Report - http://u1995540.cp.regruhosting.ru/indexm

Report Overview

Submitted URL
http://u1995540.cp.regruhosting.ru/indexm
IP
31.31.198.151
ASN
#0
Submitted
2023-04-05 01:10:27
Access
public
Website Title
Final URL
Tags
bank_of_america financial phishing
urlquery detections
Phishing - Bank of America

Detections

urlquery
1
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
u1995540.cp.regruhosting.ru	unknown		No data	No data	7.5 kB	214 kB	31.31.198.151

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-04-04	medium	u1995540.cp.regruhosting.ru/indexm
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/
2023-04-01	medium	u1995540.cp.regruhosting.ru/

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-05	medium	u1995540.cp.regruhosting.ru/indexm

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	u1995540.cp.regruhosting.ru/index	0 B	2023-03-07	2024-04-16
Pretty URL u1995540.cp.regruhosting.ru/index IP 31.31.198.151 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-16 21:20:57 Times Seen36905313 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	u1995540.cp.regruhosting.ru/js/funciones.js	7.2 kB	2023-04-05	2023-04-05
Pretty URL u1995540.cp.regruhosting.ru/js/funciones.js IP 31.31.198.151 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 03:10:28 Last Seen2023-04-05 06:26:59 Times Seen3 Hash 31fbe8b09d92805c354353c9c813b3b3 76365fe42681d4f76d51768d4702209fbacec0e4 68cd8ab787301aee7b97acfa3fd2bdc77bf4994168927f0ed0eb27e61d1744d2 Loading...

HTTP Transactions (20)

URL IP Response Size

u1995540.cp.regruhosting.ru/indexm

31.31.198.151

667 B

URL
u1995540.cp.regruhosting.ru/indexm
IP
31.31.198.151:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
667 B (667 bytes)
Hash
d313a9deca439c2858af8753c1396f80
b0f1c8cccfe6f0dd0774c05bea7964c2dc965130
f4f88c8be9a711a7c1eb4dd7321ae59a4b49403e8b09235fd9fde33d293b8146

Detections

Analyzer	Verdict	Alert
openphish	Bank of America
fortinet	Phishing

HTTP Headers

GET /indexm HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.17
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/css/normalize.min.css

31.31.198.151

200 OK

771 B

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/css/normalize.min.css
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
ASCII text, with very long lines (1815), with no line terminators
Size
771 B (771 bytes)
Hash
164511744a29d8ed2ebc9567845697ec
20d1ef5bfd43b7cfd5b46d302719a105ad66eec9
5a48b18ba6f125090e14c5186b32948b92ff91238bd2169450a16c026e6b48f5

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /css/normalize.min.css HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/indexm
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:17:48 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/css/estilom.css

31.31.198.151

1.0 kB

URL
u1995540.cp.regruhosting.ru/css/estilom.css
IP
31.31.198.151:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
ASCII text
Size
1.0 kB (1010 bytes)
Hash
80ba2f91d5963b0d5ddd2fc8f348ab35
2c5eee4c255560a6b3d9c4007d61edfe43d82ff7
bde2a6c018c6efe8e7c9082839aaa2c029dc478aedc9aa78c8fae1e63f99c169

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /css/estilom.css HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/indexm
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:17:45 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/js/funciones.js

31.31.198.151

200 OK

1.6 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/js/funciones.js
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
Unicode text, UTF-8 text
Size
1.6 kB (1595 bytes)
Hash
23eaadad2844bb366d920f0aec8d7501
381bee22702eeb225ea5a493bae05f7f723b655e
37cb3b541818cdd15429c31bb0dac2018e1093262e540740bb0aaf9d42bcf00e

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /js/funciones.js HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/indexm
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:25 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/index

31.31.198.151

200 OK

1.6 kB

URL User Request GET HTTP/1.1
u1995540.cp.regruhosting.ru/index
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.6 kB (1629 bytes)
Hash
23a7a1812bb26d45075d2d31deae93d4
ca79c5a9a0b4b01cd17d94536680d7e1bec259a6
f14e6ea1fb81da31cebec933bf68de8491cc3cc4e49124692766f050b350da55

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /index HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/indexm
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.0.17
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/css/normalize.min.css

31.31.198.151

200 OK

771 B

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/css/normalize.min.css
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
ASCII text, with very long lines (1815), with no line terminators
Size
771 B (771 bytes)
Hash
164511744a29d8ed2ebc9567845697ec
20d1ef5bfd43b7cfd5b46d302719a105ad66eec9
5a48b18ba6f125090e14c5186b32948b92ff91238bd2169450a16c026e6b48f5

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /css/normalize.min.css HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:17:48 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/css/estilos.css

31.31.198.151

200 OK

1.5 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/css/estilos.css
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
ASCII text
Size
1.5 kB (1478 bytes)
Hash
91d94e71972e6246e3440659eb9ba699
e8fe9e0b2806834f96738fa4d3d9fca8c609f46e
e0c94f6a673954720c1b92a4e034071b5f5fa237fcc674e3b86b2055702a795b

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /css/estilos.css HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:17:46 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/js/funciones.js

31.31.198.151

200 OK

1.6 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/js/funciones.js
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
Unicode text, UTF-8 text
Size
1.6 kB (1595 bytes)
Hash
23eaadad2844bb366d920f0aec8d7501
381bee22702eeb225ea5a493bae05f7f723b655e
37cb3b541818cdd15429c31bb0dac2018e1093262e540740bb0aaf9d42bcf00e

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /js/funciones.js HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:25 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/css/points.css

31.31.198.151

200 OK

2.8 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/css/points.css
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
Unicode text, UTF-8 text, with very long lines (331)
Size
2.8 kB (2817 bytes)
Hash
d7ed44d1030eccc886488118337146bc
57e0744d0bb4296bb46cf54b402bd1ad632be2cb
97586bb5227a2d17de6f48461c0e68522f22c89e0f8d8673df872ab218c516d2

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /css/points.css HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:17:48 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/img/ubica.png

31.31.198.151

200 OK

310 B

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/img/ubica.png
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
PNG image data, 26 x 35, 4-bit colormap, non-interlaced\012- data
Size
310 B (310 bytes)
Hash
a092edff4f0f53b3d1b4247467cca50b
ca9b37af488ecd614a6e72b4cc7b637eeba89b10
a12d022b882b45567bb829805d2522458b49780fd8a62ab1030173e5d61528f7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
openphish	Bank of America

HTTP Headers

GET /img/ubica.png HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: image/png
Content-Length: 310
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:21 GMT
Accept-Ranges: bytes

u1995540.cp.regruhosting.ru/img/logo.svg

31.31.198.151

200 OK

839 B

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/img/logo.svg
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text
Size
839 B (839 bytes)
Hash
f49c02e2c6056fa0323d2f606b292453
d9f6ba604ce7fe3d3ad0f6b96786ae1282337b34
3c1879df7daa0c70f81106796c213c36bfc7d3496ca7701a82b44fa28fba9fc3

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /img/logo.svg HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:17 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/img/bull.svg

31.31.198.151

200 OK

1.5 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/img/bull.svg
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3228), with no line terminators
Size
1.5 kB (1549 bytes)
Hash
4865013c9120384aad28ac8b5c33922e
e3fd30cbfcf4c0586dbfeee411db70f05967a593
8ed4184a39a840830c39a189e7bad7a33474d9dd6a55e0084e5864996ee6f9d8

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /img/bull.svg HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:10 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/img/logo_grande.svg

31.31.198.151

200 OK

1.3 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/img/logo_grande.svg
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (1529)
Size
1.3 kB (1311 bytes)
Hash
8fd719b61d0fdae84ca6b5a7a475ed31
7293042bae3a66935a2eea53b9e42f856c8d8151
89941c336eb48e2ec7a8248ee17ef8f402f0bc783bcb1e217db92d2fe03ee213

Detections

Analyzer	Verdict	Alert
openphish	Bank of America

HTTP Headers

GET /img/logo_grande.svg HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:17 GMT
Content-Encoding: gzip

u1995540.cp.regruhosting.ru/img/calendar.png

31.31.198.151

200 OK

249 B

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/img/calendar.png
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
PNG image data, 28 x 28, 4-bit colormap, non-interlaced\012- data
Size
249 B (249 bytes)
Hash
834f69e32a6b917b5a55c3632b0d32c9
73ad37d1376d1b58b764e5fd40072a4ce0af5d63
6984d4d39981c95293555b9d54d48a758bfbe9574274310667e772171dcdb5d2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
openphish	Bank of America

HTTP Headers

GET /img/calendar.png HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: image/png
Content-Length: 249
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:12 GMT
Accept-Ranges: bytes

u1995540.cp.regruhosting.ru/img/form1.png

31.31.198.151

200 OK

2.5 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/img/form1.png
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
PNG image data, 234 x 36, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2472 bytes)
Hash
fee533ff9dcecce7a744ed0bffa6a028
4a8523ae701ff82450b6843c4410ebdca9d27f82
830b1a25b78a0ef64de127587a270cd9bf0670a8f6bba054092906a7df5456fc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
openphish	Bank of America

HTTP Headers

GET /img/form1.png HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: image/png
Content-Length: 2472
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:14 GMT
Accept-Ranges: bytes

u1995540.cp.regruhosting.ru/fonts/cnx-light.woff2

31.31.198.151

200 OK

12 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/fonts/cnx-light.woff2
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
Web Open Font Format (Version 2), TrueType, length 11628, version 1.197\012- data
Size
12 kB (11628 bytes)
Hash
01ed6e7ce19d38ecdeb6aefaa5b09de9
74e17e5c8d95b15f82b51066cd65790c6e991967
e7a245881b6946f6a5ce4bb8f6d47c7369274451a6b8cebf0d148834a1c87d5c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
openphish	Bank of America

HTTP Headers

GET /fonts/cnx-light.woff2 HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/css/estilos.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: font/woff2
Content-Length: 11628
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:17:56 GMT
Accept-Ranges: bytes

u1995540.cp.regruhosting.ru/fonts/cnx-regular.woff2

31.31.198.151

200 OK

12 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/fonts/cnx-regular.woff2
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
Web Open Font Format (Version 2), TrueType, length 11608, version 1.197\012- data
Size
12 kB (11608 bytes)
Hash
46b5329e8e4e5925129ab2c36b336d0f
63cd5fbcbe5331e7d8059a4caee8d2510f834d68
79f02d139cfd07f2a19e0a8831553b3de4627fcab371e18eb776af035465949b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
openphish	Bank of America

HTTP Headers

GET /fonts/cnx-regular.woff2 HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/css/estilos.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: font/woff2
Content-Length: 11608
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:17:58 GMT
Accept-Ranges: bytes

u1995540.cp.regruhosting.ru/img/tarjetas.png

31.31.198.151

200 OK

35 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/img/tarjetas.png
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
PNG image data, 982 x 311, 8-bit colormap, non-interlaced\012- data
Size
35 kB (35093 bytes)
Hash
75bc751a8765d7a13c0c0080ca92783a
a07f98540be2011f6951141f5a185c990e7b610b
65e728a4b7d3a2c4b017452f913c7ecfd4d9c67e8f92f995cbba2d5438d5a2e8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
openphish	Bank of America

HTTP Headers

GET /img/tarjetas.png HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: image/png
Content-Length: 35093
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:21 GMT
Accept-Ranges: bytes

u1995540.cp.regruhosting.ru/img/ahorro.png

31.31.198.151

200 OK

131 kB

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/img/ahorro.png
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
PNG image data, 1449 x 701, 8-bit colormap, non-interlaced\012- data
Size
131 kB (131289 bytes)
Hash
c2dee10444d85f341cb3a24960a92fd8
17da44bf8bc94ccaf024cfa1ca6593263573058b
d01de0009b8c9cc5a42386c60e6f5c5d497a5724dad223a0cb07f1ea1a77c53f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
openphish	Bank of America

HTTP Headers

GET /img/ahorro.png HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: image/png
Content-Length: 131289
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:02 GMT
Accept-Ranges: bytes

u1995540.cp.regruhosting.ru/img/logo.png

31.31.198.151

200 OK

488 B

URL GET HTTP/1.1
u1995540.cp.regruhosting.ru/img/logo.png
IP
31.31.198.151:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://u1995540.cp.regruhosting.ru/index

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
488 B (488 bytes)
Hash
e47e26917735e82423d638b8670579b2
c3854b4f7f8878b090bee1ebb8758392e2a5c1fd
fbb01c67506f101815bdb2ae3f78ea92c3bcbbdc07d722cb5f980e2eb30d0123

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Bank of America
openphish	Bank of America

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: u1995540.cp.regruhosting.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://u1995540.cp.regruhosting.ru/index
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Apr 2023 01:10:13 GMT
Content-Type: image/png
Content-Length: 488
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 19:18:16 GMT
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (20)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size