![](/screenshots/2d552da1-2a47-4f0b-bcd5-f1d610133caa.png)
newyeartrips.ru
Open in
urlscan Pro
91.236.136.41
Public Scan
Submission Tags: phishingrod
Submission: On June 20 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 13th 2024. Valid for: 3 months.
This is the only time newyeartrips.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 91.236.136.41 91.236.136.41 | 44094 (WEBHOST1-AS) (WEBHOST1-AS) | |
3 | 104.18.10.207 104.18.10.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 188.42.198.252 188.42.198.252 | 7979 (SERVERS-COM) (SERVERS-COM) | |
1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 7 | 2606:4700:10:... 2606:4700:10::6816:989 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:210... 2600:9000:2104:0:1f:1dd0:f700:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 65.9.86.98 65.9.86.98 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2a11:27c0::93 2a11:27c0::93 | 210756 (EDGECENTE...) (EDGECENTERLLC) | |
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 10 |
ASN44094 (WEBHOST1-AS, RU)
PTR: s110.webhost1.ru
newyeartrips.ru |
ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com | |
maxcdn.bootstrapcdn.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-98.ams1.r.cloudfront.net
static.aviasales.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
level.travel
1 redirects
api.level.travel cdn.level.travel cdn.yc.level.travel |
579 KB |
9 |
newyeartrips.ru
newyeartrips.ru |
700 KB |
3 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286 |
48 KB |
2 |
travelpayouts.com
c26.travelpayouts.com www.travelpayouts.com — Cisco Umbrella Rank: 183331 |
19 KB |
1 |
lvtv.me
conversion.lvtv.me |
707 B |
1 |
aviasales.com
static.aviasales.com — Cisco Umbrella Rank: 219517 |
14 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268 |
7 KB |
28 | 7 |
Domain | Requested by | |
---|---|---|
9 | newyeartrips.ru |
newyeartrips.ru
|
7 | api.level.travel |
1 redirects
newyeartrips.ru
|
4 | cdn.yc.level.travel |
api.level.travel
cdn.yc.level.travel |
2 | stackpath.bootstrapcdn.com |
newyeartrips.ru
|
1 | conversion.lvtv.me |
cdn.yc.level.travel
|
1 | www.travelpayouts.com |
newyeartrips.ru
|
1 | static.aviasales.com |
c26.travelpayouts.com
|
1 | cdn.level.travel |
newyeartrips.ru
|
1 | cdnjs.cloudflare.com |
newyeartrips.ru
|
1 | c26.travelpayouts.com |
newyeartrips.ru
|
1 | maxcdn.bootstrapcdn.com |
newyeartrips.ru
|
28 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.travelpayouts.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
newyeartrips.ru R3 |
2024-04-13 - 2024-07-12 |
3 months | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-05-25 - 2024-08-23 |
3 months | crt.sh |
travelpayouts.com R3 |
2024-04-21 - 2024-07-20 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
aviasales.com Amazon RSA 2048 M03 |
2023-12-24 - 2025-01-22 |
a year | crt.sh |
level.travel R3 |
2024-05-26 - 2024-08-24 |
3 months | crt.sh |
cdn.yc.level.travel E1 |
2024-05-03 - 2024-08-01 |
3 months | crt.sh |
lvtv.me E1 |
2024-05-05 - 2024-08-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://newyeartrips.ru/
Frame ID: B70658F77FE8FF161858846B90BBEA8C
Requests: 29 HTTP requests in this frame
Screenshot
![](/screenshots/2d552da1-2a47-4f0b-bcd5-f1d610133caa.png)
Page Title
Туры на Новый год 2019Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/React.png)
Detected patterns
- <[^>]+data-react
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
![](/vendor/wappa/icons/Popper.png)
Detected patterns
- /popper\.js/([0-9.]+)
![](/vendor/wappa/icons/TrackJs.png)
Detected patterns
- tracker\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://api.level.travel/js/5.0/open_api.js HTTP 301
- https://cdn.level.travel/5.0/open_api.js
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
newyeartrips.ru/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ |
138 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
newyeartrips.ru/assets/css/ |
108 B 275 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1-qsrocb.jpg
newyeartrips.ru/assets/images/assets/images/fast_img/1/ |
10 B 264 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nwtour1_1.jpg
newyeartrips.ru/assets/images/assets/uploads/ |
219 KB 220 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
content
c26.travelpayouts.com/ |
45 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nwtour2.jpg
newyeartrips.ru/assets/images/assets/uploads/ |
171 KB 172 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
734-u6v2ib.jpg
newyeartrips.ru/assets/images/fast_img/734/ |
207 KB 208 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
newyeartrips.ru/assets/js/ |
85 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
newyeartrips.ru/assets/js/ |
146 B 329 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open_api.js
cdn.level.travel/5.0/ Redirect Chain
|
2 MB 459 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.js
static.aviasales.com/snowplow/19.20.1/ |
43 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tp.png
www.travelpayouts.com/powered_by/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info
api.level.travel/partner/ |
250 B 923 B |
XHR
text/aes |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
leveltravel.css
cdn.yc.level.travel/5.0/stylesheets/widgets/search_widget/ |
57 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget_base.css
cdn.yc.level.travel/5.0/stylesheets/ |
40 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker.js
cdn.yc.level.travel/tracker/ |
26 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
conversion.lvtv.me/ |
48 B 707 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countries
api.level.travel/references/ |
4 KB 4 KB |
XHR
text/aes |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
autocomplete
api.level.travel/references/ |
2 KB 3 KB |
XHR
text/aes |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
departures
api.level.travel/references/ |
10 KB 10 KB |
XHR
text/aes |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Backpack-Regular.woff2
cdn.yc.level.travel/fonts/backpack/2.004/ |
60 KB 60 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
12 KB 12 KB |
Font
font/truetype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
available_countries
api.level.travel/references/ |
70 B 285 B |
XHR
text/aes |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
available_countries
api.level.travel/references/ |
250 B 462 B |
XHR
text/aes |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1-jd9ime.png
newyeartrips.ru/assets/images/fast_img/1/ |
63 KB 63 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 undefined| event object| fence object| sharedStorage object| ref number| len object| script string| src object| matches object| TP_POWERED_BY_SETTINGS object| match object| powered_by_wrapper string| promo_id number| prevIdIndex object| widget_wrapper object| LTApiInit object| TP_POWERED_BY object| GSN function| mamka object| TP_POWERED_BY_DATA function| $ function| jQuery function| Popper object| bootstrap object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| nacl object| pako function| md5 object| LTApi function| HitStorageTracker object| trackerWidget3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.newyeartrips.ru/ | Name: PHPSESSID Value: 2d8a96d6fef374ea19b2f1b51593eaa1 |
|
.newyeartrips.ru/ | Name: _sp_ses.edc0 Value: * |
|
.newyeartrips.ru/ | Name: _sp_id.edc0 Value: 42db514d-0aef-46a3-b51d-3c27ce9f14c0.1718877882.1.1718877882.1718877882.ce77f857-8a72-44d1-ba95-ff969bbdc6fc |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.level.travel
c26.travelpayouts.com
cdn.level.travel
cdn.yc.level.travel
cdnjs.cloudflare.com
conversion.lvtv.me
maxcdn.bootstrapcdn.com
newyeartrips.ru
stackpath.bootstrapcdn.com
static.aviasales.com
www.travelpayouts.com
104.17.24.14
104.18.10.207
188.42.198.252
2600:9000:2104:0:1f:1dd0:f700:93a1
2606:4700:10::6816:989
2a06:98c1:3120::3
2a11:27c0::93
65.9.86.98
91.236.136.41
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c02232f61e12639a03337399fde7b91a6330d106d3309724c1332e1bdbfb83c
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905
28877032b98dc9ec74467f05fc5cb4a72a3273f76fbf30ddb47cbe9ebd64ad69
2b5d42a173daf57cdd8f1be562ea25b4ebb42753a2d755dc5f0d70ea04249487
301c31d730d021a73ab72033f202ad8e320520bef35fd540404a2ee9df9bc91f
370c8d11ffd5164e49776cfed364f8ef6c04fd15e9ee223042d07ee5dc8ca187
3d5bb1884c84599d6210dde09b4a37a2abe9e48ea922481f5c2f6f1c3e281418
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
571a68696bd0f1155a3f6f8f3f9ca2a1ac2dbe864b4a1cacab504d7eef89ba29
5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
943193352490b5303717c9ccc956fff2c1d9773dac3e0b73be9a90b09653dd60
9cc423ba8ec5fcd28f033aed4637c05d11ff11213970a56de5f2a1bb3bca738f
9ede1898d7b0b2cf5311243e82673202f161414c318db9c0ad9bc8ba23d65a4b
a56e0040c040bb2ce5b1d64d14ba1873104ad3eebd5e09d3e6954cfcb514d26d
a6920cfbb6fa93a641b4821cd8dd2f0165a1e65fdcfc8c13822c73a447a44b87
addbab7fb38b3b50c2acbb6270f0f570cbc1bb5cee82e4831efe2e1e307b9a99
aee88fe39c861671e9dc7cd06d47ad4293bcba9f3839e5b5e0dd41b5f734d893
b425aaa5d2a34c7160d4a4747f0584aca7b64150d4037bf329cad149b1560f14
ba714b2635f0849ff937188882682ee56e072f8f7ab6e235ec1dba3556cd0f80
bc020cfeec69d6106de73c718c4532be7bbc963a2dc8b6d5fe91b470f95fb7dc
d312ac44899a5b5f3d087e0fad467b60989076539be4740afb6375efa1ba85d0
d9f27ecb2df892c8389631b5a6493dc3129f11fbc8454e4fe17ff37590a12240
dad1d7ee0051f6eb5992785940968d7d612eef19cb802d8805ad0509edd34adc
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fa83df65c1d49b28fe45cbb89379d9bf9ecc9a99457b7ddba7f4ff6b66c0371e
ff4e3cc74a0796cd0b5679fe7de5507703cd4793c9f657328f36a6b0b970dd30