yandex.ru
Open in
urlscan Pro
2a02:6b8:a::a
Public Scan
Effective URL: https://yandex.ru/safety/?url=https://rustgifltwltchs.com/wg
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 24 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by GlobalSign ECC OV SSL CA 2018 on February 1st 2023. Valid for: 6 months.
This is the only time yandex.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a02:6b8::221 2a02:6b8::221 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
1 1 | 2a02:6b8::232 2a02:6b8::232 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
1 | 2a02:6b8:a::a 2a02:6b8:a::a | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
6 | 2a02:6b8:20::215 2a02:6b8:20::215 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
1 4 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
10 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
yastatic.net
yastatic.net — Cisco Umbrella Rank: 4502 |
254 KB |
5 |
yandex.ru
1 redirects
yandex.ru — Cisco Umbrella Rank: 1306 mc.yandex.ru — Cisco Umbrella Rank: 2437 |
71 KB |
1 |
yandex.net
1 redirects
sba.yandex.net — Cisco Umbrella Rank: 8085 |
318 B |
1 |
clck.ru
1 redirects
clck.ru — Cisco Umbrella Rank: 196589 |
485 B |
10 | 4 |
Domain | Requested by | |
---|---|---|
6 | yastatic.net |
yandex.ru
yastatic.net mc.yandex.ru |
4 | mc.yandex.ru |
1 redirects
yastatic.net
yandex.ru |
1 | yandex.ru | |
1 | sba.yandex.net | 1 redirects |
1 | clck.ru | 1 redirects |
10 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
ya.ru |
rustgifltwltchs.com |
yandex.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018 |
2023-02-01 - 2023-08-01 |
6 months | crt.sh |
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018 |
2023-02-01 - 2023-08-01 |
6 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2023-03-17 - 2023-08-27 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://yandex.ru/safety/?url=https://rustgifltwltchs.com/wg
Frame ID: 01A42C67247F9D53D0E496F7FC5779AA
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Сайт может быть опасенPage URL History Show full URLs
-
https://clck.ru/33f3HN
HTTP 302
https://sba.yandex.net/redirect?url=https%3A%2F%2Frustgifltwltchs.com%2Fwg&client=clck&sign=d970885... HTTP 302
https://yandex.ru/safety/?url=https://rustgifltwltchs.com/wg Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+data-react
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Мне все равно, перейти на сайт
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://clck.ru/33f3HN
HTTP 302
https://sba.yandex.net/redirect?url=https%3A%2F%2Frustgifltwltchs.com%2Fwg&client=clck&sign=d970885575bc96af575f1494343432a2 HTTP 302
https://yandex.ru/safety/?url=https://rustgifltwltchs.com/wg Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fsafety%2F%3Furl%3Dhttps%3A%2F%2Frustgifltwltchs.com%2Fwg&page-ref=&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afp%3A1426%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A918758115023%3Ahid%3A117206864%3Az%3A0%3Ai%3A20230424150143%3Aet%3A1682348504%3Ac%3A1%3Arn%3A868858799%3Arqn%3A1%3Au%3A1682348504109115735%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A7%2C167%2C153%2C2%2C613%2C0%2C%2C568%2C0%2C%2C%2C%2C1510%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1682348501865%3Ast%3A1682348504&t=clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
- https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyandex.ru%2Fsafety%2F%3Furl%3Dhttps%3A%2F%2Frustgifltwltchs.com%2Fwg&page-ref&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Avf%3A11sypks4ojrd92w4vnwqw7z%3Afp%3A1426%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1030%3Acn%3A1%3Adp%3A0%3Als%3A918758115023%3Ahid%3A117206864%3Az%3A0%3Ai%3A20230424150143%3Aet%3A1682348504%3Ac%3A1%3Arn%3A868858799%3Arqn%3A1%3Au%3A1682348504109115735%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A7%2C167%2C153%2C2%2C613%2C0%2C%2C568%2C0%2C%2C%2C%2C1510%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1682348501865%3Ast%3A1682348504&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
yandex.ru/safety/ Redirect Chain
|
10 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.build.css
yastatic.net/s3/frontend/safety/v1.233.0-96506213a78375dc76ba74749e792bfa8e254327.0/ |
38 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.build.js
yastatic.net/s3/frontend/safety/v1.233.0-96506213a78375dc76ba74749e792bfa8e254327.0/ |
293 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.build.js
yastatic.net/s3/frontend/safety/v1.233.0-96506213a78375dc76ba74749e792bfa8e254327.0/ |
353 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
689 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
258 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HYLTqrZD.woff2
yastatic.net/s3/frontend/safety/_/ |
37 KB 37 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2bwSFV8t.woff2
yastatic.net/s3/frontend/safety/_/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch.js
mc.yandex.ru/metrika/ |
164 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 113 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.ru/watch/3/ Redirect Chain
|
256 B 339 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en_two_main_buttons.js
yastatic.net/s3/gdpr/popup/v2/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| webpackHotUpdate_init_ object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __init__ object| yandex_metrika_accounts string| yaCounterVersion47499595 object| Ya object| yaCounter4749959510 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.clck.ru/ | Name: _yasc Value: tcqLW0BVD9LZuy78sVJ58Z0QScL7Dib0Mdq2cobK7oGwrouTbG3P8Jr1gHA= |
|
.yandex.ru/ | Name: is_gdpr Value: 1 |
|
.yandex.ru/ | Name: is_gdpr_b Value: COjOQRDKswEYAQ== |
|
.yandex.ru/ | Name: _yasc Value: 2t0Ar/DcIEH/sHf5l8rQnJJT4PI3lrjNF/NugbxzItjCv8Mc5rjrNaNXres= |
|
.yandex.ru/ | Name: i Value: 3tVLKk2RMBQRMO3y0lv6PcJfIoXZSpaUQ6XVdVs6/H3N4UH3WuVrzuZT62KSHjbIr6fGcVsGORwsz3e8Uc38w91uxPA= |
|
.yandex.ru/ | Name: yandexuid Value: 6884397311682348502 |
|
mc.yandex.ru/ | Name: yabs-sid Value: 1939519891682348503 |
|
.yandex.ru/ | Name: yuidss Value: 6884397311682348502 |
|
.yandex.ru/ | Name: ymex Value: 1713884503.yrts.1682348503 |
|
.yandex.ru/ | Name: gdpr_popup Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' 'nonce-r+w4a0B884K3lZrU3Ck8KQ==' mc.yandex.ru social.yandex.ru frontend.s3.yandex.net frontend-test.s3.mds.yandex.net yastatic.net; style-src 'unsafe-inline' mc.yandex.ru frontend.s3.yandex.net frontend-test.s3.mds.yandex.net yastatic.net; img-src 'self' data: avatars.yandex.net avatars.mds.yandex.net avatars.mdst.yandex.net mc.yandex.ru yastatic.net; font-src frontend.s3.yandex.net frontend-test.s3.mds.yandex.net yastatic.net; connect-src 'self' mc.yandex.ru; report-uri https://csp.yandex.net/csp?from=promo-safety-2017&yandex_login=undefined&yandexuid=undefined; |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clck.ru
mc.yandex.ru
sba.yandex.net
yandex.ru
yastatic.net
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::221
2a02:6b8::232
2a02:6b8:a::a
115c99869edd224813c59cf942ae28ce4e6f23292a0c5fca41d78320c5878089
2b7e9b3138d5037cb069ab27ce2378e3630cdec665614543598893c3a8501072
2d305df58cb5941de9c0429eee9598310fd96528bb54c982497dd4911a5f3d8e
46889758c17b8903ab0238f821388d0ec74945fa1641b886238d0d021e12f222
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
7fc63cc13b3210e7eead7fae7885d571206baa4e192d5e14bbaafe8ea257b42e
983927d7b7de6846d775823e1d4bbb46d93908ea322c6440ec95a2fd27fc2fde
b3ab43ad8abad44df918915fdf1053ff58a582b19e470c9eaa7cb62188cc497e
cb1567ad8aceccacf0279863b1e9902bf728d5c90008a0534b4ffc9238e8deac
cc23917fc85b9cbd1bf38640afe0302a5001b305927e08c16c0160ba9734faa7
d5a06338e00bad57ed1a2c6b1d372f2417f0de75683584a852b1708d0b2d27c2
de4fb43ce43b6134c3e063b137f3933c046f2d4829a8687127c6e49fa6248ecd
f0aa37cda27c0a4cba5fa7dffe585cd358235ddf052afc950d7aa35f73d7b3f1