rustic-outlook.com Open in urlscan Pro
35.209.233.145 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rustic-outlook.com/
Submission Tags: phishingrod
Submission: On June 03 via api (June 3rd 2023, 9:43:44 am UTC) from DE — Scanned from DE

Summary HTTP 23 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 35.209.233.145, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is rustic-outlook.com.
TLS certificate: Issued by R3 on June 3rd 2023. Valid for: 3 months.

This is the only time rustic-outlook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
16	35.209.233.145 35.209.233.145		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a		15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003		15169 (GOOGLE) (GOOGLE)
23	4

16 35.209.233.145 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 145.233.209.35.bc.googleusercontent.com

rustic-outlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	rustic-outlook.com rustic-outlook.com	829 KB
3	gstatic.com fonts.gstatic.com	58 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	2 KB
23	3

	Domain	Requested by
16	rustic-outlook.com	rustic-outlook.com
3	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	rustic-outlook.com
23	3

This site contains links to these domains. Also see Links.

Domain
wordpress.org
sharkthemes.com

Subject Issuer	Validity	Valid
*.rustic-outlook.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rustic-outlook.com/
Frame ID: BB6E265140DE91019FB86B52F22F5985
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rustic Outlook – Photography, Custom Handlettering + More

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

23
Requests

91 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

888 kB
Transfer

1264 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/support/article/twenty-twenty-one/
Title: Read the Theme Documentation

Search URL Search Domain Scan URL

URL: https://wordpress.org/support/theme/twentytwentyone/
Title: Check out the Support Forums

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: https://sharkthemes.com/
Title: Shark Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rustic-outlook.com/ 82 KB
24 KB 624ms
147ms Document
text/html 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3aee31c00329045cd458359b017415dbf14b504eeb98d1909a8ea4cfa5528413

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 03 Jun 2023 09:43:38 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://rustic-outlook.com/index.php/wp-json/>; rel="https://api.w.org/", <https://rustic-outlook.com/index.php/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json", <https://rustic-outlook.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache-enabled: True
x-httpd: 1
x-proxy-cache: HIT

GET
H2 200 siteground-optimizer-combined-css-286b83fae51d5044aa168764b7e05033.css
rustic-outlook.com/wp-content/uploads/siteground-optimizer-assets/ 193 KB
27 KB 156ms
155ms Stylesheet
text/css 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-286b83fae51d5044aa168764b7e05033.css
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 143a2d2ae005aeaff5be56bb63e5173f27a0622fa77123a94f39a8d7f8df4064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Fri, 31 Mar 2023 02:53:11 GMT
server: nginx
etag: W/"64264b17-30446"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
757 B 145ms
56ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen%3A200%2C300%2C400%2C500%2C600%2C700%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C900&subset=latin%2Clatin-ext

Requested by

Host: rustic-outlook.com
URL: https://rustic-outlook.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5e4657cbcaf7981518bf6ae740d8cf02e15a1fcde5e954dfee948032104e3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 09:43:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 09:43:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
987 B 142ms
52ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Jost%3A300%2C400%2C500%2C600%2C700&subset=latin%2Clatin-ext

Requested by

Host: rustic-outlook.com
URL: https://rustic-outlook.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

194d1e49dc5f0f4f851403feef40c8e8caa1937f9026e9171bd12e5401b17c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 09:43:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 03 Jun 2023 09:43:39 GMT

GET
H2 200 jquery.min.js Show response
rustic-outlook.com/wp-includes/js/jquery/ 88 KB
30 KB 298ms
298ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 20:06:17 GMT
server: nginx
etag: W/"6425ebb9-15ed7"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 jquery-migrate.min.js Show response
rustic-outlook.com/wp-includes/js/jquery/ 13 KB
5 KB 300ms
299ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 20:06:17 GMT
server: nginx
etag: W/"6425ebb9-3470"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 cropped-fb2-01.jpg
rustic-outlook.com/wp-content/uploads/2021/09/ 8 KB
8 KB 148ms
148ms Image
image/webp 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rustic-outlook.com/wp-content/uploads/2021/09/cropped-fb2-01.jpg
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ad21f9b693e18ae1a3beb08cda89aae1851a4c18a81cf10665cebae043376734

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
last-modified: Sat, 18 Sep 2021 14:53:12 GMT
server: nginx
etag: "6145fd58-1e36"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 7734
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 lazysizes.min.js Show response
rustic-outlook.com/wp-content/plugins/sg-cachepress/assets/js/ 8 KB
4 KB 153ms
153ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Fri, 24 Feb 2023 17:16:06 GMT
server: nginx
etag: W/"63f8f0d6-1ed0"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 navigation.min.js Show response
rustic-outlook.com/wp-content/themes/mik/assets/js/ 2 KB
841 B 149ms
148ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-content/themes/mik/assets/js/navigation.min.js
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4b85e311e9118227c0b2e2c42d921c4a1f14fa7be56ca01edecf2cb3e1ccf429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Sat, 18 Sep 2021 14:52:17 GMT
server: nginx
etag: W/"6145fd21-74b"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 skip-link-focus-fix.min.js Show response
rustic-outlook.com/wp-content/themes/mik/assets/js/ 478 B
460 B 153ms
152ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-content/themes/mik/assets/js/skip-link-focus-fix.min.js
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e7e4f260b83689c2df5efc519b585882326ef0fee07f98294c7132d8c8e1d841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Sat, 18 Sep 2021 14:52:17 GMT
server: nginx
etag: W/"6145fd21-1de"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 imagesloaded.min.js Show response
rustic-outlook.com/wp-includes/js/ 5 KB
2 KB 157ms
156ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-includes/js/imagesloaded.min.js
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Fri, 14 Aug 2020 10:45:46 GMT
server: nginx
etag: W/"5f366b5a-15fd"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 slick.min.js Show response
rustic-outlook.com/wp-content/themes/mik/assets/js/ 40 KB
10 KB 164ms
163ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-content/themes/mik/assets/js/slick.min.js
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b01363be53d0fbd40deade2819859722576fde93c1325291b297318132dabeb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Sat, 18 Sep 2021 14:52:17 GMT
server: nginx
etag: W/"6145fd21-a177"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 isotope.min.js Show response
rustic-outlook.com/wp-content/themes/mik/assets/js/ 34 KB
9 KB 170ms
169ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-content/themes/mik/assets/js/isotope.min.js
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2e97b382358f6e0c9ce1bc7c5a22d2555e1dc128fe93ed66ccf84b75622297e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Sat, 18 Sep 2021 14:52:17 GMT
server: nginx
etag: W/"6145fd21-87bd"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 packery.min.js Show response
rustic-outlook.com/wp-content/themes/mik/assets/js/ 13 KB
4 KB 175ms
174ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-content/themes/mik/assets/js/packery.min.js
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 46ee0900dfe4420e9071f9e90d71bc6816e3f3fa97a0fb4aa01e0794023194f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Sat, 18 Sep 2021 14:52:17 GMT
server: nginx
etag: W/"6145fd21-34ad"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 custom.min.js Show response
rustic-outlook.com/wp-content/themes/mik/assets/js/ 3 KB
1 KB 178ms
178ms Script
application/javascript 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rustic-outlook.com/wp-content/themes/mik/assets/js/custom.min.js
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7701fb8f7945131c673cf2bc537afe1815bb9b5ae82877c3acb772bb45765ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
content-encoding: br
last-modified: Sat, 18 Sep 2021 14:52:17 GMT
server: nginx
etag: W/"6145fd21-bc3"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif

GET slick.woff
rustic-outlook.com/wp-content/themes/mik/assets/fonts/ 0
0

GET slick.ttf
rustic-outlook.com/wp-content/themes/mik/assets/fonts/ 0
0

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 130ms
42ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen%3A200%2C300%2C400%2C500%2C600%2C700%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C900&subset=latin%2Clatin-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rustic-outlook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 16:13:05 GMT
x-content-type-options: nosniff
age: 581434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 16:13:05 GMT

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ 26 KB
26 KB 139ms
50ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost%3A300%2C400%2C500%2C600%2C700&subset=latin%2Clatin-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rustic-outlook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 17:29:44 GMT
x-content-type-options: nosniff
age: 576835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26304
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:29:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 17:29:44 GMT

GET
H2 200 2sDcZG1Wl4LcnbuCJW8zaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 15 KB
16 KB 183ms
95ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCJW8zaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen%3A200%2C300%2C400%2C500%2C600%2C700%2C900%7CPlayfair+Display%3A200%2C300%2C400%2C500%2C600%2C700%2C900&subset=latin%2Clatin-ext

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5c877b2f70eaa51b17f81150decd43027fec02788fec5719be6befb12af115f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rustic-outlook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 17:12:48 GMT
x-content-type-options: nosniff
age: 577851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15792
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:30:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 17:12:48 GMT

GET
H2 200 roses-tremieres-hollyhocks-1884.jpg
rustic-outlook.com/wp-content/themes/twentytwentyone/assets/images/ 280 KB
281 KB 155ms
154ms Image
image/jpeg 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rustic-outlook.com/wp-content/themes/twentytwentyone/assets/images/roses-tremieres-hollyhocks-1884.jpg
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d69f58010e361ff3f135998085e6c2d8d22d710730b813c323cd5123b6214360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
last-modified: Sat, 12 Dec 2020 22:16:04 GMT
server: nginx
etag: "5fd54124-461b6"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 287158
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 in-the-bois-de-boulogne.jpg
rustic-outlook.com/wp-content/themes/twentytwentyone/assets/images/ 270 KB
271 KB 300ms
299ms Image
image/jpeg 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rustic-outlook.com/wp-content/themes/twentytwentyone/assets/images/in-the-bois-de-boulogne.jpg
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 073c6d0831cd8eb3df10f8f24dc2522affe82c8fe015ebf7f0e69e842c1b6657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
last-modified: Sat, 12 Dec 2020 22:16:04 GMT
server: nginx
etag: "5fd54124-4383b"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 276539
expires: Sun, 02 Jun 2024 09:43:39 GMT

GET
H2 200 young-woman-in-mauve.jpg
rustic-outlook.com/wp-content/themes/twentytwentyone/assets/images/ 153 KB
153 KB 300ms
300ms Image
image/jpeg 35.209.233.145
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rustic-outlook.com/wp-content/themes/twentytwentyone/assets/images/young-woman-in-mauve.jpg
Requested by: Host: rustic-outlook.com
URL: https://rustic-outlook.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.233.145 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 145.233.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 14a97212559694b078f618c79dfcb2b508519b18e11f5c38ea7dedb4c3efd4a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rustic-outlook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 03 Jun 2023 09:43:39 GMT
last-modified: Sat, 12 Dec 2020 22:16:04 GMT
server: nginx
etag: "5fd54124-26340"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 156480
expires: Sun, 02 Jun 2024 09:43:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rustic-outlook.com
URL: http://rustic-outlook.com/wp-content/themes/mik/assets/fonts/slick.woff

Domain: rustic-outlook.com
URL: http://rustic-outlook.com/wp-content/themes/mik/assets/fonts/slick.ttf

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend undefined| $ function| jQuery object| mik_l10n object| lazySizes function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| packery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://rustic-outlook.com/(Line 69) Message: Mixed Content: The page at 'https://rustic-outlook.com/' was loaded over HTTPS, but requested an insecure font 'http://rustic-outlook.com/wp-content/themes/mik/assets/fonts/slick.woff'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://rustic-outlook.com/(Line 69) Message: Mixed Content: The page at 'https://rustic-outlook.com/' was loaded over HTTPS, but requested an insecure font 'http://rustic-outlook.com/wp-content/themes/mik/assets/fonts/slick.ttf'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://rustic-outlook.com/ Message: Mixed Content: The page at 'https://rustic-outlook.com/' was loaded over HTTPS, but requested an insecure element 'http://rustic-outlook.com/wp-content/themes/twentytwentyone/assets/images/roses-tremieres-hollyhocks-1884.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rustic-outlook.com/ Message: Mixed Content: The page at 'https://rustic-outlook.com/' was loaded over HTTPS, but requested an insecure element 'http://rustic-outlook.com/wp-content/themes/twentytwentyone/assets/images/in-the-bois-de-boulogne.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rustic-outlook.com/ Message: Mixed Content: The page at 'https://rustic-outlook.com/' was loaded over HTTPS, but requested an insecure element 'http://rustic-outlook.com/wp-content/themes/twentytwentyone/assets/images/young-woman-in-mauve.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
rustic-outlook.com
rustic-outlook.com
2a00:1450:4001:802::200a
2a00:1450:4001:82a::2003
35.209.233.145
073c6d0831cd8eb3df10f8f24dc2522affe82c8fe015ebf7f0e69e842c1b6657
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
143a2d2ae005aeaff5be56bb63e5173f27a0622fa77123a94f39a8d7f8df4064
14a97212559694b078f618c79dfcb2b508519b18e11f5c38ea7dedb4c3efd4a8
194d1e49dc5f0f4f851403feef40c8e8caa1937f9026e9171bd12e5401b17c61
3aee31c00329045cd458359b017415dbf14b504eeb98d1909a8ea4cfa5528413
46ee0900dfe4420e9071f9e90d71bc6816e3f3fa97a0fb4aa01e0794023194f7
4b85e311e9118227c0b2e2c42d921c4a1f14fa7be56ca01edecf2cb3e1ccf429
7701fb8f7945131c673cf2bc537afe1815bb9b5ae82877c3acb772bb45765ac6
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
a5e4657cbcaf7981518bf6ae740d8cf02e15a1fcde5e954dfee948032104e3f4
ad21f9b693e18ae1a3beb08cda89aae1851a4c18a81cf10665cebae043376734
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b01363be53d0fbd40deade2819859722576fde93c1325291b297318132dabeb4
c2e97b382358f6e0c9ce1bc7c5a22d2555e1dc128fe93ed66ccf84b75622297e
c5c877b2f70eaa51b17f81150decd43027fec02788fec5719be6befb12af115f
cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac
d69f58010e361ff3f135998085e6c2d8d22d710730b813c323cd5123b6214360
e7e4f260b83689c2df5efc519b585882326ef0fee07f98294c7132d8c8e1d841
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869