rust.donnegan.com
Open in
urlscan Pro
45.42.203.166
Public Scan
URL:
https://rust.donnegan.com/
Submission Tags: phishingrod
Submission: On October 01 via api from DE — Scanned from DE
Submission Tags: phishingrod
Submission: On October 01 via api from DE — Scanned from DE
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 6 HTTP transactions.
The main IP is 45.42.203.166, located in
Herndon, United States and
belongs to AS40676, US.
The main domain is rust.donnegan.com.
TLS certificate: Issued by E6 on September 30th 2024. Valid for: 3 months.
This is the only time rust.donnegan.com was scanned on urlscan.io!
TLS certificate: Issued by E6 on September 30th 2024. Valid for: 3 months.
This is the only time rust.donnegan.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 6 | 45.42.203.166 45.42.203.166 | 40676 (AS40676) (AS40676) | |
| 6 | 1 |
6
45.42.203.166
(Herndon, United States)
ASN40676 (AS40676, US)
PTR: mkxhp.disneystore.co.uk
ASN40676 (AS40676, US)
PTR: mkxhp.disneystore.co.uk
| rust.donnegan.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
donnegan.com
rust.donnegan.com |
305 KB |
| 6 | 1 |
| Domain | Requested by | |
|---|---|---|
| 6 | rust.donnegan.com |
rust.donnegan.com
|
| 6 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| rust.donnegan.com E6 |
2024-09-30 - 2024-12-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rust.donnegan.com/
Frame ID: A211DC5F9FC52F72AEF386630406671B
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
rust.donnegan.com/ |
72 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
rust.donnegan.com/styles/ |
67 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common-0.0.1.js
rust.donnegan.com/scripts/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
u2f-api.js
rust.donnegan.com/scripts/ |
24 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
welcome.png
rust.donnegan.com/ |
269 KB 269 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
rust.donnegan.com/ |
4 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
101 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| Q function| QS function| QE function| QV function| QA function| QH function| QC function| inputBoxFocus function| ReadShort function| ReadShortX function| ReadInt function| ReadSInt function| ReadIntX function| ShortToStr function| ShortToStrX function| IntToStr function| IntToStrX function| MakeToArray function| SplitArray function| Clone function| EscapeHtml function| EscapeHtmlBreaks function| ArrayElementMove function| ObjectToStringEx function| ObjectToStringEx2 function| gap function| gap2 function| ObjectToString function| ObjectToString2 function| hex2rstr function| char2hex function| rstr2hex function| encode_utf8 function| decode_utf8 function| data2blob function| utf2blob string| random function| trademarks function| zeroPad function| isAlphaNumeric function| isSafeString function| isSafeString2 function| parseUriArgs function| check_webp_feature function| jsonToCamel object| u2f boolean| passlogin string| newAccount string| emailCheck object| passRequirements number| features number| currentpanel number| twoFactorCookieDays object| authStrategies number| tokenTimeout object| serverLangs object| loclist object| loclistex string| showLanguageSelect function| startup function| changeLanguage function| useSecurityKey function| useEmailToken function| useEmailKeyEx function| useSMSToken function| useSMSTokenEx function| useMsgToken function| useMsgTokenEx function| usePushToken function| showPassHint function| xgo function| go function| submitButtonClicked function| validateLogin function| validateCreate function| validatePassReset function| passwordPolicyText function| showPasswordPolicy function| validateReset function| checkPasswordStrength function| checkPasswordRequirements function| strCount function| checkToken function| resetCheckToken function| changeEmailAddress function| validateEmailAddress function| changeEmailAddressEx function| resentEmailConfirmation function| setDialogMode function| dialogclose function| messagebox function| statusbox function| getDocWidth function| haltEvent function| haltReturn function| validateEmail function| putstore function| getstore function| format function| addTextLink function| addHtmlValue2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| rust.donnegan.com/ | Name: xid Value: e30= |
|
| rust.donnegan.com/ | Name: xid.sig Value: rv-nJ8O9KyV2kOy9dsLTxHt9Nf_ALJh78V2BsFBpKwdwBACc8yjF_51UjaC9Q35e |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'none'; font-src 'self'; script-src 'self' 'unsafe-inline'; connect-src 'self' wss://rust.donnegan.com; img-src 'self' blob: data: data:; style-src 'self' 'unsafe-inline'; frame-src 'self' blob: mcrouter:; media-src 'self'; form-action 'self'; manifest-src 'self' |
| Strict-Transport-Security | max-age=63072000 |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rust.donnegan.com
45.42.203.166
126b1d9d7e55c4120644be9847c814502b6842956332e9b43c01b955ddc15a8a
180f2ac62a8869d9794b046540e3dbc0f658a65c5cb694011164c9b8c271b750
6650365688dd9b997286c5442c28de72163802f7c8e7697efc0fc107fc1f3d88
91b69e7787ad55eff43a285b843e555bd7ebfb364fcb50206cb32e981bcda074
a81fbf2282a024cf9c7e2001617c5c53439ef08a9f80c2b47185d71180a7378d
d28b18dc62a5455ffc4149bf32559ab00edd28673841dd6f91277c3e40ee7b31