planeta.ru Open in urlscan Pro
185.203.72.23 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://planeta.ru/campaigns
Submission Tags: falconsandbox
Submission: On February 14 via api (February 14th 2022, 9:55:59 pm UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 185.203.72.23, located in Russian Federation and belongs to VARITI-INT-AS, CH. The main domain is planeta.ru.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on December 13th 2021. Valid for: a year.

This is the only time planeta.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	185.203.72.23 185.203.72.23		42240 (VARITI-IN...) (VARITI-INT-AS)
9	1

9 185.203.72.23 (Russian Federation)

ASN42240 (VARITI-INT-AS, CH)

planeta.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	planeta.ru planeta.ru	772 KB
9	1

	Domain	Requested by
9	planeta.ru	planeta.ru
9	1

This site contains no links.

Subject Issuer	Validity	Valid
*.planeta.ru GlobalSign RSA OV SSL CA 2018	`2021-12-13` - `2023-01-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://planeta.ru/campaigns
Frame ID: FF7A4B62731C1B7C91852A33A6D8768D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Planeta.ru

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

772 kB
Transfer

774 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request campaigns Show response planeta.ru/	7 KB 4 KB	92ms 55ms	Document text/html	185.203.72.23 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL https://planeta.ru/campaigns Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.203.72.23 , Russian Federation, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software nginx / Resource Hash `7aabc934337635e0dcb112c8689e41431853233de1fd0db38b1283db6683a137` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Mon, 14 Feb 2022 21:55:55 GMT Content-Type text/html Transfer-Encoding chunked Last-Modified Tue, 25 Jan 2022 14:20:10 GMT Vary Accept-Encoding ETag W/"61f0071a-1db2" Cache-Control no-cache, no-store, must-revalidate, max-age=0 Content-Encoding gzip X-VARITI-CCR 361820511:1 P3P policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Connection keep-alive Keep-Alive timeout=60
GET H/1.1	200 OK	Roboto-Regular.woff2 planeta.ru/fonts/	22 KB 23 KB	85ms 84ms	Font application/octet-stream	185.203.72.23 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL https://planeta.ru/fonts/Roboto-Regular.woff2 Requested by Host: planeta.ru URL: https://planeta.ru/campaigns Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.203.72.23 , Russian Federation, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software nginx / Resource Hash `cc95a72d6dce48bfec4e1e67670b7a697277ed8ba556368172ff611c633786fd` Request headers Referer https://planeta.ru/campaigns Origin https://planeta.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Mon, 14 Feb 2022 21:55:55 GMT Last-Modified Tue, 25 Jan 2022 14:19:02 GMT Server nginx ETag "61f006d6-59cc" Content-Type application/octet-stream Cache-Control public, max-age=604800 Content-Length 22988 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=60 X-VARITI-CCR 361820511:2
GET H/1.1	200 OK	Roboto-Bold.woff2 planeta.ru/fonts/	106 KB 107 KB	40ms 13ms	Font text/html	185.203.72.23 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL https://planeta.ru/fonts/Roboto-Bold.woff2 Requested by Host: planeta.ru URL: https://planeta.ru/campaigns Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.203.72.23 , Russian Federation, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software Variti/0.9.3a / Resource Hash `fcadfa4bba479f4e67dc54e07588b97e620ddb0a0ff3f9fa0d32dfebcbad5428` Request headers Referer https://planeta.ru/campaigns Origin https://planeta.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 14 Feb 2022 21:5555 GMT Server Variti/0.9.3a Connection keep-alive Keep-Alive timeout=60 Content-Length 108870 Content-Type text/html
GET H/1.1	200 OK	Roboto-BoldItalic.woff2 planeta.ru/fonts/	106 KB 107 KB	41ms 12ms	Font text/html	185.203.72.23 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL https://planeta.ru/fonts/Roboto-BoldItalic.woff2 Requested by Host: planeta.ru URL: https://planeta.ru/campaigns Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.203.72.23 , Russian Federation, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software Variti/0.9.3a / Resource Hash `1067e179803fc2cb19ea6fc33fa222e1fb98f0c6c2937dc80b9d13b23b05bb24` Request headers Referer https://planeta.ru/campaigns Origin https://planeta.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 14 Feb 2022 21:5555 GMT Server Variti/0.9.3a Connection keep-alive Keep-Alive timeout=60 Content-Length 108876 Content-Type text/html
GET H/1.1	200 OK	RobotoCondensed-Regular.woff2 planeta.ru/fonts/	106 KB 107 KB	43ms 12ms	Font text/html	185.203.72.23 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL https://planeta.ru/fonts/RobotoCondensed-Regular.woff2 Requested by Host: planeta.ru URL: https://planeta.ru/campaigns Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.203.72.23 , Russian Federation, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software Variti/0.9.3a / Resource Hash `cde8d434d908ded10f37e6d9c1b92d26a4a03cdab923bd94c5497cc3aaa36201` Request headers Referer https://planeta.ru/campaigns Origin https://planeta.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 14 Feb 2022 21:5555 GMT Server Variti/0.9.3a Connection keep-alive Keep-Alive timeout=60 Content-Length 108881 Content-Type text/html
GET H/1.1	200 OK	styles.e9b0fe35365be6103655.css planeta.ru/application/	106 KB 107 KB	37ms 12ms	Stylesheet text/html	185.203.72.23 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL https://planeta.ru/application/styles.e9b0fe35365be6103655.css Requested by Host: planeta.ru URL: https://planeta.ru/campaigns Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.203.72.23 , Russian Federation, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software Variti/0.9.3a / Resource Hash `8512ff499d3f979b5725e73e64d10b52f621467a686e4b5e3c4f369cf1abf1d6` Request headers Accept-Language de-DE,de;q=0.9 Referer https://planeta.ru/campaigns User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 14 Feb 2022 21:5555 GMT Server Variti/0.9.3a Connection keep-alive Keep-Alive timeout=60 Content-Length 108890 Content-Type text/html
GET H/1.1	200 OK	runtime-es2015.449f874aa24f516d680a.js Show response planeta.ru/application/	106 KB 107 KB	43ms 13ms	Script text/html	185.203.72.23 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL https://planeta.ru/application/runtime-es2015.449f874aa24f516d680a.js Requested by Host: planeta.ru URL: https://planeta.ru/campaigns Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.203.72.23 , Russian Federation, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software Variti/0.9.3a / Resource Hash `c23ff85e3b6ade800df74172ca55cf63d826cee66cccce07fb6341475b1d23cc` Request headers Referer https://planeta.ru/campaigns Origin https://planeta.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 14 Feb 2022 21:5555 GMT Server Variti/0.9.3a Connection keep-alive Keep-Alive timeout=60 Content-Length 108896 Content-Type text/html
GET H/1.1	200 OK	polyfills-es2015.31dd71e2be3f55ecb253.js Show response planeta.ru/application/	106 KB 107 KB	65ms 9ms	Script text/html	185.203.72.23 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL https://planeta.ru/application/polyfills-es2015.31dd71e2be3f55ecb253.js Requested by Host: planeta.ru URL: https://planeta.ru/campaigns Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.203.72.23 , Russian Federation, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software Variti/0.9.3a / Resource Hash `84df195ae9a9ee59d62ee061a456f3c09744c285e5257d1bf64b0e8f13e9408a` Request headers Referer https://planeta.ru/campaigns Origin https://planeta.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 14 Feb 2022 21:5555 GMT Server Variti/0.9.3a Connection keep-alive Keep-Alive timeout=60 Content-Length 108899 Content-Type text/html
GET H/1.1	200 OK	main-es2015.759455784cc40afdf780.js Show response planeta.ru/application/	106 KB 107 KB	68ms 10ms	Script text/html	185.203.72.23 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL https://planeta.ru/application/main-es2015.759455784cc40afdf780.js Requested by Host: planeta.ru URL: https://planeta.ru/campaigns Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.203.72.23 , Russian Federation, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software Variti/0.9.3a / Resource Hash `63137825e77c33146c9a78b7c1ce2285b1a6ec09ef4eb19b4ee8aa01883dcf94` Request headers Referer https://planeta.ru/campaigns Origin https://planeta.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 14 Feb 2022 21:5555 GMT Server Variti/0.9.3a Connection keep-alive Keep-Alive timeout=60 Content-Length 108893 Content-Type text/html

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| dataLayer

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
planeta.ru/	1970-01-20 01:37:47	Name: rerf Value: AAAAAGIKz+sY8jGABHrdAg==
planeta.ru/	1970-01-23 06:43:11	Name: ipp_uid Value: 1644875755424/EUVOWOinc7P6dwGG/0repmIRlL6QlaP+5qu/W4g==
planeta.ru/	1970-01-23 06:43:11	Name: ipp_key Value: v1644875755424/v3394bd400b5e53a13cfc65163aeca6afa04ab3/flRq4oQE03ckjoQGCL0sFQ==

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://planeta.ru/application/runtime-es2015.449f874aa24f516d680a.js Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html". Strict MIME type checking is enforced for module scripts per HTML spec.
javascript	error	URL: https://planeta.ru/application/polyfills-es2015.31dd71e2be3f55ecb253.js Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html". Strict MIME type checking is enforced for module scripts per HTML spec.
javascript	error	URL: https://planeta.ru/application/main-es2015.759455784cc40afdf780.js Message: Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "text/html". Strict MIME type checking is enforced for module scripts per HTML spec.
javascript	warning	URL: https://planeta.ru/campaigns Message: The resource https://planeta.ru/fonts/Roboto-Bold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://planeta.ru/campaigns Message: The resource https://planeta.ru/fonts/Roboto-BoldItalic.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://planeta.ru/campaigns Message: The resource https://planeta.ru/fonts/Roboto-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://planeta.ru/campaigns Message: The resource https://planeta.ru/fonts/RobotoCondensed-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

planeta.ru
185.203.72.23
1067e179803fc2cb19ea6fc33fa222e1fb98f0c6c2937dc80b9d13b23b05bb24
63137825e77c33146c9a78b7c1ce2285b1a6ec09ef4eb19b4ee8aa01883dcf94
7aabc934337635e0dcb112c8689e41431853233de1fd0db38b1283db6683a137
84df195ae9a9ee59d62ee061a456f3c09744c285e5257d1bf64b0e8f13e9408a
8512ff499d3f979b5725e73e64d10b52f621467a686e4b5e3c4f369cf1abf1d6
c23ff85e3b6ade800df74172ca55cf63d826cee66cccce07fb6341475b1d23cc
cc95a72d6dce48bfec4e1e67670b7a697277ed8ba556368172ff611c633786fd
cde8d434d908ded10f37e6d9c1b92d26a4a03cdab923bd94c5497cc3aaa36201
fcadfa4bba479f4e67dc54e07588b97e620ddb0a0ff3f9fa0d32dfebcbad5428

planeta.ru Open in urlscan Pro 185.203.72.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

772 kBTransfer

774 kBSize

3 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

7 Console Messages

Indicators

planeta.ru Open in urlscan Pro
185.203.72.23 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

772 kB
Transfer

774 kB
Size

3
Cookies

9 HTTP transactions
0 data transactions