rusticcharm.duckdns.org Open in urlscan Pro
198.252.102.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rusticcharm.duckdns.org/
Submission Tags: phishingrod
Submission: On September 07 via api (September 7th 2024, 8:26:19 am UTC) from DE — Scanned from CA

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 198.252.102.191, located in United States and belongs to HAWKHOST, CA. The main domain is rusticcharm.duckdns.org.
TLS certificate: Issued by R11 on September 6th 2024. Valid for: 3 months.

This is the only time rusticcharm.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	198.252.102.191 198.252.102.191	20068 (HAWKHOST) (HAWKHOST)
1	142.251.40.97 142.251.40.97	15169 (GOOGLE) (GOOGLE)
1	104.21.69.153 104.21.69.153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.240.108.68 172.240.108.68	7979 (SERVERS-COM) (SERVERS-COM)
1	172.66.132.114 172.66.132.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.27 149.56.240.27	16276 (OVH) (OVH)
19	6

13 198.252.102.191 (United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.102.191-static.reverse.arandomserver.com

rusticcharm.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.97 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f1.1e100.net

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.69.153 (None, )

ASN13335 (CLOUDFLARENET, US)

split.solusi.eu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.240.108.68 (United States)

ASN7979 (SERVERS-COM, US)

modulecooper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.132.114 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.27 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534106.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	duckdns.org rusticcharm.duckdns.org	114 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 6836 s4.histats.com — Cisco Umbrella Rank: 6819	5 KB
2	modulecooper.com modulecooper.com
1	eu.org split.solusi.eu.org	761 B
1	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 17124	664 B
19	5

	Domain	Requested by
13	rusticcharm.duckdns.org	rusticcharm.duckdns.org
2	modulecooper.com	split.solusi.eu.org rusticcharm.duckdns.org
1	s4.histats.com	s10.histats.com
1	s10.histats.com	rusticcharm.duckdns.org
1	split.solusi.eu.org	rusticcharm.duckdns.org
1	3.bp.blogspot.com	rusticcharm.duckdns.org
19	6

This site contains no links.

Subject Issuer	Validity	Valid
webdisk.urbansketches.duckdns.org R11	`2024-09-06` - `2024-12-05`	3 months	crt.sh
misc-sni.blogspot.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
solusi.eu.org WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
modulecooper.com R10	`2024-08-15` - `2024-11-13`	3 months	crt.sh
s10.histats.com WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
histats.com R11	`2024-08-06` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rusticcharm.duckdns.org/
Frame ID: 3DB77FDD5566F0B1AD75B5C29D74CDD6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rusticcharm.duckdns.org

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

120 kB
Transfer

453 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rusticcharm.duckdns.org/ 31 KB
6 KB 7781ms
7642ms Document
text/html 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 170d98be30d10c22f7630e42a4fa29b39fc5415de91e74e15a85d44291c00dbc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 5612
content-type: text/html; charset=UTF-8
date: Sat, 07 Sep 2024 08:26:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 bootstrap.min.css
rusticcharm.duckdns.org/assets/css/ 156 KB
21 KB 104ms
101ms Stylesheet
text/css 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/assets/css/bootstrap.min.css
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21341
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H2 200 cookiealert.css
rusticcharm.duckdns.org/assets/css/ 12 KB
9 KB 103ms
100ms Stylesheet
text/css 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/assets/css/cookiealert.css
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e8ee5c0176ff8d2466f3c655090a145f0df7ec64a2452f76cbb915f4fe1349f1

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8821
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H2 200 jquery.fancybox.min.css
rusticcharm.duckdns.org/assets/css/ 12 KB
3 KB 103ms
101ms Stylesheet
text/css 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/assets/css/jquery.fancybox.min.css
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2897
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H2 200 style.css
rusticcharm.duckdns.org/themes/masonry-fancybox/ 1 KB
463 B 104ms
103ms Stylesheet
text/css 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/themes/masonry-fancybox/style.css?id=66dc0e25c5ce1
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 7c7296c5ced9662289ad76f60c563724f8128fda8f3125f74ee943156b05236b

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 430
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H2 200 btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 362 B
664 B 103ms
29ms Image
image/gif 142.251.40.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif

Requested by

Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.97 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f1.1e100.net

Software

fife /

Resource Hash

0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 07:53:20 GMT
x-content-type-options: nosniff
age: 1973
content-disposition: inline;filename="btn_close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362
x-xss-protection: 0
server: fife
etag: "v1764"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 08 Sep 2024 07:53:20 GMT

GET
H3 200 d6f51a1ed1d2f145512197f7cd7be46d Show response
split.solusi.eu.org/get/site/js/ 283 B
761 B 883ms
734ms Script
application/javascript 104.21.69.153
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://split.solusi.eu.org/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d

Requested by

Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.69.153 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69e0ca1eb97b75fd2ef3a41415736ae8547978bc6c1681e7036541230a9a48a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 08:26:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvP96v2JiTGZ3tpyHnQ%2Bkqfs8IIkfORb%2BCI6T%2FWO0KF4F984XyjyUsxZvKk2l2AyhB3%2FNa%2Bu5OG5GapVOWT1D%2BuTV4%2BH6v7tmqGyzZTryo8rHuFFl0DoWqKUD5q44Q7sk0XctuXe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8bf5500d8bb25443-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 logo.png
rusticcharm.duckdns.org/assets/img/ 4 KB
4 KB 121ms
120ms Image
image/png 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rusticcharm.duckdns.org/assets/img/logo.png
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e0f46aac3603e35f28790f4a043b151ccf766520612253d5c2acfcaad87c308e

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
last-modified: Sun, 24 Dec 2023 03:36:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4398
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H3 200 jquery-3.4.1.slim.min.js Show response
rusticcharm.duckdns.org/assets/js/ 69 KB
24 KB 53ms
52ms Script
application/javascript 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/assets/js/jquery-3.4.1.slim.min.js
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 0ca6e45fe2a30f705ef026151808e699428c6a811b41add8b7d078fc6ca34d67

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 23897
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H3 200 popper.min.js Show response
rusticcharm.duckdns.org/assets/js/ 21 KB
7 KB 61ms
60ms Script
application/javascript 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/assets/js/popper.min.js
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7231
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H3 200 bootstrap.min.js Show response
rusticcharm.duckdns.org/assets/js/ 59 KB
15 KB 56ms
55ms Script
application/javascript 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/assets/js/bootstrap.min.js
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15247
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H3 200 lazysizes.min.js Show response
rusticcharm.duckdns.org/assets/js/ 7 KB
3 KB 55ms
53ms Script
application/javascript 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/assets/js/lazysizes.min.js
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: dde287e7e2b4495b21edba45ff5f992539dcdaa74b2e75dcf0fef38ca9dfd41f

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3055
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H3 200 jquery.fancybox.min.js Show response
rusticcharm.duckdns.org/assets/js/ 67 KB
21 KB 101ms
99ms Script
application/javascript 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/assets/js/jquery.fancybox.min.js
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20999
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H3 200 cookiealert.js Show response
rusticcharm.duckdns.org/assets/js/ 2 KB
699 B 119ms
118ms Script
application/javascript 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/assets/js/cookiealert.js
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 3cb37cd5a6952e9983dbae04d3fe51d7ae5805c04b779f96dcfc0d2aa50f78ba

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:13 GMT
content-encoding: br
last-modified: Fri, 22 Sep 2023 10:06:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 677
expires: Sat, 14 Sep 2024 08:26:13 GMT

GET
H/1.1 403
Forbidden invoke.js
modulecooper.com/f49c3a4947b1239bea50fdac34c323d0/ 0
0 107ms
32ms Script
application/javascript 172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://modulecooper.com/f49c3a4947b1239bea50fdac34c323d0/invoke.js
Requested by: Host: split.solusi.eu.org
URL: https://split.solusi.eu.org/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 07 Sep 2024 08:26:14 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: modulecooper.com
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
modulecooper.com/3167f7ad3227cb3665961d81553d2558/ 0
0 31ms
30ms Script
application/javascript 172.240.108.68
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://modulecooper.com/3167f7ad3227cb3665961d81553d2558/invoke.js
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 07 Sep 2024 08:26:14 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: modulecooper.com
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 71ms
25ms Script
text/javascript 172.66.132.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: rusticcharm.duckdns.org
URL: https://rusticcharm.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.132.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 47319
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8bf550134b8fab96-YYZ
content-length: 4547

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 102ms
32ms Script
text/html 149.56.240.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4233095&@f16&@g1&@h1&@i1&@j1725697574945&@k0&@l1&@mRusticcharm.duckdns.org&@n0&@o1000&@q0&@r0&@s0&@ten-CA&@u1600&@b1:2965970&@b3:1725697575&@b4:js15_as.js&@b5:-420&@a-_0.2.1&@vhttps%3A%2F%2Frusticcharm.duckdns.org%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534106.ip-149-56-240.net
Software: /
Resource Hash: 0640c2455023506e80ddd4a7793db0844c6fccf62036381678ce2e105940dbc5

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sat, 07 Sep 2024 08:26:15 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H3 200 favicon.ico
rusticcharm.duckdns.org/ 666 B
767 B 54ms
53ms Other
image/x-icon 198.252.102.191
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticcharm.duckdns.org/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.102.191 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.102.191-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: ce208166020f6b9621b55894308b18d8312dd805fe93089c02386b5bd73a9e9d

Request headers

Referer: https://rusticcharm.duckdns.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:26:15 GMT
last-modified: Sun, 24 Dec 2023 03:34:09 GMT
server: LiteSpeed
content-type: image/x-icon
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 666
expires: Sat, 14 Sep 2024 08:26:15 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rusticcharm.duckdns.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8602ef0328dd3dee92c28366632ff41a
rusticcharm.duckdns.org/	1970-01-21 08:07:13	Name: HstCfa4233095 Value: 1725697574945
rusticcharm.duckdns.org/	1970-01-21 08:07:13	Name: HstCla4233095 Value: 1725697574945
rusticcharm.duckdns.org/	1970-01-21 08:07:13	Name: HstCmu4233095 Value: 1725697574945
rusticcharm.duckdns.org/	1970-01-21 08:07:13	Name: HstPn4233095 Value: 1
rusticcharm.duckdns.org/	1970-01-21 08:07:13	Name: HstPt4233095 Value: 1
rusticcharm.duckdns.org/	1970-01-21 08:07:13	Name: HstCnv4233095 Value: 1
rusticcharm.duckdns.org/	1970-01-21 08:07:13	Name: HstCns4233095 Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://split.solusi.eu.org/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://modulecooper.com/f49c3a4947b1239bea50fdac34c323d0/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://split.solusi.eu.org/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://modulecooper.com/f49c3a4947b1239bea50fdac34c323d0/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://modulecooper.com/f49c3a4947b1239bea50fdac34c323d0/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://modulecooper.com/3167f7ad3227cb3665961d81553d2558/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
modulecooper.com
rusticcharm.duckdns.org
s10.histats.com
s4.histats.com
split.solusi.eu.org
104.21.69.153
142.251.40.97
149.56.240.27
172.240.108.68
172.66.132.114
198.252.102.191
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
0640c2455023506e80ddd4a7793db0844c6fccf62036381678ce2e105940dbc5
0ca6e45fe2a30f705ef026151808e699428c6a811b41add8b7d078fc6ca34d67
170d98be30d10c22f7630e42a4fa29b39fc5415de91e74e15a85d44291c00dbc
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3cb37cd5a6952e9983dbae04d3fe51d7ae5805c04b779f96dcfc0d2aa50f78ba
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
69e0ca1eb97b75fd2ef3a41415736ae8547978bc6c1681e7036541230a9a48a1
7c7296c5ced9662289ad76f60c563724f8128fda8f3125f74ee943156b05236b
93d7d214a51f645213446ea00bf9a8b6d6a12ef89f4153b26c687f73664505ab
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
ce208166020f6b9621b55894308b18d8312dd805fe93089c02386b5bd73a9e9d
dde287e7e2b4495b21edba45ff5f992539dcdaa74b2e75dcf0fef38ca9dfd41f
e0f46aac3603e35f28790f4a043b151ccf766520612253d5c2acfcaad87c308e
e8ee5c0176ff8d2466f3c655090a145f0df7ec64a2452f76cbb915f4fe1349f1

rusticcharm.duckdns.org Open in urlscan Pro 198.252.102.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

120 kBTransfer

453 kBSize

8 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

8 Cookies

4 Console Messages

Indicators

rusticcharm.duckdns.org Open in urlscan Pro
198.252.102.191 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

120 kB
Transfer

453 kB
Size

8
Cookies

19 HTTP transactions
0 data transactions