rusticationmasterfully.website Open in urlscan Pro
2606:4700:3036::ac43:c690 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.us-east-2.amazonaws.com/cydezftgzetygfdyzetdfzetfze/egfytzegfzetygfdtzetdfetzfze.html?2881956779906094084280318024729544...
Effective URL:
https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source...
Submission: On July 15 via manual (July 15th 2024, 11:58:26 am UTC) from US — Scanned from US

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3036::ac43:c690, located in United States and belongs to CLOUDFLARENET, US. The main domain is rusticationmasterfully.website.
TLS certificate: Issued by GTS CA 1P5 on May 25th 2024. Valid for: 3 months.

This is the only time rusticationmasterfully.website was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	52.219.108.225 52.219.108.225	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3035::ac43:b175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	82.131.160.168 82.131.160.168	12301 (INVITECH) (INVITECH)
1 1	2606:4700:303... 2606:4700:3035::ac43:dc0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 24	2606:4700:303... 2606:4700:3036::ac43:c690	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3032::ac43:d1d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	4

1 52.219.108.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b175 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hautgame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.131.160.168 (Mosonmagyaróvár, Hungary) 1 redirects

ASN12301 (INVITECH, HU)
PTR: omc2-ird-word.taskmass.com

www.extensivelead.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:dc0f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.route2content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:3036::ac43:c690 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rusticationmasterfully.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:d1d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	rusticationmasterfully.website 1 redirects rusticationmasterfully.website	3 MB
4	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 116157 event.trk-consulatu.com — Cisco Umbrella Rank: 262105	3 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	426 KB
1	route2content.com 1 redirects www.route2content.com	854 B
1	extensivelead.com 1 redirects www.extensivelead.com	639 B
1	hautgame.com 1 redirects hautgame.com	743 B
1	amazonaws.com s3.us-east-2.amazonaws.com	547 B
29	7

	Domain	Requested by
24	rusticationmasterfully.website	1 redirects s3.us-east-2.amazonaws.com rusticationmasterfully.website
3	event.trk-consulatu.com	trk-consulatu.com
1	trk-consulatu.com	rusticationmasterfully.website
1	use.fontawesome.com	rusticationmasterfully.website
1	www.route2content.com	1 redirects
1	www.extensivelead.com	1 redirects
1	hautgame.com	1 redirects
1	s3.us-east-2.amazonaws.com
29	8

This site contains no links.

Subject Issuer	Validity	Valid
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2024-02-29` - `2025-02-12`	a year	crt.sh
rusticationmasterfully.website GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
trk-consulatu.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
Frame ID: B66783447B939906ED226E50DF891F40
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lowe's - Survey Rewards

Page URL History Show full URLs

https://s3.us-east-2.amazonaws.com/cydezftgzetygfdyzetdfzetfze/egfytzegfzetygfdtzetdfetzfze.html?28819567799060... Page URL
https://hautgame.com/EGaTTpAJyqiAusrQccUFUBBPzLmXEy&4jwlojdnqMR&127985/203/qaunpylvvb.home.php?sq... HTTP 302
https://www.extensivelead.com/3LKKRHG/SJPDBT7//?sub1=21&sub2=203-127985&sub3=1651-63129-256996 HTTP 302
https://www.route2content.com/37HF1RW/NHJDCCP/?source_id=1621&sub1=1bfd7635021e4657b1219ca466b3300c HTTP 302
https://rusticationmasterfully.website/EB4RNohzcW/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2... HTTP 302
http://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub... HTTP 307
https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

29
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

3568 kB
Transfer

4409 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.us-east-2.amazonaws.com/cydezftgzetygfdyzetdfzetfze/egfytzegfzetygfdtzetdfetzfze.html?288195677990609408428031802472954424910372577726932686368715263747443489469903256575105966114417810 Page URL
https://hautgame.com/EGaTTpAJyqiAusrQccUFUBBPzLmXEy&4jwlojdnqMR&127985/203/qaunpylvvb.home.php?sq=1651-63129&lk=256996-21&page=481 HTTP 302
https://www.extensivelead.com/3LKKRHG/SJPDBT7//?sub1=21&sub2=203-127985&sub3=1651-63129-256996 HTTP 302
https://www.route2content.com/37HF1RW/NHJDCCP/?source_id=1621&sub1=1bfd7635021e4657b1219ca466b3300c HTTP 302
https://rusticationmasterfully.website/EB4RNohzcW/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104 HTTP 302
http://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104 HTTP 307
https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK egfytzegfzetygfdtzetdfetzfze.html
s3.us-east-2.amazonaws.com/cydezftgzetygfdyzetdfzetfze/ 153 B
547 B 494ms
144ms Document
text/html 52.219.108.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-east-2.amazonaws.com/cydezftgzetygfdyzetdfzetfze/egfytzegfzetygfdtzetdfetzfze.html?288195677990609408428031802472954424910372577726932686368715263747443489469903256575105966114417810
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.219.108.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Length: 153
Content-Type: text/html
Date: Mon, 15 Jul 2024 11:58:16 GMT
ETag: "182fbc5f785ab4bd43a4c2d140e7ef3c"
Last-Modified: Sat, 13 Jul 2024 15:07:17 GMT
Server: AmazonS3
x-amz-id-2: GvbM4bB60sHy/BFxCyDovkqeXEJR4oC2MPiGb1a9USNvXxmz9P0d3DJyb3T4ipKUMlSWljrtZO0=
x-amz-request-id: X44T3K7HVHHRFNT5
x-amz-server-side-encryption: AES256

GET
H3

200

Primary Request / Show response
rusticationmasterfully.website/
Redirect Chain

https://hautgame.com/EGaTTpAJyqiAusrQccUFUBBPzLmXEy&4jwlojdnqMR&127985/203/qaunpylvvb.home.php?sq=1651-63129&lk=256996-21&page=481
https://www.extensivelead.com/3LKKRHG/SJPDBT7//?sub1=21&sub2=203-127985&sub3=1651-63129-256996
https://www.route2content.com/37HF1RW/NHJDCCP/?source_id=1621&sub1=1bfd7635021e4657b1219ca466b3300c
https://rusticationmasterfully.website/EB4RNohzcW/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
http://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104

27 KB
6 KB

172ms
171ms

Document
text/html

2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104

Requested by

Host: s3.us-east-2.amazonaws.com
URL: https://s3.us-east-2.amazonaws.com/cydezftgzetygfdyzetdfzetfze/egfytzegfzetygfdtzetdfetzfze.html?288195677990609408428031802472954424910372577726932686368715263747443489469903256575105966114417810

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d29bf42868f67d62b8b767fb5a9904206337c2928d2e346346f329327692da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://s3.us-east-2.amazonaws.com/cydezftgzetygfdyzetdfzetfze/egfytzegfzetygfdtzetdfetzfze.html?288195677990609408428031802472954424910372577726932686368715263747443489469903256575105966114417810#EGaTTpAJyqiAusrQccUFUBBPzLmXEy&4jwlojdnqMR&127985/203/qaunpylvvb.home.php?sq=1651-63129&lk=256996-21&page=481
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8a39947c6de843ac-EWR
content-encoding: br
content-type: text/html
date: Mon, 15 Jul 2024 11:58:19 GMT
expires: Mon, 15 Jul 2024 11:58:18 GMT
last-modified: Wed, 28 Feb 2024 03:34:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hUu%2F3qUn8psCT0aO6ssnQ5LvQCNa6d%2BnB1eXLEA4xrDVb92llUJ9Q4v4hoAHhoHHyuDtAwtTxS10MHN5UpyvuAym1CSbUjc6oBc66EuEbr4PXp%2FcQpMqUrFAWIU5fufveqFiwlwUKNZ1%2Fm6SZcFB65SiG4zm8Z1n1owRbBc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
Non-Authoritative-Reason: HSTS

GET
H3 200 style.css
rusticationmasterfully.website/css/ 15 KB
4 KB 166ms
166ms Stylesheet
text/css 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rusticationmasterfully.website/css/style.css

Requested by

Host: rusticationmasterfully.website
URL: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a68bb39f04e4192e2bc9b6a121127e4c4cb84915b21710f1b8f5db236cf22551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 03:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65dea9da-3d3d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lR0vQVWZxbMb62nlhr9F%2FStUsm2kLcjRhG9Y7dS%2BRlgWK8AMFUyTlLxn970zyOBbCXmO7b4eyHa5s%2FOCsDeTEEKosxdZjEjwbzFryofIe0ptnPdQya4o%2Fxs2Dg828L7ksIUO4DbU8KaGmD9jZCxLUxDQRUXllk6hR4hf%2FM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a39947d9f1b43ac-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 15 Jul 2024 11:58:18 GMT

GET
H3 200 animate.min.css
rusticationmasterfully.website/css/ 70 KB
6 KB 235ms
234ms Stylesheet
text/css 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rusticationmasterfully.website/css/animate.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 03:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65dea9da-11846"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvErbswKn7PdDTbJwIvytJa25CLwdyuk0k8hixEpwsU6QcCl52wVac9UI4Lr3%2Bvl4UKW7lNE%2FcPqVxfYK6r%2FyDP7QTb7i5M%2B7UsDzS7ckroNXUNpCjfTbfRTx9GOMzlDedsKRY7%2BojzWTCBupPGwcL7f%2B7Y1P%2FSvcUQLAuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a39947d9f1c43ac-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 15 Jul 2024 11:58:18 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.15.4/js/ 1 MB
426 KB 675ms
118ms Script
application/javascript 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by: Host: rusticationmasterfully.website
URL: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

Referer: https://rusticationmasterfully.website/
Origin: https://rusticationmasterfully.website
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1702328
etag: W/"5e29440867fdb02a48dffded02338c31"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95dJVoFvaG1COhdhNNV0gJs8rGBv8VHahlp8Bavpj5ddTSKiEU6MWgRGrUchayXOpAWPiDlFuZFt58bKr2XxMdlVGPtAEfyZGpKvdPOgW08yItnvKB3AJBia3Dj72YosAylOFfQSyqKKCzy0XzQ3Sntg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8a3994831c0a8c81-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 datehead.js Show response
rusticationmasterfully.website/js/ 2 KB
1 KB 320ms
319ms Script
application/javascript 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rusticationmasterfully.website/js/datehead.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e095b91cc9a20149cef660cd11b5ea0dfb7b13b511d2841913984bf78354740b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 03:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65dea9da-999"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Og8YCX9zUMwBhnX17%2FN3jZUYVqphEuKDFbEZdpWf2rnNzNeyDcol8emRwyu7dgcNUFJpl8YwGyxBMhzmoHx3urt5VEFqPg6DU%2FMhThhahCSDHbaUmxEuqb3xR7%2BzAHQCytE6ED2YC6pyjiLkR2rph5lp5FWyU7W0wDZB38M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a39947d9f1d43ac-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 15 Jul 2024 11:58:18 GMT

GET
H3 200 logo.png
rusticationmasterfully.website/images/ 16 KB
16 KB 302ms
302ms Image
image/png 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

062ff5a0d641168bd425298eb1ace448e1be8ff48b717b0a6a20a71f472ed501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16033
last-modified: Wed, 28 Feb 2024 03:34:51 GMT
server: cloudflare
etag: "65dea9db-3ea1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2B6MbCgTRZr2%2FhiC9uuOduwigHev%2FK4af7Df9wJ2yZlEnq3aZG4VNPVw%2BDxsnwTm4BQX07%2B3UIGgA1urNmFXjbaPgRh4DQxdN%2FBSr9xfFebdorNaQmLxhU7xZcfMimHEQe7tG9fyb%2FxUYFR49MxrA44SPyUnVoNOF3S3BVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947d9f2043ac-EWR
expires: Mon, 15 Jul 2024 11:58:18 GMT

GET
H3 200 flaglogo.png
rusticationmasterfully.website/images/ 2 KB
2 KB 302ms
301ms Image
image/png 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/flaglogo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1781
last-modified: Wed, 28 Feb 2024 03:34:52 GMT
server: cloudflare
etag: "65dea9dc-6f5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8WFCzU6skrDJCMnjAva1Zbdk2dHLx0yNMYRf5gLsZxEY2KrwGCarcQXEfN4FRzcYcaeXucEidec6dzkkRrQBaHWmYf0mfm1eG4NUiV9Tqa3Y83FIOsh4Ewq0KfuDw0JwWvUrbL8g%2BjdhrgFfqw2yE5UKP%2F%2F4r83v8%2BWw1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947d9f2243ac-EWR
expires: Mon, 15 Jul 2024 11:58:18 GMT

GET
H3 200 product.png
rusticationmasterfully.website/images/ 623 KB
624 KB 172ms
172ms Image
image/png 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/product.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a65d37aa9be4c2e9fa220d097bcf0e7c24f94132971154a8f9054c204c8d7399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 638019
last-modified: Wed, 28 Feb 2024 03:34:51 GMT
server: cloudflare
etag: "65dea9db-9bc43"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gp17FdXAtHdOgLkRXjP0yGD8IKoWbmI%2BBWKy0fNDkX78%2Bkkwh6gRpyPMlrhQoV2ht5FuO%2B98bwcsZMTwYW49k42CAA3eQ5kZb75SQ7vjph1dT2Ubq%2BGdnHlev%2F5rJseL6827%2B68ZU1VOdHlnCDPwfdKugzLm1NUO2STyttk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f78cc43ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 loadingBL.gif
rusticationmasterfully.website/images/ 122 KB
122 KB 329ms
328ms Image
image/gif 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/loadingBL.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1713fcdfdf4715b08d5a6275e3b5a170cb38ec4c37414c25ac281402a2d315d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 124659
last-modified: Wed, 28 Feb 2024 03:34:51 GMT
server: cloudflare
etag: "65dea9db-1e6f3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zc3Ppn%2FTbvWbPTS8wTkPSbrWJ2H%2F%2F6ULRWhm9L%2FTXfJU%2FxXcOepEME90efsGVvRZI5KPc0wlrqe85eX6HKa89OUIbp%2Fel%2FfaQy98y37jsgclzaRYPMqLfSxgZkfuqRRR1czFVQ71%2FhhMbvnXR%2BRGXrX0SvXS3EAqxJkQHeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98dd43ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 prize1.png
rusticationmasterfully.website/images/ 780 KB
781 KB 331ms
327ms Image
image/png 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/prize1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

506ed157210d3a2ff203ee60620957560754bf872771739abdda20f896ac2929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 798627
last-modified: Wed, 28 Feb 2024 03:34:51 GMT
server: cloudflare
etag: "65dea9db-c2fa3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vkzhupTaOG4HUCbNHpmn3Zm3Va4SUSYGPTWTh9x5sOCPdDOWblLaL3PEUj%2FBWA5JmT1dXxJlzYnFFj6Lo7U%2BQruAOH0Pir3AmbrVuK88foSKa9mahS88QR2QNbXmKWK%2B2czC4wvsEaANl9Oe9HNiGNWSBSDMIC8B6gIikFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98e043ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 prize2.png
rusticationmasterfully.website/images/ 802 KB
803 KB 331ms
327ms Image
image/png 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/prize2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58488e52e14422735473e402afa7f04a7bd9ce34d0de3dc45c40167290cf968d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 821354
last-modified: Wed, 28 Feb 2024 03:34:52 GMT
server: cloudflare
etag: "65dea9dc-c886a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q7PrzFzEJmnQidyqmkQYS3IGwHF6z8VEcSLswJuXitzmoOzt2jnXQkWRUciqDjZsQF6aG6XUzQ%2Buk03rhgPsMXMq7UJcqQ2wA3em6ALnzb%2BRP6Dw6ME9cT2j7DUlJ%2B4kgTagncOlkinindy3bglAQLob9pV528sdHPs0uPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98e343ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 1.jpg
rusticationmasterfully.website/images/ 43 KB
43 KB 330ms
326ms Image
image/jpeg 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 43861
last-modified: Wed, 28 Feb 2024 03:34:52 GMT
server: cloudflare
etag: "65dea9dc-ab55"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X9IlH9f3bR3WC9M12ME9qGr%2BE2WTqt6odBnhf5cn2Ks6lYcpsDXFgetNIRKpFX85CZw6fqPR4CG7gokxMaeHvdwfm6gQfKbF0xKbIHhsciH4RFwJUrlJ1ccGyeJykeIhbZ3Uf81QF5o3vqsRsUejb4bPwURQW85ugw%2BvKw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98e443ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 2.jpg
rusticationmasterfully.website/images/ 31 KB
32 KB 238ms
235ms Image
image/jpeg 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31837
last-modified: Wed, 28 Feb 2024 03:34:52 GMT
server: cloudflare
etag: "65dea9dc-7c5d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKl%2B0JS0e7%2Fq%2Bh46yCu5CpIGZrW5KLzRVkSXBzcerYXR%2BCSVuYMczwVIWQmfKplQNCF299IS1c%2F%2FnfTrWjf%2BG6QX%2BcWY6fUFWmrGRqv%2Bm7%2B2QUsaW%2FEdNu5aDItAngdwEng2eaf%2FC5IGf2cGtHAVGTfx6wGcLBo%2BcK%2BHKA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98e743ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 comm_pic_1.jpg
rusticationmasterfully.website/images/ 157 KB
158 KB 911ms
908ms Image
image/jpeg 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/comm_pic_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb328638ec5299884939ac643c544c5d7c9abc3fd0153f21d3380a8c4fdf3ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 161041
last-modified: Wed, 28 Feb 2024 03:34:52 GMT
server: cloudflare
etag: "65dea9dc-27511"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qL8Sbb9aFUPDglKed5rBjA3RXoIZ9NdtxWI%2BHI7jRDqDRRBPxTNwzuP27itVkp%2BX0g3zZFqysZZJ2cp%2Fq1zi4bg3jwVm%2BvdOJwqgc%2FOtXH7P2TbJm0wXvWM98vDO2EDpl3SQx5ORlMO9lJjfEZFih2v2cRqBNLnqfb9tRiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98ea43ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 3.jpg
rusticationmasterfully.website/images/ 64 KB
64 KB 916ms
913ms Image
image/jpeg 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5418439e04d58d4e7d335d1bfc325284a1ce21f426c24d69f8de527da97b7b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 65241
last-modified: Wed, 28 Feb 2024 03:34:52 GMT
server: cloudflare
etag: "65dea9dc-fed9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnpqtxUm2UF%2Fvx4DtQzmovTHGUqKsq7G9T4Cu0NNk6IVssYKAKUNYpckBNcjZ8HfhT%2ByxZqhRcytBaNYscHZyLOBeFB9wno%2BnXQfaZDXbux3mhON9m89qyc%2FvOIB0LEO5tKaIJkAdD6OuMFBxEbF4870QQUc9Hd4qqoK%2BCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98eb43ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 4.jpg
rusticationmasterfully.website/images/ 36 KB
37 KB 918ms
915ms Image
image/jpeg 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/4.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63aec2631ee77fdb2ccf7c41e0e952e25940fd52211aedd73280fcc0ac3ea3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37344
last-modified: Wed, 28 Feb 2024 03:34:51 GMT
server: cloudflare
etag: "65dea9db-91e0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1e6ZwU2DcdKwp9IscoFP8akAkcvIc414hcPyOoh96Xq7z%2FCO%2Fast5D6MiuqxOMyAC74QNDXKifOyq21xdUq9e8J8B6z9dQrAyqgi1fozXJh850H6VXk3q0yqzkkkEXY6IzcVX7zUqlbA7YMnx29jbq5EoLGpmrq%2FWtfc66w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98ec43ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 comm_pic_2.jpg
rusticationmasterfully.website/images/ 84 KB
84 KB 238ms
235ms Image
image/jpeg 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/comm_pic_2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d35d6033649f7ecdb833e1b243fd28dd91f18471ee5e4bb074ad9243200d59e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 85668
last-modified: Wed, 28 Feb 2024 03:34:53 GMT
server: cloudflare
etag: "65dea9dd-14ea4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UtWBytjQLeCQFyzOhkWOFcPDwOTKMKHByupJDsA%2FegXCpi7nitzCcrGqOXLEdDpmtWuzfuxB8AWyuwy6RTmVVhFhTUvlfwHcLuaBeD1GGwONbeyhFawR2dGPHto1JJxcgsgjcL%2BQXnO%2Ftds7Z7C9lsgyJiiJnqA8YpgXKrg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98ee43ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 5.jpg
rusticationmasterfully.website/images/ 44 KB
44 KB 921ms
919ms Image
image/jpeg 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/5.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50866e05aca5676441b1cd638692727cac416ff8532a176a85443da3a667edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 44747
last-modified: Wed, 28 Feb 2024 03:34:51 GMT
server: cloudflare
etag: "65dea9db-aecb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8IzY91%2BMuT0466cT2RPg9fVIkSswj2vfsyI2ZiD7oSoG9etf%2FdFyUhfars5WTWPfVtYUxeQf2tNBzVHUvQrbEK6%2FK7%2BJnzEPo5HD7GFvdPwJAvUrxcScDa7vfjloOkXRcTTkUWofEzvsZXFsnc70WxNpfDFhS0k%2BwhyYPU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98ef43ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 f_guarantee.png
rusticationmasterfully.website/images/ 6 KB
7 KB 238ms
236ms Image
image/png 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/f_guarantee.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6352
last-modified: Wed, 28 Feb 2024 03:34:51 GMT
server: cloudflare
etag: "65dea9db-18d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pa3bMjdK2rIs7ah7C4l6C0gW7jAWJjqiXE%2Bm7CrMOYyduFIBX2lry%2FgnnN7ixCWYYwX%2FPAti5TDKEtfB%2BfPeOishpT6Qwr47OdQE1CKyXqr%2BBw9Xo%2BGcTvFUSEchdj3TeJpCdVHaB7mJRbdgz2atyFnuHqyh9GVawDOAZ2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98f143ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 f_secure_1.png
rusticationmasterfully.website/images/ 10 KB
10 KB 238ms
236ms Image
image/png 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/f_secure_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9862
last-modified: Wed, 28 Feb 2024 03:34:51 GMT
server: cloudflare
etag: "65dea9db-2686"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x273AuChidj60cem0LSk6C5pyuwuunCHQdoT%2FShS6WxkdmNNd1dsYc5DBqBeRXlVOpdYawdTu0ZuXBr7Zo5x02NwyvCjYf6JIzingHcZ23sJcX5U0Ns8TWFXcIEYlpfa7VlXcR6SCzLxac7oEbbaqLqDhqS60DySkQ27dpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98f243ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 logo2.png
rusticationmasterfully.website/images/ 12 KB
12 KB 923ms
921ms Image
image/png 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/logo2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f1f1f9ff6bdb029e73c650e155e51f36335e5e86ac689e940a30bbcebfcca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11804
last-modified: Wed, 28 Feb 2024 03:34:51 GMT
server: cloudflare
etag: "65dea9db-2e1c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5XghuYnLjtB0RHIb0zCg8V8JdmHw0mCV7R9Hg4Qdtksnp%2BWkWxXkXnt33JUFh43OwxXD9iDDwH9N6E3C5ZyZ834olpK90zMjNUGggUZa6Uzn2kAFpZtFDiOV%2BqhG41QfftVJycmFBV2uuvdLmUC71EVo96lpQczlnhdEGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98f343ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 script.js Show response
rusticationmasterfully.website/js/ 8 KB
2 KB 332ms
327ms Script
application/javascript 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rusticationmasterfully.website/js/script.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c03afc2bad8a241e1bf0c1f12e67f938815324a3fe3db4d24a2ae3f4a587605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 03:34:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65dea9da-2075"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsCrT%2FsFLSNzllRuqV%2Fn%2BGLhPJx33G6kncd7WYifMecrry7Re4MZOt8D6WUfc6T5dk%2BVLTu%2BhujNcWKTgXwsC21FyPCwmvraGAeRpBX6xRWeje9i84FKhWqNLfPQADOwLsjGMNxZPkNZqLskenOWHdKG4OSasnXXevgaqM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a39947f98e243ac-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 200 64d5p99gj0 Show response
trk-consulatu.com/scripts/push/script/ 8 KB
3 KB 427ms
127ms Script
application/javascript 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=rusticationmasterfully.website

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af5260db7a29993523222cce2ff7406bb2a05f827cd2a5cecd5787152b022d7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rusticationmasterfully.website/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2520
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 14 Jul 2024 20:04:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ueaqgX6d5G8wxLdudfCC3tBKpX5nkVr1h6VHkPRvs9zaXqC2ZaI3yjVl42wGSAkyLziDJqgQ%2B3LtrVRza8fbblWROxYdjlhbCA155B%2FO0cEBBtTeEDavTCNwDvTm4nuVwg0jGECPwbn3QuSItECvFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges: bytes
cf-ray: 8a3994817832727b-EWR
expires: 0

GET
H3 200 bg.png
rusticationmasterfully.website/images/ 279 KB
279 KB 923ms
922ms Image
image/png 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rusticationmasterfully.website/images/bg.png

Requested by

Host: rusticationmasterfully.website
URL: https://rusticationmasterfully.website/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7361fa35b67601a1925cb46d8f507a20f550a9b360638a9c375b134af7296ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 285302
last-modified: Wed, 28 Feb 2024 03:34:52 GMT
server: cloudflare
etag: "65dea9dc-45a76"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XkkK4MRFtQcRY7bongCX8XDksBvvSo%2Bxmyzzsv4ReDkVKA0xC7SXHJSPt4%2Fm5dfMiPC1M4Zmnil%2F8r4iqApKBbAJ7SQ3mLdW8eeJvKFbwkpGmjMRGT8jIA69%2Bi5dtizKgHm9vlB1IgYocq4gRaCmpwT1lW6BT7rE0ibGvVY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a39947f98f443ac-EWR
expires: Mon, 15 Jul 2024 11:58:19 GMT

GET
H3 404 favicon.ico
rusticationmasterfully.website/ 555 B
627 B 167ms
167ms Other
text/html 2606:4700:3036::ac43:c690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rusticationmasterfully.website/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:c690 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e209d6d6e97cb95d6246e176f50383d75b0ea94345c7cc1c0777e178935db3c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 11:58:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FoL1gzDUdCT4GvddarfJl6YaTSKOqJ5AOk9LQL8Re3uwpzw5m9hB%2BMF0mW%2BpVeGaI6JcJ7FlbVQEnV4n6p8wD6NbsaAkyUwU%2F0j3NJE36pgb2MVkbGMR3D33QekooH2sOUdWsDcaNN6IH50lsOg4YEbSS6DTmW60t6RBaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
permissions-policy: interest-cohort=()
cf-ray: 8a3994864fd743ac-EWR
alt-svc: h3=":443"; ma=86400

POST
H3 200 l4evq5ylg1
event.trk-consulatu.com/register/event_log/ 0
0 105ms
104ms Fetch 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/l4evq5ylg1

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=rusticationmasterfully.website

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rusticationmasterfully.website/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 15 Jul 2024 11:58:22 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B80GpswYG4nV%2FE7Nhu5RmmaB%2BjXfIq94wtUjyJ%2BASGndfpG3Xlo7Cc8ZMdB5Ib2X%2BoknCcse1vPUrIS0gTmEfXoGejJTLFWzYJmOjsPyCj7fOwW9yY9BJM08ykOAi3zHBDY5zXDu1A3JE9qOlRZ%2BRSWKpYVEOg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 8a39948c4a7317c1-EWR
x-pushplatformapp-params

OPTIONS
H3 200 l4evq5ylg1
event.trk-consulatu.com/register/event_log/ 0
0 415ms
111ms Preflight 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/l4evq5ylg1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rusticationmasterfully.website
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a39948b9a1417c1-EWR
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Mon, 15 Jul 2024 11:58:22 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02ELfgJq4PP7Sl%2B8LtAsDpBL5XAAo5Kp9xJmvnSGfKIndwaG0ccX%2FlJrmf71C9Ok8uJvHX4oXlXfZ5Y%2FUyHEU%2B%2BH5j%2B2WBMcO09ooAliyUoRTPMUBrUXXLxwgQp5njeGS%2BNtoqrEVG43rSPoaRsS9lyfASpkAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 200 l4evq5ylg1
event.trk-consulatu.com/register/event_log/ 0
0 106ms
105ms Fetch 2606:4700:3032::ac43:d1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/l4evq5ylg1

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=rusticationmasterfully.website

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d1d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rusticationmasterfully.website/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json

Response headers

expires: 0
date: Mon, 15 Jul 2024 11:58:22 GMT
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ignAnxu6tCLMweFCE53fgvYLXn7EQ6M%2Bcv5uJnDGj6tDL1Hnow4tDsLowLGR394shfYSftwK8UzB09Q4m6VIrWwebylICl%2B5nwAyXm3S%2FWGVAtsMpLBjE7znSe9JpQ%2FKTJyBJ45M5GnW4IbKd94Vs%2Fyo1ZcWYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray: 8a399490fd7717c1-EWR
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.route2content.com/	1970-01-20 22:05:31	Name: uniqueClick_NHJDCCP Value: 4eb0404c-97de-4d6c-af07-1dfb0ef76f70:1721044698
www.route2content.com/	1970-01-21 00:13:40	Name: transaction_id Value: c1140fe85765435a8d804b40dad3696d
rusticationmasterfully.website/	1969-12-31 23:59:59	Name: SESSIONIDS Value: EB4RNohzcW

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rusticationmasterfully.website/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://rusticationmasterfully.website/?encoded_value=279768Q&sub1=1bfd7635021e4657b1219ca466b3300c&sub2=&sub3=&sub4=&sub5=11020&source_id=1621&ip=2600%3A803%3Aa88%3A3104%3A%3A104 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-consulatu.com
hautgame.com
rusticationmasterfully.website
s3.us-east-2.amazonaws.com
trk-consulatu.com
use.fontawesome.com
www.extensivelead.com
www.route2content.com
2606:4700:3032::ac43:d1d6
2606:4700:3035::ac43:b175
2606:4700:3035::ac43:dc0f
2606:4700:3036::ac43:c690
2606:4700:3037::ac43:8ef5
52.219.108.225
82.131.160.168
062ff5a0d641168bd425298eb1ace448e1be8ff48b717b0a6a20a71f472ed501
385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443
506ed157210d3a2ff203ee60620957560754bf872771739abdda20f896ac2929
5418439e04d58d4e7d335d1bfc325284a1ce21f426c24d69f8de527da97b7b76
58488e52e14422735473e402afa7f04a7bd9ce34d0de3dc45c40167290cf968d
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
63aec2631ee77fdb2ccf7c41e0e952e25940fd52211aedd73280fcc0ac3ea3f7
7361fa35b67601a1925cb46d8f507a20f550a9b360638a9c375b134af7296ac9
7c03afc2bad8a241e1bf0c1f12e67f938815324a3fe3db4d24a2ae3f4a587605
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
97f1f1f9ff6bdb029e73c650e155e51f36335e5e86ac689e940a30bbcebfcca7
a1713fcdfdf4715b08d5a6275e3b5a170cb38ec4c37414c25ac281402a2d315d
a65d37aa9be4c2e9fa220d097bcf0e7c24f94132971154a8f9054c204c8d7399
a68bb39f04e4192e2bc9b6a121127e4c4cb84915b21710f1b8f5db236cf22551
af5260db7a29993523222cce2ff7406bb2a05f827cd2a5cecd5787152b022d7c
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c50866e05aca5676441b1cd638692727cac416ff8532a176a85443da3a667edc
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d35d6033649f7ecdb833e1b243fd28dd91f18471ee5e4bb074ad9243200d59e3
e095b91cc9a20149cef660cd11b5ea0dfb7b13b511d2841913984bf78354740b
e209d6d6e97cb95d6246e176f50383d75b0ea94345c7cc1c0777e178935db3c5
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
f1d29bf42868f67d62b8b767fb5a9904206337c2928d2e346346f329327692da
fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7
fb328638ec5299884939ac643c544c5d7c9abc3fd0153f21d3380a8c4fdf3ff1

rusticationmasterfully.website Open in urlscan Pro 2606:4700:3036::ac43:c690 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

71 %IPv6

7 Domains

8 Subdomains

4 IPs

2 Countries

3568 kBTransfer

4409 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rusticationmasterfully.website Open in urlscan Pro
2606:4700:3036::ac43:c690 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

3568 kB
Transfer

4409 kB
Size

3
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!