oauth2.esoft.tech Open in urlscan Pro
194.186.36.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ries3.etagi.com/
Effective URL:
https://oauth2.esoft.tech/login?v=1.45.0
Submission: On November 28 via api (November 28th 2023, 11:23:37 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 194.186.36.26, located in Moscow, Russian Federation and belongs to SOVAM-AS, RU. The main domain is oauth2.esoft.tech.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 4th 2023. Valid for: a year.

This is the only time oauth2.esoft.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.186.36.25 194.186.36.25	3216 (SOVAM-AS) (SOVAM-AS)
1 11	194.186.36.26 194.186.36.26	3216 (SOVAM-AS) (SOVAM-AS)
10	1

1 194.186.36.25 (Moscow, Russian Federation) 1 redirects

ASN3216 (SOVAM-AS, RU)
PTR: m.esoft.tech

ries3.etagi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 194.186.36.26 (Moscow, Russian Federation) 1 redirects

ASN3216 (SOVAM-AS, RU)
PTR: m.esoft.tech

oauth2.esoft.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	esoft.tech 1 redirects oauth2.esoft.tech	20 KB
1	etagi.com 1 redirects ries3.etagi.com	1 KB
10	2

	Domain	Requested by
11	oauth2.esoft.tech	1 redirects oauth2.esoft.tech
1	ries3.etagi.com	1 redirects
10	2

This site contains links to these domains. Also see Links.

Domain
redirect.appmetrica.yandex.com

Subject Issuer	Validity	Valid
*.esoft.tech AlphaSSL CA - SHA256 - G4	`2023-09-04` - `2024-10-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://oauth2.esoft.tech/login?v=1.45.0
Frame ID: 036CA82B0B0097CC302DB904956610C5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Вход в систему

Page URL History Show full URLs

http://ries3.etagi.com/ HTTP 302
https://oauth2.esoft.tech/authorize?state=f148332f6666dcf5ece447c8845e3a28&response_type=code&approval... HTTP 302
https://oauth2.esoft.tech/login?v=1.45.0 Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

19 kB
Transfer

50 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://redirect.appmetrica.yandex.com/serve/603036084779120663

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ries3.etagi.com/ HTTP 302
https://oauth2.esoft.tech/authorize?state=f148332f6666dcf5ece447c8845e3a28&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fries3.etagi.com%2F&client_id=prod_desk_ries_7509 HTTP 302
https://oauth2.esoft.tech/login?v=1.45.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response oauth2.esoft.tech/ Redirect Chain http://ries3.etagi.com/ https://oauth2.esoft.tech/authorize?state=f148332f6666dcf5ece447c8845e3a28&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fries3.etagi.com%2F&client_id=prod_desk_ries_7509 https://oauth2.esoft.tech/login?v=1.45.0	3 KB 1 KB	441ms 440ms	Document text/html	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Full URL https://oauth2.esoft.tech/login?v=1.45.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `770fdf53d5f224ea529466c1d939f74a694637a94096e3783d40a1df757c919b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding br content-type text/html; charset=UTF-8 date Tue, 28 Nov 2023 11:23:32 GMT expires Tue, 28 Nov 2023 11:23:31 GMT server openresty Redirect headers cache-control no-cache content-length 0 content-type text/html; charset=UTF-8 date Tue, 28 Nov 2023 11:23:32 GMT expires Tue, 28 Nov 2023 11:23:31 GMT location https://oauth2.esoft.tech/login?v=1.45.0 p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" server openresty
GET H2	200	ries.css oauth2.esoft.tech/static/css/	6 KB 1 KB	228ms 227ms	Stylesheet text/css	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Full URL https://oauth2.esoft.tech/static/css/ries.css Requested by Host: oauth2.esoft.tech URL: https://oauth2.esoft.tech/login?v=1.45.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `9b3edafdbe16edde50e5b67dcfb55aacde3c00e931cebb749f9e633ae40b80ae` Request headers accept-language de-DE,de;q=0.9 Referer https://oauth2.esoft.tech/login?v=1.45.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type text/css; charset=UTF-8 date Tue, 28 Nov 2023 11:23:32 GMT cache-control no-cache content-encoding br last-modified Mon, 11 Jul 2022 06:43:51 GMT server openresty expires Tue, 28 Nov 2023 11:23:31 GMT
GET H2	200	roboto.css oauth2.esoft.tech/static/fonts/roboto/	3 KB 547 B	226ms 225ms	Stylesheet text/css	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Full URL https://oauth2.esoft.tech/static/fonts/roboto/roboto.css Requested by Host: oauth2.esoft.tech URL: https://oauth2.esoft.tech/login?v=1.45.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `d03f9bceeb32ff7be0dce7cdcef34389ff8275814b20d5bac3f6fecb0309937c` Request headers accept-language de-DE,de;q=0.9 Referer https://oauth2.esoft.tech/login?v=1.45.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type text/css; charset=UTF-8 date Tue, 28 Nov 2023 11:23:32 GMT cache-control no-cache content-encoding br last-modified Mon, 11 Jul 2022 06:43:51 GMT server openresty expires Tue, 28 Nov 2023 11:23:31 GMT
GET H2	200	client.base.min.js Show response oauth2.esoft.tech/static/js/lib/clientjs/	29 KB 12 KB	474ms 473ms	Script application/javascript	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Full URL https://oauth2.esoft.tech/static/js/lib/clientjs/client.base.min.js?v=1.45.0 Requested by Host: oauth2.esoft.tech URL: https://oauth2.esoft.tech/login?v=1.45.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `f0b502e10459143f0a0d4423fc6f5ab47f48ce44b88178ef4fca7bf1509d8da5` Request headers accept-language de-DE,de;q=0.9 Referer https://oauth2.esoft.tech/login?v=1.45.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type application/javascript; charset=utf-8 date Tue, 28 Nov 2023 11:23:32 GMT cache-control no-cache content-encoding br last-modified Mon, 11 Jul 2022 06:43:51 GMT server openresty expires Tue, 28 Nov 2023 11:23:31 GMT
GET H2	200	etagi.svg oauth2.esoft.tech/static/img/	3 KB 2 KB	224ms 223ms	Image image/svg+xml	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://oauth2.esoft.tech/static/img/etagi.svg Requested by Host: oauth2.esoft.tech URL: https://oauth2.esoft.tech/login?v=1.45.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `3f6679b85709d78fc655ea148d5b0c290fe30566771abd512be1664849654510` Request headers accept-language de-DE,de;q=0.9 Referer https://oauth2.esoft.tech/login?v=1.45.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type image/svg+xml date Tue, 28 Nov 2023 11:23:32 GMT cache-control no-cache content-encoding br last-modified Mon, 11 Jul 2022 06:43:51 GMT server openresty expires Tue, 28 Nov 2023 11:23:31 GMT
GET H2	200	visibility_off.svg oauth2.esoft.tech/static/img/	697 B 549 B	475ms 474ms	Image image/svg+xml	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://oauth2.esoft.tech/static/img/visibility_off.svg Requested by Host: oauth2.esoft.tech URL: https://oauth2.esoft.tech/login?v=1.45.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `1f8cd564a83ee86d950b7362574cf71951b45ca5dcd8c8f7e1b42adefc65496b` Request headers accept-language de-DE,de;q=0.9 Referer https://oauth2.esoft.tech/login?v=1.45.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type image/svg+xml date Tue, 28 Nov 2023 11:23:32 GMT cache-control no-cache content-encoding br last-modified Mon, 11 Jul 2022 06:43:51 GMT server openresty expires Tue, 28 Nov 2023 11:23:31 GMT
GET H2	200	main.js Show response oauth2.esoft.tech/static/js/	3 KB 1012 B	251ms 249ms	Script application/javascript	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Full URL https://oauth2.esoft.tech/static/js/main.js?v=1.45.0 Requested by Host: oauth2.esoft.tech URL: https://oauth2.esoft.tech/login?v=1.45.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `b73774f83aa8ad373e415be0abaca99c212eb8bf7bd57ff2d8254bff404a59ff` Request headers accept-language de-DE,de;q=0.9 Referer https://oauth2.esoft.tech/login?v=1.45.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type application/javascript; charset=utf-8 date Tue, 28 Nov 2023 11:23:33 GMT cache-control no-cache content-encoding br last-modified Mon, 11 Jul 2022 06:43:51 GMT server openresty expires Tue, 28 Nov 2023 11:23:32 GMT
GET H2	200	fast_send_check_code.js Show response oauth2.esoft.tech/static/js/	242 B 301 B	374ms 374ms	Script application/javascript	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Full URL https://oauth2.esoft.tech/static/js/fast_send_check_code.js?v=1.45.0 Requested by Host: oauth2.esoft.tech URL: https://oauth2.esoft.tech/login?v=1.45.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `8680ca284236fb75769f98cf4558271a7bd76a01c642f53aaa1fd8cf6787d969` Request headers accept-language de-DE,de;q=0.9 Referer https://oauth2.esoft.tech/login?v=1.45.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type application/javascript; charset=utf-8 date Tue, 28 Nov 2023 11:23:33 GMT cache-control no-cache content-encoding br last-modified Mon, 11 Jul 2022 06:43:51 GMT server openresty expires Tue, 28 Nov 2023 11:23:32 GMT
GET H2	200	callrequest.js Show response oauth2.esoft.tech/static/js/	624 B 420 B	375ms 375ms	Script application/javascript	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Full URL https://oauth2.esoft.tech/static/js/callrequest.js?v=1.45.0 Requested by Host: oauth2.esoft.tech URL: https://oauth2.esoft.tech/login?v=1.45.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `2f8110193715c156c6a46e2a1bcb2da64ce2601ff9ed1fd0eb07eb7391299b71` Request headers accept-language de-DE,de;q=0.9 Referer https://oauth2.esoft.tech/login?v=1.45.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type application/javascript; charset=utf-8 date Tue, 28 Nov 2023 11:23:33 GMT cache-control no-cache content-encoding br last-modified Mon, 24 Oct 2022 05:37:42 GMT server openresty expires Tue, 28 Nov 2023 11:23:32 GMT
GET H2	200	qr_code_icon.svg oauth2.esoft.tech/static/img/	802 B 511 B	361ms 361ms	Image image/svg+xml	194.186.36.26 SOVAM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://oauth2.esoft.tech/static/img/qr_code_icon.svg Requested by Host: oauth2.esoft.tech URL: https://oauth2.esoft.tech/static/css/ries.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 194.186.36.26 Moscow, Russian Federation, ASN3216 (SOVAM-AS, RU), Reverse DNS m.esoft.tech Software openresty / Resource Hash `138b77d975bedc483f40d3771c8eaa82f7f74f4866340856f8ddeb43760d0aee` Request headers accept-language de-DE,de;q=0.9 Referer https://oauth2.esoft.tech/static/css/ries.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type image/svg+xml date Tue, 28 Nov 2023 11:23:33 GMT cache-control no-cache content-encoding br last-modified Mon, 11 Jul 2022 06:43:51 GMT server openresty expires Tue, 28 Nov 2023 11:23:32 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| ClientJS

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ries3.etagi.com/	1970-01-20 16:34:17	Name: RIESSESSID Value: d6idjsf1qbhn8473pg0k461ub3
ries3.etagi.com/	1969-12-31 23:59:59	Name: SameSite Value: Strict
ries3.etagi.com/	1970-01-21 01:18:26	Name: _ga_sync Value: wrokGWVlzbJDHhfiA5F9Ag==
oauth2.esoft.tech/	1970-01-20 16:34:17	Name: oauth2_session_data_id Value: "!8RmU2Tysxr4FC6pIa3X8Og==?gAWVJwAAAAAAAACMFm9hdXRoMl9zZXNzaW9uX2RhdGFfaWSUjAg2OTUxODgzOJSGlC4="
oauth2.esoft.tech/	1970-01-21 01:18:26	Name: _ga_sync Value: wrokGmVlzbSWKBfXA8aEAg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oauth2.esoft.tech
ries3.etagi.com
194.186.36.25
194.186.36.26
138b77d975bedc483f40d3771c8eaa82f7f74f4866340856f8ddeb43760d0aee
1f8cd564a83ee86d950b7362574cf71951b45ca5dcd8c8f7e1b42adefc65496b
2f8110193715c156c6a46e2a1bcb2da64ce2601ff9ed1fd0eb07eb7391299b71
3f6679b85709d78fc655ea148d5b0c290fe30566771abd512be1664849654510
770fdf53d5f224ea529466c1d939f74a694637a94096e3783d40a1df757c919b
8680ca284236fb75769f98cf4558271a7bd76a01c642f53aaa1fd8cf6787d969
9b3edafdbe16edde50e5b67dcfb55aacde3c00e931cebb749f9e633ae40b80ae
b73774f83aa8ad373e415be0abaca99c212eb8bf7bd57ff2d8254bff404a59ff
d03f9bceeb32ff7be0dce7cdcef34389ff8275814b20d5bac3f6fecb0309937c
f0b502e10459143f0a0d4423fc6f5ab47f48ce44b88178ef4fca7bf1509d8da5

oauth2.esoft.tech Open in urlscan Pro 194.186.36.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

19 kBTransfer

50 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

5 Cookies

Indicators

oauth2.esoft.tech Open in urlscan Pro
194.186.36.26 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

19 kB
Transfer

50 kB
Size

5
Cookies

10 HTTP transactions
0 data transactions