URL: https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
Submission Tags: falconsandbox
Submission: On December 10 via api from US

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 89.108.118.249, located in Russian Federation and belongs to AGAVA3, RU. The main domain is redsmi.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 26th 2020. Valid for: 3 months.
This is the only time redsmi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 89.108.118.249 43146 (AGAVA3)
10 1
Apex Domain
Subdomains
Transfer
6 redsmi.com
redsmi.com
79 KB
4 push-kin.com
push-kin.com
20 KB
10 2
Domain Requested by
6 redsmi.com redsmi.com
4 push-kin.com redsmi.com
push-kin.com
10 2

This site contains no links.

Subject Issuer Validity Valid
redsmi.com
Let's Encrypt Authority X3
2020-11-26 -
2021-02-24
3 months crt.sh
www.push-kin.com
GlobalSign GCC R3 DV TLS CA 2020
2020-10-08 -
2021-11-09
a year crt.sh

This page contains 1 frames:

Primary Page: https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
Frame ID: D099A845E2B4DA90E99A21C11FFA0686
Requests: 10 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

100 kB
Transfer

221 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set anons.php
redsmi.com/31/
6 KB
6 KB
Document
General
Full URL
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
3f41c7edc8120e114191cd23b920563dcf8ecfb5361c96fe4838e04185b15a65

Request headers

Host
redsmi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Thu, 10 Dec 2020 08:24:33 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
userIP=89.249.64.171; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ userAgent=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ userDevice=Desktop; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ userBrowser=Chrome; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ userBrowserVersion=83.0.4103; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ userOs=Mac%20OS%20X; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ userCity=%D0%91%D0%B5%D1%80%D0%BB%D0%B8%D0%BD; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ userCountry=DE; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ uid=66666e219ab74e221ddd75e132d3fef1; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ refererUrl=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ eventPlace=v; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ nid=7379; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ sid=83; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ pid=385882; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ aid=596498042; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ cid=rt_rukzyz_news2; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ did=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ utm_source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ utm_medium=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ utm_campaign=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ utm_term=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ utm_content=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ refresh=1; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ parentRefresh=0; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ backRefresh=1; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ anonsTeasersType=2; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ fullTeasersType=2; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ shock=0; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ push=1; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ popup=0; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ userId=13; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200; path=/ teaserParity=1; expires=Sun, 13-Dec-2020 08:24:33 GMT; Max-Age=259200
Vary
Accept-Encoding
Content-Encoding
gzip
2.js
push-kin.com/_2/handler/
7 KB
2 KB
Script
General
Full URL
https://push-kin.com/_2/handler/2.js
Requested by
Host: redsmi.com
URL: https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
5dd1f3a001eaca00372441b5bb00b116c9d8fa5af4fb68b372cd5b8e1395b181

Request headers

Referer
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 10 Dec 2020 08:24:34 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx/1.16.1
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
style.min.css
redsmi.com/31/assets/css/
23 KB
4 KB
Stylesheet
General
Full URL
https://redsmi.com/31/assets/css/style.min.css
Requested by
Host: redsmi.com
URL: https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
1cb9e7d59fc4012279074cf11540b5bbfcaca0f8fb279413ec3625638d3fe1c1

Request headers

Referer
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 10 Dec 2020 08:24:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Sep 2020 14:01:12 GMT
Server
nginx/1.16.1
ETag
W/"5f5b8328-5c74"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=15552000
Connection
keep-alive
Expires
Tue, 08 Jun 2021 08:24:33 GMT
b07b3cf3f799d885135f3128bd429cf1.jpg
redsmi.com/assets/img/n/
30 KB
31 KB
Image
General
Full URL
https://redsmi.com/assets/img/n/b07b3cf3f799d885135f3128bd429cf1.jpg
Requested by
Host: redsmi.com
URL: https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
e58e40958deaad464df1dffe8057c2fb4895d55511f26537fa82e6f14e62a5ec

Request headers

Referer
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 10 Dec 2020 08:24:34 GMT
Last-Modified
Mon, 26 Oct 2020 12:04:33 GMT
Server
nginx/1.16.1
ETag
"5f96bb51-79ae"
Content-Type
image/jpeg
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31150
Expires
Tue, 08 Jun 2021 08:24:34 GMT
loading.gif
redsmi.com/31/assets/img/
8 KB
8 KB
Image
General
Full URL
https://redsmi.com/31/assets/img/loading.gif
Requested by
Host: redsmi.com
URL: https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
734c869300a625c14c9860e2fa4390f73f781dd080d4de4f7885e8c31c6ff9fd

Request headers

Referer
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 10 Dec 2020 08:24:34 GMT
Last-Modified
Fri, 11 Sep 2020 14:01:12 GMT
Server
nginx/1.16.1
ETag
"5f5b8328-20c6"
Content-Type
image/gif
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8390
Expires
Tue, 08 Jun 2021 08:24:34 GMT
script.js
redsmi.com/31/assets/js/
87 KB
31 KB
Script
General
Full URL
https://redsmi.com/31/assets/js/script.js
Requested by
Host: redsmi.com
URL: https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
26f0c5d1e1169a3c5e738bdd1b45e33cfd0e553339e70955d6bda96983dca380

Request headers

Referer
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 10 Dec 2020 08:24:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Sep 2020 14:01:12 GMT
Server
nginx/1.16.1
ETag
W/"5f5b8328-15c02"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=15552000
Connection
keep-alive
Expires
Tue, 08 Jun 2021 08:24:33 GMT
firebase-app.js
push-kin.com/assets/firebase/8.0.1/
19 KB
7 KB
Script
General
Full URL
https://push-kin.com/assets/firebase/8.0.1/firebase-app.js
Requested by
Host: push-kin.com
URL: https://push-kin.com/_2/handler/2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
402f3509af2cd6481798a45d7a5b2bc27a92cedd7b97638dc498dcd155670563

Request headers

Referer
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 10 Dec 2020 08:24:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Nov 2020 20:56:57 GMT
Server
nginx/1.16.1
ETag
W/"5fb6dc19-4dd7"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=15552000
Connection
keep-alive
Expires
Tue, 08 Jun 2021 08:24:34 GMT
firebase-messaging.js
push-kin.com/assets/firebase/8.0.1/
40 KB
11 KB
Script
General
Full URL
https://push-kin.com/assets/firebase/8.0.1/firebase-messaging.js
Requested by
Host: push-kin.com
URL: https://push-kin.com/_2/handler/2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
10aab1e81ab8da81c8e72d8109b42e215914762627ebcabac9aff368d642680b

Request headers

Referer
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 10 Dec 2020 08:24:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Nov 2020 09:37:36 GMT
Server
nginx/1.16.1
ETag
W/"5fb78e60-9f04"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=15552000
Connection
keep-alive
Expires
Tue, 08 Jun 2021 08:24:34 GMT
config.js
push-kin.com/assets/firebase/
389 B
618 B
Script
General
Full URL
https://push-kin.com/assets/firebase/config.js
Requested by
Host: push-kin.com
URL: https://push-kin.com/_2/handler/2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
0df8c1cf818703ab29aaf2aea81590b22a3ecce2e9e2bc508b4cfa3c66205a51

Request headers

Referer
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 10 Dec 2020 08:24:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Nov 2020 20:47:42 GMT
Server
nginx/1.16.1
ETag
W/"5fb6d9ee-185"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=15552000
Connection
keep-alive
Expires
Tue, 08 Jun 2021 08:24:34 GMT
index.php
redsmi.com/31/assets/load/
0
161 B
XHR
General
Full URL
https://redsmi.com/31/assets/load/index.php
Requested by
Host: redsmi.com
URL: https://redsmi.com/31/assets/js/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.118.249 , Russian Federation, ASN43146 (AGAVA3, RU),
Reverse DNS
d50876.reg.regrucolo.ru
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://redsmi.com/31/anons.php?id=7379&sid=83&pid=385882&aid=596498042&cid=rt_rukzyz_news2&did
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 10 Dec 2020 08:24:34 GMT
Server
nginx/1.16.1
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| domain function| loadScript function| ajax function| $ function| jQuery boolean| loading number| page number| offset number| shock string| geo string| city number| type string| device string| parity string| gets function| addShow function| inWindow function| toggleNav object| a string| nseelink object| firebase object| config

25 Cookies

Domain/Path Name / Value
redsmi.com/ Name: userId
Value: 13
redsmi.com/ Name: push
Value: 1
redsmi.com/ Name: shock
Value: 0
redsmi.com/ Name: anonsTeasersType
Value: 2
redsmi.com/ Name: userIP
Value: 89.249.64.171
redsmi.com/ Name: backRefresh
Value: 1
redsmi.com/ Name: cid
Value: rt_rukzyz_news2
redsmi.com/ Name: eventPlace
Value: v
redsmi.com/ Name: pid
Value: 385882
redsmi.com/ Name: userCountry
Value: DE
redsmi.com/ Name: sid
Value: 83
redsmi.com/ Name: userBrowser
Value: Chrome
redsmi.com/ Name: aid
Value: 596498042
redsmi.com/ Name: popup
Value: 0
redsmi.com/ Name: userCity
Value: %D0%91%D0%B5%D1%80%D0%BB%D0%B8%D0%BD
redsmi.com/ Name: userAgent
Value: Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36
redsmi.com/ Name: parentRefresh
Value: 0
redsmi.com/ Name: uid
Value: 66666e219ab74e221ddd75e132d3fef1
redsmi.com/31 Name: teaserParity
Value: 1
redsmi.com/ Name: userOs
Value: Mac%20OS%20X
redsmi.com/ Name: userBrowserVersion
Value: 83.0.4103
redsmi.com/ Name: refresh
Value: 1
redsmi.com/ Name: fullTeasersType
Value: 2
redsmi.com/ Name: nid
Value: 7379
redsmi.com/ Name: userDevice
Value: Desktop