rustraxyi.ru Open in urlscan Pro
87.236.16.118 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rustraxyi.ru/
Submission Tags: phishingrod
Submission: On January 31 via api (January 31st 2024, 4:17:21 am UTC) from DE — Scanned from DE

Summary HTTP 162 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 162 HTTP transactions. The main IP is 87.236.16.118, located in St Petersburg, Russian Federation and belongs to BEGET-AS, RU. The main domain is rustraxyi.ru.
TLS certificate: Issued by R3 on December 1st 2023. Valid for: 3 months.

This is the only time rustraxyi.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
57	87.236.16.118 87.236.16.118	198610 (BEGET-AS) (BEGET-AS)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.255.224.36 172.255.224.36	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4 17	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	178.248.233.182 178.248.233.182	51115 (HLL-AS) (HLL-AS)
2 10	2606:4700::68... 2606:4700::6812:19b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
66	212.193.146.48 212.193.146.48	34879 (CCT-AS NG...) (CCT-AS NGENIX)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	51.250.51.175 51.250.51.175	200350 (YANDEXCLOUD) (YANDEXCLOUD)
162	16

57 87.236.16.118 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.oscar1.beget.com

rustraxyi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.255.224.36 (Netherlands)

ASN7979 (SERVERS-COM, US)

c53.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c49.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.248.233.182 (Russian Federation)

ASN51115 (HLL-AS, RU)

strahovkaru.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:19b5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.sravni.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 212.193.146.48 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
PTR: cdn.ngenix.net

s91588.cdn.ngenix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o366349.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.250.51.175 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

go.sravni.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	ngenix.net s91588.cdn.ngenix.net — Cisco Umbrella Rank: 780569	979 KB
57	rustraxyi.ru rustraxyi.ru	3 MB
13	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	6 KB
11	sravni.ru 2 redirects www.sravni.ru — Cisco Umbrella Rank: 518019 go.sravni.ru	76 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	431 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	142 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	11 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
2	travelpayouts.com c53.travelpayouts.com c49.travelpayouts.com	16 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	84 KB
1	sentry.io o366349.ingest.sentry.io	324 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	50 KB
1	strahovkaru.ru strahovkaru.ru
162	14

	Domain	Requested by
66	s91588.cdn.ngenix.net	www.sravni.ru s91588.cdn.ngenix.net
57	rustraxyi.ru	rustraxyi.ru
13	mc.yandex.com	3 redirects rustraxyi.ru mc.yandex.ru www.sravni.ru
10	www.sravni.ru	2 redirects c49.travelpayouts.com www.sravni.ru s91588.cdn.ngenix.net
4	www.gstatic.com	www.google.com www.gstatic.com
4	mc.yandex.ru	1 redirects rustraxyi.ru www.sravni.ru
2	cdn.jsdelivr.net	www.sravni.ru
2	www.google.com	rustraxyi.ru www.gstatic.com
2	cdnjs.cloudflare.com	rustraxyi.ru
1	go.sravni.ru
1	o366349.ingest.sentry.io	s91588.cdn.ngenix.net
1	static.cloudflareinsights.com	www.sravni.ru
1	www.googletagmanager.com	www.sravni.ru
1	fonts.gstatic.com	www.google.com
1	strahovkaru.ru	c53.travelpayouts.com
1	c49.travelpayouts.com	rustraxyi.ru
1	c53.travelpayouts.com	rustraxyi.ru
162	17

This site contains links to these domains. Also see Links.

Domain
c49.travelpayouts.com
vk.com
www.facebook.com
ok.ru
twitter.com
www.youtube.com
www.instagram.com
policies.google.com

Subject Issuer	Validity	Valid
rustraxyi.ru R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
travelpayouts.com R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
strahovkaru.ru R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.sravni.ru GlobalSign RSA OV SSL CA 2018	`2023-12-12` - `2024-12-22`	a year	crt.sh
*.cdn.ngenix.net GlobalSign GCC R3 DV TLS CA 2020	`2023-03-20` - `2024-04-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
go.sravni.ru R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://rustraxyi.ru/
Frame ID: DFDF9A4F977371530CF6B022F30D036F
Requests: 78 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LecaIkUAAAAAEsCtLYJ-mmUKr-aSVZ2QHB-Q2d0&co=aHR0cHM6Ly9ydXN0cmF4eWkucnU6NDQz&hl=de&v=QUpyTKFkX5CIV6EF8TFSWEif&size=invisible&cb=kxshauowibh0
Frame ID: B3EF3F75194BD44F8620011F9B772F0E
Requests: 5 HTTP requests in this frame

Frame: https://www.sravni.ru/osago/wl/?uid=00aa5643-492d-409e-932f-1291e6945441&product=osago&inframe=true&layout=full&themePalette=%7b%22color1%22%3a+%22undefined%22+%2c+%22color2%22%3a+%22undefined%22%7d&aff_id=1369&offer_id=1064&aff_sub=9&aff_sub2=e1c1b61ec8c743d5b54256599-318103&source=223&utm_source=travelpayouts.com_223&utm_campaign=osago_whitelabel&utm_medium=cpa&utm_content=1369
Frame ID: 2A9AEA5DBF6AF515C3DBB99093047F61
Requests: 82 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 472363821836DF1F54E1671473261555
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: AFFB8CAAFDC89EE80840ADE146871499
Requests: 1 HTTP requests in this frame

Frame: https://www.sravni.ru/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: B8BD2A6E06BD4367795DDCDAEDE2A81B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Купить страховку ОСАГО и КАСКО - онлайн за 5 минут со скидкой до 10%!