![](/screenshots/6c564b4a-3b98-44ac-81f0-15fa2caf5fc4.png)
courier.esphere.ru
Open in
urlscan Pro
92.38.2.22
Public Scan
Effective URL: https://courier.esphere.ru/auth/UI/Login?realm=lkk_sfera&goto=https%3A%2F%2Fcourier.esphere.ru%3A443%2Fwebapi%2Fdoctype%2Fp...
Submission: On December 13 via manual from RU — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on April 20th 2022. Valid for: a year.
This is the only time courier.esphere.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 7 | 92.38.2.22 92.38.2.22 | 62065 (ESPHERE-AS) (ESPHERE-AS) | |
6 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
esphere.ru
1 redirects
courier.esphere.ru |
268 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
7 | courier.esphere.ru |
1 redirects
courier.esphere.ru
|
6 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
lkk.esphere.ru |
www.esphere.ru |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.esphere.ru GlobalSign RSA OV SSL CA 2018 |
2022-04-20 - 2023-05-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://courier.esphere.ru/auth/UI/Login?realm=lkk_sfera&goto=https%3A%2F%2Fcourier.esphere.ru%3A443%2Fwebapi%2Fdoctype%2FpropertiesForCompany
Frame ID: FCCE902380715F37931E4B737C4A2821
Requests: 6 HTTP requests in this frame
Screenshot
![](/screenshots/6c564b4a-3b98-44ac-81f0-15fa2caf5fc4.png)
Page Title
СфераPage URL History Show full URLs
-
https://courier.esphere.ru/webapi/doctype/propertiesForCompany
HTTP 302
https://courier.esphere.ru/auth/UI/Login?realm=lkk_sfera&goto=https%3A%2F%2Fcourier.esphere.ru%3A443%2F... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Забыли пароль?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://courier.esphere.ru/webapi/doctype/propertiesForCompany
HTTP 302
https://courier.esphere.ru/auth/UI/Login?realm=lkk_sfera&goto=https%3A%2F%2Fcourier.esphere.ru%3A443%2Fwebapi%2Fdoctype%2FpropertiesForCompany Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login
courier.esphere.ru/auth/UI/ Redirect Chain
|
10 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
new.css
courier.esphere.ru/auth/css/ |
8 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.be82a56d.js
courier.esphere.ru/auth/js/ |
198 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script_new.js
courier.esphere.ru/auth/js/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-cloud.png
courier.esphere.ru/auth/images/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner-032022.jpg
courier.esphere.ru/auth/images/ |
120 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| angular function| occupyFullBrowser function| placeCursorOnFirstElm function| writeCSS function| markupButton function| aggSubmit function| getSelectedRadioValue function| getSelectedCheckBoxValues function| strTrim function| clearFormElms number| elmCount6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
courier.esphere.ru/auth | Name: JSESSIONID Value: 9241045301E3315B9A890109A2F6B9A1 |
|
courier.esphere.ru/ | Name: felbcookie Value: 5fea69815398a33a999be577e861f430 |
|
courier.esphere.ru/ | Name: sessionId Value: 9ae9bcf4d14a4a8bb36195b25119c371 |
|
courier.esphere.ru/ | Name: lb_userid Value: rBH8QWOYX8llsajjH9tFAg== |
|
.esphere.ru/ | Name: AMAuthCookie Value: AQIC5wM2LY4SfczPApWbfnEHDwfmwwbosvm7uq4DYt54wXw.*AAJTSQACMDIAAlNLABM4MTM3NzU0MDY5MTQ1MjM5MTI1AAJTMQACMDM.* |
|
.esphere.ru/ | Name: amlbcookie Value: 03 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' *.esphere.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.esphere.ru; img-src 'self' *.esphere.ru; style-src 'self' 'unsafe-inline' *.esphere.ru; font-src 'self' *.esphere.ru; frame-src *.esphere.ru; object-src 'none' |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
courier.esphere.ru
92.38.2.22
1d0bfce9b8d5da1217012a4b05821a6fae2b846fad9b62a2c6c14257c2db1041
27b5bd9f170408d403b4a576168e4022646f78d0a140b1cb5f45a82b21e2e954
46d58f38b8e49c8f9fb0dc06d8ac13f341dfbf7b37337e09c29370d03496bc13
4bae87978b9eb8c162ade7e368030127c8cba08e9ed2ecb7b94c34bcfaf277e7
c02b16420babfbfd810fe33f525f0e6ec90953c0a96999c1048c60a19ba5c78c
c24111568bde04fcc898801e8acf4933bf2cf6fb8d649f42e03bf806147124e8