client.dextra.ru Open in urlscan Pro
90.156.201.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://client.dextra.ru/
Submission: On March 10 via automatic, source certstream-suspicious (March 10th 2020, 3:46:13 am UTC)

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 90.156.201.103, located in Russian Federation and belongs to MASTERHOST-AS Moscow, Russia, RU. The main domain is client.dextra.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 16th 2019. Valid for: 3 months.

This is the only time client.dextra.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	90.156.201.103 90.156.201.103		25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
9	2

9 90.156.201.103 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)
PTR: fe.shared.masterhost.ru

client.dextra.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	dextra.ru client.dextra.ru	181 KB
9	1

	Domain	Requested by
9	client.dextra.ru	client.dextra.ru
9	1

This site contains no links.

Subject Issuer	Validity	Valid
client.dextra.ru Let's Encrypt Authority X3	`2019-12-16` - `2020-03-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://client.dextra.ru/
Frame ID: FDE8A377EA9BA770450B99315CA7AB2C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

181 kB
Transfer

248 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response client.dextra.ru/	3 KB 1 KB	301ms 78ms	Document text/html	90.156.201.103 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Full URL https://client.dextra.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 90.156.201.103 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS fe.shared.masterhost.ru Software Apache / Resource Hash `82a816ce9c25e4ee25732ddb22d968e58889502925fb109af6124e3c31de0f5a` Request headers :method GET :authority client.dextra.ru :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Tue, 10 Mar 2020 03:45:57 GMT content-type text/html; charset=windows-1251 vary Accept-Encoding server Apache last-modified Tue, 10 Mar 2020 03:45:57 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 19 Nov 1981 08:52:00 GMT set-cookie PHPSESSID=0vm35jf4slvskn01sq0hqtkih7; expires=Tue, 10-Mar-2020 13:45:57 GMT; Max-Age=36000; path=/ pragma no-cache content-encoding gzip
GET H2	200	reset.css client.dextra.ru/include/views/Auth/styles/	1 KB 835 B	66ms 65ms	Stylesheet text/css	90.156.201.103 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Full URL https://client.dextra.ru/include/views/Auth/styles/reset.css Requested by Host: client.dextra.ru URL: https://client.dextra.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 90.156.201.103 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS fe.shared.masterhost.ru Software Apache / Resource Hash `ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988` Request headers Referer https://client.dextra.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 10 Mar 2020 03:45:57 GMT content-encoding gzip last-modified Thu, 21 Sep 2017 05:48:56 GMT server Apache etag W/"444-559aca5e44200" vary Accept-Encoding content-type text/css status 200 cache-control max-age=0 expires Tue, 10 Mar 2020 03:45:57 GMT
GET H2	200	jquery.js Show response client.dextra.ru/include/views/Auth/js/	92 KB 33 KB	94ms 93ms	Script application/javascript	90.156.201.103 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Full URL https://client.dextra.ru/include/views/Auth/js/jquery.js Requested by Host: client.dextra.ru URL: https://client.dextra.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 90.156.201.103 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS fe.shared.masterhost.ru Software Apache / Resource Hash `ed2dc5f0b0fbc48a762829c5384516a489a5c8cdfb5c303e4040b5813c51f874` Request headers Referer https://client.dextra.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 10 Mar 2020 03:45:57 GMT content-encoding gzip last-modified Thu, 21 Sep 2017 05:48:56 GMT server Apache etag W/"16eac-559aca5e44200" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=0 expires Tue, 10 Mar 2020 03:45:57 GMT
GET H2	200	main.css client.dextra.ru/include/views/Auth/css/	9 KB 2 KB	140ms 139ms	Stylesheet text/css	90.156.201.103 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Full URL https://client.dextra.ru/include/views/Auth/css/main.css Requested by Host: client.dextra.ru URL: https://client.dextra.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 90.156.201.103 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS fe.shared.masterhost.ru Software Apache / Resource Hash `90727bd44521cfd645ca2bb3453950b97fce043913f4041408442ef446f64bcb` Request headers Referer https://client.dextra.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 10 Mar 2020 03:45:57 GMT content-encoding gzip last-modified Mon, 22 Jul 2019 06:38:48 GMT server Apache etag W/"22ed-58e3f54106e00" vary Accept-Encoding content-type text/css status 200 cache-control max-age=0 expires Tue, 10 Mar 2020 03:45:57 GMT
GET H2	200	script.js Show response client.dextra.ru/include/views/Auth/js/	1 KB 707 B	142ms 141ms	Script application/javascript	90.156.201.103 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Full URL https://client.dextra.ru/include/views/Auth/js/script.js Requested by Host: client.dextra.ru URL: https://client.dextra.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 90.156.201.103 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS fe.shared.masterhost.ru Software Apache / Resource Hash `a3afd283ed415ff463bf53e559e5dec2ec414a953f1e4a49be8ab915ec77386e` Request headers Referer https://client.dextra.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Tue, 10 Mar 2020 03:45:57 GMT content-encoding gzip last-modified Fri, 24 May 2019 05:43:29 GMT server Apache etag W/"412-5899bad9ad354" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=0 expires Tue, 10 Mar 2020 03:45:57 GMT
GET H2	200	logo.png client.dextra.ru/include/views/Auth/pic/	3 KB 3 KB	141ms 141ms	Image image/png	90.156.201.103 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Show image Full URL https://client.dextra.ru/include/views/Auth/pic/logo.png Requested by Host: client.dextra.ru URL: https://client.dextra.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 90.156.201.103 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS fe.shared.masterhost.ru Software Apache / Resource Hash `33f44e2af360414cde12eb8a674897b25b9fc2ab3f8dd0d8ea51e627ccf9c1ab` Request headers Referer https://client.dextra.ru/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 10 Mar 2020 03:45:57 GMT last-modified Fri, 24 May 2019 05:43:29 GMT server Apache etag "cde-5899bad9afa64" content-type image/png status 200 cache-control max-age=0 accept-ranges bytes content-length 3294 expires Tue, 10 Mar 2020 03:45:57 GMT
GET DATA	200 OK	truncated /	343 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4bb3fb8f54d307e93275bdd673ffa2b18e3bf91697563ee446d9581bdd877f0a` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	MuseoSansBlack.woff client.dextra.ru/include/views/Auth/fonts/	45 KB 46 KB	67ms 66ms	Font application/font-woff	90.156.201.103 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Full URL https://client.dextra.ru/include/views/Auth/fonts/MuseoSansBlack.woff Requested by Host: client.dextra.ru URL: https://client.dextra.ru/include/views/Auth/js/jquery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 90.156.201.103 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS fe.shared.masterhost.ru Software Apache / Resource Hash `2d1fa78c235d3b984e151bf9afee556e394d6d0d07537be0bcd534f0b019c217` Request headers Referer https://client.dextra.ru/include/views/Auth/css/main.css Origin https://client.dextra.ru Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 03:45:57 GMT last-modified Fri, 24 May 2019 05:43:29 GMT server Apache etag "b4e8-5899bad9aac44" content-type application/font-woff status 200 cache-control max-age=0 accept-ranges bytes content-length 46312 expires Tue, 10 Mar 2020 03:45:57 GMT
GET H2	200	MuseoSansRegular.woff client.dextra.ru/include/views/Auth/fonts/	46 KB 47 KB	66ms 66ms	Font application/font-woff	90.156.201.103 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Full URL https://client.dextra.ru/include/views/Auth/fonts/MuseoSansRegular.woff Requested by Host: client.dextra.ru URL: https://client.dextra.ru/include/views/Auth/js/jquery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 90.156.201.103 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS fe.shared.masterhost.ru Software Apache / Resource Hash `d1900231fc74546991d68bab98b8aa6655aa43bda10d0b33c30cdc80d2d3867d` Request headers Referer https://client.dextra.ru/include/views/Auth/css/main.css Origin https://client.dextra.ru Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 03:45:57 GMT last-modified Fri, 24 May 2019 05:43:29 GMT server Apache etag "b9f4-5899bad9ad354" content-type application/font-woff status 200 cache-control max-age=0 accept-ranges bytes content-length 47604 expires Tue, 10 Mar 2020 03:45:57 GMT
GET H2	200	MuseoSansBold.woff client.dextra.ru/include/views/Auth/fonts/	47 KB 47 KB	69ms 68ms	Font application/font-woff	90.156.201.103 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Full URL https://client.dextra.ru/include/views/Auth/fonts/MuseoSansBold.woff Requested by Host: client.dextra.ru URL: https://client.dextra.ru/include/views/Auth/js/jquery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 90.156.201.103 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS fe.shared.masterhost.ru Software Apache / Resource Hash `4134340c7e28990c007c655d18614f84e6d386fb83b5ecd30278b648aee9f5f0` Request headers Referer https://client.dextra.ru/include/views/Auth/css/main.css Origin https://client.dextra.ru Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 10 Mar 2020 03:45:57 GMT last-modified Fri, 24 May 2019 05:43:29 GMT server Apache etag "bc00-5899bad9ad354" content-type application/font-woff status 200 cache-control max-age=0 accept-ranges bytes content-length 48128 expires Tue, 10 Mar 2020 03:45:57 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			client.dextra.ru/	1970-01-19 07:57:27	Name: PHPSESSID Value: 0vm35jf4slvskn01sq0hqtkih7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.dextra.ru
90.156.201.103
2d1fa78c235d3b984e151bf9afee556e394d6d0d07537be0bcd534f0b019c217
33f44e2af360414cde12eb8a674897b25b9fc2ab3f8dd0d8ea51e627ccf9c1ab
4134340c7e28990c007c655d18614f84e6d386fb83b5ecd30278b648aee9f5f0
4bb3fb8f54d307e93275bdd673ffa2b18e3bf91697563ee446d9581bdd877f0a
82a816ce9c25e4ee25732ddb22d968e58889502925fb109af6124e3c31de0f5a
90727bd44521cfd645ca2bb3453950b97fce043913f4041408442ef446f64bcb
a3afd283ed415ff463bf53e559e5dec2ec414a953f1e4a49be8ab915ec77386e
d1900231fc74546991d68bab98b8aa6655aa43bda10d0b33c30cdc80d2d3867d
ed2dc5f0b0fbc48a762829c5384516a489a5c8cdfb5c303e4040b5813c51f874
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988

client.dextra.ru Open in urlscan Pro 90.156.201.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

181 kBTransfer

248 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

client.dextra.ru Open in urlscan Pro
90.156.201.103 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

181 kB
Transfer

248 kB
Size

1
Cookies

9 HTTP transactions
1 data transactions