Report - ispokeshop.com/offercanada/?6839

Report Overview

Submitted URL
ispokeshop.com/offercanada/?6839
IP
185.172.128.214
ASN
#216309 Tnsecurity Ltd
Submitted
2024-05-08 14:00:00
Access
public
Website Title
Quantum Flash
Final URL
ispokeshop.com/offercanada/?6839
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ispokeshop.com	unknown	unknown	No data	No data	9.4 kB	760 kB	185.172.128.214
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	1.1 kB	95 kB	216.58.207.227
customer-tqjuowcwyvj09sgh.cloudflarestream.com	unknown	2017-09-13	2022-09-05	2024-04-12	8.2 kB	1.3 MB	104.16.94.114
ipinfo.io	8136	2013-04-23	2013-12-16	2024-05-07	475 B	860 B	34.117.186.192
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	461 B	7.4 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed
2024-05-08	medium	ispokeshop.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	ispokeshop.com/offercanada/assets/js/index5e1f.js?v=2	2.4 kB	2024-04-18	2024-05-19
Pretty URL ispokeshop.com/offercanada/assets/js/index5e1f.js?v=2 IP 185.172.128.214 ASN #216309 Tnsecurity Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 12:15:51 Last Seen2024-05-19 21:13:48 Times Seen17 Hash e90e9ceee3d4f9c3eb03594124143f40 eced59552afdd71c87e7b1736612c5754406b187 125037d6617e9d8b7efcaf398dcea621ca45fabfb7e06f2be9e3d218d33a47be Loading...

	ispokeshop.com/offercanada/?6839	1.4 kB	2024-04-21	2024-05-11
Pretty URL ispokeshop.com/offercanada/?6839 IP 185.172.128.214 ASN #216309 Tnsecurity Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-21 15:07:24 Last Seen2024-05-11 02:07:31 Times Seen4 Hash afdbc8acbb20fce3df916c08d38e60b8 e6cbc1e995211354bad2bb0e428f0fd3cd4c3507 4d0770e4dfbe487a653fc5d4ebb8d46ceaa0fdc30db4df3e14470cc74fde60d7 Loading...

	customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/809.29cb9313.chunk.js	1.8 kB	2024-03-04	2024-05-19
Pretty URL customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/809.29cb9313.chunk.js IP 104.16.94.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-04 17:30:15 Last Seen2024-05-19 21:13:48 Times Seen76 Hash af477bd164b2eab9930ce515a5ae9d4d 93de86e9a23633eb76225d26dcdbcb66f3ed7957 5a69906010cbdc7b956d3689a356c3dd1716bbd4877d41ed14fa3e1d20c301c1 Loading...

	customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/233.a7045bab.chunk.js	37 kB	2024-04-06	2024-05-19
Pretty URL customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/233.a7045bab.chunk.js IP 104.16.94.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 18:52:19 Last Seen2024-05-19 21:13:48 Times Seen68 Hash 807ece88d3879f095cdbebd274a4943f 57a57c145befe8d8a2296d93d726cb6b81ecb1af 5067eb5403e657185346b27ae098d5c0638c8784d3f9690af3cfc8f3794b7212 Loading...

	ispokeshop.com/offercanada/js/utils.js	234 kB	2023-03-07	2024-05-19
Pretty URL ispokeshop.com/offercanada/js/utils.js IP 185.172.128.214 ASN #216309 Tnsecurity Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:26 Last Seen2024-05-19 21:13:48 Times Seen448 Hash 13fbad1cb845a3281cf3821792a9931a 979f77248eea85be89ab91297b8fad6eabad4111 e5277eaf274835757d6682660675f6c3af0d95f8462d007483c881730f1a95e2 Loading...

	ispokeshop.com/offercanada/js/intlTelInput.js	89 kB	2023-03-08	2024-05-20
Pretty URL ispokeshop.com/offercanada/js/intlTelInput.js IP 185.172.128.214 ASN #216309 Tnsecurity Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:25 Last Seen2024-05-20 01:41:52 Times Seen12212 Hash 9146aa46d1f409004183b86f202c4607 717a6d53527fe31ec1c4eef9022b06e5d4d6f6a5 b188900aaff98a87fc69519ab04437aa735708b4b92f2adcab6937d2a1d42e37 Loading...

	ispokeshop.com/offercanada/js/1.12.4.min.js	97 kB	2023-03-07	2024-05-20
Pretty URL ispokeshop.com/offercanada/js/1.12.4.min.js IP 185.172.128.214 ASN #216309 Tnsecurity Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-20 01:41:52 Times Seen119991 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/525.43864667.chunk.js	76 kB	2024-04-06	2024-05-19
Pretty URL customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/525.43864667.chunk.js IP 104.16.94.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 18:52:19 Last Seen2024-05-19 21:13:48 Times Seen95 Hash ee6f421a37eb204c9ba88ec9a47dfe45 28c070d39bd8b26f9a837eeef3261d243d136ced e1abb4333ad3d32ddc54b1c122782a44841ef72f165b405441dd3a980071f184 Loading...

	customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/41.093bfa3e.chunk.js	356 kB	2023-08-02	2024-05-19
Pretty URL customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/41.093bfa3e.chunk.js IP 104.16.94.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-02 08:58:20 Last Seen2024-05-19 21:13:48 Times Seen157 Hash 3399aee8bd2e59d9ed4562b1a2cfe83b 78ff6f536ff33fe97e7d1d9b8bafc29c37cbbcd8 45030ac253caa53d54c6645791631c6ea68c3df963c4811208f8bc7e5ee954d5 Loading...

	ipinfo.io/json?token=3337dd9553c4c6&callback=jQuery112409992549399640258_1715176773553&_=1715176773554	351 B	2024-05-08	2024-05-08
Pretty URL ipinfo.io/json?token=3337dd9553c4c6&callback=jQuery112409992549399640258_1715176773553&_=1715176773554 IP 34.117.186.192 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 16:00:08 Last Seen2024-05-08 16:00:08 Times Seen2 Hash c6c36a49fae6b6b08f85cc4313f68d77 fcc288890d0bb1c083b472a8b7c25306992bbbe5 bd0eef8b05c83377127459fe87cde196eab3671663c2379b28c67c08d78462e9 Loading...

	ispokeshop.com/offercanada/?6839	398 B	2024-04-06	2024-05-19
Pretty URL ispokeshop.com/offercanada/?6839 IP 185.172.128.214 ASN #216309 Tnsecurity Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 18:52:19 Last Seen2024-05-19 21:13:48 Times Seen38 Hash 8efec7867e9456ef616703edaae83445 7c83f8a72faed5bcdfa7fef4cc76a13239c64cfd 923f56ed8c678d3b9131fbc6aed6a8accd686b1dcb87e6224aeb866ebd40d937 Loading...

	customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0c94bb99d03ffcacea646a56b8539ce9	748 kB	2024-04-06	2024-05-19
Pretty URL customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0c94bb99d03ffcacea646a56b8539ce9 IP 104.16.94.114 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 18:52:19 Last Seen2024-05-19 21:13:48 Times Seen79 Hash b4f5c7cb8dfee3994eab8b8ff1943267 b1d7c2ee06072a2653e8d6bd3113916044c1783c 3bc7d8d00efe683ac7abd8dcb9299b3056acc3b68ec3fb71a5919efbc494ef65 Loading...

HTTP Transactions (35)

URL IP Response Size

ispokeshop.com/offercanada/?6839

185.172.128.214

200 OK

4.2 kB

URL User Request GET HTTP/2
ispokeshop.com/offercanada/?6839
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1041)
Size
4.2 kB (4230 bytes)
Hash
fc3258b7b5b5eb9813ae5406d2a54485
214f438703005205ae75a34bf5fde9a3aaac4528
924a23aaaa0650530cda350fc9c16fe56c28dc28af5af97707d4a44e5ff485b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/?6839 HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:32 GMT
content-type: text/html; charset=utf-8
content-length: 4230
last-modified: Sun, 05 May 2024 19:15:46 GMT
etag: "4c5f-617b9c7a60a45-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/js/index5e1f.js?v=2

185.172.128.214

200 OK

1.3 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/js/index5e1f.js?v=2
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
gzip compressed data, from Unix
Size
1.3 kB (1331 bytes)
Hash
be8e32dcf30ba09544ef7d5fe9fe19f6
fbe7b300567ece7649858f940f26c41b9305fda6
0aee365d90647a7a8929d114e73d63d63082e6cb50919b3219681fe79c48ea16

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/js/index5e1f.js?v=2 HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 05 May 2024 19:16:29 GMT
vary: Accept-Encoding
etag: W/"6637db0d-959"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/hero-bg.jpg

185.172.128.214

200 OK

19 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/hero-bg.jpg
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x719, components 3
Size
19 kB (18704 bytes)
Hash
76bdea2ebcb93ba0d07edff00f76e47d
5f52de3d467b75bea21f5155927d52d29b2c3140
6f8f60a1f77cff3a17ee9111cf25c6b6756fc51ee058280aa27da42a5ba9428b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/hero-bg.jpg HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/assets/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/jpeg
content-length: 18704
last-modified: Sun, 05 May 2024 19:16:10 GMT
etag: "6637dafa-4910"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/about-bg.jpg

185.172.128.214

200 OK

14 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/about-bg.jpg
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x712, components 3
Size
14 kB (14044 bytes)
Hash
1cd266b2650799aaa55eeb875f2ab80b
877bca86a90d9915828df4f241e5b93466fd3fa1
276e43fc7aab12cacac2d964c52828a0b5975c382506e4c5c5a458ac1df18a49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/about-bg.jpg HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/assets/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/jpeg
content-length: 14044
last-modified: Sun, 05 May 2024 19:16:08 GMT
etag: "6637daf8-36dc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/how-works-bg.jpg

185.172.128.214

200 OK

16 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/how-works-bg.jpg
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x895, components 3
Size
16 kB (15784 bytes)
Hash
913e20991f4b392b3010abf8343be14c
8a143d2629999a866cfae12c24cb31ba1e294870
e6e8088bc5f0537f6ba20db7c33dca9d5b01f34d212ccb33b80c06c3fab19d94

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/how-works-bg.jpg HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/assets/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/jpeg
content-length: 15784
last-modified: Sun, 05 May 2024 19:16:12 GMT
etag: "6637dafc-3da8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ispokeshop.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 183916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/css/custom.css

185.172.128.214

200 OK

47 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/css/custom.css
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
gzip compressed data, from Unix
Size
47 kB (47281 bytes)
Hash
4c92cd67bcfefccb3a6bb9064028fcdb
4cccf51c9033066c6dbfc44b450dca962f2d5d91
69b06e55db536605a152a01e7e3720c7437cd44aecea1c529cc5108295989a30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/css/custom.css HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: text/css
last-modified: Sun, 05 May 2024 19:16:00 GMT
vary: Accept-Encoding
etag: W/"6637daf0-5c4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/qf_logo_black.png

185.172.128.214

200 OK

15 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/qf_logo_black.png
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
PNG image data, 484 x 97, 8-bit/color RGBA, non-interlaced
Size
15 kB (14954 bytes)
Hash
9a05e815b1b8ce513541af919c654570
c40e2dc2af03a81d6f56d8e64a33ad3b1c0459f9
de5a85da243dee09264ddb4b3219f29dbb3b92b76f92f755de53c4797469ea1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/qf_logo_black.png HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/png
content-length: 14954
last-modified: Sun, 05 May 2024 19:16:13 GMT
etag: "6637dafd-3a6a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/partners.png

185.172.128.214

200 OK

18 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/partners.png
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
PNG image data, 232 x 46, 8-bit/color RGBA, non-interlaced
Size
18 kB (18332 bytes)
Hash
1fc8d2a678b88f5722d0200a6543915b
9b9a205d755e24999cbcc8a468c646a91dc539c6
8631ecc5da6bcdba2d734086052486993c7231804c84468c2557a19647966377

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/partners.png HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/png
content-length: 18332
last-modified: Sun, 05 May 2024 19:16:12 GMT
etag: "6637dafc-479c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/about-001.svg

185.172.128.214

200 OK

986 B

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/about-001.svg
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
SVG Scalable Vector Graphics image
Size
986 B (986 bytes)
Hash
61f3e9dbf95f844ee5a1e40858db37e9
d52dad5fe45f18b8a6f7b1aa3d06287fe25d7a56
e71f80c9e259cad4ef197d6557032996f7e7e3fba9376230fbfd3026920860bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/about-001.svg HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/svg+xml
content-length: 986
last-modified: Sun, 05 May 2024 19:16:05 GMT
etag: "6637daf5-3da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/about-002.svg

185.172.128.214

200 OK

423 B

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/about-002.svg
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
SVG Scalable Vector Graphics image
Size
423 B (423 bytes)
Hash
7ed5b6e65050807115dffb2dc4c9f7d8
52926da3b1a262bab2f0e04fc63a40e3a3dbff99
222699ba265756484f61e3668801f6cc3e2977e2c577cbc3946e3185796dc26a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/about-002.svg HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/svg+xml
content-length: 423
last-modified: Sun, 05 May 2024 19:16:05 GMT
etag: "6637daf5-1a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/elon-musk.png

185.172.128.214

200 OK

60 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/elon-musk.png
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
PNG image data, 336 x 439, 8-bit colormap, non-interlaced
Size
60 kB (60312 bytes)
Hash
c9477498507536949c4c27c70d61faea
9cadb4abe259adf720dfa131b73528b07681896c
4cc1fb4d6eb6660c07af05d647272602daa9d03f6a50d951be86c358bf9a7e78

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/elon-musk.png HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/png
content-length: 60312
last-modified: Sun, 05 May 2024 19:16:08 GMT
etag: "6637daf8-eb98"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ispokeshop.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 183916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/favicon.png

185.172.128.214

200 OK

3.1 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/favicon.png
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
PNG image data, 44 x 49, 8-bit/color RGBA, non-interlaced
Size
3.1 kB (3129 bytes)
Hash
4035aacb6c11640d551411ab78b098d9
dbc88d371adeedf93c68928238ec4a6cdfb25aa1
e2152bf9cea8c089a02a5bff9f9fb99f7eb0eaddb57d09b01e75e160b994526b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/favicon.png HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/png
content-length: 3129
last-modified: Sun, 05 May 2024 19:16:10 GMT
etag: "6637dafa-c39"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0c94bb99d03ffcacea646a56b8539ce9

104.16.94.114

301 Moved Permanently

0 B

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js?video=0c94bb99d03ffcacea646a56b8539ce9
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embed/sdk-iframe-integration.fla9.latest.js?video=0c94bb99d03ffcacea646a56b8539ce9 HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Wed, 08 May 2024 13:59:33 GMT
content-length: 0
location: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 8809f894eab6b4f7-OSL
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/525.43864667.chunk.js

104.16.94.114

200 OK

35 kB

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/525.43864667.chunk.js
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
35 kB (35038 bytes)
Hash
ee6f421a37eb204c9ba88ec9a47dfe45
28c070d39bd8b26f9a837eeef3261d243d136ced
e1abb4333ad3d32ddc54b1c122782a44841ef72f165b405441dd3a980071f184

HTTP Headers

GET /embed/525.43864667.chunk.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:34 GMT
content-type: application/javascript
cf-ray: 8809f8970d6bb4f7-OSL
cf-cache-status: HIT
age: 14
cache-control: max-age=180
etag: W/"ee6f421a37eb204c9ba88ec9a47dfe45"
expires: Wed, 08 May 2024 13:57:26 GMT
last-modified: Fri, 05 Apr 2024 20:59:57 GMT
access-control-expose-header: cf-ray
stream-dw-version: 2024.5.0
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/img/flags.png

185.172.128.214

200 OK

71 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/img/flags.png
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced
Size
71 kB (70857 bytes)
Hash
416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/img/flags.png HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/assets/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:34 GMT
content-type: image/png
content-length: 70857
last-modified: Sun, 05 May 2024 19:16:25 GMT
etag: "6637db09-114c9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2

ipinfo.io/json?token=3337dd9553c4c6&callback=jQuery112409992549399640258_1715176773553&_=1715176773554

34.117.186.192

200 OK

351 B

URL GET HTTP/2
ipinfo.io/json?token=3337dd9553c4c6&callback=jQuery112409992549399640258_1715176773553&_=1715176773554
IP
34.117.186.192:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectipinfo.io
FingerprintC3:D1:C0:FE:0C:C8:E1:18:4F:C8:22:D0:9C:FF:D9:F4:EF:72:CD:6B
ValidityFri, 19 Apr 2024 20:17:23 GMT - Thu, 18 Jul 2024 20:17:22 GMT

File type
JavaScript source, ASCII text
Size
351 B (351 bytes)
Hash
c6c36a49fae6b6b08f85cc4313f68d77
fcc288890d0bb1c083b472a8b7c25306992bbbe5
bd0eef8b05c83377127459fe87cde196eab3671663c2379b28c67c08d78462e9

HTTP Headers

GET /json?token=3337dd9553c4c6&callback=jQuery112409992549399640258_1715176773553&_=1715176773554 HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Wed, 08 May 2024 13:59:34 GMT
content-type: text/javascript; charset=utf-8
content-length: 351
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-envoy-upstream-service-time: 3
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/metadata/playerEnhancementInfo.json

104.16.94.114

200 OK

54 kB

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/metadata/playerEnhancementInfo.json
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type
JSON text data
Size
54 kB (54010 bytes)
Hash
f35e1bd2fced5213c20f1b73dbd31717
e1942237e4c4e971f4fbe29ee40e2939ac67b036
80c36f6b5e83c2f94fe91de154bc9ce1b70ffcb126790d1c9b179d8107482a48

HTTP Headers

GET /0c94bb99d03ffcacea646a56b8539ce9/metadata/playerEnhancementInfo.json HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:34 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=600
vary: origin, referer, Accept-Encoding
access-control-allow-headers: range
access-control-expose-header: cf-ray
stream-dw-version: 2024.5.0
server: cloudflare
cf-ray: 8809f8975db0b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/809.29cb9313.chunk.js

104.16.94.114

200 OK

9.7 kB

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/809.29cb9313.chunk.js
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type
JavaScript source, ASCII text, with very long lines (1763), with no line terminators
Size
9.7 kB (9703 bytes)
Hash
af477bd164b2eab9930ce515a5ae9d4d
93de86e9a23633eb76225d26dcdbcb66f3ed7957
5a69906010cbdc7b956d3689a356c3dd1716bbd4877d41ed14fa3e1d20c301c1

HTTP Headers

GET /embed/809.29cb9313.chunk.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:34 GMT
content-type: application/javascript
cf-ray: 8809f896fd5db4f7-OSL
cf-cache-status: HIT
age: 161
cache-control: max-age=180
etag: W/"af477bd164b2eab9930ce515a5ae9d4d"
expires: Wed, 08 May 2024 13:57:03 GMT
last-modified: Tue, 02 Apr 2024 20:40:18 GMT
access-control-expose-header: cf-ray
stream-dw-version: 2024.5.0
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/img/loader.gif

185.172.128.214

404 Not Found

3.0 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/img/loader.gif
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
HTML document, ASCII text, with very long lines (3525), with no line terminators
Size
3.0 kB (2966 bytes)
Hash
616160ab316ba6235fe9c0f4c9af9db4
918351f89b0f390a1182968bb019268ce12d523b
dc2211c829a20fe3500fca173ea01dfb1eff65f1d0f0835e79a11695571a0500

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/img/loader.gif HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/assets/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 30 Apr 2024 13:40:28 GMT
etag: W/"b96-61750834ebdd5"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@400;700;800&display=swap

142.250.74.106

200 OK

6.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;700;800&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (6948), with no line terminators
Size
6.8 kB (6780 bytes)
Hash
113b9ee0b24a88beac9cabf31ffe89de
d4e5f57d16c559f3f39aad410018f4304102b4fb
f769e70c2dd24cf3ce2090660a1b0581fb7bed0db4f64028a918e354a4f9e343

HTTP Headers

GET /css2?family=Inter:wght@400;700;800&amp;display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 13:59:33 GMT
date: Wed, 08 May 2024 13:59:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/about-004.svg

185.172.128.214

200 OK

1.4 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/about-004.svg
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1386 bytes)
Hash
5c53c9dcc10214b6d16fb2c62aa1af1f
484cd14a8d167a5682c2f2e3f535e451f8494a5a
b867e51f902e82fde46eb758aab26e3cf5ff49aa583f83c0cf7e9f901ba2802a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/about-004.svg HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/svg+xml
last-modified: Sun, 05 May 2024 19:16:07 GMT
vary: Accept-Encoding
etag: W/"6637daf7-56a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/233.a7045bab.chunk.js

104.16.94.114

200 OK

37 kB

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/233.a7045bab.chunk.js
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type

Size
37 kB (36926 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embed/233.a7045bab.chunk.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:34 GMT
content-type: application/javascript
cf-ray: 8809f8970d6fb4f7-OSL
cf-cache-status: HIT
age: 14
cache-control: max-age=180
etag: W/"807ece88d3879f095cdbebd274a4943f"
expires: Wed, 08 May 2024 13:59:33 GMT
last-modified: Fri, 05 Apr 2024 20:59:55 GMT
access-control-expose-header: cf-ray
stream-dw-version: 2024.5.0
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/thumbnails/thumbnail.jpg?time=&height=600

104.16.94.114

200 OK

9.5 kB

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/thumbnails/thumbnail.jpg?time=&height=600
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.37.100", progressive, precision 8, 1066x600, components 1
Size
9.5 kB (9494 bytes)
Hash
1eff7a30f56814dc17d90081aadcfa52
f7572fd6a6810cfd75d42b4ec12d714012421951
03444f7ec64eb8d537e7cebbed42d923715182c117f4c119fe679af144ec6844

HTTP Headers

GET /0c94bb99d03ffcacea646a56b8539ce9/thumbnails/thumbnail.jpg?time=&height=600 HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:34 GMT
content-type: image/jpeg
content-length: 9494
cf-ray: 8809f8975dabb4f7-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 72110
cache-control: public, max-age=864000
last-modified: Wed, 27 Mar 2024 18:09:28 GMT
strict-transport-security: max-age=31536000
vary: origin, referer, Accept-Encoding
access-control-allow-headers: range
access-control-expose-header: cf-ray
core-cache-status: MISS
served-in-seconds: 0.845
stream-dw-version: 2024.5.0
server: cloudflare
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/images/about-003.svg

185.172.128.214

200 OK

1.1 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/images/about-003.svg
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1147 bytes)
Hash
d93695a9a60bd55b6ce8c2f858252b7b
f0f9d43858c786398b6a3e382a0fce8da1aaac9c
58219dd0ad41042e48117220d11087c2e84cc338ff484f94686752f267b46289

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/images/about-003.svg HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: image/svg+xml
last-modified: Sun, 05 May 2024 19:16:07 GMT
vary: Accept-Encoding
etag: W/"6637daf7-47b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/js/utils.js

185.172.128.214

200 OK

234 kB

URL GET HTTP/2
ispokeshop.com/offercanada/js/utils.js
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
JavaScript source, ASCII text, with very long lines (2048)
Size
234 kB (233928 bytes)
Hash
13fbad1cb845a3281cf3821792a9931a
979f77248eea85be89ab91297b8fad6eabad4111
e5277eaf274835757d6682660675f6c3af0d95f8462d007483c881730f1a95e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/js/utils.js HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 05 May 2024 19:15:57 GMT
vary: Accept-Encoding
etag: W/"6637daed-391c8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/js/intlTelInput.js

185.172.128.214

200 OK

89 kB

URL GET HTTP/2
ispokeshop.com/offercanada/js/intlTelInput.js
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type

Size
89 kB (89336 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/js/intlTelInput.js HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 05 May 2024 19:15:55 GMT
vary: Accept-Encoding
etag: W/"6637daeb-15cf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600

104.16.94.114

200 OK

1.5 kB

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type
HTML document, ASCII text, with very long lines (1618), with no line terminators
Size
1.5 kB (1544 bytes)
Hash
276f916e2047d91475cc9d8378c32140
30399a08d9c9bfae70f8ad0ef77d5b20ba567502
a9e48724b2996f04f0fbe1075d5a7cd14f1638fb025d5aa5dc4caed18f3fe27e

HTTP Headers

GET /0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600 HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:33 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: origin, referer, Accept-Encoding
access-control-expose-header: cf-ray
stream-dw-version: 2024.5.0
server: cloudflare
cf-ray: 8809f892f81db4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/manifest/video.mpd?parentOrigin=https%3A%2F%2Fispokeshop.com

104.16.94.114

200 OK

6.2 kB

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/manifest/video.mpd?parentOrigin=https%3A%2F%2Fispokeshop.com
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type
XML document, ASCII text, with very long lines (6390), with no line terminators
Size
6.2 kB (6221 bytes)
Hash
6f3e079c0be0af8e31e56dc419bd0b17
9b6dcdf8fde5e576d194a3731fe54c98ffde6f39
4082adea7df3eedfbef95549dafac0aed38d53a5b74d910a7f0ae91a10f73906

HTTP Headers

GET /0c94bb99d03ffcacea646a56b8539ce9/manifest/video.mpd?parentOrigin=https%3A%2F%2Fispokeshop.com HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
cmcd-object: ot=m
cmcd-request: su
cmcd-session: cid="Cloudflare Stream Player 3b8bfec",sf=d,sid="458ea1c4-4440-4805-865c-fe2608e42c8a"
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:35 GMT
content-type: application/dash+xml
access-control-allow-origin: *
cache-control: public, max-age=600
vary: origin, referer, Accept-Encoding
access-control-allow-headers: range
access-control-expose-header: cf-ray
local-time: ro-miss
stream-dw-version: 2024.5.0
server: cloudflare
cf-ray: 8809f897be38b4f7-OSL
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js

104.16.94.114

200 OK

748 kB

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type

Size
748 kB (747451 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embed/sdk-iframe-integration.fla9.latest.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:33 GMT
content-type: application/javascript
cf-ray: 8809f8951aeab4f7-OSL
cf-cache-status: HIT
age: 71
cache-control: max-age=180
etag: W/"b4f5c7cb8dfee3994eab8b8ff1943267"
expires: Wed, 08 May 2024 13:58:16 GMT
last-modified: Tue, 02 Apr 2024 20:40:11 GMT
access-control-expose-header: cf-ray
stream-dw-version: 2024.5.0
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/lifecycle

104.16.94.114

200 OK

115 B

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/lifecycle
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
115 B (115 bytes)
Hash
d34748829929d78b4f82d3b2a29cc790
e650ee79410b528fad10312eb96815679d7b2faf
5f2096517b342d44401a216c8d22272051a6812feb8210d386f7905cb6ff02fb

HTTP Headers

GET /0c94bb99d03ffcacea646a56b8539ce9/lifecycle HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:34 GMT
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 8809f8975db3b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/41.093bfa3e.chunk.js

104.16.94.114

200 OK

356 kB

URL GET HTTP/2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/41.093bfa3e.chunk.js
IP
104.16.94.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Certificate
IssuerLet's Encrypt
Subjectcloudflarestream.com
Fingerprint4B:FC:27:51:84:79:E8:BA:88:43:DB:65:F0:1A:02:38:C3:2C:69:E7
ValidityWed, 03 Apr 2024 04:01:30 GMT - Tue, 02 Jul 2024 04:01:29 GMT

File type

Size
356 kB (356453 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /embed/41.093bfa3e.chunk.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://customer-tqjuowcwyvj09sgh.cloudflarestream.com/0c94bb99d03ffcacea646a56b8539ce9/iframe?muted=true&autoplay=true&poster=https%3A%2F%2Fcustomer-tqjuowcwyvj09sgh.cloudflarestream.com%2F0c94bb99d03ffcacea646a56b8539ce9%2Fthumbnails%2Fthumbnail.jpg%3Ftime%3D%26height%3D600
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 13:59:34 GMT
content-type: application/javascript
cf-ray: 8809f896fd5ab4f7-OSL
cf-cache-status: HIT
age: 15
cache-control: max-age=180
etag: W/"3399aee8bd2e59d9ed4562b1a2cfe83b"
expires: Wed, 08 May 2024 13:57:26 GMT
last-modified: Fri, 05 Apr 2024 20:59:56 GMT
access-control-expose-header: cf-ray
stream-dw-version: 2024.5.0
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/assets/css/main.css

185.172.128.214

200 OK

58 kB

URL GET HTTP/2
ispokeshop.com/offercanada/assets/css/main.css
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
assembler source, ASCII text, with very long lines (1881)
Size
58 kB (58108 bytes)
Hash
df09aebff83459ed23d79f8339c8d922
d05bac48765157375c0625d1c0a10211067a6375
7efcb95daf58afb2121962fe88fd2f77bc792f4192aacd4aef821883028f1500

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/assets/css/main.css HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: text/css
last-modified: Sun, 05 May 2024 19:16:00 GMT
vary: Accept-Encoding
etag: W/"6637daf0-e2fc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

ispokeshop.com/offercanada/js/1.12.4.min.js

185.172.128.214

200 OK

97 kB

URL GET HTTP/2
ispokeshop.com/offercanada/js/1.12.4.min.js
IP
185.172.128.214:443
ASN
#216309 Tnsecurity Ltd

Requested by
https://ispokeshop.com/offercanada/?6839
Certificate
IssuerLet's Encrypt
Subjectispokeshop.com
Fingerprint93:51:CE:32:7E:49:CB:FE:7B:BA:80:99:93:1B:7E:86:B8:DB:FD:46
ValidityTue, 30 Apr 2024 13:54:26 GMT - Mon, 29 Jul 2024 13:54:25 GMT

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
97 kB (97163 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /offercanada/js/1.12.4.min.js HTTP/1.1
Host: ispokeshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ispokeshop.com/offercanada/?6839
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 13:59:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 05 May 2024 19:15:55 GMT
vary: Accept-Encoding
etag: W/"6637daeb-17b8b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML