idp.eu.safenetid.com
Open in
urlscan Pro
35.227.230.123
Public Scan
Effective URL: https://idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/login-actions/authenticate?client_id=https%3A%2F%2Fpassreset.rosbank....
Submission Tags: ros bank ru h8 $ l4ing Search All
Submission: On August 20 via manual from UA — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on November 9th 2021. Valid for: a year.
This is the only time idp.eu.safenetid.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 194.8.225.42 194.8.225.42 | 12686 (ROSBANK-A...) (ROSBANK-AS Open Joint Stock Commercial Bank Rosbank OJSC) | |
1 21 | 35.227.230.123 35.227.230.123 | 15169 (GOOGLE) (GOOGLE) | |
27 | 3 |
ASN12686 (ROSBANK-AS Open Joint Stock Commercial Bank Rosbank OJSC, RU)
passreset.rosbank.ru |
ASN15169 (GOOGLE, US)
PTR: 123.230.227.35.bc.googleusercontent.com
idp.eu.safenetid.com | |
resources.eu.safenetid.com | |
re.eu.safenetid.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
safenetid.com
1 redirects
idp.eu.safenetid.com resources.eu.safenetid.com re.eu.safenetid.com |
979 KB |
2 |
rosbank.ru
1 redirects
passreset.rosbank.ru |
7 KB |
0 |
googleapis.com
Failed
storage.googleapis.com Failed |
|
27 | 3 |
Domain | Requested by | |
---|---|---|
15 | idp.eu.safenetid.com |
1 redirects
idp.eu.safenetid.com
|
4 | resources.eu.safenetid.com |
idp.eu.safenetid.com
|
2 | re.eu.safenetid.com |
idp.eu.safenetid.com
re.eu.safenetid.com |
2 | passreset.rosbank.ru | 1 redirects |
0 | storage.googleapis.com Failed |
idp.eu.safenetid.com
|
27 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
passreset.rosbank.ru DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-24 - 2022-11-24 |
a year | crt.sh |
*.eu.safenetid.com Sectigo RSA Organization Validation Secure Server CA |
2021-11-09 - 2022-11-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/login-actions/authenticate?client_id=https%3A%2F%2Fpassreset.rosbank.ru&tab_id=FMXVye68878
Frame ID: 5F21B3A0D7782BF6B0EFBD8BA8235D9E
Requests: 25 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://passreset.rosbank.ru/
HTTP 302
https://passreset.rosbank.ru/passwordresetout/ Page URL
-
https://idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/protocol/saml
HTTP 302
https://idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/login-actions/authenticate?client_id=https%3A%2F%... Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://passreset.rosbank.ru/
HTTP 302
https://passreset.rosbank.ru/passwordresetout/ Page URL
-
https://idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/protocol/saml
HTTP 302
https://idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/login-actions/authenticate?client_id=https%3A%2F%2Fpassreset.rosbank.ru&tab_id=FMXVye68878 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://passreset.rosbank.ru/ HTTP 302
- https://passreset.rosbank.ru/passwordresetout/
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
passreset.rosbank.ru/passwordresetout/ Redirect Chain
|
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
authenticate
idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/login-actions/ Redirect Chain
|
11 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sasidp-libs.min.css
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/css/ |
179 KB 179 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.css
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/css/ |
24 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5ae12c2e422b9433cda20dc4e6f8e405.css
resources.eu.safenetid.com/content/XCA0KKPRMM-STA/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sasidp-libs.min.js
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/js/ |
232 KB 232 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0b950fe114f790e5b2eafa7164135507.png
resources.eu.safenetid.com/content/XCA0KKPRMM-STA/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0d21fb6aba7a59129d631be268da637d.png
resources.eu.safenetid.com/content/XCA0KKPRMM-STA/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
localeInitialize.js
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/js/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts
re.eu.safenetid.com/api/v1/tenants/_unknown_/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
open-sans.css
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/fonts/OpenSans/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loc.js
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/js/ |
18 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
template.js
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/js/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
idfirston-scripts.js
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/js/ |
15 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
back-button.js
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/js/ |
5 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cpl-sta-p-app-eu-01-eu-languages-bucket-01
storage.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lang-list.xml
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/langs/ |
3 KB 3 KB |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
languages
resources.eu.safenetid.com/organization/Q4AF6Y86WP-STA/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/fonts/ |
75 KB 75 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Bold.woff2
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/fonts/OpenSans/Bold/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
OpenSans-Regular.woff2
idp.eu.safenetid.com/auth/resources/iaysj/login/sas-login-ui/fonts/OpenSans/Regular/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
signalCollector.min.js
re.eu.safenetid.com/javascripts/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4c667507019784ddaa4beee34b94921a.jpg
resources.eu.safenetid.com/content/XCA0KKPRMM-STA/ |
272 KB 272 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
etag
re.eu.safenetid.com/api/v1/tenants/_unknown_/ecookie/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cache
re.eu.safenetid.com/api/v1/tenants/_unknown_/ecookie/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
etag
re.eu.safenetid.com/api/v1/tenants/_unknown_/ecookie/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
cache
re.eu.safenetid.com/api/v1/tenants/_unknown_/ecookie/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- storage.googleapis.com
- URL
- https://storage.googleapis.com/cpl-sta-p-app-eu-01-eu-languages-bucket-01
- Domain
- resources.eu.safenetid.com
- URL
- https://resources.eu.safenetid.com/organization/Q4AF6Y86WP-STA/languages
- Domain
- re.eu.safenetid.com
- URL
- https://re.eu.safenetid.com/api/v1/tenants/_unknown_/ecookie/etag
- Domain
- re.eu.safenetid.com
- URL
- https://re.eu.safenetid.com/api/v1/tenants/_unknown_/ecookie/cache
- Domain
- re.eu.safenetid.com
- URL
- https://re.eu.safenetid.com/api/v1/tenants/_unknown_/ecookie/etag
- Domain
- re.eu.safenetid.com
- URL
- https://re.eu.safenetid.com/api/v1/tenants/_unknown_/ecookie/cache
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/ | Name: AUTH_SESSION_ID Value: d7322810-c2fb-42b4-9469-5fbc99f6315e.idp-5fddc47d54-bxh8v |
|
idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/ | Name: AUTH_SESSION_ID_LEGACY Value: d7322810-c2fb-42b4-9469-5fbc99f6315e.idp-5fddc47d54-bxh8v |
|
idp.eu.safenetid.com/auth/realms/Q4AF6Y86WP-STA/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxNGQ0MDc0ZC0wN2RiLTQwZjUtOTNiYS02OTFkMWZkYzhiOTcifQ.eyJjaWQiOiJodHRwczovL3Bhc3NyZXNldC5yb3NiYW5rLnJ1IiwicHR5Ijoic2FtbCIsInJ1cmkiOiJodHRwczovL3Bhc3NyZXNldC5yb3NiYW5rLnJ1L2NnaS9zYW1sYXV0aCIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7IlJlbGF5U3RhdGUiOiJibk5mY0c5c2FXTjVQVk5CUmtWT1JWUmZRMHhQVlVSZlUxSldNd0JvZEhSd2N6b3ZMM0JoYzNOeVpYTmxkQzV5YjNOaVlXNXJMbkoxTDNCaGMzTjNiM0prY21WelpYUnZkWFF2IiwiU0FNTF9SRVFVRVNUX0lEIjoiXzA5YWNhNDM5MTZhNDM1ZjViNjQ4MTQwY2M5OWRhYjBkIiwic2FtbF9iaW5kaW5nIjoicG9zdCJ9fQ.Csu57pYC8OtMAqgsqZWWosQvUrgNAucKcQjKaqfJSqI |
|
passreset.rosbank.ru/ | Name: NSC_TMAC Value: /cgi/tmlogin |
|
idp.eu.safenetid.com/ | Name: GWAFSESSION Value: s.idp1 |
|
resources.eu.safenetid.com/ | Name: GWAFSESSION Value: s.resources1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
idp.eu.safenetid.com
passreset.rosbank.ru
re.eu.safenetid.com
resources.eu.safenetid.com
storage.googleapis.com
re.eu.safenetid.com
resources.eu.safenetid.com
storage.googleapis.com
194.8.225.42
35.227.230.123
00fd2fe538a8a897e0a6fbb64558ccbfcc52d3b0c57bb090ad155177c006d589
04d42f4c477e2188b0546da735d3be7126ecff2fb1ccea2b1728acea4feed480
3f3e1019802de59aa329bdfcaffb0f9b5244e1186f2664e0bb796fa2ad57468f
5a70173c876c35e719071e59bf8a9b37e9c373830f49ef75fac6d6f5f7015ba4
70a1b983a5aaa09a9273037641a445489a04673bc63043be55b6ab0c4af2baa9
78c875ae7fbca65fc38696160e261c1389e18cb29c89beb39744ab97406367ca
7bf694c9fd95e318f7db51f00acfeb1c94f615d9c839c065fd7611626105f36f
8afc27ea874772ed07bd91e286ce65c08ae32de3801e971b0c185c899af0ae16
abfd63bf644f56ecb65825a6675ec7b7583d91ec22c1d4e962b686942db11a49
ae21211265192eca4aef4ef978aef8897e589fa0c59c5fd48fea169612718038
bbfe760cdbf4e93fb8cca59b33530ff11accfc6b4c0ef7eeeef51d61cf402f42
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
cc2c7238f86e1b96d3eb5c5d37b09949cfbd43b340f726878fbcb946e4bb4bdc
cc9a3608959f4845a1745dbd2adfc614267697cc9d31077ba2c319cc37c19376
dc0f9134bd1edc83b0d7d757b449757a335a108f675232c2d86b66f53d80d964
f7ef7c1db0d723180af8d7a57ee1c1b87e0bd91b2f3d48e75c50b53290e4839f
fc21cd208725ee3b7b6c07e976ebd981993ef64ee146278fe9799a49741fa373