rustici.atriumhealth.org Open in urlscan Pro
208.69.132.95 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rustici.atriumhealth.org/
Submission Tags: phishingrod
Submission: On June 28 via api (June 28th 2023, 7:15:32 am UTC) from DE — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 208.69.132.95, located in Charlotte, United States and belongs to CAROLINAS-HEALTHCARE-SYSTEM, US. The main domain is rustici.atriumhealth.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 11th 2022. Valid for: a year.

This is the only time rustici.atriumhealth.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	208.69.132.95 208.69.132.95		11354 (CAROLINAS...) (CAROLINAS-HEALTHCARE-SYSTEM)
10	1

10 208.69.132.95 (Charlotte, United States)

ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US)

rustici.atriumhealth.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	atriumhealth.org rustici.atriumhealth.org	2 MB
10	1

	Domain	Requested by
10	rustici.atriumhealth.org	rustici.atriumhealth.org
10	1

This site contains no links.

Subject Issuer	Validity	Valid
rustici.atriumhealth.org DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2023-07-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://rustici.atriumhealth.org/
Frame ID: 08F4F17183262FCA53645AC09DAAC4C6
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rustici Content Controller

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2515 kB
Transfer

2512 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
rustici.atriumhealth.org/ 1 KB
1 KB 671ms
94ms Document
text/html 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to

Full URL

https://rustici.atriumhealth.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

1b03f1f0f4292214f36631e127df53b92fecf5a33aa9dac43c0a18e2419ef0cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=1, must-revalidate
Connection: Keep-Alive
Content-Length: 1044
Content-Security-Policy: frame-ancestors 'none';
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 07:15:23 GMT
ETag: "414-5d92f0d934980"
Expires: Wed, 28 Jun 2023 07:15:24 GMT
Keep-Alive: timeout=2, max=100
Last-Modified: Tue, 01 Mar 2022 21:43:18 GMT
P3P: CP="NOI"
Server: Apache
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vendor.b9f122c1.css
rustici.atriumhealth.org/styles/ 154 KB
154 KB 127ms
125ms Stylesheet
text/css 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to

Full URL

https://rustici.atriumhealth.org/styles/vendor.b9f122c1.css

Requested by

Host: rustici.atriumhealth.org
URL: https://rustici.atriumhealth.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

668998e1d8d3abed287cff47bf99066362549b2c7dbc2fe2c21d59c0c386089e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustici.atriumhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:15:23 GMT
Last-Modified: Tue, 01 Mar 2022 21:43:18 GMT
Server: Apache
ETag: "267a3-5d92f0d934980"
P3P: CP="NOI"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 157603
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK application.211617e1.css
rustici.atriumhealth.org/styles/ 140 KB
140 KB 118ms
116ms Stylesheet
text/css 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to

Full URL

https://rustici.atriumhealth.org/styles/application.211617e1.css

Requested by

Host: rustici.atriumhealth.org
URL: https://rustici.atriumhealth.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

86e987d77a9da5f01411b19985a6b4b00326d7b8033d2f9fcadc87f0b04922e6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustici.atriumhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:15:23 GMT
Last-Modified: Tue, 01 Mar 2022 21:43:18 GMT
Server: Apache
ETag: "22f9d-5d92f0d934980"
P3P: CP="NOI"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 143261
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK vendor.67b26067.js Show response
rustici.atriumhealth.org/scripts/ 1 MB
1 MB 301ms
94ms Script
application/javascript 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to

Full URL

https://rustici.atriumhealth.org/scripts/vendor.67b26067.js

Requested by

Host: rustici.atriumhealth.org
URL: https://rustici.atriumhealth.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

3bf49987f36d3f02e054df751fe547bf77190fffc5b3ed979211ed3cf0b0e6aa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustici.atriumhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:15:23 GMT
Last-Modified: Tue, 01 Mar 2022 21:43:18 GMT
Server: Apache
ETag: "14c5d4-5d92f0d934980"
P3P: CP="NOI"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 1361364
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK scripts.6b81be62.js Show response
rustici.atriumhealth.org/scripts/ 860 KB
861 KB 300ms
93ms Script
application/javascript 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to

Full URL

https://rustici.atriumhealth.org/scripts/scripts.6b81be62.js

Requested by

Host: rustici.atriumhealth.org
URL: https://rustici.atriumhealth.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

84663ec87c3b64d3445837311287ded442519fe751d3e6266fa2a249d04bb30a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustici.atriumhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:15:23 GMT
Last-Modified: Tue, 01 Mar 2022 21:43:18 GMT
Server: Apache
ETag: "d70c7-5d92f0d934980"
P3P: CP="NOI"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 880839
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK signIn Show response
rustici.atriumhealth.org/api/appConfig/ 101 B
434 B 104ms
103ms XHR
application/json 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to

Full URL

https://rustici.atriumhealth.org/api/appConfig/signIn

Requested by

Host: rustici.atriumhealth.org
URL: https://rustici.atriumhealth.org/scripts/vendor.67b26067.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

6c55a0f15e0079b8c74489de555377c90e9fdb56d8b3a8b4f08510800b4a5601

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://rustici.atriumhealth.org/
If-Modified-Since: Mon, 14 Aug 2017 00:00:00 GMT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 07:15:25 GMT
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI"
Content-Type: application/json
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 101
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK signIn Show response
rustici.atriumhealth.org/api/appConfig/ 101 B
434 B 100ms
99ms XHR
application/json 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to

Full URL

https://rustici.atriumhealth.org/api/appConfig/signIn

Requested by

Host: rustici.atriumhealth.org
URL: https://rustici.atriumhealth.org/scripts/vendor.67b26067.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

6c55a0f15e0079b8c74489de555377c90e9fdb56d8b3a8b4f08510800b4a5601

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://rustici.atriumhealth.org/
If-Modified-Since: Mon, 14 Aug 2017 00:00:00 GMT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 07:15:25 GMT
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI"
Content-Type: application/json
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 101
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK cc-logo.faa3911c.png
rustici.atriumhealth.org/images/ 5 KB
5 KB 102ms
102ms Image
image/png 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustici.atriumhealth.org/images/cc-logo.faa3911c.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

5470626c1cb006dc237ba4bf23bec65fe01587f39f662b6baef30c818af26f4f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustici.atriumhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:15:25 GMT
Last-Modified: Tue, 01 Mar 2022 21:43:18 GMT
Server: Apache
ETag: "1384-5d92f0d934980"
P3P: CP="NOI"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 4996
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK loginMessage Show response
rustici.atriumhealth.org/api/ 0
340 B 101ms
100ms XHR
text/plain 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to

Full URL

https://rustici.atriumhealth.org/api/loginMessage

Requested by

Host: rustici.atriumhealth.org
URL: https://rustici.atriumhealth.org/scripts/vendor.67b26067.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://rustici.atriumhealth.org/
If-Modified-Since: Mon, 14 Aug 2017 00:00:00 GMT
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 07:15:25 GMT
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI"
Content-Type: text/plain; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK cc-logo-rustici.0fe78bb5.png
rustici.atriumhealth.org/images/ 22 KB
23 KB 96ms
96ms Image
image/png 208.69.132.95
CAROLINAS-HEALTHC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rustici.atriumhealth.org/images/cc-logo-rustici.0fe78bb5.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.69.132.95 Charlotte, United States, ASN11354 (CAROLINAS-HEALTHCARE-SYSTEM, US),

Reverse DNS

Software

Apache /

Resource Hash

480f67c5b0851c4abdfaa01c251f13d77c623120fc3152a5bdc44a7a8f037162

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustici.atriumhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:15:25 GMT
Last-Modified: Tue, 01 Mar 2022 21:43:18 GMT
Server: Apache
ETag: "599c-5d92f0d934980"
P3P: CP="NOI"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 22940
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rustici.atriumhealth.org
208.69.132.95
1b03f1f0f4292214f36631e127df53b92fecf5a33aa9dac43c0a18e2419ef0cf
3bf49987f36d3f02e054df751fe547bf77190fffc5b3ed979211ed3cf0b0e6aa
480f67c5b0851c4abdfaa01c251f13d77c623120fc3152a5bdc44a7a8f037162
5470626c1cb006dc237ba4bf23bec65fe01587f39f662b6baef30c818af26f4f
668998e1d8d3abed287cff47bf99066362549b2c7dbc2fe2c21d59c0c386089e
6c55a0f15e0079b8c74489de555377c90e9fdb56d8b3a8b4f08510800b4a5601
84663ec87c3b64d3445837311287ded442519fe751d3e6266fa2a249d04bb30a
86e987d77a9da5f01411b19985a6b4b00326d7b8033d2f9fcadc87f0b04922e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

rustici.atriumhealth.org Open in urlscan Pro 208.69.132.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2515 kBTransfer

2512 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

rustici.atriumhealth.org Open in urlscan Pro
208.69.132.95 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2515 kB
Transfer

2512 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions