pos.redsmail.xyz
Open in
urlscan Pro
5.223.50.32
Public Scan
URL:
https://pos.redsmail.xyz/
Submission: On January 20 via api from US — Scanned from US
Submission: On January 20 via api from US — Scanned from US
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 7 HTTP transactions.
The main IP is 5.223.50.32, located in
Germany and
belongs to HETZNER-CLOUD4-AS Hetzner Online GmbH, DE.
The main domain is pos.redsmail.xyz.
TLS certificate: Issued by R11 on January 20th 2025. Valid for: 3 months.
This is the only time pos.redsmail.xyz was scanned on urlscan.io!
TLS certificate: Issued by R11 on January 20th 2025. Valid for: 3 months.
This is the only time pos.redsmail.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 5 | 5.223.50.32 5.223.50.32 | 215859 (HETZNER-C...) (HETZNER-CLOUD4-AS Hetzner Online GmbH) | |
| 2 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
| 7 | 2 |
5
5.223.50.32
(Germany)
ASN215859 (HETZNER-CLOUD4-AS Hetzner Online GmbH, DE)
PTR: static.32.50.223.5.clients.your-server.de
ASN215859 (HETZNER-CLOUD4-AS Hetzner Online GmbH, DE)
PTR: static.32.50.223.5.clients.your-server.de
| pos.redsmail.xyz |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
redsmail.xyz
pos.redsmail.xyz |
815 KB |
| 2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 301 |
98 KB |
| 7 | 2 |
| Domain | Requested by | |
|---|---|---|
| 5 | pos.redsmail.xyz |
pos.redsmail.xyz
|
| 2 | cdn.jsdelivr.net |
pos.redsmail.xyz
cdn.jsdelivr.net |
| 7 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| fahimanzam.netlify.app |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| pos.redsmail.xyz R11 |
2025-01-20 - 2025-04-20 |
3 months | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3 |
2024-07-30 - 2025-08-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://pos.redsmail.xyz/
Frame ID: 482EF901EC570EAC0C4AC0FFC2883412
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Login | Triangle POSDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://fahimanzam.netlify.app/
Title: Fahim Anzam Dip
Title: Fahim Anzam Dip
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
pos.redsmail.xyz/ |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.css
pos.redsmail.xyz/css/ |
336 KB 336 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ |
64 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo-dark.png
pos.redsmail.xyz/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.js
pos.redsmail.xyz/js/ |
465 KB 465 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ |
88 KB 89 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.png
pos.redsmail.xyz/images/ |
951 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunk function| _ function| Popper function| jQuery function| $ number| uidEvent2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| pos.redsmail.xyz/ | Name: XSRF-TOKEN Value: eyJpdiI6IkdvUnhMMFdwY3pkb2MwNXJnRHEraGc9PSIsInZhbHVlIjoiN1JPazJLcGU3aWZ2emx6MjRlejRtc0tyYU5CWlpIZ1cvT21NTFNGblRldXhTM3MyMzFxcW1vazUzdFUyZFpadU5MNU82QWozZUZrdDcwRzI1QVIwU29vTXh4R0lIZnhwZFVQVHg0OE8yMWdka2lwcll6VXBiUHM5ZGMxUkEraDYiLCJtYWMiOiJkZjdmMWYwMmY3MzIxYjg3OTRmZDllN2FhYTk5M2E3MGFjYzUxY2E1YTg3MzJmZWRmZjJjYjc5OWQxNmNiYmRjIiwidGFnIjoiIn0%3D |
|
| pos.redsmail.xyz/ | Name: triangle_pos_session Value: eyJpdiI6Ii9PYXk0YjY2SHBYUC9kck5zcHN6Z0E9PSIsInZhbHVlIjoidzdtcFh3ZEQzWiszQUxhVy9INkVSRHBMeGY2ZWhaSEZRV05mc29yVGh0M2NsTHhuTW9oM3dseHYvVVJaZGJxdXFDd1JPeVNPMjZ2RktqbmE1VUR4aHhDOGh5NkJBZ2RBeVAzdE5ieCtaUkFXTnJuMzR4WW10T1loVmhJem9iaTgiLCJtYWMiOiJiODIxNDRmMzFkYzVmOTA3Nzg5OTRlNDQxNTc4ODc0NzE3NGIzNWMzNDJmYjBjY2JhZGY5MzM0ZDIzNTNmZmQ0IiwidGFnIjoiIn0%3D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
pos.redsmail.xyz
2a04:4e42::485
5.223.50.32
3bc9a74ebbc4cc39e64fa4109985bb420b7b1993ebf2cb4f66cc5b579314a80d
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
401b459d6eaa7c927f825cfecbde854e2ffe8b4884be53215f02583fa757fc4d
4d009fe90f41dae33a63c57de3d239187cd2e1c4f8fe57efb3c32109bde8ffb2
627a5c16dbbea7f154a7f806d8af02ec086a3f8b7772fb3a5985933723e7a348
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
85b252c0ce376effb36122e1beef62cffbea66b8b4d215f3c304b0ab6df5ef98