srv226495.hoster-test.ru Open in urlscan Pro
31.28.24.126 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dofushabbohottel.hosted.phplist.com/
Effective URL:
http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/
Submission: On January 20 via api (January 20th 2025, 2:04:13 pm UTC) from NO — Scanned from IT

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 31.28.24.126, located in Russian Federation and belongs to HOSTING-MSK Citytelecom LLC, RU. The main domain is srv226495.hoster-test.ru.

This is the only time srv226495.hoster-test.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BRT S.p.A (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.33.29.14 45.33.29.14	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	18.66.137.95 18.66.137.95	16509 (AMAZON-02) (AMAZON-02)
3 21	31.28.24.126 31.28.24.126	12616 (HOSTING-M...) (HOSTING-MSK Citytelecom LLC)
1	104.21.32.1 104.21.32.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	4

2 45.33.29.14 (Richardson, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: aspen.phplist.com

dofushabbohottel.hosted.phplist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.137.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-95.fra60.r.cloudfront.net

d3u7tsw7cvar0t.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 31.28.24.126 (Russian Federation) 3 redirects

ASN12616 (HOSTING-MSK Citytelecom LLC, RU)
PTR: c16w.hoster.ru

srv226495.hoster-test.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.32.1 (None, )

ASN13335 (CLOUDFLARENET, US)

db.onlinewebfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	hoster-test.ru 3 redirects srv226495.hoster-test.ru	894 KB
2	phplist.com 1 redirects dofushabbohottel.hosted.phplist.com	2 KB
1	onlinewebfonts.com db.onlinewebfonts.com — Cisco Umbrella Rank: 13004	927 B
1	cloudfront.net d3u7tsw7cvar0t.cloudfront.net	3 KB
21	4

	Domain	Requested by
21	srv226495.hoster-test.ru	3 redirects dofushabbohottel.hosted.phplist.com srv226495.hoster-test.ru
2	dofushabbohottel.hosted.phplist.com	1 redirects
1	db.onlinewebfonts.com	srv226495.hoster-test.ru
1	d3u7tsw7cvar0t.cloudfront.net	dofushabbohottel.hosted.phplist.com
21	4

This site contains no links.

Subject Issuer	Validity	Valid
*.hosted.phplist.com R10	`2024-11-19` - `2025-02-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/
Frame ID: C71A1BF6EF3A427ED229825471729F84
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pagamento

Page URL History Show full URLs

http://dofushabbohottel.hosted.phplist.com/ HTTP 307
https://dofushabbohottel.hosted.phplist.com/ HTTP 301
https://dofushabbohottel.hosted.phplist.com/lists/ Page URL
http://srv226495.hoster-test.ru/brt/ HTTP 307
https://srv226495.hoster-test.ru/brt/ HTTP 307
http://srv226495.hoster-test.ru/brt/ HTTP 302
http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/ HTTP 302
http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app HTTP 301
http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Page URL

Page Statistics

21
Requests

10 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

898 kB
Transfer

892 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dofushabbohottel.hosted.phplist.com/ HTTP 307
https://dofushabbohottel.hosted.phplist.com/ HTTP 301
https://dofushabbohottel.hosted.phplist.com/lists/ Page URL
http://srv226495.hoster-test.ru/brt/ HTTP 307
https://srv226495.hoster-test.ru/brt/ HTTP 307
http://srv226495.hoster-test.ru/brt/ HTTP 302
http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/ HTTP 302
http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app HTTP 301
http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://dofushabbohottel.hosted.phplist.com/ HTTP 307
https://dofushabbohottel.hosted.phplist.com/ HTTP 301
https://dofushabbohottel.hosted.phplist.com/lists/

Request Chain 3

http://db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans HTTP 307
https://db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ dofushabbohottel.hosted.phplist.com/lists/ Redirect Chain http://dofushabbohottel.hosted.phplist.com/ https://dofushabbohottel.hosted.phplist.com/ https://dofushabbohottel.hosted.phplist.com/lists/	2 KB 1 KB	452ms 452ms	Document text/html	45.33.29.14 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://dofushabbohottel.hosted.phplist.com/lists/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.33.29.14 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS aspen.phplist.com Software Apache/2.4.59 (Debian) / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers access-control-allow-origin * cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 950 content-type text/html; charset=UTF-8 date Mon, 20 Jan 2025 14:04:07 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache/2.4.59 (Debian) vary Accept-Encoding Redirect headers content-length 359 content-type text/html; charset=iso-8859-1 date Mon, 20 Jan 2025 14:04:07 GMT location https://dofushabbohottel.hosted.phplist.com/lists/ server Apache/2.4.59 (Debian)
GET H/1.1	200 OK	power-phplist.png d3u7tsw7cvar0t.cloudfront.net/images/3.6.12-hosted/	2 KB 3 KB	216ms 53ms	Image image/png	18.66.137.95 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3u7tsw7cvar0t.cloudfront.net/images/3.6.12-hosted/power-phplist.png Requested by Host: dofushabbohottel.hosted.phplist.com URL: https://dofushabbohottel.hosted.phplist.com/lists/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.137.95 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-137-95.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer https://dofushabbohottel.hosted.phplist.com/ Response headers x-amz-meta-s3cmd-attrs atime:1675980402/ctime:1675980386/gid:123/gname:docker/md5:5021a64cdd02552a3eb08de5a9254fd6/mode:33188/mtime:1675980256/uid:1001/uname:runner ETag "5021a64cdd02552a3eb08de5a9254fd6" Age 24732 Connection keep-alive Via 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront) Accept-Ranges bytes X-Cache Hit from cloudfront Content-Length 2135 X-Amz-Cf-Id U-YTVG9j7QbtV8mjEmKPdVAajowUzCtyjgYuTQEXezXtSdZbVQhViA== Date Mon, 20 Jan 2025 07:22:21 GMT Content-Type image/png Last-Modified Sat, 24 Feb 2024 15:36:05 GMT Server AmazonS3 X-Amz-Cf-Pop FRA60-P4 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	Primary Request / Show response srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Redirect Chain http://srv226495.hoster-test.ru/brt/ https://srv226495.hoster-test.ru/brt/ http://srv226495.hoster-test.ru/brt/ http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/ http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/	5 KB 5 KB	99ms 99ms	Document text/html	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Requested by Host: dofushabbohottel.hosted.phplist.com URL: https://dofushabbohottel.hosted.phplist.com/lists/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / PHP/8.0.24 Resource Hash `6ab17545aeb4069ffe54ee46ca10fb8458a9a6587c9f586a11e3695acf4116f5` Request headers Referer https://dofushabbohottel.hosted.phplist.com/lists/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Mon, 20 Jan 2025 14:04:08 GMT Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 Transfer-Encoding chunked X-Cache MISS from t0.hoster.ru X-Cache-Lookup MISS from t0.hoster.ru:6666 X-Powered-By PHP/8.0.24 Redirect headers Connection keep-alive Content-Length 281 Content-Type text/html; charset=iso-8859-1 Date Mon, 20 Jan 2025 14:04:08 GMT Location http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 X-Cache MISS from t0.hoster.ru X-Cache-Lookup MISS from t0.hoster.ru:6666
GET H/1.1	200 OK	header.css srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/styles/	797 B 1 KB	94ms 92ms	Stylesheet text/css	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/styles/header.css Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `f1e0b3f86a810a495db90cd9ed18f15ed6d9b63db09266481cd983c22237a45e` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"31d-62c23bbe45ca4" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 797 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type text/css Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H3	200	e5e8240915fa9efabe13f3bfeccef3db db.onlinewebfonts.com/c/ Redirect Chain http://db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans https://db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans	1 KB 927 B	259ms 198ms	Stylesheet text/css	104.21.32.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol H3 Server 104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `34b62d97af795b3c08c84994f3c9c0c95fcb52989ff6848df8d0928895961524` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control public,max-age=86400,must-revalidate content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4XCJ0xt5jJtrliKeyTrZdxnZlvcG5jz1oi7X7it5yA4AkAQw1mNv6ZL91Pzgr6zl3gFJH%2BPn5n%2Bfbt0NZ%2FtwuDjYg%2BUTHkCesVYnVz4RiDT7re47a6CJNAkKY%2Brw6s1kH3ttka6tcY%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET,POST,OPTIONS cf-ray 904f9ca96916dc5c-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 date Mon, 20 Jan 2025 14:04:08 GMT content-type text/css;charset=UTF-8 vary Accept-Encoding server cloudflare access-control-allow-headers X-Requested-With Redirect headers Cross-Origin-Resource-Policy Cross-Origin Location https://db.onlinewebfonts.com/c/e5e8240915fa9efabe13f3bfeccef3db?family=Pluto+Sans Non-Authoritative-Reason DNS
GET H/1.1	200 OK	mobile.css srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/styles/	2 KB 2 KB	178ms 91ms	Stylesheet text/css	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/styles/mobile.css Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `17715c79d886ca5fb8e6194cb720cebe189f37e20ebf1760bc7e6bc1a88fada0` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"6b9-62c23bbe45ca4" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 1721 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type text/css Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	pc.css srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/styles/	49 B 418 B	179ms 92ms	Stylesheet text/css	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/styles/pc.css Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `3510ed18d70cbcd0d1d7359a6268c6249ba375894cdb5be6c6c59e6a36b11903` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"31-62c23bbe458bc" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 49 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type text/css Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	main.css srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/styles/	4 KB 5 KB	180ms 93ms	Stylesheet text/css	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/styles/main.css Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `2af0907e734056a085e1ae40a20835be43860a08dbefcca901361fa92447cf48` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"10a2-62c23bbe45ca4" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 4258 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type text/css Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	brt-background3.jpg srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	191 KB 191 KB	186ms 92ms	Image image/jpeg	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/brt-background3.jpg Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `9b6e8117d1546091dcea2394ce697c509be3f11e6f6d7f54531bf73293fde953` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"2fae1-62c23bbe4685c" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 195297 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/jpeg Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	brt-background2.jpg srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	174 KB 174 KB	183ms 88ms	Image image/jpeg	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/brt-background2.jpg Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `9f71dde1e427a12a5f007cb81e87e816d4bd4492b6ef5f0049418d2019c8a4fb` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"2b879-62c23bbe4608c" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 178297 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/jpeg Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	brt.png srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	338 KB 339 KB	91ms 89ms	Image image/png	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/brt.png Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `6b8bcb8f77668bec2cdf00ed339c7d544ae3ffe477f81a9db2ea8a35c83a9d3e` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"548c6-62c23bbe46474" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 346310 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/png Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	details.svg srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	261 B 637 B	88ms 88ms	Image image/svg+xml	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/details.svg Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `905e5be42d7c438ce1d397f72d3a8e405476a8d5ba8e6d6f1fbfd4bc8418af72` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"105-62c23bbe4608c" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 261 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/svg+xml Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	pac.png srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	96 KB 96 KB	88ms 88ms	Image image/png	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/pac.png Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `0516986b26b3680d0c6bc2db5efdd48cbf55ddd4283cd8ea2108ebeec960dadc` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"17fa5-62c23bbe46474" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 98213 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/png Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	linkdin.png srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	8 KB 9 KB	89ms 88ms	Image image/png	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/linkdin.png Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `c8cef8389d9c9a8c2ff16afa6eb276268099aa921bdb36d2eefe2b33af50f50c` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"20d3-62c23bbe46474" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 8403 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/png Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	insta.png srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	11 KB 12 KB	286ms 94ms	Image image/png	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/insta.png Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `7e56e7b4b4c6004151eb38ab7edac2e59c8b1dba84167972aea5c36f5ef7b4f6` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"2cfd-62c23bbe4608c" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 11517 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/png Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	ytb.png srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	13 KB 13 KB	266ms 92ms	Image image/png	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/ytb.png Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `0342963ffb9a54079b741bfa9b72652710e7d6ccce3e8e8073261f5f0c200ec9` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"33f0-62c23bbe46c44" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 13296 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/png Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	twi.png srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	16 KB 17 KB	105ms 99ms	Image image/png	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/twi.png Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `4bcc1e5b6bfb781478082f1cbc21589c5b5e6935cfb2ca855eddd245cfe9cd28` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"40e8-62c23bbe4685c" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 16616 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/png Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	footer-logo.png srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	5 KB 5 KB	379ms 90ms	Image image/png	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Show image Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/footer-logo.png Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `07fb85ec6f21fa9861447a6dcd851e42ba67b4c51f771fb8a90c4a23a9b67a0f` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag "13f4-62c23bbe4608c" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 5108 Date Mon, 20 Jan 2025 14:04:09 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/png Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	juniaframework.js Show response srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/javascript/	21 KB 21 KB	170ms 94ms	Script application/javascript	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/javascript/juniaframework.js Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `0ce34c540c10651e8e5991321111d8d1098121f68ae03c78d0ce9c6fa7a1dcfc` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"5298-62c23bbe45ca4" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 21144 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type application/javascript Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	script.js Show response srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/javascript/	206 B 590 B	94ms 93ms	Script application/javascript	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/javascript/script.js Requested by Host: srv226495.hoster-test.ru URL: http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `23ff0afe4369621392a6c71066c11515d1aefb5b558d8d30c868b6a9ad5b3e32` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag W/"ce-62c23bbe45ca4" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 206 Date Mon, 20 Jan 2025 14:04:08 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type application/javascript Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141
GET H/1.1	200 OK	favicon.ico srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/	1 KB 2 KB	88ms 88ms	Other image/vnd.microsoft.icon	31.28.24.126 HOSTING-MSK Cityt...
General Check archive.org Show headers Download Go to Full URL http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/images/favicon.ico Protocol HTTP/1.1 Server 31.28.24.126 , Russian Federation, ASN12616 (HOSTING-MSK Citytelecom LLC, RU), Reverse DNS c16w.hoster.ru Software Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141 / Resource Hash `50fb9b0362d99bc8671991bcbb18493aeec3de00b6a771bda72a723d206ad119` Request headers User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Referer http://srv226495.hoster-test.ru/brt/b81f15fa2113cd05fce8212c22888fae/app/ Response headers ETag "47e-62c23bbe4685c" Connection keep-alive Accept-Ranges bytes X-Cache MISS from t0.hoster.ru Content-Length 1150 Date Mon, 20 Jan 2025 14:04:09 GMT X-Cache-Lookup MISS from t0.hoster.ru:6666 Last-Modified Mon, 20 Jan 2025 14:04:08 GMT Content-Type image/vnd.microsoft.icon Server Apache/2.4.6 (CentOS) mod_fastcgi/mod_fastcgi-SNAP-0910052141

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BRT S.p.A (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Cleave function| change

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dofushabbohottel.hosted.phplist.com/	1969-12-31 23:59:59	Name: SERVERID Value: pqserver4\|Z45X2\|Z45X2
.phplist.com/	1969-12-31 23:59:59	Name: WebblerSession Value: m45u3b7lk6n3ll128jb5te80ee
srv226495.hoster-test.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: af4qfdkjg6bojrikidmn6r2puo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3u7tsw7cvar0t.cloudfront.net
db.onlinewebfonts.com
dofushabbohottel.hosted.phplist.com
srv226495.hoster-test.ru
104.21.32.1
18.66.137.95
31.28.24.126
45.33.29.14
0342963ffb9a54079b741bfa9b72652710e7d6ccce3e8e8073261f5f0c200ec9
0516986b26b3680d0c6bc2db5efdd48cbf55ddd4283cd8ea2108ebeec960dadc
07fb85ec6f21fa9861447a6dcd851e42ba67b4c51f771fb8a90c4a23a9b67a0f
0ce34c540c10651e8e5991321111d8d1098121f68ae03c78d0ce9c6fa7a1dcfc
17715c79d886ca5fb8e6194cb720cebe189f37e20ebf1760bc7e6bc1a88fada0
23ff0afe4369621392a6c71066c11515d1aefb5b558d8d30c868b6a9ad5b3e32
2af0907e734056a085e1ae40a20835be43860a08dbefcca901361fa92447cf48
34b62d97af795b3c08c84994f3c9c0c95fcb52989ff6848df8d0928895961524
3510ed18d70cbcd0d1d7359a6268c6249ba375894cdb5be6c6c59e6a36b11903
4bcc1e5b6bfb781478082f1cbc21589c5b5e6935cfb2ca855eddd245cfe9cd28
50fb9b0362d99bc8671991bcbb18493aeec3de00b6a771bda72a723d206ad119
6ab17545aeb4069ffe54ee46ca10fb8458a9a6587c9f586a11e3695acf4116f5
6b8bcb8f77668bec2cdf00ed339c7d544ae3ffe477f81a9db2ea8a35c83a9d3e
7e56e7b4b4c6004151eb38ab7edac2e59c8b1dba84167972aea5c36f5ef7b4f6
905e5be42d7c438ce1d397f72d3a8e405476a8d5ba8e6d6f1fbfd4bc8418af72
9b6e8117d1546091dcea2394ce697c509be3f11e6f6d7f54531bf73293fde953
9f71dde1e427a12a5f007cb81e87e816d4bd4492b6ef5f0049418d2019c8a4fb
c8cef8389d9c9a8c2ff16afa6eb276268099aa921bdb36d2eefe2b33af50f50c
f1e0b3f86a810a495db90cd9ed18f15ed6d9b63db09266481cd983c22237a45e

srv226495.hoster-test.ru Open in urlscan Pro 31.28.24.126 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

21 Requests

10 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

898 kBTransfer

892 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

3 Cookies

Indicators

srv226495.hoster-test.ru Open in urlscan Pro
31.28.24.126 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

10 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

898 kB
Transfer

892 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!