rusticyouthcamp.org.sscottsr.on-rev.com Open in urlscan Pro
50.28.39.106 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rusticyouthcamp.org.sscottsr.on-rev.com/
Submission Tags: phishingrod
Submission: On March 03 via api (March 3rd 2024, 7:55:29 pm UTC) from DE — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 50.28.39.106, located in United States and belongs to LIQUIDWEB, US. The main domain is rusticyouthcamp.org.sscottsr.on-rev.com.
TLS certificate: Issued by R3 on January 2nd 2024. Valid for: 3 months.

This is the only time rusticyouthcamp.org.sscottsr.on-rev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	50.28.39.106 50.28.39.106		32244 (LIQUIDWEB) (LIQUIDWEB)
11	2

10 50.28.39.106 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: quartz.on-rev.com

rusticyouthcamp.org.sscottsr.on-rev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	on-rev.com rusticyouthcamp.org.sscottsr.on-rev.com	722 KB
0	googleapis.com Failed fonts.googleapis.com Failed
11	2

	Domain	Requested by
10	rusticyouthcamp.org.sscottsr.on-rev.com	rusticyouthcamp.org.sscottsr.on-rev.com
0	fonts.googleapis.com Failed	rusticyouthcamp.org.sscottsr.on-rev.com
11	2

This site contains no links.

Subject Issuer	Validity	Valid
www.starlightindustrialgroup.com.sscottsr.on-rev.com R3	`2024-01-02` - `2024-04-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rusticyouthcamp.org.sscottsr.on-rev.com/
Frame ID: E089895990786D52419AC10A9FD4EBEC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RYC

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

722 kB
Transfer

722 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response rusticyouthcamp.org.sscottsr.on-rev.com/	3 KB 3 KB	594ms 116ms	Document text/html	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `51d7845d6dcc29d302ce083cc12bc0f51afe4f3ea773488a2fab53f003be27d1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 2994 content-type text/html; charset=UTF-8 date Sun, 03 Mar 2024 19:55:24 GMT last-modified Sun, 11 Feb 2024 22:08:21 GMT server Apache
GET H2	200	jquery.min.js Show response rusticyouthcamp.org.sscottsr.on-rev.com/js/	94 KB 94 KB	229ms 227ms	Script application/javascript	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/js/jquery.min.js Requested by Host: rusticyouthcamp.org.sscottsr.on-rev.com URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682` Request headers accept-language de-DE,de;q=0.9 Referer https://rusticyouthcamp.org.sscottsr.on-rev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 19:55:24 GMT last-modified Fri, 03 Feb 2023 23:19:04 GMT server Apache accept-ranges bytes content-length 96381 content-type application/javascript
GET H2	200	jquery.dropotron.min.js Show response rusticyouthcamp.org.sscottsr.on-rev.com/js/	4 KB 4 KB	229ms 228ms	Script application/javascript	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/js/jquery.dropotron.min.js Requested by Host: rusticyouthcamp.org.sscottsr.on-rev.com URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `3bbc3935ddae08965d18258446d143acb1f37721a21d6008cd93ce2139938e84` Request headers accept-language de-DE,de;q=0.9 Referer https://rusticyouthcamp.org.sscottsr.on-rev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 19:55:24 GMT last-modified Fri, 03 Feb 2023 23:19:03 GMT server Apache accept-ranges bytes content-length 4271 content-type application/javascript
GET H2	200	skel.min.js Show response rusticyouthcamp.org.sscottsr.on-rev.com/js/	20 KB 20 KB	460ms 458ms	Script application/javascript	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/js/skel.min.js Requested by Host: rusticyouthcamp.org.sscottsr.on-rev.com URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `b110fdf12ba9eecdc103382a4f6b6dc8db84e9b33f5108a2f77d7ea871b1f437` Request headers accept-language de-DE,de;q=0.9 Referer https://rusticyouthcamp.org.sscottsr.on-rev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 19:55:24 GMT last-modified Fri, 03 Feb 2023 23:19:06 GMT server Apache accept-ranges bytes content-length 20069 content-type application/javascript
GET H2	200	skel-layers.min.js Show response rusticyouthcamp.org.sscottsr.on-rev.com/js/	15 KB 15 KB	115ms 114ms	Script application/javascript	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/js/skel-layers.min.js Requested by Host: rusticyouthcamp.org.sscottsr.on-rev.com URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `9bc0b06dcf0233a66b3df7377febdb77a83ca8e24c4e35dfd3950c016fb5e37b` Request headers accept-language de-DE,de;q=0.9 Referer https://rusticyouthcamp.org.sscottsr.on-rev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 19:55:24 GMT last-modified Fri, 03 Feb 2023 23:19:05 GMT server Apache accept-ranges bytes content-length 14922 content-type application/javascript
GET H2	200	init.js Show response rusticyouthcamp.org.sscottsr.on-rev.com/js/	5 KB 5 KB	229ms 227ms	Script application/javascript	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/js/init.js Requested by Host: rusticyouthcamp.org.sscottsr.on-rev.com URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `793cad2a75f19e7879df3f8aa26467bbd4d492e1a11e89756063d9101660e049` Request headers accept-language de-DE,de;q=0.9 Referer https://rusticyouthcamp.org.sscottsr.on-rev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 19:55:24 GMT last-modified Fri, 03 Feb 2023 23:19:02 GMT server Apache accept-ranges bytes content-length 4965 content-type application/javascript
GET H2	200	style.css rusticyouthcamp.org.sscottsr.on-rev.com/css/	12 KB 12 KB	117ms 115ms	Stylesheet text/css	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/css/style.css Requested by Host: rusticyouthcamp.org.sscottsr.on-rev.com URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/js/skel.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `c244feba17fb8e4c4da2b0f068647cfff9961bce77ab07148c4be7374b7a27a4` Request headers accept-language de-DE,de;q=0.9 Referer https://rusticyouthcamp.org.sscottsr.on-rev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 19:55:24 GMT last-modified Fri, 03 Feb 2023 23:19:10 GMT server Apache accept-ranges bytes content-length 12553 content-type text/css
GET H2	200	style-wide.css rusticyouthcamp.org.sscottsr.on-rev.com/css/	239 B 269 B	118ms 116ms	Stylesheet text/css	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/css/style-wide.css Requested by Host: rusticyouthcamp.org.sscottsr.on-rev.com URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/js/skel.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `3ba0b3662be7dc4d2d9a1c35774baeb2c12da563b177debb15e294238ecb46d5` Request headers accept-language de-DE,de;q=0.9 Referer https://rusticyouthcamp.org.sscottsr.on-rev.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 19:55:24 GMT last-modified Fri, 03 Feb 2023 23:19:10 GMT server Apache accept-ranges bytes content-length 239 content-type text/css
GET H2	200	font-awesome.min.css rusticyouthcamp.org.sscottsr.on-rev.com/css/	17 KB 17 KB	118ms 117ms	Stylesheet text/css	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/css/font-awesome.min.css Requested by Host: rusticyouthcamp.org.sscottsr.on-rev.com URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8` Request headers accept-language de-DE,de;q=0.9 Referer https://rusticyouthcamp.org.sscottsr.on-rev.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 19:55:24 GMT last-modified Fri, 03 Feb 2023 23:19:03 GMT server Apache accept-ranges bytes content-length 17780 content-type text/css
GET		css fonts.googleapis.com/	0 0

GET H2	200	banner.jpg rusticyouthcamp.org.sscottsr.on-rev.com/images/	551 KB 552 KB	354ms 353ms	Image image/jpeg	50.28.39.106 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://rusticyouthcamp.org.sscottsr.on-rev.com/images/banner.jpg Requested by Host: rusticyouthcamp.org.sscottsr.on-rev.com URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 50.28.39.106 , United States, ASN32244 (LIQUIDWEB, US), Reverse DNS quartz.on-rev.com Software Apache / Resource Hash `402adf8feb2e812105e2de8bc8ce3663fc5eec0e339f313f5a8ba88efa344572` Request headers accept-language de-DE,de;q=0.9 Referer https://rusticyouthcamp.org.sscottsr.on-rev.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Sun, 03 Mar 2024 19:55:25 GMT last-modified Fri, 03 Feb 2023 23:19:03 GMT server Apache accept-ranges bytes content-length 564702 content-type image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://rusticyouthcamp.org.sscottsr.on-rev.com/ Message: Mixed Content: The page at 'https://rusticyouthcamp.org.sscottsr.on-rev.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
rusticyouthcamp.org.sscottsr.on-rev.com
fonts.googleapis.com
50.28.39.106
3ba0b3662be7dc4d2d9a1c35774baeb2c12da563b177debb15e294238ecb46d5
3bbc3935ddae08965d18258446d143acb1f37721a21d6008cd93ce2139938e84
402adf8feb2e812105e2de8bc8ce3663fc5eec0e339f313f5a8ba88efa344572
51d7845d6dcc29d302ce083cc12bc0f51afe4f3ea773488a2fab53f003be27d1
793cad2a75f19e7879df3f8aa26467bbd4d492e1a11e89756063d9101660e049
9bc0b06dcf0233a66b3df7377febdb77a83ca8e24c4e35dfd3950c016fb5e37b
b110fdf12ba9eecdc103382a4f6b6dc8db84e9b33f5108a2f77d7ea871b1f437
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c244feba17fb8e4c4da2b0f068647cfff9961bce77ab07148c4be7374b7a27a4

rusticyouthcamp.org.sscottsr.on-rev.com Open in urlscan Pro 50.28.39.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

722 kBTransfer

722 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

rusticyouthcamp.org.sscottsr.on-rev.com Open in urlscan Pro
50.28.39.106 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

722 kB
Transfer

722 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions