creative.rutarget.ru

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 178.170.196.247, located in Russian Federation and belongs to CLOUDRU-AS, RU. The main domain is creative.rutarget.ru. The Cisco Umbrella rank of the primary domain is 220982.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on February 22nd 2023. Valid for: a year.

This is the only time creative.rutarget.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	178.170.196.247 178.170.196.247	208677 (CLOUDRU-AS) (CLOUDRU-AS)
1 2	87.242.94.234 87.242.94.234	208677 (CLOUDRU-AS) (CLOUDRU-AS)
1	87.242.122.239 87.242.122.239	208677 (CLOUDRU-AS) (CLOUDRU-AS)
1 2	195.209.108.51 195.209.108.51	52007 (ADRIVER) (ADRIVER)
5	4

2 178.170.196.247 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
PTR: fr12.segmento.ru

creative.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.242.94.234 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr03-cdn.segmento.ru

cdn.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.122.239 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)
PTR: fr09-cdn.segmento.ru

cdn6.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.51 (Russian Federation) 1 redirects

ASN52007 (ADRIVER, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	rutarget.ru 1 redirects creative.rutarget.ru — Cisco Umbrella Rank: 220982 cdn.rutarget.ru — Cisco Umbrella Rank: 133191 cdn6.rutarget.ru — Cisco Umbrella Rank: 324834	49 KB
2	adriver.ru 1 redirects ad.adriver.ru — Cisco Umbrella Rank: 19485	1 KB
5	2

	Domain	Requested by
2	ad.adriver.ru	1 redirects creative.rutarget.ru
2	cdn.rutarget.ru	1 redirects creative.rutarget.ru
2	creative.rutarget.ru
1	cdn6.rutarget.ru	creative.rutarget.ru
5	4

This site contains links to these domains. Also see Links.

Domain
click.rutarget.ru

Subject Issuer	Validity	Valid
*.rutarget.ru GlobalSign RSA OV SSL CA 2018	`2023-02-22` - `2024-03-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://creative.rutarget.ru/creative?name=creative&idh=bolshoyvopros.ru&cid=109967&shop_id=%d0%a2%d0%b8%d0%bd%d1%8c%d0%ba%d0%be%d1%84%d1%84+%d0%bc%d0%be%d0%b1%d0%b0%d0%b9%d0%bb&ssp=buzzoola&rid=caf77052-1435-4568-6edb-d0590e40372e&t=314232&pub=15739&vid=lglfcxnnevol&vw_sup=true&isid=ma&btime=1697033934960
Frame ID: BF634545255C63E2A7F03A10D129A707
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

banner

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:<embed[^>]+(?:src="https?://mh\d?\.adriver\.ru/|flashvars="[^"]*(?:http:%3A//(?:ad|mh\d?)\.adriver\.ru/|adriver_banner))|<(?:(?:iframe|img)[^>]+src|a[^>]+href)="https?://ad\.adriver\.ru/)
(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Page Statistics

5
Requests

60 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

1
Countries

49 kB
Transfer

51 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://click.rutarget.ru/click?ssp=buzzoola&erid=Kra23tWSs&idh=bolshoyvopros.ru&rid=caf77052-1435-4568-6edb-d0590e40372e&t=314232&cid=109967&pub=15739

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.rutarget.ru/creative/314232/728%D1%8590.png HTTP 302
https://cdn6.rutarget.ru/creative/314232/728%D1%8590.png

Request Chain 1

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=770619&pid=3784191&bid=9526111&bn=9526111&exss=&rnd=874790165 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=770619&pid=3784191&bid=9526111&bn=9526111&exss=&rnd=874790165&tuid=-4542092292

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request creative Show response creative.rutarget.ru/	2 KB 1 KB	267ms 81ms	Document text/html	178.170.196.247 CLOUDRU-AS
General Check archive.org Show headers Download Go to Full URL https://creative.rutarget.ru/creative?name=creative&idh=bolshoyvopros.ru&cid=109967&shop_id=%d0%a2%d0%b8%d0%bd%d1%8c%d0%ba%d0%be%d1%84%d1%84+%d0%bc%d0%be%d0%b1%d0%b0%d0%b9%d0%bb&ssp=buzzoola&rid=caf77052-1435-4568-6edb-d0590e40372e&t=314232&pub=15739&vid=lglfcxnnevol&vw_sup=true&isid=ma&btime=1697033934960 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 178.170.196.247 , Russian Federation, ASN208677 (CLOUDRU-AS, RU), Reverse DNS fr12.segmento.ru Software nginx / Resource Hash `28579973d326294c184a2d46d05ca8ea7fcc438a4112ce71bace847dfdb8f464` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name Access-Control-Allow-Methods OPTIONS Connection keep-alive Content-Encoding gzip Content-Length 774 Content-Type text/html; charset=UTF-8 Date Wed, 11 Oct 2023 14:19:02 GMT P3P CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information." Server nginx
GET H2	200	728%D1%8590.png cdn6.rutarget.ru/creative/314232/ Redirect Chain https://cdn.rutarget.ru/creative/314232/728%D1%8590.png https://cdn6.rutarget.ru/creative/314232/728%D1%8590.png	44 KB 45 KB	356ms 165ms	Image image/png	87.242.122.239 CLOUDRU-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn6.rutarget.ru/creative/314232/728%D1%8590.png Requested by Host: creative.rutarget.ru URL: https://creative.rutarget.ru/creative?name=creative&idh=bolshoyvopros.ru&cid=109967&shop_id=%d0%a2%d0%b8%d0%bd%d1%8c%d0%ba%d0%be%d1%84%d1%84+%d0%bc%d0%be%d0%b1%d0%b0%d0%b9%d0%bb&ssp=buzzoola&rid=caf77052-1435-4568-6edb-d0590e40372e&t=314232&pub=15739&vid=lglfcxnnevol&vw_sup=true&isid=ma&btime=1697033934960 Protocol H2 Server 87.242.122.239 , Russian Federation, ASN208677 (CLOUDRU-AS, RU), Reverse DNS fr09-cdn.segmento.ru Software nginx / Resource Hash `bd2496c55f1593311d82b0dac7653ea73888a10f6343eeba2c3d3fc97b08fb95` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:19:03 GMT last-modified Thu, 05 Oct 2023 16:01:41 GMT server nginx etag "651edde5-b1f4" access-control-allow-methods OPTIONS content-type image/png access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name content-length 45556 Redirect headers location https://cdn6.rutarget.ru/creative/314232/728%D1%8590.png date Wed, 11 Oct 2023 14:19:03 GMT server nginx content-length 138 content-type text/html
GET H/1.1	200 OK	rle.cgi ad.adriver.ru/cgi-bin/ Redirect Chain https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=770619&pid=3784191&bid=9526111&bn=9526111&exss=&rnd=874790165 https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=770619&pid=3784191&bid=9526111&bn=9526111&exss=&rnd=874790165&tuid=-4542092292	42 B 581 B	98ms 97ms	Image image/gif	195.209.108.51 ADRIVER
General Check archive.org Show headers Download Go to Show image Full URL https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&bt=21&ad=770619&pid=3784191&bid=9526111&bn=9526111&exss=&rnd=874790165&tuid=-4542092292 Requested by Host: creative.rutarget.ru URL: https://creative.rutarget.ru/creative?name=creative&idh=bolshoyvopros.ru&cid=109967&shop_id=%d0%a2%d0%b8%d0%bd%d1%8c%d0%ba%d0%be%d1%84%d1%84+%d0%bc%d0%be%d0%b1%d0%b0%d0%b9%d0%bb&ssp=buzzoola&rid=caf77052-1435-4568-6edb-d0590e40372e&t=314232&pub=15739&vid=lglfcxnnevol&vw_sup=true&isid=ma&btime=1697033934960 Protocol HTTP/1.1 Server 195.209.108.51 , Russian Federation, ASN52007 (ADRIVER, RU), Reverse DNS Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Wed, 11 Oct 2023 14:19:03 GMT Transfer-Encoding chunked P3P policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA" Content-Type image/gif Cache-control no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 11 Oct 2023 14:19:03 GMT Transfer-Encoding chunked P3P policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA Content-Type text/html Location /cgi-bin/rle.cgi?sid=1&bt=21&ad=770619&pid=3784191&bid=9526111&bn=9526111&exss=&rnd=874790165&tuid=-4542092292 Cache-control no-cache, max-age=0, must-revalidate, no-store Access-Control-Allow-Credentials true Access-Control-Allow-Origin * Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	viewability.js Show response cdn.rutarget.ru/static/viewability/	5 KB 2 KB	250ms 78ms	Script application/x-javascript	87.242.94.234 CLOUDRU-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.rutarget.ru/static/viewability/viewability.js Requested by Host: creative.rutarget.ru URL: https://creative.rutarget.ru/creative?name=creative&idh=bolshoyvopros.ru&cid=109967&shop_id=%d0%a2%d0%b8%d0%bd%d1%8c%d0%ba%d0%be%d1%84%d1%84+%d0%bc%d0%be%d0%b1%d0%b0%d0%b9%d0%bb&ssp=buzzoola&rid=caf77052-1435-4568-6edb-d0590e40372e&t=314232&pub=15739&vid=lglfcxnnevol&vw_sup=true&isid=ma&btime=1697033934960 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.242.94.234 , Russian Federation, ASN208677 (CLOUDRU-AS, RU), Reverse DNS fr03-cdn.segmento.ru Software nginx / Resource Hash `a3c7bc18bb21fe8107617000233e416a2cd4e3b685c7bff63e77b68d85bd0bdc` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 11 Oct 2023 14:19:03 GMT content-encoding gzip last-modified Mon, 25 Feb 2019 10:13:35 GMT server nginx etag W/"5c73bfcf-152e" access-control-allow-methods OPTIONS content-type application/x-javascript access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
GET H/1.1	200 OK	view creative.rutarget.ru/	0 114 B	81ms 81ms	Image text/plain	178.170.196.247 CLOUDRU-AS
General Check archive.org Show headers Download Go to Show image Full URL https://creative.rutarget.ru/view?name=view&cid=109967&ssp=buzzoola&rid=caf77052-1435-4568-6edb-d0590e40372e&t=314232&pub=15739&vid=lglfcxnnevol&vw_sup=true Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 178.170.196.247 , Russian Federation, ASN208677 (CLOUDRU-AS, RU), Reverse DNS fr12.segmento.ru Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Wed, 11 Oct 2023 14:19:04 GMT Server nginx Connection keep-alive Content-Length 0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __rtgViewability

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rutarget.ru/	1970-01-20 19:43:05	Name: userId Value: lglfcxnnevol
			.adriver.ru/	1970-01-21 00:59:53	Name: cid Value: AfiJ9flQpk7T1p5CmQjTeEQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adriver.ru
cdn.rutarget.ru
cdn6.rutarget.ru
creative.rutarget.ru
178.170.196.247
195.209.108.51
87.242.122.239
87.242.94.234
28579973d326294c184a2d46d05ca8ea7fcc438a4112ce71bace847dfdb8f464
a3c7bc18bb21fe8107617000233e416a2cd4e3b685c7bff63e77b68d85bd0bdc
bd2496c55f1593311d82b0dac7653ea73888a10f6343eeba2c3d3fc97b08fb95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

creative.rutarget.ru Open in urlscan Pro 178.170.196.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

60 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

4 IPs

1 Countries

49 kBTransfer

51 kBSize

2 Cookies

1 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

Indicators

creative.rutarget.ru Open in urlscan Pro
178.170.196.247 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

1
Countries

49 kB
Transfer

51 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions