rusticrefugee.com Open in urlscan Pro
104.18.11.62 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rusticrefugee.com/
Submission Tags: phishingrod
Submission: On February 02 via api (February 2nd 2024, 12:27:47 pm UTC) from DE — Scanned from DE

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 65 HTTP transactions. The main IP is 104.18.11.62, located in and belongs to CLOUDFLARENET, US. The main domain is rusticrefugee.com.
TLS certificate: Issued by GTS CA 1P5 on December 5th 2023. Valid for: 3 months.

This is the only time rusticrefugee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.18.11.62 104.18.11.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2606:4700:440... 2606:4700:4400::ac40:9638	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	47.252.45.108 47.252.45.108	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:440... 2606:4700:4400::6812:2b8a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:201c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
65	9

7 104.18.11.62 (None, )

ASN13335 (CLOUDFLARENET, US)

rusticrefugee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700:4400::ac40:9638 (United States)

ASN13335 (CLOUDFLARENET, US)

statics.hotishop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.hotishop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 47.252.45.108 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

upselling.apps.seabroadnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o467009.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2b8a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.wshopon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:201c (United States)

ASN13335 (CLOUDFLARENET, US)

pixel-conversion.apps.seabroadnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	hotishop.com statics.hotishop.com — Cisco Umbrella Rank: 483347 cdn.hotishop.com — Cisco Umbrella Rank: 204722	2 MB
7	rusticrefugee.com rusticrefugee.com	90 KB
5	seabroadnet.com upselling.apps.seabroadnet.com — Cisco Umbrella Rank: 130090 pixel-conversion.apps.seabroadnet.com — Cisco Umbrella Rank: 130234	927 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	74 KB
3	wshopon.com cdn.wshopon.com — Cisco Umbrella Rank: 242620	8 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	247 B
1	sentry.io o467009.ingest.sentry.io — Cisco Umbrella Rank: 128074	324 B
65	7

	Domain	Requested by
22	cdn.hotishop.com	rusticrefugee.com
18	statics.hotishop.com	rusticrefugee.com statics.hotishop.com
7	rusticrefugee.com	statics.hotishop.com rusticrefugee.com
4	upselling.apps.seabroadnet.com	statics.hotishop.com
4	connect.facebook.net	rusticrefugee.com connect.facebook.net
3	cdn.wshopon.com	rusticrefugee.com statics.hotishop.com
3	www.facebook.com	rusticrefugee.com
1	pixel-conversion.apps.seabroadnet.com	rusticrefugee.com
1	o467009.ingest.sentry.io	statics.hotishop.com
65	9

This site contains no links.

Subject Issuer	Validity	Valid
rusticrefugee.com GTS CA 1P5	`2023-12-05` - `2024-03-04`	3 months	crt.sh
hotishop.com GTS CA 1P5	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-11` - `2024-02-09`	3 months	crt.sh
upselling.apps.seabroadnet.com R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
*.apps.seabroadnet.com E1	`2023-12-26` - `2024-03-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rusticrefugee.com/
Frame ID: 4ED33D1899A3155F1C195F8641EA3040
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rusticrefugee.com

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

97 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

2249 kB
Transfer

4890 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rusticrefugee.com/ 371 KB
79 KB 1317ms
203ms Document
text/html 104.18.11.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98bf2052b54f18579fed766a8bbb48030acef1e72cac17eb5723f8a9dcd5883a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 84f26dfca98f1e4c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Feb 2024 12:27:41 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 index.css
statics.hotishop.com/js/element-ui/2.13.0/theme-chalk/ 227 KB
34 KB 67ms
30ms Stylesheet
text/css 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/js/element-ui/2.13.0/theme-chalk/index.css
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c954d6f71089537dd993b791472192bd20cdbe29cd71dfeb8adf8dc24f61103d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: Y265X0CNKM2DY60A
age: 6022
x-amz-server-side-encryption: AES256
x-amz-id-2: sWUK1fhMHNtEv0hvILHZOuaBfKtPPN7D5QoVjYERsnZZoAWEfcXTvvFrw01G6buF0sGGCBFUSEE=
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
server: cloudflare
etag: W/"d28b24857449b697847be95be3d3701d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 84f26dfe9e011c7f-FRA
expires: Fri, 02 Feb 2024 16:27:41 GMT

GET
H2 200 fonts.061b05.css
statics.hotishop.com/static/v1.42.119/store/vogue/css/ 53 KB
37 KB 54ms
17ms Stylesheet
text/css 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/css/fonts.061b05.css
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4932f9ca52191ff578e2cf937fe57af32bf306e463436462865e04f2a3a2d63b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: NX7HNRMVFGWP1BPV
age: 98575
x-amz-server-side-encryption: AES256
x-amz-id-2: mN/z61e5xopSUJciOjU9s8WkWiLZAQgEFYjvvGOfU9SFE737bZfsLcQsgOhaj9mxeiloEKGsuTc=
last-modified: Wed, 31 Jan 2024 12:48:33 GMT
server: cloudflare
etag: W/"083a3b18794ef2d1217ac73a2a283af1"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 84f26dfe9dfd1c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
H2 200 Mulish-Regular.woff2
statics.hotishop.com/fonts-ttf/ 39 KB
39 KB 221ms
184ms Font
binary/octet-stream 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/fonts-ttf/Mulish-Regular.woff2
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 826df5d3bdf243dbbe9d554e60c04de26ae2eed4eda21d0ac0addeef47a09d7e

Request headers

Referer: https://rusticrefugee.com/
Origin: https://rusticrefugee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
cf-cache-status: MISS
x-amz-request-id: BZE2CWB2R86G58C7
x-amz-server-side-encryption: AES256
content-length: 39456
x-amz-id-2: xEsKjRD7LdPmcH2bFeyc6e0QaNPQbSbmjYvemZITPvxcX7f+7c3rmHFu7N2QipG06x8kY780nuU=
last-modified: Tue, 20 Sep 2022 06:22:58 GMT
server: cloudflare
etag: "28547c4921422a1a6d77de9a45c5cd87"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, DELETE, PUT, POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84f26dfe9922365a-FRA
expires: Fri, 02 Feb 2024 16:27:41 GMT

GET
H2 200 jquery.min.js Show response
statics.hotishop.com/js/jquery/3.6.0/ 87 KB
30 KB 64ms
27ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/js/jquery/3.6.0/jquery.min.js
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5DS5YZKJX48E308Z
age: 6165
x-amz-server-side-encryption: AES256
x-amz-id-2: d3wP5lwiR4wW3K8jHwTdXeFJ7avXrwPH8RfRDHH4RckOxXds9AJSTllXz8szfILdF3/Td9Xsja6VU2I/Rt3eKg==
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
server: cloudflare
etag: W/"0732e3eabbf8aa7ce7f69eedbd07dfdd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84f26dfe9e031c7f-FRA
expires: Fri, 02 Feb 2024 16:27:41 GMT

GET
H2 200 bootstrap.min.js Show response
statics.hotishop.com/js/bootstrap/4.6.1/js/ 61 KB
15 KB 56ms
20ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/js/bootstrap/4.6.1/js/bootstrap.min.js
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b107098fc8b361ce610dba0d1656c620c725311e51d4417c7c57c8bda369e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: N3QZS1ZDMNEHBHZ9
age: 5798
x-amz-server-side-encryption: AES256
x-amz-id-2: RyQx+vT3vef+PM25+io4bcXnNwGVPTE35GEZyeCRkMLVYw+Ii5HcxHeaaK+IHsw0oisdoYO6E34=
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
server: cloudflare
etag: W/"55d39b6bff845a12b1f838acb73c444c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84f26dfe9e081c7f-FRA
expires: Fri, 02 Feb 2024 16:27:41 GMT

GET
H2 200 vue.min.js Show response
statics.hotishop.com/js/vue/2.6.14/ 92 KB
34 KB 60ms
24ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/js/vue/2.6.14/vue.min.js
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e28a8fb9b74533ece152229dafcc3ebc0f4b3dcd62879df115706bce55927d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: HFP5TGW27R251XAT
age: 187
x-amz-server-side-encryption: AES256
x-amz-id-2: WPf6YF5vMISYqsx8zRf/dfoqjXsfLig4P35CSK+ywCdmUUsgtj8YamZQQqZDIQ6ajgvfyOSORv8=
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
server: cloudflare
etag: W/"0a9a4681294d8c5f476687eea6e74842"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84f26dfe9e061c7f-FRA
expires: Fri, 02 Feb 2024 16:27:41 GMT

GET
H2 200 index.js Show response
statics.hotishop.com/js/element-ui/2.13.0/ 554 KB
141 KB 61ms
25ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/js/element-ui/2.13.0/index.js
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f66cb165dbbf011418cff8a277801fe0aa86484b89809ee6825aeb9b0a34499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 2M3RF4NA4RTY5QVD
age: 6854
x-amz-server-side-encryption: AES256
x-amz-id-2: CpvUKiOlHfFYFN9lshjKBPMYH7OR8jx60kQ3CRMk0gaXjGNvovtDyfa7171TBQ66oZdvjEEo+gG4QPZpMDuW5w==
last-modified: Tue, 20 Sep 2022 06:20:37 GMT
server: cloudflare
etag: W/"aad8e2ee90fb795b70705b06c69a8367"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84f26dfe9e161c7f-FRA
expires: Fri, 02 Feb 2024 16:27:41 GMT

GET
H2 200 themeBasic.061b05.js Show response
statics.hotishop.com/static/v1.42.119/store/js/common/ 188 KB
48 KB 58ms
22ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/js/common/themeBasic.061b05.js
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfef151f4b97eb2d8d94be47a161899d366484328189d23650e47dfa9baf36ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: W6FPBQW4JNVH4YF3
age: 98574
x-amz-server-side-encryption: AES256
x-amz-id-2: btGZoVG0VVN2bDmTSlOoMR6Z48bdgn05QjtGhBY8YUOUfQx9yQIdOZOtq58KS62NkOkVsH7wboI=
last-modified: Wed, 31 Jan 2024 12:48:31 GMT
server: cloudflare
etag: W/"941320cb0db1fb4e6f0ba52adb366a6c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84f26dfe9e0b1c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
H2 200 app.83bf5d.js Show response
statics.hotishop.com/static/v1.42.119/store/vogue/js/ 598 KB
160 KB 61ms
25ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/app.83bf5d.js
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0a0d62d900330b7d4d2ee9049e95d89c573e602b8886eb3254d70d55c5842d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 3BB1HWK84D8PMPMR
age: 98559
x-amz-server-side-encryption: AES256
x-amz-id-2: JkM5DIRYfvsn5XjTFZKNsztt8vlDCs2seYjeHDSApS/B6aeNRz9dX9yLVHHvvcHKYH1TwWo0R08=
last-modified: Wed, 31 Jan 2024 12:48:44 GMT
server: cloudflare
etag: W/"2b2b2a187fd347647ff07158cf25220a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84f26dfe9e0d1c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
H2 200 header.d13055.js Show response
statics.hotishop.com/static/v1.42.119/store/vogue/js/modules/ 24 KB
6 KB 57ms
21ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/modules/header.d13055.js
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 133e8f3ef7c99237daf0039165a13fd492d5fa620ac5d79600e04faa0396d780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: R5HGCW53EPCAVS9Z
age: 98553
x-amz-server-side-encryption: AES256
x-amz-id-2: /5GLmX3wLk2YyYqPUvFRdfQDKnIdAB3wxZ50FY2lcMFn1UARdBOyMud5feTQEOZqU5abRmTTzGM=
last-modified: Wed, 31 Jan 2024 12:48:37 GMT
server: cloudflare
etag: W/"52eb5f7b51abae513828f85445efafd6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84f26dfe9e111c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
H2 200 inject.js Show response
statics.hotishop.com/apps/us/ 801 KB
215 KB 19ms
19ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/apps/us/inject.js
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98908eb6c5557c2c1e31beae75bff1feaace0eeefd20fd9cbf2657e1a31158a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: KP1074P45XFPMTQH
age: 34130
x-amz-server-side-encryption: AES256
x-amz-id-2: QdyIyEw6n2KTzN6DPa2hT5WzwlJghu2wFvLELBDGmw0PwaGu8AdhoIUSp8aIFiQ76uMn0YQSnq0EYxQBzoO+OA==
last-modified: Mon, 29 Jan 2024 07:00:44 GMT
server: cloudflare
etag: W/"dd6fbfa8b2b6f7bb95b7e029a8e0e878"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 84f26dfeae281c7f-FRA
expires: Fri, 09 Feb 2024 12:27:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 46ms
13ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Feb 2024 12:27:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57202
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: yfVmLOxh+UNJ2EeB+o4gkdLk01fn497unNavfFW3z9gwfFLAgBVnYKuMOUPIJ7V40HKfTC5VO6IkHVMMb+PM2A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6127a233396d49ed2af448483fde6a301d4846bf-50.jpeg
cdn.hotishop.com/image/ 940 B
1 KB 324ms
306ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/6127a233396d49ed2af448483fde6a301d4846bf-50.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb54e9f08a594225b957397a3801c008a0efe2abc2ad70c926c3fc7c4a57edd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 10:08:36 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf2g97EKvOgzi5R-tOIchSTCp0OQWGUuv3ZhIxTp0bDQ:07cd06b1e4215965c10f0c454da597a2"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26dfe9e171c7f-FRA
content-length: 940
cf-resized: internal=ok/m q=0 n=166+0 c=3+1 v=2024.1.3 l=940

GET
H2 200 6127a233396d49ed2af448483fde6a301d4846bf-1600.jpeg
cdn.hotishop.com/image/ 266 KB
266 KB 484ms
467ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/6127a233396d49ed2af448483fde6a301d4846bf-1600.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cc04aa5ef7f786ea30d14ebc5adbf6cbd7b3939a38efd53b764ddceb800438d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 10:08:36 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf2g97EKvOgzi5R-tOIchSTCp0XTh8i3Mn6pd65kyUDQ:07cd06b1e4215965c10f0c454da597a2"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26dfe9e181c7f-FRA
content-length: 271874
cf-resized: internal=ram/m q=0 n=165+0 c=5+122 v=2024.1.3 l=271874

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Muli.woff2
statics.hotishop.com/fonts-ttf/v1/ 34 KB
34 KB 181ms
180ms Font
binary/octet-stream 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/fonts-ttf/v1/Muli.woff2
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b14e2a7eb86c2b888f03d81b55ca4d016d4a357a4ea047cbea2c412d7cb5f88

Request headers

Referer: https://rusticrefugee.com/
Origin: https://rusticrefugee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
cf-cache-status: MISS
x-amz-request-id: BZE9KS8VW26MKPCC
x-amz-server-side-encryption: AES256
content-length: 34864
x-amz-id-2: TcuT5NuGRoW7joqWIzI6AAV3AdCRFbNKrjlXwg2SY+bCMFfCsA0GmqXbD3MN8CIQJWIMLT51pz5KvJqvD47D/g==
last-modified: Tue, 20 Sep 2022 06:24:21 GMT
server: cloudflare
etag: "0c521373f8a378c0036fcd33d833d047"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, DELETE, PUT, POST
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84f26dfea936365a-FRA
expires: Fri, 02 Feb 2024 16:27:41 GMT

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b013d4548a8294cf5660adc6cf9679d954b46fa23f6effd3822aea1cbc440a75

Request headers

Referer
Origin: https://rusticrefugee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 6 KB
6 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d358d862dbd79fc4e7a7753d4d5c515caf403e3742d3bbc1a788e632306e586

Request headers

Referer
Origin: https://rusticrefugee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

POST
H2 200 customers Show response
upselling.apps.seabroadnet.com/api/ 114 B
272 B 117ms
117ms Fetch
application/json 47.252.45.108
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://upselling.apps.seabroadnet.com/api/customers

Requested by

Host: statics.hotishop.com
URL: https://statics.hotishop.com/apps/us/inject.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.252.45.108 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

dc7c774904b9f331310dfd79426b9b3f9b0b7c31d6e69a6ad49296ad90f15a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://rusticrefugee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 12:27:41 GMT
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

OPTIONS
H2 204 customers
upselling.apps.seabroadnet.com/api/ 0
0 339ms
110ms Preflight 47.252.45.108
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://upselling.apps.seabroadnet.com/api/customers

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.252.45.108 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rusticrefugee.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
date: Fri, 02 Feb 2024 12:27:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 256625110505278 Show response
connect.facebook.net/signals/config/ 52 KB
11 KB 102ms
101ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/256625110505278?v=2.9.144&r=stable&domain=rusticrefugee.com&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6895c64717048d4d9a6e4cd3bfff8c5acb5febf6d027f7c0d6b676a1683b4716

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Feb 2024 12:27:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: rgG8Xl26Dwd4T0y/GaZukBogYTtmz8XJC2aEC+Tn0JmXpCbele1UKrPj9zAIumzpqcGCYZ4DH992aKnVENZivg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sentry.c8b455.js Show response
statics.hotishop.com/static/v1.42.119/store/chunk/ 104 KB
32 KB 20ms
20ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/sentry.c8b455.js
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/app.83bf5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d478073955fc74705a2d5e822722063031c0d283f3d8bf70f0fc9c66a5e0658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: CTQR23F6E8327DGJ
age: 98552
x-amz-server-side-encryption: AES256
x-amz-id-2: PYx0rZzrI+79XG/s7LeinOvBPZ/Jk0AfJgDMuRnGF5Nk9KOlDP+/vFw/f8hqoNfXHGLlmJb+4EI=
last-modified: Wed, 31 Jan 2024 12:49:16 GMT
server: cloudflare
etag: W/"1e5da7bf658489fbd4f183e0f4cb0062"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84f26dff9f3b1c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
H2 200 exchanges Show response
rusticrefugee.com/api/store/ 2 KB
2 KB 176ms
176ms XHR
application/json 104.18.11.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticrefugee.com/api/store/exchanges
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/app.83bf5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7fac1e02d28f124c02660a96ad63f1c509b3cb185bd6d0da7e03c971637299e

Request headers

Accept: application/json, text/plain, */*
Referer: https://rusticrefugee.com/
X-XSRF-TOKEN: eyJpdiI6ImdwaFNxam5URnlqdlBJbUM1a1BTS0E9PSIsInZhbHVlIjoiRnp1SW1Yclpwa2xPMm01R3JqRVRVMjhHRVFUS21zVUJpNlhGNHM2bDBUb3RtaWJCSlRra3dxaDFidWJQRzR1R0F0SWt1MVFVdTVXYTlWYTh4RGx5dWdvaU1iZGZ0WUJSa1BZZ1hWNVRsbjljbVBWNHVDeTZqcHY3b2VxQVpqNXciLCJtYWMiOiI3NmYwNWYwMDVlNzU5YTkyMTM4YTNiOGM2Yjg4NzAxZDE5ZjIxMTg4MGQ2ZmQ2MWE4NmVhMTlkMmRjN2MwNTlhIn0=
accept-language: de-DE,de;q=0.9
X-LANG: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"8ae19e6c5bf7e3436694f64fd6c929dc5adb222f"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
cf-ray: 84f26dffbe001e4c-FRA

GET
H2 200 hotSales.6dbe93.js Show response
statics.hotishop.com/static/v1.42.119/store/vogue/js/modules/ 7 KB
3 KB 32ms
32ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/modules/hotSales.6dbe93.js
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/app.83bf5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 081755eed94cb3fd7a1744bd1014ba9fdc00c1eeb6d22a1ebab774855aecf993

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 557H7KG89D88GREK
age: 98434
x-amz-server-side-encryption: AES256
x-amz-id-2: PK85piaCVa6GVu+5fVkyhPMJMExAwXQDJ2cVR+l7WUx0ynNal9zTvys9ZNvA5wCUnhRjPfpNqlk=
last-modified: Wed, 31 Jan 2024 12:48:39 GMT
server: cloudflare
etag: W/"da763ffcb0cd6106785376bd41b3c813"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84f26dffdf851c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
H2 200 collections.ad36a3.js Show response
statics.hotishop.com/static/v1.42.119/store/vogue/js/modules/ 3 KB
1 KB 35ms
35ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/modules/collections.ad36a3.js
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/app.83bf5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c9651443965df5faf60d1c1c603bee164f23578eaffc223462ed41ae92d2ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 557MF6A82P6WNT55
age: 98434
x-amz-server-side-encryption: AES256
x-amz-id-2: mKBS8VYfOZqmp7O2voOaVIQd26eygaJXfh/LCzKwL+CN7UDU66klmMI7RoB3ABy31nqt8rSAErg=
last-modified: Wed, 31 Jan 2024 12:48:39 GMT
server: cloudflare
etag: W/"6618e32ab5cad04e09644c00d05ef72a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84f26dffdf871c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed717cc4576a89acaf3ddc8b3bfff05906147dc24805e8c8a5792ab8995b3561

Request headers

Referer
Origin: https://rusticrefugee.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H2 200 / Show response
o467009.ingest.sentry.io/api/6247921/envelope/ 2 B
324 B 64ms
13ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o467009.ingest.sentry.io/api/6247921/envelope/?sentry_key=8cd10bc007dc4facaae097f3cdfc5e49&sentry_version=7

Requested by

Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/sentry.c8b455.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rusticrefugee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 649653117093217 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 130ms
130ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/649653117093217?v=2.9.144&r=stable&domain=rusticrefugee.com&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99%2C173%2C172%2C174%2C179%2C180%2C181%2C177%2C169%2C115%2C168%2C170%2C106%2C135%2C128%2C131%2C112%2C164%2C204%2C100%2C205%2C142%2C104%2C126%2C119%2C107

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

122d2127dbf45f4855a23b1844365959d8fc834d986e4035721841214eec0e43

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Feb 2024 12:27:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: d8sIeKwp8Y1rV6EPYrh8FwSbBoegfI3ogfxgx5UDg3s5op+LNMU+ir+6s4VwRHrc2mVRH8RCn4oZKQBXr4qF8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 0ec786869941381f26361d89f1ec94426ae58d67-100.jpeg
cdn.hotishop.com/image/ 4 KB
5 KB 138ms
138ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/0ec786869941381f26361d89f1ec94426ae58d67-100.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

818befe03c714bcd6458771142a88ab92fed27ec0e23bc8e8682fbb875336672

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 12 Oct 2023 03:36:42 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfengUeipcq-sZ8UHUk09w9VGtf3Q-22UukrmHzIgBDQ:d0ba64b6911e69ed7a35c09d56f374b7"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e001fc11c7f-FRA
content-length: 4460
cf-resized: internal=ram/m q=0 n=0+0 c=3+3 v=2024.1.3 l=4460

GET
H2 200 e818e12e3f2a85578073ca778244b2e44b885119-100.jpeg
cdn.hotishop.com/image/ 4 KB
5 KB 130ms
130ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/e818e12e3f2a85578073ca778244b2e44b885119-100.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb689632b781562028c9debcf510e03ef92ac41916b3d4da692b7d6c2caa483

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 02:02:15 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfae7aVqGJbC9ccwHOVP53uTDAf3Q-22UukrmHzIgBDQ:87dda05c4c6e154dfe110175af4fc186"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e001fc41c7f-FRA
content-length: 4470
cf-resized: internal=ok/m q=0 n=58+0 c=1+4 v=2024.1.3 l=4470

GET
H2 200 7e910e0f2c44c84eb4d67dd7faea565b23f68810-100.jpeg
cdn.hotishop.com/image/ 3 KB
3 KB 224ms
224ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/7e910e0f2c44c84eb4d67dd7faea565b23f68810-100.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de6f5aad27d7fd10aae9c6674518c54ec344e60c7d31dec152e81290080ba69a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 06:19:19 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfhjy3jzwcoCEmOJli2MpECboZf3Q-22UukrmHzIgBDQ:5a12f0f5700e7e9a3131a8a5679fd3c0"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e001fc81c7f-FRA
content-length: 3210
cf-resized: internal=ok/m q=0 n=82+0 c=2+2 v=2024.1.3 l=3210

GET
H2 200 c344808839a59956dc086b9501b970a2582cf536-100.jpeg
cdn.hotishop.com/image/ 4 KB
4 KB 241ms
241ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/c344808839a59956dc086b9501b970a2582cf536-100.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e5ecb5e082b5eea03be619557107ab27f0147ffe2b8555ed8988b1888e0cf9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 15 May 2023 08:45:52 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfF6VECOgEky7yEFcIrRui9mACf3Q-22UukrmHzIgBDQ:9a873ef146397d7f4978ea366bcaa56a"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e001fc91c7f-FRA
content-length: 3822
cf-resized: internal=ok/m q=0 n=91+0 c=3+3 v=2024.1.3 l=3822

POST
H2 201 track
rusticrefugee.com/api/statistics/ 0
717 B 494ms
493ms Ping
text/html 104.18.11.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticrefugee.com/api/statistics/track?event_name=page_view
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rusticrefugee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
cache-control: no-cache, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84f26e005ec71e4c-FRA
content-type: text/html; charset=UTF-8

GET
H2 200 selectlang.3b1bd3.js Show response
statics.hotishop.com/static/v1.42.119/store/chunk/components/common/ 9 KB
3 KB 18ms
18ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/components/common/selectlang.3b1bd3.js
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/app.83bf5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 589498f82afe39ff4b6d3c0512101dd1297cf42b58ba68430cc86e40f36c9f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: CTQY1SS1TS4VNPY0
age: 98552
x-amz-server-side-encryption: AES256
x-amz-id-2: uatqa5hW5QvJPRwOwTKfSP7dMB6yGPUYmTQ5d9iIEz4TddPCNARv6evtGVPSmv6FtRk6rZ7ILR2UX2ApU+MOgQ==
last-modified: Wed, 31 Jan 2024 12:49:13 GMT
server: cloudflare
etag: W/"689438e414f6da77f1d530295c4cfcad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84f26e00c88b1c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
H2 200 BackTop.930016.js Show response
statics.hotishop.com/static/v1.42.119/store/chunk/components/ 2 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/components/BackTop.930016.js
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/app.83bf5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d39991450e2ef1803e3c6fd56344241ed3dd04068b05225ef49bb47085dd3f8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 0YPHN9B0DBNGVXXS
age: 98489
x-amz-server-side-encryption: AES256
x-amz-id-2: bxgbf11IhO6BR/Sw0mjh4hu3+bGExrdq71e25+tTXwO5fMAwLWG6hZnaMUYLOjQs+jVaUjVm4uw=
last-modified: Wed, 31 Jan 2024 12:49:12 GMT
server: cloudflare
etag: W/"103151dd20da897e7e3564f2cb89b4c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84f26e00c88e1c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
H2 200 ip Show response
rusticrefugee.com/api/store/ 438 B
1 KB 254ms
254ms XHR
application/json 104.18.11.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticrefugee.com/api/store/ip
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/sentry.c8b455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e19dfe15d27f38317fd80383d35f5e87c45b2167eadee60d4a5ec38c2bd99117

Request headers

Accept: application/json, text/plain, */*
Referer: https://rusticrefugee.com/
X-XSRF-TOKEN: eyJpdiI6IlNrSzFUNkhNTjJXaXlTdEY2RVhlNWc9PSIsInZhbHVlIjoiQW9RUHpjekV2Z0x5SnVQQ2NxZ1JOSXdielwvaXJTMmVKZXlQQnM2YWdPVjduT2NUSCtcLytZYWh4eWxaZEs0RXdCdkJQcnQ5MUw4eFFvY2NrQkYxS01uT0lhWG45MkFjZ2VzYTgrdXFyeUE4dU1md1RNNks1V0NuU3BcL3czRllheUQiLCJtYWMiOiI0MGQ5NjQ5MWYxZWIwNTExNTRiZWRhMWJhNGEzMWQ3NDExMTMxNmY3YzJlZGU3MjgwZDUwOThjZjNkNjNiMDY4In0=
accept-language: de-DE,de;q=0.9
X-LANG: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"8765f1e959d18af2626d5ed6c42c2c2864a7593a"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
cf-ray: 84f26e00df691e4c-FRA

GET
H3 200 267141869503080 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 115ms
115ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/267141869503080?v=2.9.144&r=stable&domain=rusticrefugee.com&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99%2C173%2C172%2C174%2C179%2C180%2C181%2C177%2C169%2C115%2C168%2C170%2C106%2C135%2C128%2C131%2C112%2C164%2C204%2C100%2C205%2C142%2C104%2C126%2C119%2C107

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5357c0c49cd6776ce29889db33a6d3f4aa94a1e90463a1897a229353e5462d64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Feb 2024 12:27:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: oX/zZ7zV6pfjUwqN0a7bO/DfM1cttZvboC+0w2VzdZqSS3iJ/6qNBXQ5LE1myOCT1lFqVCVaX2qa8EKyLjEGVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 47ms
13ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=256625110505278&ev=PageView&dl=https%3A%2F%2Frusticrefugee.com%2F&rl=&if=false&ts=1706876861688&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4126&fbp=fb.1.1706876861687.1538642395&ler=empty&cdl=API_unavailable&it=1706876861290&coo=false&eid=9d756821-2fcd-450b-b201-6346941b8d83&exp=e1&rqm=GET

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Feb 2024 12:27:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 48ms
14ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=649653117093217&ev=PageView&dl=https%3A%2F%2Frusticrefugee.com%2F&rl=&if=false&ts=1706876861688&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4126&fbp=fb.1.1706876861687.1538642395&ler=empty&cdl=API_unavailable&it=1706876861290&coo=false&eid=9d756821-2fcd-450b-b201-6346941b8d83&exp=e1&rqm=GET

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Feb 2024 12:27:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 48ms
14ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267141869503080&ev=PageView&dl=https%3A%2F%2Frusticrefugee.com%2F&rl=&if=false&ts=1706876861689&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4126&fbp=fb.1.1706876861687.1538642395&ler=empty&cdl=API_unavailable&it=1706876861290&coo=false&eid=9d756821-2fcd-450b-b201-6346941b8d83&exp=e1&rqm=GET

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Feb 2024 12:27:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 0ec786869941381f26361d89f1ec94426ae58d67-400.jpeg
cdn.hotishop.com/image/ 51 KB
52 KB 370ms
370ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/0ec786869941381f26361d89f1ec94426ae58d67-400.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7af3c224e818e466290679a761a2dc5768c9d5017609a7dd986f8959f061b24

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 03:36:42 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfengUeipcq-sZ8UHUk09w9VGtxyJ6nv9rvBsRgLgsDQ:d0ba64b6911e69ed7a35c09d56f374b7"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e01993c1c7f-FRA
content-length: 52676
cf-resized: internal=ok/m q=0 n=100+0 c=4+33 v=2024.1.3 l=52676

GET
H2 200 e818e12e3f2a85578073ca778244b2e44b885119-400.jpeg
cdn.hotishop.com/image/ 37 KB
37 KB 266ms
266ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/e818e12e3f2a85578073ca778244b2e44b885119-400.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b507311d58fb1d0a34a17fa46c87bfab05e425294bc4ad339e61f93c035444cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 24 Oct 2023 02:02:15 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfae7aVqGJbC9ccwHOVP53uTDAxyJ6nv9rvBsRgLgsDQ:87dda05c4c6e154dfe110175af4fc186"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e01993e1c7f-FRA
content-length: 37674
cf-resized: internal=ok/m q=0 n=95+0 c=2+33 v=2024.1.3 l=37674

GET
H2 200 57a510d13c5fa6959456076e35f7cacf.png
cdn.wshopon.com/assets/2021/10/ 2 KB
3 KB 50ms
24ms Image
image/png 2606:4700:4400::6812:2b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wshopon.com/assets/2021/10/57a510d13c5fa6959456076e35f7cacf.png

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4ecb2b1a26c27472bafc9030b5d50bfd8ef755db8d5614d71ea536caa358b28

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2358
cf-resized: internal=ram/m q=0 n=0+0 c=0+2 v=2023.9.8 l=2358
last-modified: Tue, 19 Oct 2021 09:35:17 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cfZs5t8J9L8E5WUhd9GtM1IibjJdRV_HsQesDqGFoaDQ:1e22dbcd9bb471bff14577f05cfb40a1"
vary: Accept, Accept-Encoding
warning: cf-images 299 "original is 870B smaller"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e01cae918de-FRA
priority: u=4;i=?0,cf-chb=(37;u=2;i=?0 668;u=5;i=?0)

POST
H2 200 shop Show response
upselling.apps.seabroadnet.com/api/ 155 B
313 B 112ms
112ms Fetch
application/json 47.252.45.108
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://upselling.apps.seabroadnet.com/api/shop

Requested by

Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/sentry.c8b455.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.252.45.108 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

a677ce7771b9593bb20c831d3aeb49074ccbd14d5eb97d88875e9118b5e7c6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://rusticrefugee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 12:27:41 GMT
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

OPTIONS
H2 204 shop
upselling.apps.seabroadnet.com/api/ 0
0 103ms
103ms Preflight 47.252.45.108
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://upselling.apps.seabroadnet.com/api/shop

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.252.45.108 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rusticrefugee.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
date: Fri, 02 Feb 2024 12:27:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 200 fbcapi
pixel-conversion.apps.seabroadnet.com/api/v2/ 0
342 B 321ms
285ms Ping
text/plain 2606:4700:4400::6812:201c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-conversion.apps.seabroadnet.com/api/v2/fbcapi
Requested by: Host: rusticrefugee.com
URL: https://rusticrefugee.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:201c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rusticrefugee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/plain
access-control-allow-origin: https://rusticrefugee.com
access-control-allow-credentials: true
cf-ray: 84f26e027d458fe0-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Lang
content-length: 0

GET
H2 200 e45ce0293af83b3f6b851e99ffa11bbd015774d8-400.jpeg
cdn.hotishop.com/image/ 47 KB
47 KB 387ms
387ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/e45ce0293af83b3f6b851e99ffa11bbd015774d8-400.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3021833a7a52ebb9f807c26db3b5f6b73b0078b67b8b0b82fc1e85f6d536c57

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 08:56:41 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfN9_4xGWeXcU6s-nJC0MF0qsjxyJ6nv9rvBsRgLgsDQ:c0ef325d9a562d7c11cd8be9cb877fbf"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e026a301c7f-FRA
content-length: 47842
cf-resized: internal=ok/m q=0 n=186+0 c=5+32 v=2024.1.3 l=47842

GET
H2 200 8464bae45abf95080275692f9f18938e4e7971b2-400.jpeg
cdn.hotishop.com/image/ 33 KB
33 KB 322ms
322ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/8464bae45abf95080275692f9f18938e4e7971b2-400.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e6b2ec50e05d0c75ea4d8678422eacf5fdacd00d64b38f9a9c67d9f865ec340

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 08:59:32 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfhrPM64FRGtV6-hguOSPiIDEexyJ6nv9rvBsRgLgsDQ:70729642fede3340d8220667f40714ed"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e026a321c7f-FRA
content-length: 33308
cf-resized: internal=ok/m q=0 n=156+0 c=3+29 v=2024.1.3 l=33308

GET
H2 200 df4dd7ed050a0f05073c667db595426fee0b64ed-400.jpeg
cdn.hotishop.com/image/ 28 KB
28 KB 344ms
343ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/df4dd7ed050a0f05073c667db595426fee0b64ed-400.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4818e2ea9cd547219a6e2b400f1f4336da732d179679035a5aef877c9e5669e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 06:00:51 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfQXMC8HXOfbq7xWh5chF-5NCNxyJ6nv9rvBsRgLgsDQ:fbd01a7a0e47fea6cd8af5b4622b19be"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e026a331c7f-FRA
content-length: 28496
cf-resized: internal=ok/m q=0 n=179+0 c=5+30 v=2024.1.3 l=28496

GET
H2 200 b547811635345e5d4230cdde6fea33a6456c6f0a-400.jpeg
cdn.hotishop.com/image/ 34 KB
35 KB 267ms
267ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/b547811635345e5d4230cdde6fea33a6456c6f0a-400.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff5d15a0399acbc66bcda2e01f25dd4f568935963a05ddb8ea1289b7bd1f0205

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 07:19:26 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfNOTeil1BB8Pu9kitVYxSJXg8xyJ6nv9rvBsRgLgsDQ:22b920811ee392596f0b3c697983d265"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e026a341c7f-FRA
content-length: 35108
cf-resized: internal=ok/m q=0 n=83+0 c=5+31 v=2024.1.3 l=35108

GET
H2 200 AddCartDialog.b80900.js Show response
statics.hotishop.com/static/v1.42.119/store/chunk/components/ 74 KB
15 KB 17ms
17ms Script
application/javascript 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/components/AddCartDialog.b80900.js
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/vogue/js/app.83bf5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006ec7b114f7c0214f81a13c99d6b3747400f97c3db749b979f61efb91910e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:41 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: G4V7N00ZR7WMPEC9
age: 98433
x-amz-server-side-encryption: AES256
x-amz-id-2: V2c4pm6xgw8qM6zLnLVakZW+XgKhd/96iOXquhzI12lSVG6wUK3wdKqxu8qwM1xYpjEMAQKgx98=
last-modified: Wed, 31 Jan 2024 12:49:12 GMT
server: cloudflare
etag: W/"3126f7e6a4825a9acd16ed76d4d5ab35"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 84f26e027a401c7f-FRA
expires: Sat, 01 Feb 2025 12:27:41 GMT

GET
H2 200 products Show response
rusticrefugee.com/api/store/ 14 KB
3 KB 187ms
187ms XHR
application/json 104.18.11.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticrefugee.com/api/store/products?include_ids=8427,8507&with=variants,gallery&page_size=100&is_use_style_combination=0
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/sentry.c8b455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720ee3d59d1d7beb0459c70b8105863929046282a7983774b085d5489f3d3414

Request headers

Accept: application/json, text/plain, */*
Referer: https://rusticrefugee.com/
X-XSRF-TOKEN: eyJpdiI6IkRLZm93VHoxWEphVFljREt2dU9reFE9PSIsInZhbHVlIjoiZFJ0OGRtcVUxSGh5V2FvRVQwXC9SY3Nua2E0S2c3bktOUTRtMnpKZFpHZ1RWQ2IrUHdhSE45MW80Q084NVNuZGdGTXRYaVl5bDMra1lJbTZNR2MrdktpTmc3XC9TRmkzekE2ZlVOV01Ia2pwSHpkUEtEODBoU05cLzAzS2FTM2Jla1ciLCJtYWMiOiI1ZWU4YWU0M2MwYjRiZGQ4NzlmYjdlZTg4MWMzNGJmZmMwZTI0YjI4MDgxMjg0NTczOWQyMTM1OWU5MWNhNWZiIn0=
accept-language: de-DE,de;q=0.9
X-LANG: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"2fef43a4e7c05556a94fc89a71dc046f4f63c79c"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
cf-ray: 84f26e02ea191e4c-FRA

GET
H2 200 6127a233396d49ed2af448483fde6a301d4846bf-1600.jpeg
cdn.hotishop.com/image/ 266 KB
266 KB 18ms
18ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/6127a233396d49ed2af448483fde6a301d4846bf-1600.jpeg

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cc04aa5ef7f786ea30d14ebc5adbf6cbd7b3939a38efd53b764ddceb800438d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 10:08:36 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf2g97EKvOgzi5R-tOIchSTCp0XTh8i3Mn6pd65kyUDQ:07cd06b1e4215965c10f0c454da597a2"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e05bd741c7f-FRA
content-length: 271874
cf-resized: internal=ram/m q=0 n=165+0 c=5+122 v=2024.1.3 l=271874

GET 7e910e0f2c44c84eb4d67dd7faea565b23f68810-100.jpeg
cdn.hotishop.com/image/ 0
0

GET
H2 200 adbf06910438bb9a0a139b0ad12b730ab824a470-50.png
cdn.hotishop.com/image/ 766 B
956 B 315ms
315ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/adbf06910438bb9a0a139b0ad12b730ab824a470-50.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3d73ee973dfe3e53da9dedc711f16cd6bbf2cffe86ac65a6168f86fee2cd96

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 10:31:27 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfENBLxCKYtx-Dlc7apqC5jV8mOQWGUuv3ZhIxTp0bDQ:26a76761455a866625a3e362eb7cb877"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e05bd761c7f-FRA
content-length: 766
cf-resized: internal=ram/m q=0 n=143+0 c=28+9 v=2024.1.3 l=766

GET
H2 200 adbf06910438bb9a0a139b0ad12b730ab824a470-1600.png
cdn.hotishop.com/image/ 124 KB
125 KB 408ms
408ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/adbf06910438bb9a0a139b0ad12b730ab824a470-1600.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf4e837eb5768ae05e098a1d02472934e9b52267e4015cc329ed9bc3e2488d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 31 Oct 2023 10:31:27 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfENBLxCKYtx-Dlc7apqC5jV8mXTh8i3Mn6pd65kyUDQ:26a76761455a866625a3e362eb7cb877"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e05bd781c7f-FRA
content-length: 127212
cf-resized: internal=ok/m q=0 n=146+0 c=29+90 v=2024.1.3 l=127212

GET
H2 200 7e910e0f2c44c84eb4d67dd7faea565b23f68810-400.jpeg
cdn.hotishop.com/image/ 33 KB
33 KB 195ms
195ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/7e910e0f2c44c84eb4d67dd7faea565b23f68810-400.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ef8bee6f970dea3470c3054e3d528327f860aee8c09a10fa3466a48d6c6fb0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 06:19:19 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfhjy3jzwcoCEmOJli2MpECboZxyJ6nv9rvBsRgLgsDQ:5a12f0f5700e7e9a3131a8a5679fd3c0"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e05bd7a1c7f-FRA
content-length: 34036
cf-resized: internal=ram/m q=0 n=0+0 c=3+30 v=2024.1.3 l=34036

GET
H2 200 57a510d13c5fa6959456076e35f7cacf.png
cdn.wshopon.com/assets/2021/10/ 2 KB
2 KB 21ms
21ms Image
image/png 2606:4700:4400::6812:2b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wshopon.com/assets/2021/10/57a510d13c5fa6959456076e35f7cacf.png

Requested by

Host: statics.hotishop.com
URL: https://statics.hotishop.com/js/vue/2.6.14/vue.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4ecb2b1a26c27472bafc9030b5d50bfd8ef755db8d5614d71ea536caa358b28

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2358
cf-resized: internal=ram/m q=0 n=0+0 c=0+2 v=2023.9.8 l=2358
last-modified: Tue, 19 Oct 2021 09:35:17 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cfZs5t8J9L8E5WUhd9GtM1IibjJdRV_HsQesDqGFoaDQ:1e22dbcd9bb471bff14577f05cfb40a1"
vary: Accept, Accept-Encoding
warning: cf-images 299 "original is 870B smaller"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e05cf5a18de-FRA
priority: u=4;i=?0,cf-chb=(37;u=2;i=?0 668;u=5;i=?0)

GET
H2 200 products Show response
rusticrefugee.com/api/store/ 4 KB
2 KB 191ms
190ms XHR
application/json 104.18.11.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticrefugee.com/api/store/products?include_ids=8351&with=variants,gallery&page_size=100&is_use_style_combination=0
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/sentry.c8b455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1479a4a621bcee22b46d6f1c16cf4e54bc1fb919f145e380136307be2f70901e

Request headers

Accept: application/json, text/plain, */*
Referer: https://rusticrefugee.com/
X-XSRF-TOKEN: eyJpdiI6Im1ROGdtT09BSVpRRFFOc0ZKMDNMUXc9PSIsInZhbHVlIjoiVVlZUVY1OE1OVXdMZ1kwWElyd1wveGFvSWZUeTBtNGZvRnQ2Q0ZneVJBcEVpaGNNRU5BeGJYZ3llcU1mcUVGR1J1cndDdjJvUVN1SDZQeG1uY1JGSnZMczJkYU1FamlGNWR5UXd3TDlnc25ZcVhBSU1OT05uTXdzNklBMkpKMzVXIiwibWFjIjoiZGQxZDdjMTc3NDJiNTQwNmMyMjgwOTZlMjk1NDVmN2MwZmI3YzAwMTU0MDA2YjljYzgxMDE5MmVmMWMwODBiZiJ9
accept-language: de-DE,de;q=0.9
X-LANG: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"9c1977bb06f31a45e0f330d4641852f417106e70"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
cf-ray: 84f26e070fbc1e4c-FRA

GET
H2 200 adbf06910438bb9a0a139b0ad12b730ab824a470-50.png
cdn.hotishop.com/image/ 766 B
831 B 18ms
18ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/adbf06910438bb9a0a139b0ad12b730ab824a470-50.png

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3d73ee973dfe3e53da9dedc711f16cd6bbf2cffe86ac65a6168f86fee2cd96

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 10:31:27 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfENBLxCKYtx-Dlc7apqC5jV8mOQWGUuv3ZhIxTp0bDQ:26a76761455a866625a3e362eb7cb877"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e07bf781c7f-FRA
content-length: 766
cf-resized: internal=ram/m q=0 n=143+0 c=28+9 v=2024.1.3 l=766

GET
H2 200 48b4914799ff2cb5bc906d1ea1fda47e6267bacf-400.jpeg
cdn.hotishop.com/image/ 9 KB
9 KB 245ms
245ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/48b4914799ff2cb5bc906d1ea1fda47e6267bacf-400.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865e653f2adcb57ec2554a5ae25695b78429dbb0852ec33dabe93f894fd1eaad

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 07:36:29 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfBEnY2ibgb9cBjQPA-grAdSlVxyJ6nv9rvBsRgLgsDQ:0a8f63b9fca0c007a5b1e04da45a7ab5"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e083fe61c7f-FRA
content-length: 8722
cf-resized: internal=ok/m q=0 n=71+0 c=11+25 v=2024.1.3 l=8722

GET
H2 200 5ceb312ae6a222d5e96abb8d43ee7c95d57e6a40-400.jpeg
cdn.hotishop.com/image/ 24 KB
24 KB 297ms
297ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/5ceb312ae6a222d5e96abb8d43ee7c95d57e6a40-400.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf09f904bec4c8604039e87690aa01ac45bbef52231ea6db1d1d2322d7fb4e6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:43 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 07:49:27 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfBODSb8AacKR7Oe7GsKuMWikrxyJ6nv9rvBsRgLgsDQ:a8f8c958eceb4eb023cc49a85cceebc0"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e083fe81c7f-FRA
content-length: 24796
cf-resized: internal=ok/m q=0 n=113+0 c=18+18 v=2024.1.3 l=24796

GET adbf06910438bb9a0a139b0ad12b730ab824a470-50.png
cdn.hotishop.com/image/ 0
0

GET
H2 200 adbf06910438bb9a0a139b0ad12b730ab824a470-1600.png
cdn.hotishop.com/image/ 124 KB
125 KB 20ms
20ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/adbf06910438bb9a0a139b0ad12b730ab824a470-1600.png

Requested by

Host: rusticrefugee.com
URL: https://rusticrefugee.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf4e837eb5768ae05e098a1d02472934e9b52267e4015cc329ed9bc3e2488d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:42 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 10:31:27 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfENBLxCKYtx-Dlc7apqC5jV8mXTh8i3Mn6pd65kyUDQ:26a76761455a866625a3e362eb7cb877"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e08580d1c7f-FRA
content-length: 127212
cf-resized: internal=ok/m q=0 n=146+0 c=29+90 v=2024.1.3 l=127212

GET
H2 200 57a510d13c5fa6959456076e35f7cacf.png
cdn.wshopon.com/assets/2021/10/ 2 KB
2 KB 20ms
19ms Image
image/png 2606:4700:4400::6812:2b8a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.wshopon.com/assets/2021/10/57a510d13c5fa6959456076e35f7cacf.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b8a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4ecb2b1a26c27472bafc9030b5d50bfd8ef755db8d5614d71ea536caa358b28

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:44 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 2358
cf-resized: internal=ram/m q=0 n=0+0 c=0+2 v=2023.9.8 l=2358
last-modified: Tue, 19 Oct 2021 09:35:17 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cfZs5t8J9L8E5WUhd9GtM1IibjJdRV_HsQesDqGFoaDQ:1e22dbcd9bb471bff14577f05cfb40a1"
vary: Accept, Accept-Encoding
warning: cf-images 299 "original is 870B smaller"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e148e6f18de-FRA
priority: u=4;i=?0,cf-chb=(37;u=2;i=?0 668;u=5;i=?0)

GET
H2 200 products Show response
rusticrefugee.com/api/store/ 8 KB
2 KB 174ms
174ms XHR
application/json 104.18.11.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rusticrefugee.com/api/store/products?include_ids=8336&with=variants,gallery&page_size=100&is_use_style_combination=0
Requested by: Host: statics.hotishop.com
URL: https://statics.hotishop.com/static/v1.42.119/store/chunk/sentry.c8b455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b694ea6ac1ca7bf42adf53b402794626398f0143f813f21248d741f54e22fddf

Request headers

Accept: application/json, text/plain, */*
Referer: https://rusticrefugee.com/
X-XSRF-TOKEN: eyJpdiI6IlMyTDZXc2dsU0R2cVVjR01ZQ3JPcGc9PSIsInZhbHVlIjoiQTJyN2FWc0ZRZkdcL05aaGtRUUE5SjVYOTdZU3E0b0NOQXhwMG05dTJwYU1HVnI4NnRNZzNxZ3IxOGdSMkR5cDdSVm1aVU5pbmlQTEpONXdmYWpGNVI2ZlBGb1wvVXZHODN4YUJla2tPb2VENGEyZ3d2ZHllek9PRU5Vb2VReVRoUyIsIm1hYyI6IjEwNzE3ZDBkNjE0MTI1ZTc3MTNmNDJhNTlkZGFlNDY5OGJkZWU2ODJkMzg2NzFkMDczMjEwYWQwYzcxZGFlNDYifQ==
accept-language: de-DE,de;q=0.9
X-LANG: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"c2652f023ddfcf6e763ee896107d9698621e8a6b"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
cf-ray: 84f26e15ca9f1e4c-FRA

GET
H2 200 0ec786869941381f26361d89f1ec94426ae58d67-400.jpeg
cdn.hotishop.com/image/ 51 KB
52 KB 24ms
24ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/0ec786869941381f26361d89f1ec94426ae58d67-400.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7af3c224e818e466290679a761a2dc5768c9d5017609a7dd986f8959f061b24

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:45 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 12 Oct 2023 03:36:42 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfengUeipcq-sZ8UHUk09w9VGtxyJ6nv9rvBsRgLgsDQ:d0ba64b6911e69ed7a35c09d56f374b7"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e1b0ace1c7f-FRA
content-length: 52676
cf-resized: internal=ok/m q=0 n=100+0 c=4+33 v=2024.1.3 l=52676

GET
H2 200 527f7e04f94673e47ef02c22988717d7d89fac04-400.jpeg
cdn.hotishop.com/image/ 41 KB
41 KB 290ms
290ms Image
image/webp 2606:4700:4400::ac40:9638
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.hotishop.com/image/527f7e04f94673e47ef02c22988717d7d89fac04-400.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9638 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a71451070ba3c0e296ca33fc57d25b87d15a1a7a4877dc1586dbd87de2ba2e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rusticrefugee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:27:46 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 03:44:05 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfvvGrLOAgOqnzw60rqzwbYB1XxyJ6nv9rvBsRgLgsDQ:5111bac7375814603cb5c53b08740f8e"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 84f26e1b0ad01c7f-FRA
content-length: 41784
cf-resized: internal=ok/m q=0 n=111+0 c=4+31 v=2024.1.3 l=41784

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.hotishop.com
URL: https://cdn.hotishop.com/image/7e910e0f2c44c84eb4d67dd7faea565b23f68810-100.jpeg

Domain: cdn.hotishop.com
URL: https://cdn.hotishop.com/image/adbf06910438bb9a0a139b0ad12b730ab824a470-50.png

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rusticrefugee.com/	1970-01-20 18:10:49	Name: upselling_another_ab_value Value:
rusticrefugee.com/	1970-01-20 18:09:08	Name: session_uuid Value: 3c5eab542f764b39a97d72fa12b6837dRmERUTT3
.rusticrefugee.com/	1970-01-20 20:17:32	Name: _fbp Value: fb.1.1706876861687.1538642395
rusticrefugee.com/	1970-01-20 18:09:01	Name: upSelling_customer_id Value: 80ec3746-9ab1-45cd-9c46-a3e358775b86
rusticrefugee.com/	1970-01-20 18:09:08	Name: XSRF-TOKEN Value: eyJpdiI6InFaQWdvTGxaWEVWNnEzclRySGlpeUE9PSIsInZhbHVlIjoiQWd3YWh4aEN1M29sc1VvQk1cL0hoOEFPTmtnd2NRN0hFdWFOcGNZSUNRSFJVUTZMdFVKZEIzZGtmWXZzdFBkOHdsK0NMWGx0c3RMSng5VGNMNGxQWjNIYzgydXpLcnhOY2FIUkxqbjg5c0VkaVJ2M2JrUCs5ZGNJNE5FUFhpWjd0IiwibWFjIjoiMzJlYjlhMGY2MTA3NGQzMmY1ZWE3YjUzNmFlMzBmNmI1YzBkNzJkNzQ0YmYxMjBlYTY5NGFkNDQxN2UwZDM2NyJ9
rusticrefugee.com/	1970-01-20 18:09:08	Name: _secure_shop_session Value: eyJpdiI6InRwYkkyMGZKQ3hSNE1FS29sMjR5Q1E9PSIsInZhbHVlIjoiZ1BTR2JzcjJla3lDUVNVa2FURkRoVDBGeTdhYlJjdUV2MSs3bXlDdzI2dllvMlpXKzIyZGZ6RTdsSE9cL1wvMnVsZ2N5WmN1WWRwMm4zbGtFbUxJZndRXC9Qb1E1b1Fmek02M2JpckZuUzhhU3dNbkVUTlRhXC9KM1ZnQ2M3OGtySUZpIiwibWFjIjoiNWVmM2I0Yzg1ZDU4YWZmZDE4YmVhMTcwNjBhYTE1ZTViYmY2M2Q4Y2RmMTQ2YzMzOTM4ODg4Y2FmYzMxNTMyOSJ9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/256625110505278?v=2.9.144&r=stable&domain=rusticrefugee.com&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.hotishop.com
cdn.wshopon.com
connect.facebook.net
o467009.ingest.sentry.io
pixel-conversion.apps.seabroadnet.com
rusticrefugee.com
statics.hotishop.com
upselling.apps.seabroadnet.com
www.facebook.com
cdn.hotishop.com
104.18.11.62
2606:4700:4400::6812:201c
2606:4700:4400::6812:2b8a
2606:4700:4400::ac40:9638
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
34.120.195.249
47.252.45.108
006ec7b114f7c0214f81a13c99d6b3747400f97c3db749b979f61efb91910e39
081755eed94cb3fd7a1744bd1014ba9fdc00c1eeb6d22a1ebab774855aecf993
0b107098fc8b361ce610dba0d1656c620c725311e51d4417c7c57c8bda369e52
122d2127dbf45f4855a23b1844365959d8fc834d986e4035721841214eec0e43
133e8f3ef7c99237daf0039165a13fd492d5fa620ac5d79600e04faa0396d780
1479a4a621bcee22b46d6f1c16cf4e54bc1fb919f145e380136307be2f70901e
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
23e5ecb5e082b5eea03be619557107ab27f0147ffe2b8555ed8988b1888e0cf9
3b14e2a7eb86c2b888f03d81b55ca4d016d4a357a4ea047cbea2c412d7cb5f88
3c9651443965df5faf60d1c1c603bee164f23578eaffc223462ed41ae92d2ac9
3d358d862dbd79fc4e7a7753d4d5c515caf403e3742d3bbc1a788e632306e586
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4818e2ea9cd547219a6e2b400f1f4336da732d179679035a5aef877c9e5669e2
4932f9ca52191ff578e2cf937fe57af32bf306e463436462865e04f2a3a2d63b
4bf4e837eb5768ae05e098a1d02472934e9b52267e4015cc329ed9bc3e2488d7
4d478073955fc74705a2d5e822722063031c0d283f3d8bf70f0fc9c66a5e0658
5357c0c49cd6776ce29889db33a6d3f4aa94a1e90463a1897a229353e5462d64
589498f82afe39ff4b6d3c0512101dd1297cf42b58ba68430cc86e40f36c9f48
6895c64717048d4d9a6e4cd3bfff8c5acb5febf6d027f7c0d6b676a1683b4716
6cc04aa5ef7f786ea30d14ebc5adbf6cbd7b3939a38efd53b764ddceb800438d
720ee3d59d1d7beb0459c70b8105863929046282a7983774b085d5489f3d3414
818befe03c714bcd6458771142a88ab92fed27ec0e23bc8e8682fbb875336672
826df5d3bdf243dbbe9d554e60c04de26ae2eed4eda21d0ac0addeef47a09d7e
865e653f2adcb57ec2554a5ae25695b78429dbb0852ec33dabe93f894fd1eaad
8a71451070ba3c0e296ca33fc57d25b87d15a1a7a4877dc1586dbd87de2ba2e7
98bf2052b54f18579fed766a8bbb48030acef1e72cac17eb5723f8a9dcd5883a
9e6b2ec50e05d0c75ea4d8678422eacf5fdacd00d64b38f9a9c67d9f865ec340
9ef8bee6f970dea3470c3054e3d528327f860aee8c09a10fa3466a48d6c6fb0d
9f66cb165dbbf011418cff8a277801fe0aa86484b89809ee6825aeb9b0a34499
a677ce7771b9593bb20c831d3aeb49074ccbd14d5eb97d88875e9118b5e7c6ab
ae3d73ee973dfe3e53da9dedc711f16cd6bbf2cffe86ac65a6168f86fee2cd96
afb689632b781562028c9debcf510e03ef92ac41916b3d4da692b7d6c2caa483
b013d4548a8294cf5660adc6cf9679d954b46fa23f6effd3822aea1cbc440a75
b4ecb2b1a26c27472bafc9030b5d50bfd8ef755db8d5614d71ea536caa358b28
b507311d58fb1d0a34a17fa46c87bfab05e425294bc4ad339e61f93c035444cf
b694ea6ac1ca7bf42adf53b402794626398f0143f813f21248d741f54e22fddf
b7af3c224e818e466290679a761a2dc5768c9d5017609a7dd986f8959f061b24
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfef151f4b97eb2d8d94be47a161899d366484328189d23650e47dfa9baf36ba
c3021833a7a52ebb9f807c26db3b5f6b73b0078b67b8b0b82fc1e85f6d536c57
c954d6f71089537dd993b791472192bd20cdbe29cd71dfeb8adf8dc24f61103d
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
cf09f904bec4c8604039e87690aa01ac45bbef52231ea6db1d1d2322d7fb4e6c
d39991450e2ef1803e3c6fd56344241ed3dd04068b05225ef49bb47085dd3f8b
dc7c774904b9f331310dfd79426b9b3f9b0b7c31d6e69a6ad49296ad90f15a92
de6f5aad27d7fd10aae9c6674518c54ec344e60c7d31dec152e81290080ba69a
e19dfe15d27f38317fd80383d35f5e87c45b2167eadee60d4a5ec38c2bd99117
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e28a8fb9b74533ece152229dafcc3ebc0f4b3dcd62879df115706bce55927d
eb54e9f08a594225b957397a3801c008a0efe2abc2ad70c926c3fc7c4a57edd5
ed717cc4576a89acaf3ddc8b3bfff05906147dc24805e8c8a5792ab8995b3561
f0a0d62d900330b7d4d2ee9049e95d89c573e602b8886eb3254d70d55c5842d8
f7fac1e02d28f124c02660a96ad63f1c509b3cb185bd6d0da7e03c971637299e
f98908eb6c5557c2c1e31beae75bff1feaace0eeefd20fd9cbf2657e1a31158a
ff5d15a0399acbc66bcda2e01f25dd4f568935963a05ddb8ea1289b7bd1f0205

rusticrefugee.com Open in urlscan Pro 104.18.11.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

97 %HTTPS

63 %IPv6

7 Domains

9 Subdomains

9 IPs

3 Countries

2249 kBTransfer

4890 kBSize

6 Cookies

0 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rusticrefugee.com Open in urlscan Pro
104.18.11.62 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

97 %
HTTPS

63 %
IPv6

7
Domains

9
Subdomains

9
IPs

3
Countries

2249 kB
Transfer

4890 kB
Size

6
Cookies

65 HTTP transactions
4 data transactions