Report - drmartensuk.vip/

Report Overview

Submitted URL
drmartensuk.vip/
IP
104.16.198.133
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 10:04:25
Access
public
Website Title
Warning - D***8
Final URL
drmartensuk.vip/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.staticsoe.com	unknown	2022-04-01	2022-04-01	2024-04-14	1.4 kB	551 kB	104.18.169.76
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	528 B	11 kB	216.58.207.227
drmartensuk.vip	unknown	2023-07-07	2023-07-08	2024-03-21	3.9 kB	221 kB	104.16.198.133
sc-static.net	1183	2017-03-16	2017-09-05	2024-04-18	404 B	46 kB	54.230.82.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	drmartensuk.vip	Sinkholed
2024-04-18	medium	drmartensuk.vip	Sinkholed
2024-04-18	medium	drmartensuk.vip	Sinkholed
2024-04-18	medium	drmartensuk.vip	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6	28 kB	2024-02-23	2024-04-29
Pretty URL cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6 IP 104.18.169.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-23 06:41:52 Last Seen2024-04-29 10:46:56 Times Seen24 Hash 07fb0d45d962f0ee4546b0d70a2722a3 a4116bd5ebcbea2503deb6a44e0fc3c2894aae45 7ce4586aca574aba3f3c6e0ab119e28e28dd04338899cdb552bf6845b8150938 Loading...

	drmartensuk.vip/	139 kB	2024-04-18	2024-04-18
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 12:04:27 Last Seen2024-04-18 12:04:27 Times Seen1 Hash 0347a55d09a7e13c8951f33a53e1f0da da4967c26b4c4889a1ab78a322e9f8f9c86844a7 16344cb392cfea34d81af4b7d36b4ba19024370114292cc0ef045b60b73c3e07 Loading...

	drmartensuk.vip/	462 B	2023-09-15	2024-04-29
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-15 00:25:12 Last Seen2024-04-29 10:46:56 Times Seen276 Hash 9b90fddfcd524a4730652cf40123a5cc 8f5f4ea5368f81ab8df47dc1e97fa39440c2bd59 34bb0fdee7ef950a3697de247751cd1e3f3ce55b60bc1c2b584562bf87ad9d01 Loading...

	drmartensuk.vip/	3.8 kB	2024-04-11	2024-04-26
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-11 20:33:05 Last Seen2024-04-26 16:34:49 Times Seen10 Hash dce9cd11ec730306ff9a08b76e76062c 27d85d9448b0d022d55cf991e78082c5b381efcf 5bf93e70121efe5f262cbd55eb91b7e40c979de8ccc360a27292e8f6e7c8623b Loading...

	sc-static.net/scevent.min.js	46 kB	2024-04-10	2024-04-19
Pretty URL sc-static.net/scevent.min.js IP 54.230.82.240 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 03:05:52 Last Seen2024-04-19 17:38:23 Times Seen122 Hash 264bae03f1d598bca141e0840046b194 721f3a0714d44e5cb641fc99ad12b955130a88e3 f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef Loading...

	drmartensuk.vip/	1.1 kB	2023-11-16	2024-04-18
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-16 21:56:15 Last Seen2024-04-18 13:42:39 Times Seen3 Hash a71fbf430109bde74cad474506d31d06 b6cd7fd0ae73fdf9eabb2158aa0b6edccd83ac09 e8f5df8557f2590765839fcc33334ebc65dfadca346fa4fba774051044b7df9b Loading...

	drmartensuk.vip/	126 B	2024-04-06	2024-04-29
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 13:59:58 Last Seen2024-04-29 10:46:56 Times Seen13 Hash ffd78f1ecf4ac331c56e1e33918f748d 6178e5a3bc390d07e0cbd04971baa86dab3ee9d0 f856558f1b4b5b4291595975127bdfd3447c23f50645142defdcc13534d25a4f Loading...

	drmartensuk.vip/	2.6 kB	2024-04-18	2024-04-18
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 12:04:27 Last Seen2024-04-18 12:04:27 Times Seen1 Hash b62538dc5ddf8e39e5f1a819dce269b5 c04a1fa89b58f9c6341973478f9986dde01fb01d e20241790923c282201e2d5b226fe6224ee47f387158e16957d81d979335cfd4 Loading...

	drmartensuk.vip/	5.6 kB	2024-04-18	2024-04-18
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 12:04:27 Last Seen2024-04-18 12:04:27 Times Seen1 Hash 980769e78363972afc68a4e13730eff9 b01bb672e1610f7d16aeb5faaa3ac116cb770362 2cd66929d3e608f8c48e05634925f95bf0cf708221046b26cc2bdda9e8ceae67 Loading...

	drmartensuk.vip/	544 B	2023-11-16	2024-04-18
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-16 21:56:15 Last Seen2024-04-18 13:42:39 Times Seen3 Hash 1ed115f0da4d69ac906af5a8ce15ec10 1565306afe998124724a2e52dda3dd1fe1b130be d95b49ad5fac5e30f82f2276085d38862a3e85b7c9755dee7cf4910d5a7b0f36 Loading...

	drmartensuk.vip/	2.0 kB	2023-03-13	2024-04-26
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 12:11:25 Last Seen2024-04-26 16:34:49 Times Seen86 Hash 4e7bda5e82fd883c85ba8b980bbd3776 7f1bba12a9b7b88de63644e7a2c2df055a25f970 e15799148543b801c0085e2460f96eb4df6addef7bec9e1d7d2e5d23b354a932 Loading...

	drmartensuk.vip/	795 B	2024-01-05	2024-04-29
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-05 14:24:07 Last Seen2024-04-29 10:46:56 Times Seen88 Hash df556482bc0e408b20960b0c56caa361 6579da4db483f73a82ca0c8538808d782bd0a8b1 76b604091ff73f90ce21f6b18d41f116bd92a10cb2a437f22867ae05cf88817b Loading...

	drmartensuk.vip/	11 B	2023-03-07	2024-04-29
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:39:41 Last Seen2024-04-29 10:46:56 Times Seen383 Hash b308b7fe5c1c2bbdc0cb686d451b84aa bc83eb7e6487768f88af9fa4db682f0d3daaee17 636159b35205da4142a43bc02d2849d77d3ac07a0946211585cde15a9c6ff21f Loading...

	drmartensuk.vip/	1.7 kB	2024-02-05	2024-04-29
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-05 12:20:18 Last Seen2024-04-29 10:46:56 Times Seen34 Hash d9276cf7f2a76b4014c48d4047a1263b 7ae277464b82e88aad62e2e044d35e4de1ac9821 8ce0039ca330976d947efb409e27fe2e589c91299ec79a9c71603c1bcecd69f6 Loading...

	drmartensuk.vip/	3.2 kB	2023-07-23	2024-04-29
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-23 09:47:36 Last Seen2024-04-29 10:46:56 Times Seen312 Hash 54b2d73ece20a11eb2899e085b085664 e8520354b1dff4d5867bc8bf57553a30f5739221 c3ff84344d41e2f19b0124f780d06fc3b1739a974eed811b75cdd0a0b5c2274b Loading...

	drmartensuk.vip/	18 kB	2023-11-14	2024-04-29
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-14 10:07:10 Last Seen2024-04-29 10:46:56 Times Seen193 Hash 291a64329dc9bf041d4c69b591dacc43 5039842aae8652258c1e9594c336af2baffcf0a2 bb0f973d78d777df54f32dbbcccb22af4107aedcdc29bd72712c7184d0140ebb Loading...

	drmartensuk.vip/	36 B	2024-04-18	2024-04-18
Pretty URL drmartensuk.vip/ IP 104.16.198.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 12:04:27 Last Seen2024-04-18 12:04:27 Times Seen1 Hash 186083ec1ef20b67d3f069a61c81dba9 067e61a8456c0c0c58eca38130992a2665fb6670 796e1bede9dc166fc66d1409804beec7b8c02464ed34b457f4f3e0b9b9e6f7a3 Loading...

	cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5	484 kB	2024-03-19	2024-04-18
Pretty URL cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5 IP 104.18.169.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-19 17:12:29 Last Seen2024-04-18 14:22:45 Times Seen19 Hash ec70fef8576eb2e1cbde0a4292139530 e2763a8cd4ca9558012d4e0df4da9fdbb7bc5722 163f87232b1ffbe04b4f1a2bb841a2494634992d93ac04c05da40e5db71badb2 Loading...

HTTP Transactions (9)

URL IP Response Size

cdn.staticsoe.com/uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e

104.18.169.76

200 OK

38 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drmartensuk.vip/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
38 kB (37863 bytes)
Hash
66eda0dd6672bd051feb0d39b9f9197e
fce0d05f5389afdf45501d1ca44b13b4edbbd1e6
ccfdc21df473396a2dd78496fd4c04b5703ab0f516959898c75cdeb668c2c97f

HTTP Headers

GET /uploads/0/theme/default/assets/theme.css?v=66eda0dd6672bd051feb0d39b9f9197e HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drmartensuk.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:04:00 GMT
content-type: text/css
vary: Accept-Encoding, Origin
x-oss-request-id: 661F7B2E91795F38360AE909
last-modified: Wed, 17 Apr 2024 07:16:48 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3603105492076268374
x-oss-storage-class: Standard
content-md5: Zu2g3WZyvQUf6w05ufkZfg==
x-oss-server-time: 2
cf-cache-status: HIT
age: 57029
expires: Fri, 26 Apr 2024 10:04:00 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 8763d4052e3a56bd-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/arimo/v17/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2

216.58.207.227

200 OK

10 kB

URL GET HTTP/2
fonts.gstatic.com/s/arimo/v17/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://drmartensuk.vip/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9976, version 1.0
Size
10 kB (9976 bytes)
Hash
88caac5d9efdb82513f4627521152d62
ecd66a42c11807e4fd548f209bc290fea5096361
e2e100dccf35fc8fbda8298d47d2719362a984ff46eebf871a878376224071df

HTTP Headers

GET /s/arimo/v17/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drmartensuk.vip
DNT: 1
Connection: keep-alive
Referer: https://drmartensuk.vip/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 23:11:33 GMT
expires: Tue, 15 Apr 2025 23:11:33 GMT
cache-control: public, max-age=31536000
age: 211947
last-modified: Thu, 28 Jan 2021 23:11:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

drmartensuk.vip/homeapi/collect

104.16.198.133

200 OK

9.8 kB

URL POST HTTP/2
drmartensuk.vip/homeapi/collect
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drmartensuk.vip/
Certificate
IssuerCloudflare, Inc.
Subjectdrmartensuk.vip
Fingerprint20:9C:50:86:71:B4:4C:2B:77:6C:4C:83:FD:84:DC:F4:58:26:FD:03
ValidityFri, 14 Jul 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
9.8 kB (9789 bytes)
Hash
8609d2d0bb1574442a6fe2e4a54514bb
d9a9b0d58d6397f0b19a58b7fc6ae20a5fa98f97
9b636f4a797ff20c36062a3fce5c4dc3799d92ae84daf99a87cb00df4c80deea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /homeapi/collect HTTP/1.1
Host: drmartensuk.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drmartensuk.vip/
Content-Type: application/json
Content-Length: 545
Origin: https://drmartensuk.vip
DNT: 1
Connection: keep-alive
Cookie: oemsaas_global_visit_id=DA373C0E-AB78-8405-7F1B-648A72A42715; oemsaas_checkout_visit_id=A27B5DCF-C8C8-9147-7684-285EDC5224C4; oemsaas_global_visit_session=6E05B466-33F2-3E6A-D5C1-BFC4B5E86D13; PHPSESSID=bf9a58b487523a983ad48929178e692e; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2010%3A04%3A00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:04:00 GMT
content-type: text/html;charset=utf-8
trace_id: 6893875E-401E-0CAD-E663-C9CBBBC39F34
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8763d4065c5db4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

drmartensuk.vip/

104.16.198.133

200 OK

209 kB

URL User Request GET HTTP/2
drmartensuk.vip/
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectdrmartensuk.vip
Fingerprint20:9C:50:86:71:B4:4C:2B:77:6C:4C:83:FD:84:DC:F4:58:26:FD:03
ValidityFri, 14 Jul 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT

File type

Size
209 kB (209161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: drmartensuk.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:03:59 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
execution-time: 0.0455689430
set-cookie: oemsaas_global_visit_id=DA373C0E-AB78-8405-7F1B-648A72A42715; expires=Sun, 16-Apr-2034 10:03:59 GMT; Max-Age=315360000; path=/
oemsaas_checkout_visit_id=A27B5DCF-C8C8-9147-7684-285EDC5224C4; expires=Sun, 16-Apr-2034 10:03:59 GMT; Max-Age=315360000; path=/
oemsaas_global_visit_session=6E05B466-33F2-3E6A-D5C1-BFC4B5E86D13; expires=Fri, 19-Apr-2024 10:03:59 GMT; Max-Age=86400; path=/
PHPSESSID=bf9a58b487523a983ad48929178e692e; path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8763d3ff3c36b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6

104.18.169.76

200 OK

28 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drmartensuk.vip/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
28 kB (28150 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/0/theme/default/assets/collect.js?v=96afd8ae933a668f3daf26bd95bc95a6 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drmartensuk.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:04:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 661F9E369979C733391343F2
last-modified: Wed, 17 Apr 2024 07:16:50 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16609357670485251830
x-oss-storage-class: Standard
content-md5: lq/YrpM6Zo89rya9lbyVpg==
x-oss-server-time: 3
cf-cache-status: HIT
age: 57029
expires: Fri, 26 Apr 2024 10:04:00 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 8763d4052e3d56bd-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5

104.18.169.76

200 OK

484 kB

URL GET HTTP/2
cdn.staticsoe.com/uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5
IP
104.18.169.76:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drmartensuk.vip/
Certificate
IssuerCloudflare, Inc.
Subjectcdn.staticsoe.com
Fingerprint81:12:7B:A0:28:A4:6D:E5:44:00:F3:A3:14:8C:B8:2C:42:34:DA:CD
ValidityWed, 14 Feb 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
484 kB (483701 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uploads/0/theme/default/public_assets/public.js?v=5c945293da0fe6770b60caf3ca010bc5 HTTP/1.1
Host: cdn.staticsoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drmartensuk.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:04:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-oss-request-id: 661F775EC3F24534348C96F7
last-modified: Wed, 17 Apr 2024 07:16:44 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9134437363252466855
x-oss-storage-class: Standard
content-md5: 7HD++FdusuHL3gpCkhOVMA==
x-oss-server-time: 8
cf-cache-status: HIT
age: 57029
expires: Fri, 26 Apr 2024 10:04:00 GMT
cache-control: public, max-age=691200
server: cloudflare
cf-ray: 8763d4052e4256bd-OSL
content-encoding: br
X-Firefox-Spdy: h2

drmartensuk.vip/homeapi/facebook

104.16.198.133

200 OK

86 B

URL POST HTTP/2
drmartensuk.vip/homeapi/facebook
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drmartensuk.vip/
Certificate
IssuerCloudflare, Inc.
Subjectdrmartensuk.vip
Fingerprint20:9C:50:86:71:B4:4C:2B:77:6C:4C:83:FD:84:DC:F4:58:26:FD:03
ValidityFri, 14 Jul 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
86 B (86 bytes)
Hash
47ffcf81d2bf2d8ade8f43ef2d18b841
28e7f14656c92bcd60180d8c3b9582108e0a480f
d141cf4b9d9eacd0661a685147fe2460abb2f55231f15ca2068725a923763641

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /homeapi/facebook HTTP/1.1
Host: drmartensuk.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drmartensuk.vip/
Content-Type: text/plain;charset=UTF-8
Content-Length: 433
Origin: https://drmartensuk.vip
DNT: 1
Connection: keep-alive
Cookie: oemsaas_global_visit_id=DA373C0E-AB78-8405-7F1B-648A72A42715; oemsaas_checkout_visit_id=A27B5DCF-C8C8-9147-7684-285EDC5224C4; oemsaas_global_visit_session=6E05B466-33F2-3E6A-D5C1-BFC4B5E86D13; PHPSESSID=bf9a58b487523a983ad48929178e692e; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2010%3A04%3A00
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:04:00 GMT
content-type: application/json
trace-id: E829F5F3-DD4D-8C3A-E959-8A628A8E1919
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8763d4063c46b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

sc-static.net/scevent.min.js

54.230.82.240

200 OK

46 kB

URL GET HTTP/2
sc-static.net/scevent.min.js
IP
54.230.82.240:443
ASN
#16509 AMAZON-02

Requested by
https://drmartensuk.vip/
Certificate
IssuerAmazon
Subjectsc-static.net
FingerprintE4:8A:DF:2D:95:33:E5:93:D4:43:8A:14:06:EA:EA:E8:AD:29:20:0F
ValidityThu, 21 Dec 2023 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (27992)
Size
46 kB (45523 bytes)
Hash
264bae03f1d598bca141e0840046b194
721f3a0714d44e5cb641fc99ad12b955130a88e3
f563aec552103867adcb967e41b1699c9d15e1aa257c7a210f70f5cd71e6a0ef

HTTP Headers

GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://drmartensuk.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 19297
server: CloudFront
date: Thu, 18 Apr 2024 10:04:00 GMT
access-control-allow-headers: Content-Type
access-control-allow-origin: *
content-encoding: gzip
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=38b33afdb36f494aa03f175381ce5c1b;max-age=86400;expires=Fri, 19 Apr 2024 10:04:00 GMT;Path=/scevent.min.js;Secure;SameSite=None
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SxkDWmr351qDHLJqlyJNSEUL8s6YKHSu4ihdYau_Qr6RySEkWFb3yQ==
X-Firefox-Spdy: h2

drmartensuk.vip/favicon.ico

104.16.198.133

200 OK

70 B

URL GET HTTP/2
drmartensuk.vip/favicon.ico
IP
104.16.198.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://drmartensuk.vip/
Certificate
IssuerCloudflare, Inc.
Subjectdrmartensuk.vip
Fingerprint20:9C:50:86:71:B4:4C:2B:77:6C:4C:83:FD:84:DC:F4:58:26:FD:03
ValidityFri, 14 Jul 2023 00:00:00 GMT - Fri, 12 Jul 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 1x1, 32 bits/pixel
Size
70 B (70 bytes)
Hash
735ddbd8a50494b34bbed5fe68727c42
ab6c96f55f6f9383c8c73f2838d07398529a4b8f
23d7bcc5e68b94d6e03382ac1d9a14ab2d0134772682ae0dd1b2e8b4c85afc51

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: drmartensuk.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drmartensuk.vip/
DNT: 1
Connection: keep-alive
Cookie: oemsaas_global_visit_id=DA373C0E-AB78-8405-7F1B-648A72A42715; oemsaas_checkout_visit_id=A27B5DCF-C8C8-9147-7684-285EDC5224C4; oemsaas_global_visit_session=6E05B466-33F2-3E6A-D5C1-BFC4B5E86D13; PHPSESSID=bf9a58b487523a983ad48929178e692e; oemcart_client_user_agent=Mozilla%252F5.0%2520(X11%253B%2520Linux%2520x86_64%253B%2520rv%253A96.0)%2520Gecko%252F20100101%2520Firefox%252F96.0; oemcart_client_pre_url=; oemcart_client_timezone=Etc%252FUTC; oemcart_client_screen_size=1280X1024; oemcart_client_broswer_language=en-US; oemcart_client_viewport_size=1280X1024; oemcart_client_broswer_date_time=2024-04-18%2010%3A04%3A00; _scid=f4dfdd76-8589-49db-b18b-02c56f6fa111; _scid_r=f4dfdd76-8589-49db-b18b-02c56f6fa111
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:04:01 GMT
content-type: image/x-icon
last-modified: Sat, 12 Feb 2022 05:23:27 GMT
etag: W/"6207444f-46"
cf-cache-status: MISS
expires: Thu, 18 Apr 2024 14:04:01 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763d408af2db4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML