mitprintru.mitprin7.cp.regruhosting.ru Open in urlscan Pro
31.31.198.186 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mitprintru.mitprin7.cp.regruhosting.ru/
Submission Tags: phishing spamreports malicious Search All
Submission: On September 11 via api (September 11th 2020, 3:16:11 pm UTC) from BG

Summary HTTP 18 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 13 domains to perform 18 HTTP transactions. The main IP is 31.31.198.186, located in Russian Federation and belongs to AS-REG, RU. The main domain is mitprintru.mitprin7.cp.regruhosting.ru.

This is the only time mitprintru.mitprin7.cp.regruhosting.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	31.31.198.186 31.31.198.186	197695 (AS-REG) (AS-REG)
1	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	81.19.89.1 81.19.89.1	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	138.201.159.191 138.201.159.191	24940 (HETZNER-AS) (HETZNER-AS)
2 3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 1	178.208.83.20 178.208.83.20	48282 (VDSINA-AS) (VDSINA-AS)
1	5.45.83.17 5.45.83.17	12722 (RECONN) (RECONN)
2 3	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1 1	138.201.187.111 138.201.187.111	24940 (HETZNER-AS) (HETZNER-AS)
1	138.201.187.103 138.201.187.103	24940 (HETZNER-AS) (HETZNER-AS)
6 7	89.208.236.251 89.208.236.251	12695 (DINET-AS) (DINET-AS)
2 2	185.15.175.146 185.15.175.146	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
18	9

10 31.31.198.186 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: scp92.hosting.reg.ru

mitprintru.mitprin7.cp.regruhosting.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.1 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: top100.rambler.ru

top100-images.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.159.191 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-lba-1.openstat.net

tools.spylog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation) 2 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

d9.c7.b3.a1.top.list.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.208.83.20 (Russian Federation) 1 redirects

ASN48282 (VDSINA-AS, RU)
PTR: s16.h.mchost.ru

mitprint.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.45.83.17 (Moscow, Russian Federation)

ASN12722 (RECONN, RU)

mit-print.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.210 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.187.111 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-lba-4.openstat.net

spylog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.187.103 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-lba-3.openstat.net

openstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 89.208.236.251 (Reutov, Russian Federation) 6 redirects

ASN12695 (DINET-AS, RU)

hit24.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.146 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	regruhosting.ru mitprintru.mitprin7.cp.regruhosting.ru	58 KB
7	hotlog.ru 6 redirects hit24.hotlog.ru	3 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
2	1dmp.io 2 redirects sync.1dmp.io	928 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru	1 KB
2	mail.ru 1 redirects top-fwz1.mail.ru	2 KB
2	rambler.ru counter.rambler.ru top100-images.rambler.ru	1 KB
1	openstat.net openstat.net	1 KB
1	spylog.com 1 redirects spylog.com	185 B
1	mit-print.ru mit-print.ru
1	mitprint.ru 1 redirects mitprint.ru	379 B
1	list.ru 1 redirects d9.c7.b3.a1.top.list.ru	764 B
1	spylog.ru tools.spylog.ru	1 KB
18	13

	Domain	Requested by
10	mitprintru.mitprin7.cp.regruhosting.ru	mitprintru.mitprin7.cp.regruhosting.ru
7	hit24.hotlog.ru	6 redirects mitprintru.mitprin7.cp.regruhosting.ru
3	counter.yadro.ru	2 redirects mitprintru.mitprin7.cp.regruhosting.ru
2	sync.1dmp.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	top-fwz1.mail.ru	1 redirects mitprintru.mitprin7.cp.regruhosting.ru
1	openstat.net	mitprintru.mitprin7.cp.regruhosting.ru
1	spylog.com	1 redirects
1	mit-print.ru	mitprintru.mitprin7.cp.regruhosting.ru
1	mitprint.ru	1 redirects
1	d9.c7.b3.a1.top.list.ru	1 redirects
1	tools.spylog.ru	mitprintru.mitprin7.cp.regruhosting.ru
1	top100-images.rambler.ru	mitprintru.mitprin7.cp.regruhosting.ru
1	counter.rambler.ru	mitprintru.mitprin7.cp.regruhosting.ru
18	14

This site contains links to these domains. Also see Links.

Domain
top100.rambler.ru
www.liveinternet.ru
spylog.com
click.hotlog.ru
top.mail.ru

Subject Issuer	Validity	Valid
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2	`2019-01-18` - `2021-01-18`	2 years	crt.sh
mit-print.ru Let's Encrypt Authority X3	`2020-07-21` - `2020-10-19`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.openstat.net Sectigo RSA Domain Validation Secure Server CA	`2019-03-01` - `2021-02-28`	2 years	crt.sh
*.hotlog.ru RapidSSL RSA CA 2018	`2019-08-26` - `2020-10-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://mitprintru.mitprin7.cp.regruhosting.ru/
Frame ID: 5E4A7DAB63155B6EBDF9639F8F04481B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

18
Requests

28 %
HTTPS

0 %
IPv6

13
Domains

14
Subdomains

9
IPs

2
Countries

64 kB
Transfer

71 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://top100.rambler.ru/top100/

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://spylog.com/cnt?cid=958245&p=0&f=3

Search URL Search Domain Scan URL

URL: http://click.hotlog.ru/?455311

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=1276359

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://d9.c7.b3.a1.top.list.ru/counter?id=1276359;t=94 HTTP 302
https://top-fwz1.mail.ru/counter?id=1276359;t=94;ver=30 HTTP 302
https://top-fwz1.mail.ru/counter2?id=1276359;t=94;ver=30

Request Chain 8

http://mitprint.ru/webcounter/stat.php?ref=&col=24&scr=1600x1200&pg=http%3A//mitprintru.mitprin7.cp.regruhosting.ru/&pgn=%20%20%22%22&rnd=0.5258117472686679 HTTP 301
https://mit-print.ru/webcounter/stat.php?ref=&col=24&scr=1600x1200&pg=http%253A//mitprintru.mitprin7.cp.regruhosting.ru/&pgn=%2520%2520%2522%2522&rnd=0.5258117472686679

Request Chain 9

http://counter.yadro.ru/hit?t54.6;r;s1600*1200*24;uhttp%3A//mitprintru.mitprin7.cp.regruhosting.ru/;0.40475572075562116 HTTP 302
https://counter.yadro.ru/hit?t54.6;r;s1600*1200*24;uhttp%3A//mitprintru.mitprin7.cp.regruhosting.ru/;0.40475572075562116 HTTP 302
https://counter.yadro.ru/hit?q;t54.6;r;s1600*1200*24;uhttp%3A//mitprintru.mitprin7.cp.regruhosting.ru/;0.40475572075562116

Request Chain 15

https://spylog.com/cnt?cid=958245&p=0 HTTP 301
https://openstat.net/digits?cid=958245&p=0

Request Chain 16

http://hit24.hotlog.ru/cgi-bin/hotlog/count?0.8674295242129197&s=455311&im=102&r=&pg=http%3A//mitprintru.mitprin7.cp.regruhosting.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3& HTTP 302
http://hit24.hotlog.ru/cgi-bin/hotlog/count?0.8674295242129197&s=455311&im=102&r=&pg=http%3A//mitprintru.mitprin7.cp.regruhosting.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y HTTP 302
http://hit24.hotlog.ru/cgi-bin/hotlog/count?0.8674295242129197&s=455311&im=102&r=&pg=http%3A//mitprintru.mitprin7.cp.regruhosting.ru/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y&hl_ignore=Y HTTP 302
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=c0cdd0d8b8eb354e49d2b1a6e91caf&i=197206616&r=https://hit24.hotlog.ru/cgi-bin/hotlog/count?s%3D455311%26im%3D102%26hl_hitback%3DY HTTP 307
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=c0cdd0d8b8eb354e49d2b1a6e91caf&i=197206616&r=https://hit24.hotlog.ru/cgi-bin/hotlog/count?s%3D455311%26im%3D102%26hl_hitback%3DY HTTP 307
https://hit24.hotlog.ru/cgi-bin/hotlog/count?s=455311&im=102&hl_hitback=Y HTTP 302
https://hit24.hotlog.ru/cgi-bin/hotlog/count?s=455311&im=102&hl_hitback=Y&hl_ignore=Y HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=c0cdd0d8b8eb354e49d2b1a6e91caf&ru=https://hit24.hotlog.ru/cgi-bin/hotlog/count?s%3D455311%26im%3D102%26hl_hitback%3D2 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=c0cdd0d8b8eb354e49d2b1a6e91caf&ru=https://hit24.hotlog.ru/cgi-bin/hotlog/count?s%3D455311%26im%3D102%26hl_hitback%3D2&cs=1 HTTP 302
https://hit24.hotlog.ru/cgi-bin/hotlog/count?s=455311&im=102&hl_hitback=2 HTTP 302
https://hit24.hotlog.ru/cgi-bin/hotlog/count?s=455311&im=102&hl_hitback=2&hl_ignore=Y

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mitprintru.mitprin7.cp.regruhosting.ru/ 9 KB
3 KB 295ms
177ms Document
text/html 31.31.198.186
AS-REG

General

mitprintru.mitprin7.cp.regruhosting.ru Open in urlscan Pro 31.31.198.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

28 %HTTPS

0 %IPv6

13 Domains

14 Subdomains

9 IPs

2 Countries

64 kBTransfer

71 kBSize

1 Cookies

5 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

1 Cookies

Indicators

mitprintru.mitprin7.cp.regruhosting.ru Open in urlscan Pro
31.31.198.186 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

28 %
HTTPS

0 %
IPv6

13
Domains

14
Subdomains

9
IPs

2
Countries

64 kB
Transfer

71 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions