users.engrp.ru - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 45.132.17.56, located in Moscow, Russian Federation and belongs to RETNNET-AS, RU. The main domain is users.engrp.ru.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.

This is the only time users.engrp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 7	45.132.17.56 45.132.17.56		29470 (RETNNET-AS) (RETNNET-AS)
6	1

7 45.132.17.56 (Moscow, Russian Federation) 1 redirects

ASN29470 (RETNNET-AS, RU)

users.engrp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	engrp.ru 1 redirects users.engrp.ru	101 KB
6	1

	Domain	Requested by
7	users.engrp.ru	1 redirects users.engrp.ru
6	1

This site contains no links.

Subject Issuer	Validity	Valid
users.engrp.ru R3	`2023-03-27` - `2023-06-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://users.engrp.ru/admin/auth/login/
Frame ID: D0689DEA08DF1E787E8A56F722C2D0AF
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://users.engrp.ru/ HTTP 302
https://users.engrp.ru/admin/auth/login/ Page URL

Detected technologies

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

101 kB
Transfer

134 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://users.engrp.ru/ HTTP 302
https://users.engrp.ru/admin/auth/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response users.engrp.ru/admin/auth/login/ Redirect Chain https://users.engrp.ru/ https://users.engrp.ru/admin/auth/login/	2 KB 777 B	76ms 76ms	Document text/html	45.132.17.56 RETNNET-AS
General Check archive.org Show headers Download Go to Full URL https://users.engrp.ru/admin/auth/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.132.17.56 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash `5c0332dc2a644d4aefaf6dfaca1483b4e04f15a8034731f0a79ad635270e9da1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 27 Mar 2023 23:03:05 GMT server nginx/1.18.0 vary Accept-Encoding Redirect headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 27 Mar 2023 23:03:05 GMT location https://users.engrp.ru/admin/auth/login/ server nginx/1.18.0 vary Accept-Encoding
GET H2	200	screen.css users.engrp.ru/style/blueprint/	15 KB 4 KB	75ms 74ms	Stylesheet text/css	45.132.17.56 RETNNET-AS
General Check archive.org Show headers Download Go to Full URL https://users.engrp.ru/style/blueprint/screen.css?id=1 Requested by Host: users.engrp.ru URL: https://users.engrp.ru/admin/auth/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.132.17.56 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash `f79f783257612986ac4e40b9b791af03160c91f8e563f546f6350b18a6bea221` Request headers accept-language de-DE,de;q=0.9 Referer https://users.engrp.ru/admin/auth/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:03:06 GMT content-encoding gzip last-modified Mon, 27 Mar 2023 22:29:45 GMT server nginx/1.18.0 etag W/"642218d9-3bbe" content-type text/css cache-control max-age=86400 expires Tue, 28 Mar 2023 23:03:06 GMT
GET H2	200	auth.css users.engrp.ru/style/backend/themes/default/	2 KB 1 KB	115ms 115ms	Stylesheet text/css	45.132.17.56 RETNNET-AS
General Check archive.org Show headers Download Go to Full URL https://users.engrp.ru/style/backend/themes/default/auth.css Requested by Host: users.engrp.ru URL: https://users.engrp.ru/admin/auth/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.132.17.56 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash `9a4f34cdfaf8d33506f08ce86ba8e17e65b0a022bb18e117b18b7a34109bfac6` Request headers accept-language de-DE,de;q=0.9 Referer https://users.engrp.ru/admin/auth/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:03:06 GMT content-encoding gzip last-modified Mon, 27 Mar 2023 22:29:45 GMT server nginx/1.18.0 etag W/"642218d9-9f9" content-type text/css cache-control max-age=86400 expires Tue, 28 Mar 2023 23:03:06 GMT
GET H2	200	font-awesome.css users.engrp.ru/style/backend/themes/default/font/font-awesome-4.2.0/css/	26 KB 5 KB	157ms 156ms	Stylesheet text/css	45.132.17.56 RETNNET-AS
General Check archive.org Show headers Download Go to Full URL https://users.engrp.ru/style/backend/themes/default/font/font-awesome-4.2.0/css/font-awesome.css Requested by Host: users.engrp.ru URL: https://users.engrp.ru/admin/auth/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.132.17.56 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash `295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2` Request headers accept-language de-DE,de;q=0.9 Referer https://users.engrp.ru/admin/auth/login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:03:06 GMT content-encoding gzip last-modified Mon, 27 Mar 2023 22:29:45 GMT server nginx/1.18.0 etag W/"642218d9-681b" content-type text/css cache-control max-age=86400 expires Tue, 28 Mar 2023 23:03:06 GMT
GET H2	200	fontawesome-webfont.woff users.engrp.ru/style/backend/themes/default/font/font-awesome-4.2.0/fonts/	64 KB 64 KB	75ms 74ms	Font application/font-woff	45.132.17.56 RETNNET-AS
General Check archive.org Show headers Download Go to Full URL https://users.engrp.ru/style/backend/themes/default/font/font-awesome-4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0 Requested by Host: users.engrp.ru URL: https://users.engrp.ru/style/backend/themes/default/font/font-awesome-4.2.0/css/font-awesome.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.132.17.56 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash `199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1` Request headers Referer https://users.engrp.ru/style/backend/themes/default/font/font-awesome-4.2.0/css/font-awesome.css Origin https://users.engrp.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:03:06 GMT last-modified Mon, 27 Mar 2023 22:29:45 GMT server nginx/1.18.0 etag "642218d9-ffac" content-type application/font-woff cache-control max-age=86400 accept-ranges bytes content-length 65452 expires Tue, 28 Mar 2023 23:03:06 GMT
GET H2	200	enter_type-webfont.woff users.engrp.ru/style/backend/themes/default/fonts/	25 KB 26 KB	221ms 220ms	Font application/font-woff	45.132.17.56 RETNNET-AS
General Check archive.org Show headers Download Go to Full URL https://users.engrp.ru/style/backend/themes/default/fonts/enter_type-webfont.woff Requested by Host: users.engrp.ru URL: https://users.engrp.ru/style/backend/themes/default/auth.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.132.17.56 Moscow, Russian Federation, ASN29470 (RETNNET-AS, RU), Reverse DNS Software nginx/1.18.0 / Resource Hash `01c1447dd98b685efae17bbdcb98b8a7d514a9ecba4d38004b06800de4d47a47` Request headers Referer https://users.engrp.ru/style/backend/themes/default/auth.css Origin https://users.engrp.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 23:03:06 GMT last-modified Mon, 27 Mar 2023 22:29:45 GMT server nginx/1.18.0 etag "642218d9-658c" content-type application/font-woff cache-control max-age=86400 accept-ranges bytes content-length 25996 expires Tue, 28 Mar 2023 23:03:06 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			users.engrp.ru/	1970-01-20 10:39:25	Name: ci_session Value: a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22b452da6e7b9175094d5ff3929cbbfdab%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A12%3A%2280.255.7.103%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWeb%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1679958185%3B%7D32ede9a5981290480823cf49d805ef9d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

users.engrp.ru
45.132.17.56
01c1447dd98b685efae17bbdcb98b8a7d514a9ecba4d38004b06800de4d47a47
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
295074933a25ae5d6646f86705412ae194ca64508e04984857c61ef495c66ec2
5c0332dc2a644d4aefaf6dfaca1483b4e04f15a8034731f0a79ad635270e9da1
9a4f34cdfaf8d33506f08ce86ba8e17e65b0a022bb18e117b18b7a34109bfac6
f79f783257612986ac4e40b9b791af03160c91f8e563f546f6350b18a6bea221

users.engrp.ru Open in urlscan Pro 45.132.17.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

101 kBTransfer

134 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Indicators

users.engrp.ru Open in urlscan Pro
45.132.17.56 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

101 kB
Transfer

134 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions