Report - mercareapp.com/

Report Overview

Submitted URL
mercareapp.com/
IP
107.151.244.202
ASN
#137443 Anchnet Asia Limited
Submitted
2024-04-18 12:50:26
Access
public
Website Title
shopifyplus | Best e-shopping website
Final URL
mercareapp.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
112

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
client.crisp.chat	19483	2017-06-09	2017-07-02	2024-04-15	1.8 kB	1.1 MB	104.18.28.104
mercareapp.com	unknown	unknown	No data	No data	30 kB	4.0 MB	107.151.244.202
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	486 B	3.4 kB	216.58.207.234
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	1.1 kB	98 kB	142.250.74.99
s-cf-tw.shopeesz.com	902167	2017-11-22	2019-02-17	2024-03-09	5.9 kB	2.0 MB	174.35.118.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed
2024-04-18	medium	mercareapp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	mercareapp.com/public/assets/js/aiz-core.js	84 kB	2023-07-06	2024-04-18
Pretty URL mercareapp.com/public/assets/js/aiz-core.js IP 107.151.244.202 ASN #137443 Anchnet Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-06 06:51:18 Last Seen2024-04-18 14:50:45 Times Seen40 Hash 113fa96ba7528cb41d38ac2349385176 0bf3332a72afee7640b17c951a0b103eb0a82470 c2fab04477012ff398ab9835475ee9de1b78b8a9a77f79e34ed6da0a897bc496 Loading...

	mercareapp.com/	911 B	2023-03-07	2024-04-18
Pretty URL mercareapp.com/ IP 107.151.244.202 ASN #137443 Anchnet Asia Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:23:24 Last Seen2024-04-18 14:50:44 Times Seen278 Hash 6f56ea82c07879723696220f4bd392fa 2eaf1e783bd0431b67bd0481bbbd0c124d36ed30 0be779755c5a031a677eb3fc27ee6c2a2635f75a1a0f779b6a59b5c4a77e1cca Loading...

	client.crisp.chat/settings/website/69c580ca-a4fa-466e-ba7c-77791ce19389/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-3-18-12-50	78 B	2023-03-10	2024-05-01
Pretty URL client.crisp.chat/settings/website/69c580ca-a4fa-466e-ba7c-77791ce19389/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-3-18-12-50 IP 104.18.28.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:53:48 Last Seen2024-05-01 18:16:58 Times Seen19 Hash e518d7bd6f9a6f6b88cd626cc26cc9fa e88c6200a172000bf3da1dea74657770d7cd9f62 b414a4ef6212cfd86f262720dcd9088fd8fc8d7a20dd7858d9070055dd3786f3 Loading...

	mercareapp.com/	234 B	2024-04-18	2024-04-18
Pretty URL mercareapp.com/ IP 107.151.244.202 ASN #137443 Anchnet Asia Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 14:50:44 Last Seen2024-04-18 14:50:44 Times Seen1 Hash bbe88668c55372cff0cde9226b7c19a2 a735c2fce4a53a1090fdc478d635be6ccb3c5a60 9937ea62b709953dc26175c3bba18d9fb007320992c298a4bcca8e9871608f15 Loading...

	client.crisp.chat/l.js	8.3 kB	2024-03-27	2024-05-01
Pretty URL client.crisp.chat/l.js IP 104.18.28.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-27 09:14:23 Last Seen2024-05-01 18:16:58 Times Seen69 Hash 53a5d8cfc09a3c72ef8e6a2bb242b1c6 f931ea21235ec9e71398f6402ba320e880855b56 4901808999e281959993c10648bef18cbda4d8af309a6478d2393a72e9c36cf8 Loading...

	mercareapp.com/public/assets/js/vendors.js	1.3 MB	2023-03-29	2024-04-18
Pretty URL mercareapp.com/public/assets/js/vendors.js IP 107.151.244.202 ASN #137443 Anchnet Asia Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:29:38 Last Seen2024-04-18 14:50:44 Times Seen59 Hash 3e27dc1f526b607533c07a534e074551 58740698f7e1c5e135e08e13c4cd185931f202c2 c83923dc19565e9c97d7e8e20106f0c6effd60549cefeef3b1bfcb7d56518d6b Loading...

	mercareapp.com/	205 B	2023-03-07	2024-04-27
Pretty URL mercareapp.com/ IP 107.151.244.202 ASN #137443 Anchnet Asia Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:23:24 Last Seen2024-04-27 14:41:56 Times Seen418 Hash 5966646a9c4f85aaae9fc3af30252771 9758c9c9e5cff00863b8539541a1bf75672e2aaf 45c7d025e38021b998df8092f67747fe6e5d68a394009da8b77e1832fb875382 Loading...

	mercareapp.com/	13 B	2023-03-07	2024-04-30
Pretty URL mercareapp.com/ IP 107.151.244.202 ASN #137443 Anchnet Asia Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:23 Last Seen2024-04-30 17:08:04 Times Seen834 Hash 1892a845aa81b9ddb8b6ef6920d742bb 0075569a5a4198b9812be41eab8956188aa19e55 6ba6c11bd8700086c8f00d11c7e22487a9c13a211f57e0cf06bb9e365fa87704 Loading...

	mercareapp.com/	9.7 kB	2024-04-18	2024-04-18
Pretty URL mercareapp.com/ IP 107.151.244.202 ASN #137443 Anchnet Asia Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 14:50:44 Last Seen2024-04-18 14:50:44 Times Seen1 Hash 5ecbae8c08bbd1f3c6fa1877ec49f244 d38adf5bd8da7e20155d45c1a38537fbc495c73b 6175bf57c2c5bd4adaeb51a31c14194d04c1b3df482e77991325b0a25941f993 Loading...

	mercareapp.com/	1.3 kB	2024-04-18	2024-04-18
Pretty URL mercareapp.com/ IP 107.151.244.202 ASN #137443 Anchnet Asia Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 14:50:44 Last Seen2024-04-18 14:50:44 Times Seen1 Hash 7123e714bd13f4b219764806be658da4 0dd6a339114177c5d623a729514061f66e57aac7 38af2d0e70d5082a94f44a781cf536dcfef04e4fae33295de614f186504f7789 Loading...

	client.crisp.chat/static/javascripts/client.js?82e65c8	423 kB	2024-03-27	2024-05-01
Pretty URL client.crisp.chat/static/javascripts/client.js?82e65c8 IP 104.18.28.104 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-27 09:14:23 Last Seen2024-05-01 18:16:58 Times Seen66 Hash 86906ea058bc675b568fc9bea09423e5 31497d2b270611a0ea1dc181ac0fc49d3244359b 08b4263e0f042af5d37b9a636df1037b91d39a0ed31759cd65bbc8a4e0ad9eca Loading...

		Size	First Seen	Last Seen
	#1 Eval - f7fef8930207b23ec9c04386f9a02c76	24 B	2023-03-07	2024-04-30
Pretty Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-30 06:45:35 Times Seen9431 Hash f7fef8930207b23ec9c04386f9a02c76 146273d1c716700bb25aaa15e8595624b611ffdf 74867c5a2cf408b090752d3cb8767bb46fdb4a0529bc959d96f51aeb2607d7e3 Loading...

HTTP Transactions (76)

URL IP Response Size

mercareapp.com/

107.151.244.202

200 OK

334 B

URL User Request GET HTTP/2
mercareapp.com/
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
HTML document, ASCII text
Size
334 B (334 bytes)
Hash
b4f0f548aabc45bea273e4bde2b9f62b
e1ee253d64afc9d48cb17bd71fb61dc344eac5bc
08aee7bd0d729e7ff0f345f5580aca8c2a18b7855cb37993420b37a8765f7b41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Thu, 18 Apr 2024 12:50:04 GMT
Location: https://mercareapp.com
Set-Cookie: shopifyplus_session=h4huetvDrpZpzMNrCFtwgP2BWfu2eq0cpcIDGl4A; expires=Thu, 18-Apr-2024 14:50:04 GMT; Max-Age=7200; path=/; httponly
Strict-Transport-Security: max-age=31536000

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap

216.58.207.234

200 OK

2.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://mercareapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
2.7 kB (2749 bytes)
Hash
603040847c34ff6bfced4848f9d71895
9573712d7a18b18fea8db63602ef2fc7eb08c904
b6f762b715eb7715f44a3da187a11aa77eab1ac9b303ef2f3866a134cc5d52f0

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 12:50:03 GMT
date: Thu, 18 Apr 2024 12:50:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mercareapp.com/public/assets/css/custom-style.css

107.151.244.202

200 OK

29 B

URL GET HTTP/2
mercareapp.com/public/assets/css/custom-style.css
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
2cc149a2ebd1a4253dc242d54c2dd366
c28a715492b8decb160125ca7ba623e217c733e3
3b6b5f14b03f97ad3a449c30657096210268c8460408a9b77a9b4bdb966e37ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/css/custom-style.css HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: text/css
content-length: 29
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-1d"
expires: Fri, 19 Apr 2024 00:50:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mercareapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mercareapp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 189932
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mercareapp.com/public/assets/css/vendors.css

107.151.244.202

200 OK

134 kB

URL GET HTTP/2
mercareapp.com/public/assets/css/vendors.css
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
gzip compressed data, from Unix
Size
134 kB (134222 bytes)
Hash
159750ef3c4dc064456de27ccea69337
35d9fc61caf59db15a069a40e1adc697efe46710
7f53164b9fc55221ed39a06b211e7ffd04d7990ae8e5757745b87a03d333753c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/css/vendors.css HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: text/css
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
vary: Accept-Encoding
etag: W/"62d647f2-6d5a5"
expires: Fri, 19 Apr 2024 00:50:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mercareapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mercareapp.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 189932
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mercareapp.com/public/assets/img/placeholder.jpg

107.151.244.202

200 OK

2.5 kB

URL GET HTTP/2
mercareapp.com/public/assets/img/placeholder.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3
Size
2.5 kB (2517 bytes)
Hash
5632598c913a4107afee98e7ce1f9e4a
17398b1ef500f3c736420927da819ec69cd08d5e
b993c5624a17777a296e58d275a775899e72f320f73c254db952dbaa970739ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/img/placeholder.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/jpeg
content-length: 2517
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-9d5"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/BvdNAGlYihf5k2E1AOa1IXBBOJr1D8ugJ6odDiG9.png

107.151.244.202

200 OK

19 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/BvdNAGlYihf5k2E1AOa1IXBBOJr1D8ugJ6odDiG9.png
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 550 x 90, 8-bit/color RGBA, non-interlaced
Size
19 kB (19362 bytes)
Hash
cc9cda6c8c35dd9be574fbb805347dfb
3b5389d0ed331468084aeee3545e3b00af730ded
02afde352821598ca6b007f8e6d547b025e60b19ca2cbf385e50918ddcbfacde

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/BvdNAGlYihf5k2E1AOa1IXBBOJr1D8ugJ6odDiG9.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/png
content-length: 19362
last-modified: Thu, 01 Feb 2024 11:45:27 GMT
etag: "65bb8457-4ba2"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/assets/img/placeholder-rect.jpg

107.151.244.202

200 OK

6.6 kB

URL GET HTTP/2
mercareapp.com/public/assets/img/placeholder-rect.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x600, components 3
Size
6.6 kB (6591 bytes)
Hash
76891b0b93848682626db79b8d421b8d
f5532d4d9fd281b513922ea75639feb284f24d63
6ce595f5fd220331717134f243812e695141ce3c9925bd4135dae9291228e8a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/img/placeholder-rect.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/jpeg
content-length: 6591
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-19bf"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/assets/img/play.png

107.151.244.202

200 OK

14 kB

URL GET HTTP/2
mercareapp.com/public/assets/img/play.png
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced
Size
14 kB (13567 bytes)
Hash
e481cce2de3cecf9161636e7b2fe89e8
a891dbde1af19164f4eac33da6bcaac6089e7273
4634366a44153659e28ff1815d7d7637593149807bc642bbb0834cdbe9d3834c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/img/play.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/png
content-length: 13567
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-34ff"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/assets/img/app.png

107.151.244.202

200 OK

20 kB

URL GET HTTP/2
mercareapp.com/public/assets/img/app.png
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 300 x 89, 8-bit/color RGBA, non-interlaced
Size
20 kB (19667 bytes)
Hash
941ffb2f3fad44788db23bf44d5957a7
8209c9a82b3f6bc57f014c0ca52f636bf6a6c587
fceed4855ec5bb16dcbfca29fc915c4c0dd8504b135ed9b0ee5f3f87d0515cc7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/img/app.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/png
content-length: 19667
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-4cd3"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/A4exnDZSrAXvDu3OLWe07zbp2XXmwnQXb8iHu7jE.png

107.151.244.202

200 OK

48 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/A4exnDZSrAXvDu3OLWe07zbp2XXmwnQXb8iHu7jE.png
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 800 x 111, 8-bit/color RGBA, non-interlaced
Size
48 kB (48258 bytes)
Hash
76d2e804b13ae4a73982c3b2d75df903
6747c9c593477ea96a3c96b808f2c93ce1a792ac
dab6d5663f1c13413064c8e61aaa469dee17d921ff466b52380d4ecdacfcba45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/A4exnDZSrAXvDu3OLWe07zbp2XXmwnQXb8iHu7jE.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/png
content-length: 48258
last-modified: Wed, 31 Aug 2022 21:20:26 GMT
etag: "630fd09a-bc82"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/

107.151.244.202

200 OK

22 kB

URL User Request GET HTTP/2
mercareapp.com/
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
gzip compressed data, from Unix
Size
22 kB (21571 bytes)
Hash
e5aba57be48a13a05c41ac3f9b96f8e3
29e71186855575ae979db6ec8267b6cf66940d28
83e2d42e3c3f3886d91621277eda19724f5205d80bd3c492d4546567b6f5b09f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Thu, 18 Apr 2024 12:50:02 GMT
set-cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw; expires=Thu, 18-Apr-2024 14:50:05 GMT; Max-Age=7200; path=/; httponly
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

mercareapp.com/public/assets/fonts/la-regular-400.woff2

107.151.244.202

200 OK

13 kB

URL GET HTTP/2
mercareapp.com/public/assets/fonts/la-regular-400.woff2
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12900, version 1.0
Size
13 kB (12900 bytes)
Hash
88d9d9416c58bde56378dc4439e3a144
bebed8d7033a4df35bebba69f1fc261a78a4ee22
51ca2c00a3e30945e52227147fed9e296dde03af3c4d7589e8e95ca5740037db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/fonts/la-regular-400.woff2 HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/public/assets/css/vendors.css
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:07 GMT
content-type: font/woff2
content-length: 12900
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-3264"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/assets/fonts/la-solid-900.woff2

107.151.244.202

200 OK

97 kB

URL GET HTTP/2
mercareapp.com/public/assets/fonts/la-solid-900.woff2
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 96752, version 1.0
Size
97 kB (96752 bytes)
Hash
36fc297902c9a2e857858baa6ac25f2c
89d9531c0c70a8751dff83c1917baab1f16a2071
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/fonts/la-solid-900.woff2 HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/public/assets/css/vendors.css
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:07 GMT
content-type: font/woff2
content-length: 96752
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-179f0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/assets/fonts/la-brands-400.woff2

107.151.244.202

200 OK

85 kB

URL GET HTTP/2
mercareapp.com/public/assets/fonts/la-brands-400.woff2
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 84772, version 1.0
Size
85 kB (84772 bytes)
Hash
54b0b4e7de85711c3796882b2b19eb00
89f4f0d9ee3a2bde5fa250bbe6dc4a4804e1a863
ff70c9bc4650cf5e6b12d1feaa7af29ebf0681993fc0c5ffe3658cea0dbd5403

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/fonts/la-brands-400.woff2 HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/public/assets/css/vendors.css
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:07 GMT
content-type: font/woff2
content-length: 84772
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-14b24"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/P0KHN1jRxEYPySIGYbVZplLcPqfla7PSydUtyPbB.png

107.151.244.202

200 OK

11 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/P0KHN1jRxEYPySIGYbVZplLcPqfla7PSydUtyPbB.png
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 263 x 300, 8-bit/color RGBA, non-interlaced
Size
11 kB (11273 bytes)
Hash
ae5388db28e93332a7174ee0f8f21f66
4fe4147d50d6f3f30c63c1d8392afd0e846b7c02
5f2ee8e30cb7b5c9a3d360407cad976d27acc9a8aeecf9627c23305068e47d58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/P0KHN1jRxEYPySIGYbVZplLcPqfla7PSydUtyPbB.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:14 GMT
content-type: image/png
content-length: 11273
last-modified: Thu, 01 Feb 2024 11:55:33 GMT
etag: "65bb86b5-2c09"
expires: Sat, 18 May 2024 12:50:14 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/HWJCKolZmI3rF6liHCjyWHzSfQNysJeB9xNqTTfq.png

107.151.244.202

200 OK

941 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/HWJCKolZmI3rF6liHCjyWHzSfQNysJeB9xNqTTfq.png
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced
Size
941 kB (940591 bytes)
Hash
62395da325fad0b30988b2e4376bc1a4
d01de8e8013536599ac2c2b68c438f00b3851424
a61ee685113b69f14bce7f4b4e2e8de7c2c41965545c213641876eed13c0f6a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/HWJCKolZmI3rF6liHCjyWHzSfQNysJeB9xNqTTfq.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/png
content-length: 940591
last-modified: Fri, 02 Feb 2024 03:47:37 GMT
etag: "65bc65d9-e5a2f"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

s-cf-tw.shopeesz.com/file/109cd8ad2cc9c7d790b1e143c0bbb128

174.35.118.62

200 OK

54 kB

URL GET HTTP/1.1
s-cf-tw.shopeesz.com/file/109cd8ad2cc9c7d790b1e143c0bbb128
IP
174.35.118.62:443
ASN
#54994 ML-1432-54994

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3
Size
54 kB (53983 bytes)
Hash
109cd8ad2cc9c7d790b1e143c0bbb128
de473e47aff23368023a4dacebdbaee8f20ec93d
05e8cccdd37fd00d0e354f5fc130cc71599197733140313e9d1e831aa7b91c93

HTTP Headers

GET /file/109cd8ad2cc9c7d790b1e143c0bbb128 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:19 GMT
Content-Type: image/jpeg
Content-Length: 53983
Connection: keep-alive
Expires: Sun, 13 Apr 2025 04:18:27 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: 93a118682b734a4a8a35d2aa66c0cb27-65d1863f
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PS-FRA-01E6z147:7 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170b_PSygldLON2hl59_17051-10896

s-cf-tw.shopeesz.com/file/26cecb3021ab876729fee9b5b56359bc

174.35.118.62

200 OK

98 kB

URL GET HTTP/1.1
s-cf-tw.shopeesz.com/file/26cecb3021ab876729fee9b5b56359bc
IP
174.35.118.62:443
ASN
#54994 ML-1432-54994

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3
Size
98 kB (98531 bytes)
Hash
26cecb3021ab876729fee9b5b56359bc
5340e5e02521591590ea1f05eaef6635491c9f77
9e1d607663b0a7e12b4d066af32db1b5a50b898ae14d4f09e82f231de2aa35a6

HTTP Headers

GET /file/26cecb3021ab876729fee9b5b56359bc HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:19 GMT
Content-Type: image/jpeg
Content-Length: 98531
Connection: keep-alive
Expires: Mon, 28 Apr 2025 03:39:30 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: 5e759dc0427443a4af51e9ec51c0225a-6597e701
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PS-FRA-018SR149:10 (Cdn Cache Server V2.0), 1.1 PSygldLON2ew56:7 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170b_PSygldLON2hl59_16515-18661

s-cf-tw.shopeesz.com/file/4e1fdcd6700edb926cb51236612c20b3

174.35.118.62

200 OK

90 kB

URL GET HTTP/1.1
s-cf-tw.shopeesz.com/file/4e1fdcd6700edb926cb51236612c20b3
IP
174.35.118.62:443
ASN
#54994 ML-1432-54994

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3
Size
90 kB (90418 bytes)
Hash
4e1fdcd6700edb926cb51236612c20b3
93bb5c6b229fd9b4c8720734a9cf9c5bf78374ed
85b7567fb1fa46dcc65141b38335741ec91125316d6c1196e5c0f5712ce1003e

HTTP Headers

GET /file/4e1fdcd6700edb926cb51236612c20b3 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:19 GMT
Content-Type: image/jpeg
Content-Length: 90418
Connection: keep-alive
Expires: Tue, 29 Apr 2025 01:39:40 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: 6fc94e8d3d1b40b2b400c7021b6d638a-659bd85f
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PSygldLON4zd14:8 (Cdn Cache Server V2.0), 1.1 PSygldLON2ew56:3 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170b_PSygldLON2hl59_18687-27582

s-cf-tw.shopeesz.com/file/sg-11134207-23030-ldfavctzkbovaf

174.35.118.62

200 OK

319 kB

URL GET HTTP/1.1
s-cf-tw.shopeesz.com/file/sg-11134207-23030-ldfavctzkbovaf
IP
174.35.118.62:443
ASN
#54994 ML-1432-54994

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x1000, components 3
Size
319 kB (318735 bytes)
Hash
7b7e4f3ded2dbf0db4fc0499264561eb
22b3d2e4baccc7b6715a642e78c48d7e07672971
fb5c22422f0c31b11531a1b578d4d5475d1da84eef6b842dc6fc29e77b8df82c

HTTP Headers

GET /file/sg-11134207-23030-ldfavctzkbovaf HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:19 GMT
Content-Type: image/jpeg
Content-Length: 318735
Connection: keep-alive
Expires: Wed, 30 Apr 2025 10:32:24 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: 567c01ad374a4fafa41b4832a177dc2c-65b8a4db
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PSygldLON4ev13:7 (Cdn Cache Server V2.0), 1.1 PSygldLON2ew56:10 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170b_PSygldLON2hl59_18687-27580

client.crisp.chat/settings/website/69c580ca-a4fa-466e-ba7c-77791ce19389/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-3-18-12-50

104.18.28.104

200 OK

541 kB

URL GET HTTP/3
client.crisp.chat/settings/website/69c580ca-a4fa-466e-ba7c-77791ce19389/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-3-18-12-50
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectcrisp.chat
Fingerprint12:6B:4A:6F:45:E8:36:9E:4D:63:4A:4F:AB:E4:97:30:D2:B4:7E:19
ValidityFri, 05 Apr 2024 23:13:20 GMT - Thu, 04 Jul 2024 23:13:19 GMT

File type
ASCII text, with no line terminators
Size
541 kB (540730 bytes)
Hash
e518d7bd6f9a6f6b88cd626cc26cc9fa
e88c6200a172000bf3da1dea74657770d7cd9f62
b414a4ef6212cfd86f262720dcd9088fd8fc8d7a20dd7858d9070055dd3786f3

HTTP Headers

GET /settings/website/69c580ca-a4fa-466e-ba7c-77791ce19389/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2024-3-18-12-50 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 12:50:12 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
expires: Thu, 18 Apr 2024 16:50:12 GMT
vary: Accept-Encoding
last-modified: Thu, 18 Apr 2024 12:50:12 GMT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8764c77b8fc656bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s-cf-tw.shopeesz.com/file/97d779cefe642f838f3aa170a554dc52

174.35.118.62

200 OK

50 kB

URL GET HTTP/1.1
s-cf-tw.shopeesz.com/file/97d779cefe642f838f3aa170a554dc52
IP
174.35.118.62:443
ASN
#54994 ML-1432-54994

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3
Size
50 kB (50416 bytes)
Hash
97d779cefe642f838f3aa170a554dc52
dec619d7e7e64689a193dbd2517324486daca190
168b1fe138ad485794c87544330309e4e7be55576757ab792f67d744505b894c

HTTP Headers

GET /file/97d779cefe642f838f3aa170a554dc52 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:19 GMT
Content-Type: image/jpeg
Content-Length: 50416
Connection: keep-alive
Expires: Tue, 29 Apr 2025 01:39:40 GMT
Server: nginx/1.21.0
X-Mms-Request-Id: e8bd82d9b01a4c93823d35c3fa158c7c-6480227f
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PSygldLON4zd14:3 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:22 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170b_PSygldLON2hl59_18301-3465

s-cf-tw.shopeesz.com/file/9fca7aacbb8ef0a76d19d92bb48ac691

174.35.118.62

200 OK

51 kB

URL GET HTTP/1.1
s-cf-tw.shopeesz.com/file/9fca7aacbb8ef0a76d19d92bb48ac691
IP
174.35.118.62:443
ASN
#54994 ML-1432-54994

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3
Size
51 kB (50726 bytes)
Hash
9fca7aacbb8ef0a76d19d92bb48ac691
d99e9b8b55042d8e6b1d58aa1f0af4077f4a4c8d
1d3fc98fb64cb0f5dbd6cb8b7cfebe7a7d5ee8d0136f57eb59b1ecc0b733c706

HTTP Headers

GET /file/9fca7aacbb8ef0a76d19d92bb48ac691 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:19 GMT
Content-Type: image/jpeg
Content-Length: 50726
Connection: keep-alive
Expires: Fri, 11 Apr 2025 03:06:15 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: 9448f809a9ca4a1bb7b3f35bec92ab9f-65a53e77
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PSygldLON4zd14:3 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:8 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170b_PSygldLON2hl59_16515-18675

s-cf-tw.shopeesz.com/file/sg-11134207-23020-konf0qttj2nv13

174.35.118.62

200 OK

245 kB

URL GET HTTP/1.1
s-cf-tw.shopeesz.com/file/sg-11134207-23020-konf0qttj2nv13
IP
174.35.118.62:443
ASN
#54994 ML-1432-54994

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3
Size
245 kB (244733 bytes)
Hash
0022b9e8b03f602cd7e6abc98dedb74b
f22d701f00bff9d49cbb48ba4f1f5046e48573bc
9963764b8540a9ffe4cae5b48979cf7145918e9471324d687b9c81842e251c95

HTTP Headers

GET /file/sg-11134207-23020-konf0qttj2nv13 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:19 GMT
Content-Type: image/jpeg
Content-Length: 244733
Connection: keep-alive
Expires: Tue, 29 Apr 2025 01:39:41 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: a4c62d685a9e4a43bfc485ade8251cab-658f1de3
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 kf148:6 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:15 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170b_PSygldLON2hl59_18687-27601

mercareapp.com/

107.151.244.202

200 OK

20 kB

URL User Request GET HTTP/2
mercareapp.com/
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
gzip compressed data, from Unix
Size
20 kB (19991 bytes)
Hash
2d340dbcbe69f6a8a70875afc3f1a4ce
a637a8b3cc2579089e8cfe0022635e1450f39afb
b86927e5c278ba4c9c712a04f2e1830566e674d1cea18b181fbfb64e9ca71b5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Thu, 18 Apr 2024 12:50:05 GMT
set-cookie: shopifyplus_session=sfWlefa1aWW6O1pMrKzsjzWae5WuZ4oc8B6pXHwp; expires=Thu, 18-Apr-2024 14:50:09 GMT; Max-Age=7200; path=/; httponly
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/EF9g1my5HQIF8tGgEjNGW1vxR8JajuhSvZ1C0uBn.jpg

107.151.244.202

200 OK

1.1 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/EF9g1my5HQIF8tGgEjNGW1vxR8JajuhSvZ1C0uBn.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.1 kB (1050 bytes)
Hash
d879d525121e7198c5c5f0b2be71c2ce
da70f1ae56fc1834c0e16ae7dc5b9d93f18f0891
8bdf46de0b2685634bb04ae842a892b9bcec19d9438c2b7e381b8e7b23cc2a61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/EF9g1my5HQIF8tGgEjNGW1vxR8JajuhSvZ1C0uBn.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/jpeg
content-length: 1050
last-modified: Wed, 31 Aug 2022 22:28:10 GMT
etag: "630fe07a-41a"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/nAxAZ0YpF6MNwsWm9NBZxRYC7bAeP5V1PbuzYvFa.jpg

107.151.244.202

200 OK

1.3 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/nAxAZ0YpF6MNwsWm9NBZxRYC7bAeP5V1PbuzYvFa.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.3 kB (1271 bytes)
Hash
2eb641f296d43ede2b5774ce3eec836e
d14987fcf0a711420b361deb9b2121e01e5694ed
d8f9f359c90c02cd15010237f765240d967782ab0b8ffbe1dddca8bd1335be8d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/nAxAZ0YpF6MNwsWm9NBZxRYC7bAeP5V1PbuzYvFa.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/jpeg
content-length: 1271
last-modified: Wed, 31 Aug 2022 21:30:20 GMT
etag: "630fd2ec-4f7"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/YTrXmHPHEBAeW73ffIhMuvOkpDsDbd1IbHVGDaZh.jpg

107.151.244.202

200 OK

1.4 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/YTrXmHPHEBAeW73ffIhMuvOkpDsDbd1IbHVGDaZh.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.4 kB (1366 bytes)
Hash
b9d5b478cf1ccf4b63c4c4f309c57672
cf135870f4e958ae16622897add5e44b9a661039
393f0153f4308fa263f01711192bcb12054c99454799b7b36c2382c7a95582ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/YTrXmHPHEBAeW73ffIhMuvOkpDsDbd1IbHVGDaZh.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/jpeg
content-length: 1366
last-modified: Wed, 31 Aug 2022 21:32:30 GMT
etag: "630fd36e-556"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/aZrKPk8DiOV4C5wAMt5ObBC3Jk5dSpnWUuLHP8xe.jpg

107.151.244.202

200 OK

1.2 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/aZrKPk8DiOV4C5wAMt5ObBC3Jk5dSpnWUuLHP8xe.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.2 kB (1249 bytes)
Hash
e1580854a56cf8efce3da98b6f6b2244
5b0bf6176fcda86dde1fb62d523e521b03b84dc7
4e30079f56d5ba1bbf4199b3aad170c591e4c554a74131bc213474ede0e5824f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/aZrKPk8DiOV4C5wAMt5ObBC3Jk5dSpnWUuLHP8xe.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/jpeg
content-length: 1249
last-modified: Wed, 31 Aug 2022 21:39:50 GMT
etag: "630fd526-4e1"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/sC6ULeGDfqVbu1b3LcqrTOL5pm4UGQedv0kbHDIv.jpg

107.151.244.202

200 OK

1.2 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/sC6ULeGDfqVbu1b3LcqrTOL5pm4UGQedv0kbHDIv.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.2 kB (1237 bytes)
Hash
96298d43684ffd02a2a79da4b3fe249f
2e79300fc21bcf3999a341bd76cac97f114b4382
bcae7635b12fb44a84dce7e6bed9be6a709ceba04fee1385094506de6be5eb4f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/sC6ULeGDfqVbu1b3LcqrTOL5pm4UGQedv0kbHDIv.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/jpeg
content-length: 1237
last-modified: Wed, 31 Aug 2022 21:42:28 GMT
etag: "630fd5c4-4d5"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/FwZlWQdDtdap6FDGukabtPR9nGISL2SINWeDUlLV.jpg

107.151.244.202

200 OK

1.4 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/FwZlWQdDtdap6FDGukabtPR9nGISL2SINWeDUlLV.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.4 kB (1407 bytes)
Hash
5b29995f74195e646abe742f826a586b
52b226843eb0050eece321b5b84fc06e3d7f407a
b01d56794c1ee32c4ab6b186a8758edf129ba93be2b73117c523726cba08f1f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/FwZlWQdDtdap6FDGukabtPR9nGISL2SINWeDUlLV.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/jpeg
content-length: 1407
last-modified: Wed, 31 Aug 2022 21:50:58 GMT
etag: "630fd7c2-57f"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/xjmjKIo32nm4WUsDbDgpyEOyJtDNXSCqZvrclGPL.jpg

107.151.244.202

200 OK

1.5 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/xjmjKIo32nm4WUsDbDgpyEOyJtDNXSCqZvrclGPL.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.5 kB (1471 bytes)
Hash
a0ecb7e59a02eb0764387f21be234f63
2d0b24fcb1e75b6cb96264e6b8d42354b8cf6062
df4fc66c8dfddb9c87a6ea42549ef7b88359ae9115c2e33483b2767c1e307ec1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/xjmjKIo32nm4WUsDbDgpyEOyJtDNXSCqZvrclGPL.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/jpeg
content-length: 1471
last-modified: Wed, 31 Aug 2022 21:53:20 GMT
etag: "630fd850-5bf"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/AmrpWEDDbar3ylIjWdVvyIxHrAhcYfq9EGGY9tjh.jpg

107.151.244.202

200 OK

1.4 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/AmrpWEDDbar3ylIjWdVvyIxHrAhcYfq9EGGY9tjh.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.4 kB (1362 bytes)
Hash
43d7cf53fa96deb31c0827f0b04bee49
0b635faa3172ccdbe047ebf9b7b92627c82b667f
a6d142db9cab39711d9b043d66a83334cfb56a859d9132b0c7ff71a378a8b392

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/AmrpWEDDbar3ylIjWdVvyIxHrAhcYfq9EGGY9tjh.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/jpeg
content-length: 1362
last-modified: Wed, 31 Aug 2022 21:56:50 GMT
etag: "630fd922-552"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/n3HgCaj2U1rbs12p3TVUKNbCVD3Jo4r4hYOcEzH2.jpg

107.151.244.202

200 OK

1.5 kB

URL GET HTTP/2
mercareapp.com/public/uploads/all/n3HgCaj2U1rbs12p3TVUKNbCVD3Jo4r4hYOcEzH2.jpg
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.5 kB (1464 bytes)
Hash
04439ebf1e9b150965aed277b9b532b5
67a22cd08f57f95e0873503ff65b4e8ad01a5be2
a067809d0b0cc0d4938f0f7680dbc5a6860f681916314df474cf77fde063aa37

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/n3HgCaj2U1rbs12p3TVUKNbCVD3Jo4r4hYOcEzH2.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/jpeg
content-length: 1464
last-modified: Wed, 31 Aug 2022 22:31:52 GMT
etag: "630fe158-5b8"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

s-cf-tw.shopeesz.com/file/13246af598a17220803862b0688b0e2a

174.35.118.62

126 kB

URL
s-cf-tw.shopeesz.com/file/13246af598a17220803862b0688b0e2a
IP
174.35.118.62:0
ASN
#54994 ML-1432-54994

Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, baseline, precision 8, 800x800, components 3
Size
126 kB (125466 bytes)
Hash
13246af598a17220803862b0688b0e2a
d145e296e67f5ae0b732fc5e28503ed858c9b190
8a96486e3cca33ee5be63da5930eeddf3e47ce5190c7a05966d9ef2befac02af

HTTP Headers

GET /file/13246af598a17220803862b0688b0e2a HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:21 GMT
Content-Type: image/jpeg
Content-Length: 125466
Connection: keep-alive
Expires: Mon, 28 Apr 2025 23:19:06 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: 8225c81ca7bb465792d9c6ddcb9ce091-65b12466
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PSygldLON4ax12:3 (Cdn Cache Server V2.0), 1.1 PSygldLON2kt55:20 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170d_PSygldLON2hl59_18301-3621

s-cf-tw.shopeesz.com/file/eb8474fc760178496b45dafd870a1899

174.35.118.62

47 kB

URL
s-cf-tw.shopeesz.com/file/eb8474fc760178496b45dafd870a1899
IP
174.35.118.62:0
ASN
#54994 ML-1432-54994

Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3
Size
47 kB (47264 bytes)
Hash
eb8474fc760178496b45dafd870a1899
d97ad5ca17d995f846effa61839a1810c63e5036
5ae7b46d86cbdcf4d9aa6e4524a967fa1eb548571f582c48486d256797047d72

HTTP Headers

GET /file/eb8474fc760178496b45dafd870a1899 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:21 GMT
Content-Type: image/jpeg
Content-Length: 47264
Connection: keep-alive
Expires: Tue, 29 Apr 2025 15:04:19 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: b827883697194ecaa1e088887180f3c6-65a7cf07
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PSygldLON4zd14:5 (Cdn Cache Server V2.0), 1.1 PSygldLON2ew56:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170d_PSygldLON2hl59_18687-27697

s-cf-tw.shopeesz.com/file/789c2d0f5e3587a2df46c68fb19f6094

174.35.118.62

82 kB

URL
s-cf-tw.shopeesz.com/file/789c2d0f5e3587a2df46c68fb19f6094
IP
174.35.118.62:0
ASN
#54994 ML-1432-54994

Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3
Size
82 kB (81743 bytes)
Hash
789c2d0f5e3587a2df46c68fb19f6094
8f7f13bb96f9cea25aedd7e7d0442b7a2fb57a18
2ee56ac1e4238043f1d71df9b366348792ae71e2df2f5fdc16ff467c3cd72b1d

HTTP Headers

GET /file/789c2d0f5e3587a2df46c68fb19f6094 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:21 GMT
Content-Type: image/jpeg
Content-Length: 81743
Connection: keep-alive
Expires: Mon, 28 Apr 2025 23:19:07 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: 697bfe3a761b469990a8c31944e720e5-65bbd5cf
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PSygldLON4zd14:4 (Cdn Cache Server V2.0), 1.1 PSygldLON2ew56:5 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170d_PSygldLON2hl59_16515-18763

s-cf-tw.shopeesz.com/file/3df7db5159c6992ff6d45eca3d67d4c8

174.35.118.62

82 kB

URL
s-cf-tw.shopeesz.com/file/3df7db5159c6992ff6d45eca3d67d4c8
IP
174.35.118.62:0
ASN
#54994 ML-1432-54994

Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x800, components 3
Size
82 kB (81702 bytes)
Hash
3df7db5159c6992ff6d45eca3d67d4c8
5cb9ffa559a9b6e30f90fe9c454365bda80b25cd
7a5f91afc49fe85f5a4db9431bbe6fb7ab38e9be0ba3bd993bfd707b6cb861bd

HTTP Headers

GET /file/3df7db5159c6992ff6d45eca3d67d4c8 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:21 GMT
Content-Type: image/jpeg
Content-Length: 81702
Connection: keep-alive
Expires: Mon, 28 Apr 2025 23:19:06 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: 3a40d5f651504e7586bbd4dd99625ce6-65bb74a1
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 kf160:0 (Cdn Cache Server V2.0), 1.1 PSygldLON2ew56:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170d_PSygldLON2hl59_18687-27696

s-cf-tw.shopeesz.com/file/ce1d70165bb78ba37e24aa6d75c62e12

174.35.118.62

180 kB

URL
s-cf-tw.shopeesz.com/file/ce1d70165bb78ba37e24aa6d75c62e12
IP
174.35.118.62:0
ASN
#54994 ML-1432-54994

Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, baseline, precision 8, 1024x1024, components 3
Size
180 kB (180160 bytes)
Hash
ce1d70165bb78ba37e24aa6d75c62e12
af6d515f08b9347997f81fee11a6431ccc91f1b0
32ae5c131461a464e1b800a4061a3704ca2916111ed013f3ff48e5bb77fb0b43

HTTP Headers

GET /file/ce1d70165bb78ba37e24aa6d75c62e12 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:21 GMT
Content-Type: image/jpeg
Content-Length: 180160
Connection: keep-alive
Expires: Tue, 29 Apr 2025 15:04:19 GMT
Server: nginx/1.21.0
X-Mms-Request-Id: 280b6d882a4545549299aaea35dadf87-645910fd
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PSygldLON4zd14:1 (Cdn Cache Server V2.0), 1.1 PSygldLON2ew56:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170d_PSygldLON2hl59_17051-11019

mercareapp.com/public/uploads/all/8aEaMIXQQlL9bwvyGVo0LincSFPsvExAQHZHI0po.png

107.151.244.202

643 kB

URL GET
mercareapp.com/public/uploads/all/8aEaMIXQQlL9bwvyGVo0LincSFPsvExAQHZHI0po.png
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 1500 x 598, 8-bit/color RGBA, non-interlaced
Size
643 kB (642792 bytes)
Hash
ebd316d81ee129358fa0547173b56c53
14ad464f4fcbcf0dbff32eefb23d24ee2071353c
c05b012716dc17453326e9052015b1a6e3642c60f72a7ec1dafb52c80001c012

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/8aEaMIXQQlL9bwvyGVo0LincSFPsvExAQHZHI0po.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/png
content-length: 642792
last-modified: Wed, 31 Aug 2022 21:15:04 GMT
etag: "630fcf58-9cee8"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/daVWMYg729HjSPlKmknmYwhj2r9PNUSZdRxdwTSo.jpg

107.151.244.202

1.3 kB

URL GET
mercareapp.com/public/uploads/all/daVWMYg729HjSPlKmknmYwhj2r9PNUSZdRxdwTSo.jpg
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.3 kB (1265 bytes)
Hash
2ee9653ca564329d4ab6771a802741e4
f39633c5e4b51e23a3085b29f9482e21a5c204d7
a197c7c913627e639aaf3a4ab155eaa119f846e1fd810cdd8e0e9aa58c5be14c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/daVWMYg729HjSPlKmknmYwhj2r9PNUSZdRxdwTSo.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/jpeg
content-length: 1265
last-modified: Wed, 31 Aug 2022 22:35:32 GMT
etag: "630fe234-4f1"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/gQNQrRo45ZaRXHY3KBiTPIJ71XSj5fzQROzKRV8g.jpg

107.151.244.202

1.4 kB

URL GET
mercareapp.com/public/uploads/all/gQNQrRo45ZaRXHY3KBiTPIJ71XSj5fzQROzKRV8g.jpg
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 32x32, components 3
Size
1.4 kB (1362 bytes)
Hash
b9e49fd0460d8186dde25b77a28b503a
3eb787e5c35271148bd222f3e06884148056289e
dfd3ada9fbf38c662585b4407cb0179b1ebe9cfb32a8220634e65b309de120a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/gQNQrRo45ZaRXHY3KBiTPIJ71XSj5fzQROzKRV8g.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/jpeg
content-length: 1362
last-modified: Wed, 31 Aug 2022 22:42:16 GMT
etag: "630fe3c8-552"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/iHOjnygPdOMIDICsimZMAMoE0b3NXYGInqETeSBo.png

107.151.244.202

52 kB

URL GET
mercareapp.com/public/uploads/all/iHOjnygPdOMIDICsimZMAMoE0b3NXYGInqETeSBo.png
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced
Size
52 kB (52370 bytes)
Hash
d08962c167054acb565d56968900c1fa
4cc291ef506c6fb22a3de27f841d3ceb323ee100
ff07f347264bcdfb55dcd9cf9de62d8046c0dfdf9f884842668d5fe1b5250936

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/iHOjnygPdOMIDICsimZMAMoE0b3NXYGInqETeSBo.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/png
content-length: 52370
last-modified: Wed, 31 Aug 2022 21:30:06 GMT
etag: "630fd2de-cc92"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/CcGQCop2RKI8zA80TZEss7YuNRxYSREELseYODlI.png

107.151.244.202

20 kB

URL GET
mercareapp.com/public/uploads/all/CcGQCop2RKI8zA80TZEss7YuNRxYSREELseYODlI.png
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Size
20 kB (20413 bytes)
Hash
204f5972baab8be43721a260631d1a9f
500cc835079eee2fd40c297e8ae9f70f146fd1fc
a9ed99bc8a30142fc577d3c5cdda41b8e71555396c39b18dc50d39f097020efc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/CcGQCop2RKI8zA80TZEss7YuNRxYSREELseYODlI.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/png
content-length: 20413
last-modified: Wed, 31 Aug 2022 21:39:32 GMT
etag: "630fd514-4fbd"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/jzCntCVBfilapmbDt6amYKiHanonm7NvMFgLNTl3.jpg

107.151.244.202

8.0 kB

URL GET
mercareapp.com/public/uploads/all/jzCntCVBfilapmbDt6amYKiHanonm7NvMFgLNTl3.jpg
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 200x200, components 3
Size
8.0 kB (7969 bytes)
Hash
101f5b7b4838b9073f648ad1d98ec34e
219ed72d8d0ad367447675f6b5aaf1da223f35d0
0c9c58232b043981531c2ef5528a066bdabe029ff328ba98e32310ba9209d963

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/jzCntCVBfilapmbDt6amYKiHanonm7NvMFgLNTl3.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/jpeg
content-length: 7969
last-modified: Wed, 31 Aug 2022 21:42:28 GMT
etag: "630fd5c4-1f21"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/N3vnccAj2nO1mipj3ErFMaf4Lt87CMOlJ5kyIVyi.png

107.151.244.202

25 kB

URL GET
mercareapp.com/public/uploads/all/N3vnccAj2nO1mipj3ErFMaf4Lt87CMOlJ5kyIVyi.png
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Size
25 kB (24938 bytes)
Hash
0ed838de0ab686e11756a9e577ca63b5
a533921cf201275e0fb4e357235f43609d031101
7576ab29dd4b98bae9df379d9529cacfc3741d0812f61e70ffa170ff4afea80c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/N3vnccAj2nO1mipj3ErFMaf4Lt87CMOlJ5kyIVyi.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/png
content-length: 24938
last-modified: Wed, 31 Aug 2022 21:50:58 GMT
etag: "630fd7c2-616a"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

client.crisp.chat/static/stylesheets/client_default.css?82e65c8

104.18.28.104

200 OK

83 kB

URL GET HTTP/3
client.crisp.chat/static/stylesheets/client_default.css?82e65c8
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectcrisp.chat
Fingerprint12:6B:4A:6F:45:E8:36:9E:4D:63:4A:4F:AB:E4:97:30:D2:B4:7E:19
ValidityFri, 05 Apr 2024 23:13:20 GMT - Thu, 04 Jul 2024 23:13:19 GMT

File type
Unicode text, UTF-8 text, with very long lines (65435)
Size
83 kB (82798 bytes)
Hash
cd8757f50ee87489fb9b61549d202bb9
476350d5b7afde12f0eb0832cd2800482230513f
1c4bd64c2a59a25f150581a50659f477b07c10efb1c94a512bc84d901b960e57

HTTP Headers

GET /static/stylesheets/client_default.css?82e65c8 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 12:50:04 GMT
content-type: text/css
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"6602dfdb-5a9cc"
expires: Sun, 16 Apr 2034 12:50:04 GMT
last-modified: Tue, 26 Mar 2024 14:46:51 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 67373
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8764c748eaee56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mercareapp.com/public/uploads/all/P052DIfVaW5aIufaDbbjBvOgzucl1PJAevaLLlPr.png

107.151.244.202

20 kB

URL GET
mercareapp.com/public/uploads/all/P052DIfVaW5aIufaDbbjBvOgzucl1PJAevaLLlPr.png
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Size
20 kB (19645 bytes)
Hash
56270ee06f7c789cf16ac8708aadfd35
62b822707c1e480bb7f3419d5641e35fce58b1cc
49305ae4f74552c89a04030a29dbc952f8aabc0be5bb1ab3397ee2ab235bb5af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/P052DIfVaW5aIufaDbbjBvOgzucl1PJAevaLLlPr.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/png
content-length: 19645
last-modified: Wed, 31 Aug 2022 21:56:50 GMT
etag: "630fd922-4cbd"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/Mdqpntq74vXUac1DOSZC0chtS4jmw0BbEpSvdImp.jpg

107.151.244.202

5.4 kB

URL GET
mercareapp.com/public/uploads/all/Mdqpntq74vXUac1DOSZC0chtS4jmw0BbEpSvdImp.jpg
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 200x200, components 3
Size
5.4 kB (5424 bytes)
Hash
f5ee88fd5386827f8c3c45607df29bc6
d0af0907d3fea172f7832319c322310037b0016e
273bb02c1b5a3cfbfa242bcf02a393f94202b52d1c43ec9c9d329ba42b0ddbf9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/Mdqpntq74vXUac1DOSZC0chtS4jmw0BbEpSvdImp.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/jpeg
content-length: 5424
last-modified: Wed, 31 Aug 2022 22:28:08 GMT
etag: "630fe078-1530"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/dKDjrCqQs5L8XembeZk3oENQe3sHOckPagdtzwL6.png

107.151.244.202

71 kB

URL GET
mercareapp.com/public/uploads/all/dKDjrCqQs5L8XembeZk3oENQe3sHOckPagdtzwL6.png
IP
107.151.244.202:0
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
Size
71 kB (71030 bytes)
Hash
e67671da06e2c7eb39def44488dd6d75
4ba20a1a65734bdb200838132f7b532feb3842f8
caa02494b7d4bbd47c3a2b6c4e7d0ef6d046bead252f4f832eb420bb05d304d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/dKDjrCqQs5L8XembeZk3oENQe3sHOckPagdtzwL6.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/png
content-length: 71030
last-modified: Wed, 31 Aug 2022 21:32:06 GMT
etag: "630fd356-11576"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/yEtTCEP8hhroJ1yZDTyxtgLbHefVZzspFFXfF0dP.png

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/yEtTCEP8hhroJ1yZDTyxtgLbHefVZzspFFXfF0dP.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/yEtTCEP8hhroJ1yZDTyxtgLbHefVZzspFFXfF0dP.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/png
content-length: 991212
last-modified: Sat, 03 Feb 2024 15:53:48 GMT
etag: "65be618c-f1fec"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/vwB3S2q4r57MYt9a6L1fklzMSRfRM7BlUnIfDp4A.jpg

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/vwB3S2q4r57MYt9a6L1fklzMSRfRM7BlUnIfDp4A.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/vwB3S2q4r57MYt9a6L1fklzMSRfRM7BlUnIfDp4A.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

mercareapp.com/public/uploads/all/F3QNPezJtQMpDxBpq3I2Mh9IZkYYBCkqJSgXRAlh.jpg

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/F3QNPezJtQMpDxBpq3I2Mh9IZkYYBCkqJSgXRAlh.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/F3QNPezJtQMpDxBpq3I2Mh9IZkYYBCkqJSgXRAlh.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

mercareapp.com/public/assets/img/avatar-place.png

107.151.244.202

200 OK

2.2 kB

URL GET HTTP/2
mercareapp.com/public/assets/img/avatar-place.png
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced
Size
2.2 kB (2193 bytes)
Hash
ef7330479dbe02e220ad6dee9998df64
c433e1915c00ba4693a76958b9f1cc45df4a0bbe
54efe0671051e55fa2622b0bdfdf959389a82840f6a42c06acf99b7f8eb97da8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/img/avatar-place.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/png
content-length: 2193
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-891"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/assets/js/vendors.js

107.151.244.202

200 OK

1.3 MB

URL GET HTTP/2
mercareapp.com/public/assets/js/vendors.js
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
1.3 MB (1343368 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/js/vendors.js HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 10:36:56 GMT
vary: Accept-Encoding
etag: W/"63147fc8-147f88"
expires: Fri, 19 Apr 2024 00:50:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

mercareapp.com/home/section/best_sellers

107.151.244.202

200 OK

5.2 kB

URL POST HTTP/2
mercareapp.com/home/section/best_sellers
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
HTML document, ASCII text, with very long lines (5464), with no line terminators
Size
5.2 kB (5226 bytes)
Hash
729b78b47e3aa8b3ac8bb197cfb1f649
eb5a753b69652228c4236afeeae6dbb83e418874
2a72f73d59cd9e6388e5272a32afded85750ff2f17b943392619f5b454a86848

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /home/section/best_sellers HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://mercareapp.com
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Thu, 18 Apr 2024 12:50:15 GMT
set-cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw; expires=Thu, 18-Apr-2024 14:50:15 GMT; Max-Age=7200; path=/; httponly
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/haE2D6jYCLyblTY889YdN88mBXHLhHjf4Qa4JsNi.png

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/haE2D6jYCLyblTY889YdN88mBXHLhHjf4Qa4JsNi.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/haE2D6jYCLyblTY889YdN88mBXHLhHjf4Qa4JsNi.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

mercareapp.com/public/uploads/all/Buj6Pb84TvulwKLOchUPvNvxhIA0xP5jIg2ZGu1y.jpg

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/Buj6Pb84TvulwKLOchUPvNvxhIA0xP5jIg2ZGu1y.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/Buj6Pb84TvulwKLOchUPvNvxhIA0xP5jIg2ZGu1y.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

s-cf-tw.shopeesz.com/file/sg-11134207-23030-jzijozgroeov26

174.35.118.62

200 OK

541 kB

URL GET HTTP/1.1
s-cf-tw.shopeesz.com/file/sg-11134207-23030-jzijozgroeov26
IP
174.35.118.62:443
ASN
#54994 ML-1432-54994

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subject*.shopeesz.com
Fingerprint46:25:5F:B6:20:15:53:ED:1E:61:BF:27:26:D6:2C:F9:2B:6E:4D:C1
ValidityTue, 27 Feb 2024 10:05:52 GMT - Mon, 27 May 2024 10:05:51 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1024, components 3
Size
541 kB (540653 bytes)
Hash
c44546ed4e01d5cde69a11b2639121cb
e6de805164e1e37d202deb0b5a19b41003e6ee3b
d55a6d083928a36f767189e1fac2930fdf4f3fae4af09311b0f552b86440254f

HTTP Headers

GET /file/sg-11134207-23030-jzijozgroeov26 HTTP/1.1
Host: s-cf-tw.shopeesz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 12:50:19 GMT
Content-Type: image/jpeg
Content-Length: 540653
Connection: keep-alive
Expires: Tue, 29 Apr 2025 15:56:55 GMT
Server: nginx/1.22.0
X-Mms-Request-Id: e4e96d753dff47938d4e6a8c760757b3-65b2a693
Handle-By: origin-cf.xiapi.shopee.cn
x-test-header: prom
Content-Security-Policy: base-uri 'none'; default-src 'self'; connect-src 'self'; img-src * data:; object-src 'none'; script-src 'none'; style-src 'self' 'unsafe-inline'; font-src * data:; frame-src 'self'
Referrer-Policy: no-referrer
Cache-Control: max-age=36000000
X-CDN: akamai
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Age: 1
X-Via: 1.1 PSygldLON4ev13:9 (Cdn Cache Server V2.0), 1.1 PSygldLON2ew56:13 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 6621170b_PSygldLON2hl59_18301-3428

client.crisp.chat/l.js

104.18.28.104

200 OK

8.3 kB

URL GET HTTP/2
client.crisp.chat/l.js
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectcrisp.chat
Fingerprint12:6B:4A:6F:45:E8:36:9E:4D:63:4A:4F:AB:E4:97:30:D2:B4:7E:19
ValidityFri, 05 Apr 2024 23:13:20 GMT - Thu, 04 Jul 2024 23:13:19 GMT

File type
JavaScript source, ASCII text, with very long lines (8563), with no line terminators
Size
8.3 kB (8286 bytes)
Hash
a18a8b425af309a8615d62ea898bedce
904a7d959a857fb9bb3882c6171220e1aa44b76f
af992bc47371ed295dd3a36afc3e67cdf23a22dbc84fce47a39c74535d02df52

HTTP Headers

GET /l.js HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 12:50:04 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
etag: W/"64e73b34-205e"
expires: Fri, 19 Apr 2024 12:50:04 GMT
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 67373
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8764c7489c7856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/uxhH7xhMgkGFke3iSf7CSzaNUVnyJFekGfP6DwHu.png

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/uxhH7xhMgkGFke3iSf7CSzaNUVnyJFekGfP6DwHu.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/uxhH7xhMgkGFke3iSf7CSzaNUVnyJFekGfP6DwHu.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:18 GMT
content-type: image/png
content-length: 33508
last-modified: Wed, 31 Aug 2022 21:53:20 GMT
etag: "630fd850-82e4"
expires: Sat, 18 May 2024 12:50:18 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/oNqcRxrJsbl3WSovwsOoiCXYrZ3IzGuWMfKVsf6v.jpg

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/oNqcRxrJsbl3WSovwsOoiCXYrZ3IzGuWMfKVsf6v.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/oNqcRxrJsbl3WSovwsOoiCXYrZ3IzGuWMfKVsf6v.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

mercareapp.com/home/section/auction_products

107.151.244.202

200 OK

0 B

URL POST HTTP/2
mercareapp.com/home/section/auction_products
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /home/section/auction_products HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://mercareapp.com
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Thu, 18 Apr 2024 12:50:15 GMT
set-cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw; expires=Thu, 18-Apr-2024 14:50:15 GMT; Max-Age=7200; path=/; httponly
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

mercareapp.com/home/section/home_categories

107.151.244.202

200 OK

0 B

URL POST HTTP/2
mercareapp.com/home/section/home_categories
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /home/section/home_categories HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://mercareapp.com
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Thu, 18 Apr 2024 12:50:15 GMT
set-cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw; expires=Thu, 18-Apr-2024 14:50:15 GMT; Max-Age=7200; path=/; httponly
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

client.crisp.chat/static/javascripts/client.js?82e65c8

104.18.28.104

200 OK

423 kB

URL GET HTTP/3
client.crisp.chat/static/javascripts/client.js?82e65c8
IP
104.18.28.104:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectcrisp.chat
Fingerprint12:6B:4A:6F:45:E8:36:9E:4D:63:4A:4F:AB:E4:97:30:D2:B4:7E:19
ValidityFri, 05 Apr 2024 23:13:20 GMT - Thu, 04 Jul 2024 23:13:19 GMT

File type

Size
423 kB (422764 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/javascripts/client.js?82e65c8 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 12:50:04 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"64e73b34-6736c"
expires: Sun, 16 Apr 2034 12:50:04 GMT
last-modified: Thu, 24 Aug 2023 11:12:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 67373
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8764c748eae556bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

mercareapp.com/public/uploads/all/MyZG2icA5fHuDczxNZlLnfiDYGqfdKRCKBBwVgYG.jpg

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/MyZG2icA5fHuDczxNZlLnfiDYGqfdKRCKBBwVgYG.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/MyZG2icA5fHuDczxNZlLnfiDYGqfdKRCKBBwVgYG.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

mercareapp.com/public/assets/img/flags/en.png

107.151.244.202

200 OK

609 B

URL GET HTTP/2
mercareapp.com/public/assets/img/flags/en.png
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
PNG image data, 16 x 11, 8-bit/color RGB, non-interlaced
Size
609 B (609 bytes)
Hash
968591e0050981be9fa94bd2597afb48
dd9e149e2b5ad59dd8b4b262f5fdeb5cc10ecf43
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/img/flags/en.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:15 GMT
content-type: image/png
content-length: 609
last-modified: Tue, 19 Jul 2022 05:58:10 GMT
etag: "62d647f2-261"
expires: Sat, 18 May 2024 12:50:15 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/Uf2an5rtjhEAa7tLLoJ3zIViOrgfSNrGoyw13lVd.png

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/Uf2an5rtjhEAa7tLLoJ3zIViOrgfSNrGoyw13lVd.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/Uf2an5rtjhEAa7tLLoJ3zIViOrgfSNrGoyw13lVd.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

mercareapp.com/home/section/featured

107.151.244.202

200 OK

0 B

URL POST HTTP/2
mercareapp.com/home/section/featured
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /home/section/featured HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://mercareapp.com
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Thu, 18 Apr 2024 12:50:15 GMT
set-cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw; expires=Thu, 18-Apr-2024 14:50:15 GMT; Max-Age=7200; path=/; httponly
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/HCHmzkrUA2C0GuXcnLwCZ9FPS8TFhjrsKvDRIaIB.jpg

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/HCHmzkrUA2C0GuXcnLwCZ9FPS8TFhjrsKvDRIaIB.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/HCHmzkrUA2C0GuXcnLwCZ9FPS8TFhjrsKvDRIaIB.jpg HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

mercareapp.com/home/section/best_selling

107.151.244.202

200 OK

53 kB

URL POST HTTP/2
mercareapp.com/home/section/best_selling
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
53 kB (53202 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /home/section/best_selling HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 47
Origin: https://mercareapp.com
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
date: Thu, 18 Apr 2024 12:50:15 GMT
set-cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw; expires=Thu, 18-Apr-2024 14:50:18 GMT; Max-Age=7200; path=/; httponly
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

mercareapp.com/public/uploads/all/DgkmdoOnXoABkLpCYiQ0uMqiCEBWsLV0gDMhfKu3.png

0.0.0.0

0 B

URL GET
mercareapp.com/public/uploads/all/DgkmdoOnXoABkLpCYiQ0uMqiCEBWsLV0gDMhfKu3.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/uploads/all/DgkmdoOnXoABkLpCYiQ0uMqiCEBWsLV0gDMhfKu3.png HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: image/png
content-length: 1351463
last-modified: Wed, 31 Aug 2022 21:15:08 GMT
etag: "630fcf5c-149f27"
expires: Sat, 18 May 2024 12:50:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

mercareapp.com/public/assets/css/aiz-core.css

107.151.244.202

200 OK

176 kB

URL GET HTTP/2
mercareapp.com/public/assets/css/aiz-core.css
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
assembler source, ASCII text
Size
176 kB (175543 bytes)
Hash
999571119be46afc3f69483aa70f3819
25f127895a6956e9531655089f92e1843ed872c9
9a42c11214326b77399d9cf4125f59947ab906e874e41f3791dbdba9552d555f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/css/aiz-core.css HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: text/css
last-modified: Tue, 14 Mar 2023 03:23:57 GMT
vary: Accept-Encoding
etag: W/"640fe8cd-2adb7"
expires: Fri, 19 Apr 2024 00:50:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

mercareapp.com/public/assets/js/aiz-core.js

107.151.244.202

200 OK

84 kB

URL GET HTTP/2
mercareapp.com/public/assets/js/aiz-core.js
IP
107.151.244.202:443
ASN
#137443 Anchnet Asia Limited

Requested by
https://mercareapp.com/
Certificate
IssuerLet's Encrypt
Subjectmercareapp.com
FingerprintE6:7C:9E:68:6C:DB:88:C5:79:32:01:D0:07:C9:48:66:E5:12:69:0F
ValidityMon, 01 Apr 2024 05:49:30 GMT - Sun, 30 Jun 2024 05:49:29 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
84 kB (84044 bytes)
Hash
113fa96ba7528cb41d38ac2349385176
0bf3332a72afee7640b17c951a0b103eb0a82470
c2fab04477012ff398ab9835475ee9de1b78b8a9a77f79e34ed6da0a897bc496

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /public/assets/js/aiz-core.js HTTP/1.1
Host: mercareapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mercareapp.com/
Cookie: shopifyplus_session=IM9fEGPXn6rERxuggEeXHDknr1ykfeSN2wRNXsuw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 12:50:06 GMT
content-type: application/javascript
last-modified: Sat, 18 Feb 2023 07:23:02 GMT
vary: Accept-Encoding
etag: W/"63f07cd6-1484c"
expires: Fri, 19 Apr 2024 00:50:06 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML