rustour.ru
Open in
urlscan Pro
185.133.42.146
Public Scan
Submission Tags: phishingrod
Submission: On December 13 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 13th 2023. Valid for: 3 months.
This is the only time rustour.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 185.133.42.146 185.133.42.146 | 57494 (ADMAN-AS) (ADMAN-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
4 8 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
2 | 91.193.181.5 91.193.181.5 | 12722 (RECONN) (RECONN) | |
1 | 2a02:6b8::90 2a02:6b8::90 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
24 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
rustour.ru
rustour.ru |
555 KB |
5 |
yandex.com
3 redirects
mc.yandex.com — Cisco Umbrella Rank: 8902 |
3 KB |
4 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 4182 an.yandex.ru — Cisco Umbrella Rank: 5624 |
72 KB |
2 |
traffic-analizator.ru
traffic-analizator.ru |
9 KB |
1 |
gstatic.com
fonts.gstatic.com |
50 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
1015 B |
24 | 6 |
Domain | Requested by | |
---|---|---|
15 | rustour.ru |
rustour.ru
|
5 | mc.yandex.com |
3 redirects
rustour.ru
|
3 | mc.yandex.ru |
1 redirects
rustour.ru
|
2 | traffic-analizator.ru |
rustour.ru
traffic-analizator.ru |
1 | an.yandex.ru |
traffic-analizator.ru
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
rustour.ru
|
24 | 7 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cody.ru R3 |
2023-12-13 - 2024-03-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-08-14 - 2024-01-24 |
5 months | crt.sh |
traffic-analizator.ru R3 |
2023-11-14 - 2024-02-12 |
3 months | crt.sh |
bs.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-09-24 - 2024-03-24 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rustour.ru/
Frame ID: 53309C85B9C68A8122D94B1B33918C4E
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Сайт rustour.ruDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Ionicons (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
OWL Carousel (Widgets) Expand
Detected patterns
- <link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
Yandex.Direct (Advertising Networks) Expand
Detected patterns
- https?://an\.yandex\.ru/
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: телеграм
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10216.i9uHcRwgzUqoksyyrX_dlnPwSzmqagdfKtPn3mROXVqSHY9-fUxgjhIICVe0y7jm.YBUXYswFo9uOWIDg8Z2UMClLMr0%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10216.CbOzJLFyXUv649AnqLr-i3ypa_JowZRcOeI9ASODLZGIv3bPay2iTWNRm3D7utosfvSleNEil02Rn5_7XpyO88cWItLyH1rc9s1u6Ltf1nqKT-PvxTbbjcMhPV1nzCkCoZ3syKbEqInLhSWuP0aJsaNBGWk14jzascUJ6CYj_fGMR3lxQXu-iIn7_iGg-ihZX8fT8x7UhPM9g68y0tYILvOZFhtKIJ9P5Z1OWrZL3TY%2C.jyoDnmt5iHDnLty5Ds-pZcWhjd8%2C HTTP 302
- https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10216.A-lfHH1sJ6C7HU7mKRqR8HFP6mczjbsn3lVdUqob2rEUid6XaWLRXa-aDShFP6SQnwG3TPYIzbOSCsmTiYXVXeVOLAGKIeq6-dGpBA4sXXmGEZ6CVg__c4RwwdkTXSVVqdhYyLGG3z9Nys7EC-tRmza6iYATFKSxJ1GaHbFtVaWzaFpCxeVpVPcGwGSpIKIWATctwOv2X4xcPxfLRX8Dbg%2C%2C.mEmZF6a1I9-diYyQhxkz2rPyYlQ%2C
- https://mc.yandex.com/watch/93397909?wmode=7&page-url=https%3A%2F%2Frustour.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A1352%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A48020537188%3Ahid%3A1035273309%3Az%3A60%3Ai%3A20231213102216%3Aet%3A1702459337%3Ac%3A1%3Arn%3A927137942%3Arqn%3A1%3Au%3A1702459337833668439%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C249%2C125%2C1%2C0%2C0%2C%2C673%2C1%2C%2C%2C%2C1340%3Aco%3A0%3Acpf%3A1%3Ans%3A1702459335139%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702459337%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20rustour.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
- https://mc.yandex.com/watch/93397909/1?wmode=7&page-url=https%3A%2F%2Frustour.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3bfl5e3f8ptrmgtp6nxhmpy3%3Afp%3A1352%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A48020537188%3Ahid%3A1035273309%3Az%3A60%3Ai%3A20231213102216%3Aet%3A1702459337%3Ac%3A1%3Arn%3A927137942%3Arqn%3A1%3Au%3A1702459337833668439%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C249%2C125%2C1%2C0%2C0%2C%2C673%2C1%2C%2C%2C%2C1340%3Aco%3A0%3Acpf%3A1%3Ans%3A1702459335139%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702459337%3At%3A%D0%A1%D0%B0%D0%B9%D1%82%20rustour.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rustour.ru/ |
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1015 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-iconic-bootstrap.min.css
rustour.ru/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
rustour.ru/css/ |
72 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.min.css
rustour.ru/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.theme.default.min.css
rustour.ru/css/ |
965 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magnific-popup.css
rustour.ru/css/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aos.css
rustour.ru/css/ |
25 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ionicons.min.css
rustour.ru/css/ |
46 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-datepicker.css
rustour.ru/css/ |
18 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.timepicker.css
rustour.ru/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flaticon.css
rustour.ru/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icomoon.css
rustour.ru/css/ |
78 KB 78 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
rustour.ru/css/ |
232 KB 233 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ro.png
rustour.ru/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.png
rustour.ru/i/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ |
49 KB 50 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
202 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
metric.js
traffic-analizator.ru/js/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_finish
mc.yandex.ru/ Redirect Chain
|
43 B 580 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 475 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3062804
an.yandex.ru/meta/ |
437 B 712 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/93397909/ Redirect Chain
|
427 B 570 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
add-data
traffic-analizator.ru/api/profiles/ |
30 B 295 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| ym object| Ya object| yaCounter93397909 function| _0x902d function| _0x48da17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rustour.ru/ | Name: _ym_uid Value: 1702459337833668439 |
|
.rustour.ru/ | Name: _ym_d Value: 1702459337 |
|
.yandex.com/ | Name: i Value: wwqAturjA/paXSQ2OtCuZ5VU7sIQf/0foHOkU7umpZnlOit1fRYOiXHHf263tX2Oa6RBzzhdxL2KmOm8CYCzx/XF8mw= |
|
.yandex.com/ | Name: yandexuid Value: 7621885201702459336 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 2192806702fake |
|
.rustour.ru/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 3722547516fake |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
.yandex.ru/ | Name: yandexuid Value: 7621885201702459336 |
|
.yandex.ru/ | Name: yuidss Value: 7621885201702459336 |
|
.yandex.ru/ | Name: i Value: wwqAturjA/paXSQ2OtCuZ5VU7sIQf/0foHOkU7umpZnlOit1fRYOiXHHf263tX2Oa6RBzzhdxL2KmOm8CYCzx/XF8mw= |
|
.yandex.ru/ | Name: yp Value: 1702545737.yu.9153508761702459336 |
|
.yandex.ru/ | Name: ymex Value: 1705051337.oyu.9153508761702459336 |
|
mc.yandex.com/ | Name: yabs-sid Value: 1074356321702459337 |
|
.yandex.com/ | Name: yuidss Value: 7621885201702459336 |
|
.yandex.com/ | Name: ymex Value: 1733995337.yrts.1702459337 |
|
.yandex.com/ | Name: bh Value: KgI/MA== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
an.yandex.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
rustour.ru
traffic-analizator.ru
185.133.42.146
2a00:1450:4001:806::2003
2a00:1450:4001:813::200a
2a02:6b8::1:119
2a02:6b8::90
91.193.181.5
1b6f88717e97441718b9fbd436b0aa65d4753c36c9901535eb81b7ce4b760bc4
2d385da55b86dff0c7514007841a085f9623f644ad2aae6b6149caaf5f2898cd
35652aad571df0e1e44b47da8a656ef45fd0050fd5c95047d69adab4bb60753f
3fd498cc0ae566423ac60276950b945aec0f2dbd65e99e9fe5ebc0e1d525885a
5028328f3e60c39b89483896393ed962e3798580c0fdd8dedbebe7ec9f005d6e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e3c1b18e3180b1b1a09fe46625f75cd9b880ea27643e64a38bcbb4b5dd6ea12
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
69be9c6d15d4c0d2ab177a0bf6e564e99e898f5984d6a920773c619f25b59bb7
6f3b3eda120231c8b7775699ee027905ac6a8f998e7dddefe9bdab0a0b32219f
7f3f0bcae6e5d7f81ad1868d5a61d1538dc460c9efc955931eec63ed7b02febc
8c66cabc5a90f0151a1b47081d80674f45e3b24ad1b72a1cd9e5a9406ecf572a
956b850f90a53b1eee75cd3ecdf81fbb4907c2f13694321313d1c6199227b577
9b2c36195d8149926940ce2d9ed3b6c4e4390464224b8f4733cf096cc4494e74
9b5789cf4f074dfacac41cb6a01b266f7f679b5ad087bb9a80cf54a3d9e0b8a2
a34b5fcade85366776a2c6bddf24a58ceaff7d2eb8ba4bf4496df1adb31d2ce1
a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd
c64c81c2747745d8128894f822a6d1af11fa82b34488b6115f08a3e03fb49288
d3a704fb1c35bc2b81eb999dc057e69c5d2fd12de5daf69cffa2d95f5461ae97
d5c5e731b8c995ac40ce247ab42366d7df4cea7522f743480afb9be0a93ad2a7
f3981ff60c9ef0c26f76f791eeab99403ec84a15ba2bce3be779b69df572407b
f3ce311a88c449a4103d3d88e1d4e6a55a5a8418fb2b9b5fa6b0895e7ac6e967
f7236018adee6435646b8affbcd4392237716caf04db52641859e35435331905