rustorias.net Open in urlscan Pro
2606:4700:3036::ac43:a575 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rustorias.net/steam.html
Submission Tags: tweet @noladefense #phishing #infosec #cybersecurity #フィッシング詐欺 #steam Search All
Submission: On April 18 via api (April 18th 2023, 11:33:28 am UTC) from FI — Scanned from FI

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3036::ac43:a575, located in United States and belongs to CLOUDFLARENET, US. The main domain is rustorias.net.
TLS certificate: Issued by GTS CA 1P5 on March 27th 2023. Valid for: 3 months.

This is the only time rustorias.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address		AS Autonomous System
11	2606:4700:303... 2606:4700:3036::ac43:a575		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

11 2606:4700:3036::ac43:a575 (United States)

ASN13335 (CLOUDFLARENET, US)

rustorias.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	rustorias.net rustorias.net	328 KB
11	1

	Domain	Requested by
11	rustorias.net	rustorias.net
11	1

This site contains no links.

Subject Issuer	Validity	Valid
*.rustorias.net GTS CA 1P5	`2023-03-27` - `2023-06-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rustorias.net/steam.html
Frame ID: F3D5D7ECF73D74D4B165DA0EC32F3B95
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Steam Community

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

328 kB
Transfer

687 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request steam.html Show response rustorias.net/	468 B 674 B	376ms 292ms	Document text/html	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rustorias.net/steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e1677f300cc6543a912c98f8bd9ca545975ec5f91692f32140604c91494b89bd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7b9c97b25b85fe48-HEL content-encoding br content-type text/html date Tue, 18 Apr 2023 11:33:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWzdmSuUvl2Z4bpvYrL1TNjbLGEEgdBLsnW4vio4IQpM%2FN7DyYcRXfIR%2F5IqMcvi58qimFf72axzmHINGR3u%2FyopPGw0kBxe99Ggj2InR0EU2slt2S5u8RPbpuZX7vZkjuMM7svd6VSRBz3k"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	s.js Show response rustorias.net/assets/s/	536 KB 174 KB	893ms 892ms	Script application/javascript	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rustorias.net/assets/s/s.js Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6120498916e1430571ec75eda25e0fea8687f4ab8212b6af5a359af8fb52ab66` Request headers accept-language fi-FI,fi;q=0.9 Referer https://rustorias.net/steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT content-encoding br cf-cache-status MISS last-modified Wed, 15 Mar 2023 07:28:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"641173b4-86051" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0RnlRoBkaiRJbcS1t6thBk9OpOIKp8UO29P6UwNTzqxy6jDZCcS1%2FfWXyFDV8vnDC5gLeIM63zn%2FPZV%2BnRz8vTm06hXmReWqQHRfdoacDqQfEAjT%2B2kdiS0PyKZU6K2X7bCqfc41UvNuYvX"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7b9c97b43e40fe48-HEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	btn_header_installsteam_download.png rustorias.net/assets/s/img/	291 B 766 B	46ms 45ms	Image image/png	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rustorias.net/assets/s/img/btn_header_installsteam_download.png Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082` Request headers accept-language fi-FI,fi;q=0.9 Referer https://rustorias.net/steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT cf-cache-status HIT last-modified Wed, 15 Mar 2023 07:28:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 459 etag "641173b4-123" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEHQfuxslbkQdKwGczhM7ud5l4aofkzJ6BangRhviFBFXHZg2aoUaCcKI6qVIwSZX9%2BpOmQagM23KNkTqO9OMBDCNx7bIX3McFSrwIGaU7UPgwE%2Bao4uOBcG2cd3FQp6p0fonMgwb6MobMwk"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b9c97bb1e3509b1-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 291
GET H3	200	btn_arrow_down_padded.png rustorias.net/assets/s/img/	161 B 676 B	43ms 43ms	Image image/png	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rustorias.net/assets/s/img/btn_arrow_down_padded.png Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5` Request headers accept-language fi-FI,fi;q=0.9 Referer https://rustorias.net/steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT cf-cache-status HIT last-modified Wed, 15 Mar 2023 07:28:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 459 etag "641173b4-a1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqmluOHkFW5nWLeMmsUPpdnV0xcvWO%2FFvIWo81YUs7x3ZcOgEtrL%2FI5oDhM8R3xB8WHqaBjvJl1V4OgancI%2FmjeQkaiEhbvZcylkvFLklFEYWnXSTbIHhtuZRWokATdUgutHi2d0yO%2BW%2FAjn"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b9c97bb1e3a09b1-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 161
GET H3	200	MotivaSans-Regular.ttf rustorias.net/assets/s/fonts/	120 KB 120 KB	673ms 673ms	Font application/octet-stream	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rustorias.net/assets/s/fonts/MotivaSans-Regular.ttf Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14` Request headers Referer https://rustorias.net/steam.html Origin https://rustorias.net accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT cf-cache-status MISS last-modified Wed, 15 Mar 2023 07:28:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "641173b4-1df3c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjNFgYYRxc08ovg9M2%2BrjyVuKB8UALsPi6mejjyjtciC9f%2BwN3n9omFb%2BxeSIPC36w12Y3q%2FgZOszgkOIRvUhGggxLC7PAcJWicOfm4c9cCh3M9OKZjuL2JEDeO2qWDQh9W1yI5K2dy%2FhXXo"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 7b9c97bb1e3e09b1-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 122684
GET H3	200	header_menu_hamburger.png rustorias.net/assets/s/img/	4 KB 4 KB	74ms 74ms	Image image/png	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rustorias.net/assets/s/img/header_menu_hamburger.png Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa` Request headers accept-language fi-FI,fi;q=0.9 Referer https://rustorias.net/steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT cf-cache-status HIT last-modified Wed, 15 Mar 2023 07:28:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 459 etag "641173b6-ec1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3K3Ej0VRAxL42bTJ6ipmWCUYSPDonk1uvoUmhL22TmitObTbKyXen2ZrcBEYtPtIBwNzG8ofwr3jyEuxj0CD%2BOhubKq8Z1AhjrlbBewZnfXQB8GnETsaMhw4E0t4AT0OojCLsY9qU8c5FBNA"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b9c97bb2e4609b1-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3777
GET H3	200	header_logo.png rustorias.net/assets/s/img/	11 KB 11 KB	81ms 80ms	Image image/png	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rustorias.net/assets/s/img/header_logo.png Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8` Request headers accept-language fi-FI,fi;q=0.9 Referer https://rustorias.net/steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT cf-cache-status HIT last-modified Wed, 15 Mar 2023 07:28:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 459 etag "641173b4-2a6f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kbiiExQxGOxO0s%2F1lYeFJlsPu1dv2yyjK%2F0PLe0ow9rKdyPRnnbB%2BB03hXQvFIRMzmQzkV2AwNr6FXJvAJ5f9dcmcCekBxwSpmUsVHwrKcHs%2BsC3JhnvIrDDdsTapjIebZ1%2F4jdhKMv%2FKd%2B"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b9c97bb2e4909b1-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10863
GET H3	200	logo_steam.svg rustorias.net/assets/s/img/	4 KB 2 KB	46ms 45ms	Image image/svg+xml	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rustorias.net/assets/s/img/logo_steam.svg Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb` Request headers accept-language fi-FI,fi;q=0.9 Referer https://rustorias.net/steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT content-encoding br cf-cache-status HIT last-modified Wed, 15 Mar 2023 07:28:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 459 etag W/"641173b6-e64" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5Yj1QRBpxlh8n8Q2FASqsjqJN159L1QDkceKbyaMq%2FB5ASNjPQZPEx2xJkNFMmg8UVrrIQAHc7GqH82tpUUp7P1cKsatf9c9vOEeTZKJiGKEKJ1S%2FIHSnXW0wwQRuWWw5h1%2Bcqw0P3gUnDF"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 7b9c97bb2e4b09b1-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	sits_landing.png rustorias.net/assets/s/img/	5 KB 6 KB	81ms 80ms	Image image/png	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rustorias.net/assets/s/img/sits_landing.png Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `483ed1c78b7394366985110fe15e4aaf941882427515e5dfe7f582827a15378c` Request headers accept-language fi-FI,fi;q=0.9 Referer https://rustorias.net/steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT cf-cache-status HIT last-modified Wed, 15 Mar 2023 07:28:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 459 etag "641173b4-1547" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ek6n19R1vICGpG%2FodQurCeoduIa56jNk42t7LaLT%2FdXi2v26DA6VxaP6JU38Pcco0ZvQk4D4KGoB7nCendIYb0tomKXeVdwm5eWrLXUnekfUO6eJRhlsm75FHGjvNT4hx4Z1TMNqh3OBcK7"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b9c97bb2e4c09b1-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5447
GET H3	200	throbber.gif rustorias.net/assets/s/img/	3 KB 4 KB	44ms 44ms	Image image/gif	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rustorias.net/assets/s/img/throbber.gif Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d` Request headers accept-language fi-FI,fi;q=0.9 Referer https://rustorias.net/steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT cf-cache-status HIT last-modified Wed, 15 Mar 2023 07:28:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 459 etag "641173b4-c88" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gK%2Fw5mmpcK5hlue3fW1PsVHn9L%2FTGPmk8FCqqzlKwFtzrAQaqTLtLuUbx46kT65Ivo59SqMgM961nkXzxTkiCja0J%2BSQzy8AkgOKfDzonzxwykITykL8%2FtntyWeYToQvkub6vylUt48vmZ0y"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 7b9c97bb2e4d09b1-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3208
GET H3	200	footerLogo_valve.png rustorias.net/assets/s/img/	4 KB 4 KB	44ms 43ms	Image image/png	2606:4700:3036::ac43:a575 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rustorias.net/assets/s/img/footerLogo_valve.png Requested by Host: rustorias.net URL: https://rustorias.net/steam.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:a575 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1` Request headers accept-language fi-FI,fi;q=0.9 Referer https://rustorias.net/steam.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 11:33:24 GMT cf-cache-status HIT last-modified Wed, 15 Mar 2023 07:28:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 459 etag "641173b4-e99" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDjJewPomWbL0lCufBbZgHVZl%2BPAYTtkMF8mygbHRhWnOXfS7LrSBk6TZC5KS4e41xu2SpFKQgiIOWjtZWTJoCKq0KZua92idFv1KXVXiqLUBDEu26mCOA4Umx%2BzuHLzVQ6DqjPzf8r2ps53"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7b9c97bb2e4e09b1-ARN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3737

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rustorias.net
2606:4700:3036::ac43:a575
0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
483ed1c78b7394366985110fe15e4aaf941882427515e5dfe7f582827a15378c
6120498916e1430571ec75eda25e0fea8687f4ab8212b6af5a359af8fb52ab66
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
93b1fbe4f6245b62bfd4c8c3347abe0fe67ed711315e59bfadaebc9873d8d9b5
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
e1677f300cc6543a912c98f8bd9ca545975ec5f91692f32140604c91494b89bd
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

rustorias.net Open in urlscan Pro 2606:4700:3036::ac43:a575 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

328 kBTransfer

687 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

rustorias.net Open in urlscan Pro
2606:4700:3036::ac43:a575 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

328 kB
Transfer

687 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!