rust.voz.city
Open in
urlscan Pro
2606:4700:3031::ac43:c246
Public Scan
Submission Tags: phishingrod
Submission: On February 06 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on December 26th 2023. Valid for: 3 months.
This is the only time rust.voz.city was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2606:4700:303... 2606:4700:3031::ac43:c246 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2001:67c:4e8:... 2001:67c:4e8:f004::9 | 62041 (TELEGRAM) (TELEGRAM) | |
8 | 3 |
ASN62041 (TELEGRAM, VG)
telegram.org | |
oauth.telegram.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
telegram.org
telegram.org — Cisco Umbrella Rank: 10912 oauth.telegram.org — Cisco Umbrella Rank: 254313 |
65 KB |
2 |
voz.city
rust.voz.city |
346 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
5 | telegram.org |
rust.voz.city
oauth.telegram.org telegram.org |
2 | rust.voz.city |
rust.voz.city
|
1 | oauth.telegram.org |
telegram.org
|
8 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
voz.city GTS CA 1P5 |
2023-12-26 - 2024-03-25 |
3 months | crt.sh |
*.telegram.org Go Daddy Secure Certificate Authority - G2 |
2023-08-11 - 2024-09-11 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://rust.voz.city/
Frame ID: CDCB09CAD9666B217B205896EB606926
Requests: 3 HTTP requests in this frame
Frame:
https://oauth.telegram.org/embed/rust_items_bot?origin=https%3A%2F%2Frust.voz.city&return_to=https%3A%2F%2Frust.voz.city%2F&size=large&request_access=write
Frame ID: E15AD74B8EDA23E00898131863F5B1D5
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
rust.voz.city/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
telegram-widget.js
telegram.org/js/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.jpg
rust.voz.city/image/ |
344 KB 345 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rust_items_bot
oauth.telegram.org/embed/ Frame E15A |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-roboto.css
telegram.org/css/ Frame E15A |
6 KB 893 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-frame.css
telegram.org/css/ Frame E15A |
81 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-frame.js
telegram.org/js/ Frame E15A |
92 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame E15A |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
telegram.org/fonts/Roboto/ Frame E15A |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| __parseFunction object| Telegram1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
oauth.telegram.org/ | Name: stel_ssid Value: 00c1098cc9c17d02aa_15956605548367575190 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
oauth.telegram.org
rust.voz.city
telegram.org
2001:67c:4e8:f004::9
2606:4700:3031::ac43:c246
0f6cdd09b3bbebf50c4e1679aff6f021f5e183a4ba2dea3a0801394599ff6afd
30beb4d741bea8c160dda347e9cfd0148036a111b49a3534de2c019a088bdae6
541a22abed49f2a59eadbc5127a5c1181f53b022f781f373a3cd121a007b9aec
5df09ceb29f5fa499b25f7039c336281ebeafc1f76672adfd856f6c512ed1e76
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
84b97b3fa8847b64c6d3833561e4b3146530577171e85ad226578a087db70974
9db6a684c4b8c87ced6ca91ed34a348464a41df4d3f74c007cae6d87e68a1e88
d2893d2d8e37ff9ddb63d160a1257009946de96b1d296154de5f87b37e063e77
d61214fdf1c1eee41b83cb56d52b82db20a47bfeab5248bb6fda7a4f0744eedf