXmG8wja4cf8suLaJ3Rx6CYo0TgRaaauRWvfbV95Nm6bQQOYg0NO8HzMPzVG2thOrFB%2FdDXxLgHF0levcWoeif1yQFJzwEg0KJ1tAEZU4rD5vxKQoRRd89Mpb8o%2FtdZdEhBCNd4OtWS%2FIbvt%2Bs%2FvYbO%2BqaQ2l4nrGNVelrBib8gnnVa35LAt1fWI1q2bTwXoLATNnQTKWjAYaYoLGYZQuZr2cVGPGxuXkyLhgtWD862Bd52WNk7G3P8bYoaAUI7ZGF%2FcA1jgoQqJSn5BapI3uGmeikRH0wTy4nSskdueBtX%2BK4Z1x2riH17e%2FH5pQfDoe9%2BP97nAcIKvfqVx7h6mFcIDw3Sj4crN5HtDBOSrr08sZuw5pyu67S%2Fa0P6RCsuy588td9LGE5Zs5LUSpZZRz%2BjfmGdyJbd6wWe%2B9Nepnr1%2Fqgw%2BtjP8PghWsV4wen%2FpWkRx2oMzJgCZ%2FMCtr%2FY%2FrADn1BYkhAbmiy9Ewy8t%2Fu%2FwF&RelayState=https%3A%2F%2Fnextcloud.beeline.ru%2Fapps%2Fuser_saml%2Fsaml%2Flogin Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
IdpInitiatedSignOn.aspx
stsmid.beeline.ru/adfs/ls/ Redirect Chain
|
57 KB 59 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
stsmid.beeline.ru/adfs/portal/css/ |
12 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Beeline-Sans_Bold.woff2.css
stsmid.beeline.ru/adfs/portal/fonts/ |
28 KB 29 KB |
Font
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Beeline-Sans_Regular.woff2.css
stsmid.beeline.ru/adfs/portal/fonts/ |
27 KB 28 KB |
Font
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Beeline-Sans_Medium.woff2.css
stsmid.beeline.ru/adfs/portal/fonts/ |
28 KB 29 KB |
Font
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extract-saml-subject
mobileid-domain-auth.beeline.ru/helper/ |
0 135 B |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| LoginErrors number| maxPasswordLength function| InputUtil object| paginationManager object| PaginationUtil object| PaginationManager object| Login object| LoginManager object| options object| _self boolean| IS_PROD string| cloudConfigurationHost string| logoSvgBase64 object| icon function| _typeof number| countDownDuration number| countDownInterval string| countDownPositionKey string| spCountDownDurationKey string| userValueKey string| startUrlKey string| buttonCaption object| wtrealm boolean| usePhoneNumberInsteadOfEmail boolean| isIE undefined| promiseScript undefined| fetchScript undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage function| createSpinner function| animateRotation function| getSpinner function| setVisibilityChildNodes object| oldInput object| newInput object| sessionValue string| samlRequest object| formBlock number| animationRequestID object| mainInput function| setAuthDataInActionURL function| updateFirstFactorTheme function| getErrorText function| countDownPositionToTime function| updateSecondFactorTheme function| updateLogoutTheme function| updateFailAuthTheme function| isLogout function| isLoginFailed function| noop function| clearAllTimeouts boolean| injection function| VMasker6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
stsmid.beeline.ru/adfs | Name: MSISSamlRequest Value: QmFzZVVybD1odHRwcyUzYSUyZiUyZnN0c21pZC5iZWVsaW5lLnJ1JTNhNDQzJTJmYWRmcyUyZmxzJTJmSWRwSW5pdGlhdGVkU2lnbk9uLmFzcHhcU0FNTFJlcXVlc3Q9bFpKUGF4c3hFTVh2JTJmaFJCZDY5V1htRzh3amE0Y2Y4c3VMYUozUng2Q1lvMFRnUmFhYXVSV3ZmYlY5NU5tNmJRUU9ZZzBOTzhIek1QelZHMnRoT3JGQiUyZmREWHhMZ0hGMGxldmNXb2VpZjF5UUZKendFZzBLSjF0QUVaVTRyRDV2eEtRb1JSZDg5TXBiOG8lMmZ0ZFpkRWhCQ05kNE90V1MlMmZJYnZ0JTJicyUyZnZZYk8lMmJxYVEybDRuckdOVmVsckJpYjhnbm5WYTM1TEF0MWZXSTFxMmJUd1hvTEFUTm5RVEtXakFZYVlvTEdZWlF1WnIyY1ZHUEd4dVhreUxoZ3RXRDg2MkJkNTJXTms3RzNQOGJZb2FBVUk3WkdGJTJmY0ExamdvUXFKU241QmFwSTN1R21laWtSSDB3VHk0blNza2R1ZUJ0WCUyYks0WjF4MnJpSDE3ZSUyZkg1cFFmRG9lOSUyYlA5N25BY0lLdmZxVng3aDZtRmNJRHczU2o0Y3JONUh0REJPU3JyMDhzWnV3NXB5dTY3UyUyZmEwUDZSQ3N1eTU4OHRkOUxHRTVaczVMVVNwWlpSeiUyYmpmbUdkeUpiZDZ3V2UlMmI5TmVwbnIxJTJmcWd3JTJidGpQOFBnaFdzVjR3ZW4lMmZwV2tSeDJvTXpKZ0NaJTJmTUN0ciUyZlklMmZyQURuMUJZa2hBYm1peTlFd3k4dCUyZnUlMmZ3RlxQcm90b2NvbEJpbmRpbmc9dXJuJTNhb2FzaXMlM2FuYW1lcyUzYXRjJTNhU0FNTCUzYTIuMCUzYWJpbmRpbmdzJTNhSFRUUC1SZWRpcmVjdFxSZWxheVN0YXRlPWh0dHBzJTNhJTJmJTJmbmV4dGNsb3VkLmJlZWxpbmUucnUlMmZhcHBzJTJmdXNlcl9zYW1sJTJmc2FtbCUyZmxvZ2lu |
|
nextcloud.beeline.ru/ | Name: oc_sessionPassphrase Value: %2BbXQooI2glx5Zc7aXbS7TbtfTgxANPo25oMYtXaiUCFXzQ%2Bv3PPGedDFhpjIVmYuurcU7i5mwKk0obA0ssWjC5kee9mqKQelk1EwmCPkfBYLUG%2Bz1EaqlID08GVG7mw5 |
|
nextcloud.beeline.ru/ | Name: __Host-nc_sameSiteCookielax Value: true |
|
nextcloud.beeline.ru/ | Name: __Host-nc_sameSiteCookiestrict Value: true |
|
nextcloud.beeline.ru/ | Name: oc0qtt2n4flj Value: vjjugu23cpku77tc8scsdne8d4 |
|
nextcloud.beeline.ru/ | Name: saml_data Value: Mjg5MGU2MzAwNWUyYzUwYTZiMjFiNmY3ZDQ4NWFlYzQxYzE0M2ZkZWZiYWQwN2I3OWU4ZTkyODg3NGM4Zjc5YjBiOWQ3NjI3YTEyZTkxN2ZiMDgzYzYwMDViMjg4ZjE0MDE3N2I3MTU1ZDM5NmNiY2FkN2MzMzRjYjhkNzEyMGEzYTdiMDZkYzUzZDczMzI3OTQ1MjFkMzZiNTU1ZjkzMzkxYzdmMjFlMmE2MjQwNmM0MTg5YTM3MjliYzQxNTU5ODQ5MWI5ODNmNjgzOGEwNDY3MmZlYjViMDA5NGU0NTd8ZjQxODA5MGJlYWRmZmYyMjY0NWZmN2IyY2Y2NzU2MjZ8ZTYzN2ZiZThlYjBlOWY3YmI4NTkzNzc5ODUzMGEwODdkMzQ4NWJmM2QxNTVkZjRiZTVlNjEyYzQ1MTI2YjdhOTY1NmNkNjJkOTliZWEwZDU3NDI1YzBjY2Y4YzVhMWVlOTgyYWUxZTU2ODAyZTZiZjZkYzhmZTg2ZDQ4ZjEzYmR8Mw%3D%3D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; connect-src https://mobileid-domain-auth.beeline.ru |
Strict-Transport-Security | max-age = 31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | allow-from https://event.beeline.ru |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mobileid-domain-auth.beeline.ru
nextcloud.beeline.ru
stsmid.beeline.ru
37.9.245.116
37.9.245.170
37.9.245.92
00920623919f760a75831aea85741ec97176faa2ae097ae393d067cecccbe3b7
00e5981161953fec230f4d7f4d71ff1be5e0f6c1f734303517d1c47a82d9f940
1ed2995459c7e58775094fdb0668099941828a8c0bc6529c2f2379e718034a29
5fab9b872c6890464ce31cd807c9d712c34250059ad0974ec9c792e244cfa757
78df6d29bb48c2bd7788b9bed13b59c04bb1482981bd7ebe84240f115d84ff3b
a338d3258f6f57dc547277a34b2eef5edc55b6b78fa2a0a978c09adb4d497fbd
d2bf55f7c1adbf7ad4a3d4e65e29295be73b30ed099303dd1cdb963e0d40db24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855