urlscan.io logo urlscan.io
SecurityTrails logo

civilprint.ru Open in urlscan Pro
91.227.16.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ulvis.net/ZlBU
Effective URL: http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
Submission: On April 22 via manual from MX
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 7 domains to perform 5 HTTP transactions. The main IP is 91.227.16.118, located in Russian Federation and belongs to EXIMIUS-AS, RU. The main domain is civilprint.ru.
This is the only time civilprint.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 47.52.254.62 45102 (CNNIC-ALI...)
1 1 2a02:6b8::221 13238 (YANDEX)
1 1 2a02:6b8::232 13238 (YANDEX)
1 91.227.16.118 207027 (EXIMIUS-AS)
3 91.227.16.100 207027 (EXIMIUS-AS)
1 2 88.212.201.216 39134 (UNITEDNET)
5 3
2    2606:4700:3033::681c:1ffa (United States)

ASN13335 (CLOUDFLARENET, US)
ulvis.net
1    47.52.254.62 (Hong Kong)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
www.35gx.cn
1    2a02:6b8::221 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
clck.ru
1    2a02:6b8::232 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
sba.yandex.net
1    91.227.16.118 (Russian Federation)

ASN207027 (EXIMIUS-AS, RU)
PTR: s08.host-food.ru
civilprint.ru
3    91.227.16.100 (Russian Federation)

ASN207027 (EXIMIUS-AS, RU)
PTR: manager.host-food.ru
www.host-food.ru
2    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru
counter.yadro.ru
Apex Domain
Subdomains		 Transfer
3 host-food.ru
www.host-food.ru
41 KB
2 yadro.ru
counter.yadro.ru
1 KB
2 ulvis.net
ulvis.net
971 B
1 civilprint.ru
civilprint.ru
2 KB
1 yandex.net
sba.yandex.net
361 B
1 clck.ru
clck.ru
450 B
1 35gx.cn
www.35gx.cn
357 B
5 7
Domain Requested by
3 www.host-food.ru civilprint.ru
2 counter.yadro.ru 1 redirects civilprint.ru
2 ulvis.net 2 redirects
1 civilprint.ru
1 sba.yandex.net 1 redirects
1 clck.ru 1 redirects
1 www.35gx.cn 1 redirects
5 7

This site contains links to these domains. Also see Links.

Domain
www.host-food.ru
manager.host-food.ru
forum.host-food.ru
Subject Issuer Validity Valid
*.host-food.ru
COMODO RSA Domain Validation Secure Server CA		 2017-05-03 -
2020-06-28		 3 years crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
Frame ID: 0F6C5D172BD190E0F615220D0D345D38
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ulvis.net/ZlBU HTTP 301
    https://ulvis.net/ZlBU HTTP 301
    http://www.35gx.cn/link.php?url=https://clck.ru/N5pMo HTTP 301
    https://clck.ru/N5pMo HTTP 302
    https://sba.yandex.net/redirect?url=http%3A%2F%2Fcivilprint.ru%2Fwp-content%2Fthemes%2Fpolitical%2F... HTTP 302
    http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<!--LiveInternet counter-->/i
  • html /<!--\/LiveInternet-->/i

Page Statistics

5
Requests

80 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

3
IPs

3
Countries

43 kB
Transfer

115 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ulvis.net/ZlBU HTTP 301
    https://ulvis.net/ZlBU HTTP 301
    http://www.35gx.cn/link.php?url=https://clck.ru/N5pMo HTTP 301
    https://clck.ru/N5pMo HTTP 302
    https://sba.yandex.net/redirect?url=http%3A%2F%2Fcivilprint.ru%2Fwp-content%2Fthemes%2Fpolitical%2Femailfriend%2Fcomments.php%2Fvefzf%2Fymf%2F%3Fnote%3Dm1012tpecay5w&client=clck&sign=3f2c7a8138bf7a991a8bc3ceb4c2f547 HTTP 302
    http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://counter.yadro.ru/hit?t45.6;r;s1600*1200*24;uhttp%3A//civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/%3Fnote%3Dm1012tpecay5w%23rxwttmsgqpsgkqbnkze;h%u0410%u043A%u043A%u0430%u0443%u043D%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D%20%u0437%u0430%20%u043D%u0430%u0440%u0443%u0448%u0435%u043D%u0438%u0435%20%u043F%u0440%u0430%u0432%u0438%u043B%20%u0445%u043E%u0441%u0442%u0438%u043D%u0433%u0430;0.6203059089732796 HTTP 302
  • https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttp%3A//civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/%3Fnote%3Dm1012tpecay5w%23rxwttmsgqpsgkqbnkze;h%u0410%u043A%u043A%u0430%u0443%u043D%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D%20%u0437%u0430%20%u043D%u0430%u0440%u0443%u0448%u0435%u043D%u0438%u0435%20%u043F%u0440%u0430%u0432%u0438%u043B%20%u0445%u043E%u0441%u0442%u0438%u043D%u0433%u0430;0.6203059089732796

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/
Redirect Chain
  • http://ulvis.net/ZlBU
  • https://ulvis.net/ZlBU
  • http://www.35gx.cn/link.php?url=https://clck.ru/N5pMo
  • https://clck.ru/N5pMo
  • https://sba.yandex.net/redirect?url=http%3A%2F%2Fcivilprint.ru%2Fwp-content%2Fthemes%2Fpolitical%2Femailfriend%2Fcomments.php%2Fvefzf%2Fymf%2F%3Fnote%3Dm1012tpecay5w&client=clck&sign=3f2c7a8138bf7a...
  • http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
Protocol
HTTP/1.1
Server
91.227.16.118 , Russian Federation, ASN207027 (EXIMIUS-AS, RU),
Reverse DNS
s08.host-food.ru
Software
ddos-guard /
Resource Hash
7d560d75c6c3123068bd1034adc8ea56882dc9d0195a78a186e456cc42982b5f

Request headers

Host
civilprint.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
ddos-guard
Connection
keep-alive
Keep-Alive
timeout=60
Set-Cookie
__ddg1=HFOv3kccvb3u7LYv8Bx1; Domain=.civilprint.ru; HttpOnly; Path=/; Expires=Thu, 22-Apr-2021 22:57:33 GMT
Date
Wed, 22 Apr 2020 22:57:33 GMT
Content-Type
text/html
Vary
Accept-Encoding
ETag
W/"5e997e9d-90c"
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Content-Length
413
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Apr 2020 22:57:32 GMT
Location
http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
Strict-Transport-Security
max-age=3600; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
style.css
www.host-food.ru/ 		91 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.host-food.ru/style.css
Requested by
Host: civilprint.ru
URL: http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.227.16.100 , Russian Federation, ASN207027 (EXIMIUS-AS, RU),
Reverse DNS
manager.host-food.ru
Software
nginx/1.16.1 /
Resource Hash
753ebc26af2c16013e962a55cc38ebe7c2951dd5825da22c11cf69900545feed

Request headers

Referer
http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 22:57:33 GMT
content-encoding
gzip
last-modified
Fri, 27 Mar 2020 20:06:31 GMT
server
nginx/1.16.1
etag
W/"16a4f-5a1dba3373115"
vary
Accept-Encoding
content-type
text/css
status
200
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t45.6;r;s1600*1200*24;uhttp%3A//civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/%3Fnote%3Dm1012tpecay5w%23rxwttmsgqpsgkqbnkze;h%u0410%u043A...
  • https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttp%3A//civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/%3Fnote%3Dm1012tpecay5w%23rxwttmsgqpsgkqbnkze;h%u0410%u04...
104 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttp%3A//civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/%3Fnote%3Dm1012tpecay5w%23rxwttmsgqpsgkqbnkze;h%u0410%u043A%u043A%u0430%u0443%u043D%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D%20%u0437%u0430%20%u043D%u0430%u0440%u0443%u0448%u0435%u043D%u0438%u0435%20%u043F%u0440%u0430%u0432%u0438%u043B%20%u0445%u043E%u0441%u0442%u0438%u043D%u0433%u0430;0.6203059089732796
Requested by
Host: civilprint.ru
URL: http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
nginx/1.17.9 /
Resource Hash
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970

Request headers

Referer
http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Apr 2020 22:57:33 GMT
Server
nginx/1.17.9
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
104
Expires
Tue, 23 Apr 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Apr 2020 22:57:33 GMT
Server
nginx/1.17.9
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttp%3A//civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/%3Fnote%3Dm1012tpecay5w%23rxwttmsgqpsgkqbnkze;h%u0410%u043A%u043A%u0430%u0443%u043D%u0442%20%u0437%u0430%u0431%u043B%u043E%u043A%u0438%u0440%u043E%u0432%u0430%u043D%20%u0437%u0430%20%u043D%u0430%u0440%u0443%u0448%u0435%u043D%u0438%u0435%20%u043F%u0440%u0430%u0432%u0438%u043B%20%u0445%u043E%u0441%u0442%u0438%u043D%u0433%u0430;0.6203059089732796
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 23 Apr 2019 21:00:00 GMT
logo.png
www.host-food.ru/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.host-food.ru/images/logo.png
Requested by
Host: civilprint.ru
URL: http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.227.16.100 , Russian Federation, ASN207027 (EXIMIUS-AS, RU),
Reverse DNS
manager.host-food.ru
Software
nginx/1.16.1 /
Resource Hash
3c1188fdf940cdee3720939b0f6aeeb0aca6f560166e6912e992ed76f2b70730

Request headers

Referer
https://www.host-food.ru/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 22:57:33 GMT
last-modified
Thu, 19 Jan 2012 21:20:54 GMT
server
nginx/1.16.1
etag
"2c4d-4b6e823ac3980"
content-type
image/png
status
200
accept-ranges
bytes
content-length
11341
stop.png
www.host-food.ru/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.host-food.ru/images/stop.png
Requested by
Host: civilprint.ru
URL: http://civilprint.ru/wp-content/themes/political/emailfriend/comments.php/vefzf/ymf/?note=m1012tpecay5w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.227.16.100 , Russian Federation, ASN207027 (EXIMIUS-AS, RU),
Reverse DNS
manager.host-food.ru
Software
nginx/1.16.1 /
Resource Hash
3e74e76322c19e33dc82c50d938d0de3c02a69eabb30fd9fa906a6c7f61ca398

Request headers

Referer
https://www.host-food.ru/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 22:57:33 GMT
last-modified
Thu, 27 Jan 2011 15:47:38 GMT
server
nginx/1.16.1
etag
"2ac5-49ad5de789a80"
content-type
image/png
status
200
accept-ranges
bytes
content-length
10949

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Domain/Path Name / Value
.civilprint.ru/ Name: __ddg1
Value: HFOv3kccvb3u7LYv8Bx1