Submitted URL: https://dnm.snbox.ru/index.php?domain=zuik.ru
Effective URL: http://domainname.ru/admin-contact.php
Submission: On July 30 via manual from US

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 193.26.18.4, located in Belarus and belongs to RECONN, RU. The main domain is domainname.ru.
This is the only time domainname.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 193.26.18.4 12722 (RECONN)
3 1
Apex Domain
Subdomains
Transfer
3 domainname.ru
domainname.ru
27 KB
1 snbox.ru
dnm.snbox.ru
371 B
3 2
Domain Requested by
3 domainname.ru domainname.ru
1 dnm.snbox.ru 1 redirects
3 2

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://domainname.ru/admin-contact.php
Frame ID: 3E48985E3ED898C6A33F26011C318F31
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://dnm.snbox.ru/index.php?domain=zuik.ru HTTP 302
    http://domainname.ru/admin-contact.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

27 kB
Transfer

26 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dnm.snbox.ru/index.php?domain=zuik.ru HTTP 302
    http://domainname.ru/admin-contact.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set admin-contact.php
domainname.ru/
Redirect Chain
  • https://dnm.snbox.ru/index.php?domain=zuik.ru
  • http://domainname.ru/admin-contact.php
4 KB
4 KB
Document
General
Full URL
http://domainname.ru/admin-contact.php
Protocol
HTTP/1.1
Server
193.26.18.4 , Belarus, ASN12722 (RECONN, RU),
Reverse DNS
Software
nginx/1.6.2 / PHP/5.4.16
Resource Hash
40f9e50dd526239d1acfaac3c3e23d3193cbccd6527c7089c77e4ebaa60f300e

Request headers

Host
domainname.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.6.2
Date
Thu, 30 Jul 2020 22:21:29 GMT
Content-Type
text/html; charset=windows-1251
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Set-Cookie
PHPSESSID=40t4pp664rf8k61b11ppuql700; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache

Redirect headers

status
302
date
Thu, 30 Jul 2020 22:21:29 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db4963207f0ac2d2c1dbd1e9a0990c5621596147689; expires=Sat, 29-Aug-20 22:21:29 GMT; path=/; domain=.snbox.ru; HttpOnly; SameSite=Lax
x-powered-by
PHP/7.0.8
location
http://domainname.ru/admin-contact.php
cf-cache-status
DYNAMIC
cf-request-id
044369fe7b0000645b2002f200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5bb27910cbdd645b-FRA
gen_validatorv31.js
domainname.ru/scripts/
19 KB
19 KB
Script
General
Full URL
http://domainname.ru/scripts/gen_validatorv31.js
Requested by
Host: domainname.ru
URL: http://domainname.ru/admin-contact.php
Protocol
HTTP/1.1
Server
193.26.18.4 , Belarus, ASN12722 (RECONN, RU),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
748176bbd6eefa4b2fe9f8c8c9112b4ffa9b1e4ebfea50946bda552098d4c18c

Request headers

Referer
http://domainname.ru/admin-contact.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 22:21:29 GMT
Last-Modified
Sun, 02 Feb 2014 16:29:42 GMT
Server
nginx/1.6.2
ETag
"52ee7276-4cc6"
Content-Type
application/javascript; charset=windows-1251
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19654
captcha_code_file.php
domainname.ru/captcha/
3 KB
3 KB
Image
General
Full URL
http://domainname.ru/captcha/captcha_code_file.php?rand=806856165
Requested by
Host: domainname.ru
URL: http://domainname.ru/admin-contact.php
Protocol
HTTP/1.1
Server
193.26.18.4 , Belarus, ASN12722 (RECONN, RU),
Reverse DNS
Software
nginx/1.6.2 / PHP/5.4.16
Resource Hash
7ec0b4e7903f405639266123f7a608356f857c9f24b1e15251bf0f71dc46b413

Request headers

Referer
http://domainname.ru/admin-contact.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 22:21:29 GMT
Server
nginx/1.6.2
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
image/jpeg
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Validator function| sfm_validator_enable_focus function| set_addnl_vfunction function| sfm_set_focus function| sfm_enable_show_msgs_together function| clear_all_validations function| form_submit_handler function| add_validation function| validator_enable_OPED function| validator_enable_OPED_SB function| sfm_ErrorDisplayHandler function| edh_clear_msgs function| edh_FinalShowMsg function| edh_EnableOnPageDisplay function| edh_ShowMsg function| AlertMsgDisplayer function| alert_clearmsg function| alert_showmsg function| sfm_show_error_msg function| SingleBoxErrorDisplay function| sb_div_clearmsg function| sb_div_showmsg function| form_error_div_name function| DivMsgDisplayer function| div_clearmsg function| element_div_name function| div_showmsg function| show_div_msg function| ValidationDesc function| vdesc_validate function| ValidationSet function| add_validationdesc function| vset_validate function| validateEmail function| IsCheckSelected function| TestDontSelectChk function| TestShouldSelectChk function| TestRequiredInput function| TestMaxLen function| TestMinLen function| TestInputType function| TestEmail function| TestLessThan function| TestGreaterThan function| TestRegExp function| TestDontSelect function| TestSelectOneRadio function| validateInput function| VWZ_IsListItemSelected function| VWZ_IsChecked object| frmvalidator function| refreshCaptcha

1 Cookies

Domain/Path Name / Value
domainname.ru/ Name: PHPSESSID
Value: 40t4pp664rf8k61b11ppuql700

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dnm.snbox.ru
domainname.ru
193.26.18.4
2606:4700:3030::ac43:c52a
40f9e50dd526239d1acfaac3c3e23d3193cbccd6527c7089c77e4ebaa60f300e
748176bbd6eefa4b2fe9f8c8c9112b4ffa9b1e4ebfea50946bda552098d4c18c
7ec0b4e7903f405639266123f7a608356f857c9f24b1e15251bf0f71dc46b413