rustynutsrestoration.com Open in urlscan Pro
54.167.124.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rustynutsrestoration.com/
Submission Tags: phishingrod
Submission: On June 26 via api (June 26th 2023, 4:07:38 am UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 54.167.124.139, located in United States and belongs to AMAZON-AES, US. The main domain is rustynutsrestoration.com.
TLS certificate: Issued by R3 on April 25th 2023. Valid for: 3 months.

This is the only time rustynutsrestoration.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
8	54.167.124.139 54.167.124.139		14618 (AMAZON-AES) (AMAZON-AES)
9	2

8 54.167.124.139 (United States)

ASN14618 (AMAZON-AES, US)
PTR: cpanel209.turbify.biz

rustynutsrestoration.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	rustynutsrestoration.com rustynutsrestoration.com	58 KB
0	yahoo.com Failed visit.webhosting.yahoo.com Failed
9	2

	Domain	Requested by
8	rustynutsrestoration.com	rustynutsrestoration.com
0	visit.webhosting.yahoo.com Failed	rustynutsrestoration.com
9	2

This site contains links to these domains. Also see Links.

Domain
www.murraysbodyshop.com

Subject Issuer	Validity	Valid
cpanel.rustynutsrestoration.com R3	`2023-04-25` - `2023-07-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://rustynutsrestoration.com/
Frame ID: FAE5035BBE85A74309C845BEBDFE27CC
Requests: 7 HTTP requests in this frame

Frame: https://rustynutsrestoration.com/media/01_Gasoline.mp3
Frame ID: DFAF4805AED35BBD59E980F70ACAC89B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rusty Nuts Restoration

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

58 kB
Transfer

1426 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.murraysbodyshop.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response rustynutsrestoration.com/	10 KB 3 KB	396ms 99ms	Document text/html	54.167.124.139 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rustynutsrestoration.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.167.124.139 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel209.turbify.biz Software LiteSpeed / Resource Hash `29d414d143b34c3bf974b3a0cabbab4e407947acd05b4929b477d79a68b7ceda` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 2630 content-type text/html date Mon, 26 Jun 2023 04:07:33 GMT last-modified Mon, 23 Apr 2018 05:06:48 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	1-271x206.jpg rustynutsrestoration.com/sitebuilder/images/	16 KB 16 KB	198ms 198ms	Image image/jpeg	54.167.124.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://rustynutsrestoration.com/sitebuilder/images/1-271x206.jpg Requested by Host: rustynutsrestoration.com URL: https://rustynutsrestoration.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.167.124.139 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel209.turbify.biz Software LiteSpeed / Resource Hash `c5b3b0ffc4f2b9a365825de28e834f77b364a774a7706a59da395041f3f3a93a` Request headers accept-language de-DE,de;q=0.9 Referer https://rustynutsrestoration.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 26 Jun 2023 04:07:33 GMT last-modified Mon, 22 Aug 2011 03:02:35 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 16784 expires Mon, 03 Jul 2023 04:07:33 GMT
GET H2	200	images_5_-250x164.jpg rustynutsrestoration.com/sitebuilder/images/	8 KB 8 KB	197ms 197ms	Image image/jpeg	54.167.124.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://rustynutsrestoration.com/sitebuilder/images/images_5_-250x164.jpg Requested by Host: rustynutsrestoration.com URL: https://rustynutsrestoration.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.167.124.139 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel209.turbify.biz Software LiteSpeed / Resource Hash `536c143edae55295b84508086c7149a9390335347a556c3652347cca7ea372ec` Request headers accept-language de-DE,de;q=0.9 Referer https://rustynutsrestoration.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 26 Jun 2023 04:07:33 GMT last-modified Mon, 22 Aug 2011 03:02:27 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 8210 expires Mon, 03 Jul 2023 04:07:33 GMT
GET H2	200	images_5_a-246x163.jpg rustynutsrestoration.com/sitebuilder/images/	8 KB 8 KB	296ms 295ms	Image image/jpeg	54.167.124.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://rustynutsrestoration.com/sitebuilder/images/images_5_a-246x163.jpg Requested by Host: rustynutsrestoration.com URL: https://rustynutsrestoration.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.167.124.139 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel209.turbify.biz Software LiteSpeed / Resource Hash `15f60769e79986e77ce9d062cf7a98b024e5bed024a4d588d920249121c0243f` Request headers accept-language de-DE,de;q=0.9 Referer https://rustynutsrestoration.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 26 Jun 2023 04:07:33 GMT last-modified Mon, 22 Aug 2011 03:02:25 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 8148 expires Mon, 03 Jul 2023 04:07:33 GMT
GET H2	200	new_sign_murrays_bod_shop_-_Copy-193x32.jpg rustynutsrestoration.com/sitebuilder/images/	3 KB 3 KB	301ms 300ms	Image image/jpeg	54.167.124.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://rustynutsrestoration.com/sitebuilder/images/new_sign_murrays_bod_shop_-_Copy-193x32.jpg Requested by Host: rustynutsrestoration.com URL: https://rustynutsrestoration.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.167.124.139 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel209.turbify.biz Software LiteSpeed / Resource Hash `142c88e8e8815f2ca79e99d6c0d533020c118e1503537ad910ef8813daad6b6c` Request headers accept-language de-DE,de;q=0.9 Referer https://rustynutsrestoration.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 26 Jun 2023 04:07:33 GMT last-modified Mon, 22 Aug 2011 03:02:23 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 2630 expires Mon, 03 Jul 2023 04:07:33 GMT
GET H2	200	1_gargoyle2-715x577.jpg rustynutsrestoration.com/sitebuilder/images/	20 KB 20 KB	302ms 302ms	Image image/jpeg	54.167.124.139 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://rustynutsrestoration.com/sitebuilder/images/1_gargoyle2-715x577.jpg Requested by Host: rustynutsrestoration.com URL: https://rustynutsrestoration.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.167.124.139 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel209.turbify.biz Software LiteSpeed / Resource Hash `0984d988352f7246403350f7d4366564328c8ca52d14f546cb7b0ad54f2c5eaa` Request headers accept-language de-DE,de;q=0.9 Referer https://rustynutsrestoration.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 26 Jun 2023 04:07:33 GMT last-modified Mon, 22 Aug 2011 03:02:34 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 20417 expires Mon, 03 Jul 2023 04:07:33 GMT
GET		c visit.webhosting.yahoo.com/counter.gif/	0 0

GET H2	200	01_Gasoline.mp3 rustynutsrestoration.com/media/ Frame DFAF	0 0	288ms 288ms	Document audio/mpeg	54.167.124.139 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rustynutsrestoration.com/media/01_Gasoline.mp3 Requested by Host: rustynutsrestoration.com URL: https://rustynutsrestoration.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.167.124.139 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel209.turbify.biz Software LiteSpeed / Resource Hash Request headers Referer https://rustynutsrestoration.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 3606676 content-type audio/mpeg date Mon, 26 Jun 2023 04:07:33 GMT last-modified Tue, 26 Oct 2010 01:00:08 GMT server LiteSpeed
GET DATA	200 OK	truncated / Frame DFAF	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	206	01_Gasoline.mp3 rustynutsrestoration.com/media/ Frame DFAF	1 MB 0	152ms 151ms	Media audio/mpeg	54.167.124.139 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rustynutsrestoration.com/media/01_Gasoline.mp3 Requested by Host: rustynutsrestoration.com URL: https://rustynutsrestoration.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.167.124.139 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel209.turbify.biz Software LiteSpeed / Resource Hash Request headers Referer https://rustynutsrestoration.com/media/01_Gasoline.mp3 Accept-Encoding identity;q=1, ;q=0 accept-language* de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-3606675/3606676 date Mon, 26 Jun 2023 04:07:33 GMT last-modified Tue, 26 Oct 2010 01:00:08 GMT server LiteSpeed Content-Length 3606676 content-type audio/mpeg
GET DATA	200 OK	truncated / Frame DFAF	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame DFAF	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame DFAF	382 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: visit.webhosting.yahoo.com
URL: https://visit.webhosting.yahoo.com/counter.gif/c?D=333300&b=216&l=3&f=36

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://rustynutsrestoration.com/ Message: Mixed Content: The page at 'https://rustynutsrestoration.com/' was loaded over HTTPS, but requested an insecure element 'http://visit.webhosting.yahoo.com/counter.gif/c?D=333300&b=216&l=3&f=36'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rustynutsrestoration.com/(Line 120) Message: Mixed Content: The page at 'https://rustynutsrestoration.com/' was loaded over HTTPS, but requested an insecure element 'http://visit.webhosting.yahoo.com/counter.gif/c?D=333300&b=216&l=3&f=36'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rustynutsrestoration.com
visit.webhosting.yahoo.com
visit.webhosting.yahoo.com
54.167.124.139
0984d988352f7246403350f7d4366564328c8ca52d14f546cb7b0ad54f2c5eaa
142c88e8e8815f2ca79e99d6c0d533020c118e1503537ad910ef8813daad6b6c
15f60769e79986e77ce9d062cf7a98b024e5bed024a4d588d920249121c0243f
29d414d143b34c3bf974b3a0cabbab4e407947acd05b4929b477d79a68b7ceda
536c143edae55295b84508086c7149a9390335347a556c3652347cca7ea372ec
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
c5b3b0ffc4f2b9a365825de28e834f77b364a774a7706a59da395041f3f3a93a
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

rustynutsrestoration.com Open in urlscan Pro 54.167.124.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

58 kBTransfer

1426 kBSize

0 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

rustynutsrestoration.com Open in urlscan Pro
54.167.124.139 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

58 kB
Transfer

1426 kB
Size

0
Cookies

9 HTTP transactions
4 data transactions