Report - switch.skinnysheeps.com/ca-en/

Report Overview

Submitted URL
switch.skinnysheeps.com/ca-en/
IP
172.67.163.212
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-03 16:56:40
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
pushstar.club	114663	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	898 B	104.21.13.43
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	746 B	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
pushserve.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	943 B	2.1 kB	20.50.64.3
api.skinnysheeps.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	973 B	7.8 kB	104.21.81.195
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	2.3 kB	52.38.227.80
bam-cell.nr-data.net	365	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.4 kB	162.247.241.2
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	886 B	1.9 kB	104.18.11.207
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	976 B	36 kB	216.58.207.195
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
switch.skinnysheeps.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	1.4 kB	104.21.81.195
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	36 kB	142.250.74.3
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	16 kB	151.101.86.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-03	medium	pushserve.xyz	Sinkholed
2022-10-03	medium	pushserve.xyz	Sinkholed

JavaScript (10)

	URL	Size	First Seen	Last Seen
	bam-cell.nr-data.net/1/d4db62af92?a=718237594&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=1467&ck=1&ref=https://switch.skinnysheeps.com/ca-en/&be=1120&fe=1125&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664816189589,%22n%22:0,%22f%22:257,%22dn%22:292,%22dne%22:292,%22c%22:293,%22s%22:296,%22ce%22:321,%22rq%22:321,%22rp%22:361,%22rpe%22:361,%22dl%22:457,%22di%22:1040,%22ds%22:1103,%22de%22:1118,%22dc%22:1124,%22l%22:1124,%22le%22:1125%7D,%22navigation%22:%7B%7D%7D&fcp=798&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam-cell.nr-data.net/1/d4db62af92?a=718237594&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=1467&ck=1&ref=https://switch.skinnysheeps.com/ca-en/&be=1120&fe=1125&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664816189589,%22n%22:0,%22f%22:257,%22dn%22:292,%22dne%22:292,%22c%22:293,%22s%22:296,%22ce%22:321,%22rq%22:321,%22rp%22:361,%22rpe%22:361,%22dl%22:457,%22di%22:1040,%22ds%22:1103,%22de%22:1118,%22dc%22:1124,%22l%22:1124,%22le%22:1125%7D,%22navigation%22:%7B%7D%7D&fcp=798&jsonp=NREUM.setToken IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	switch.skinnysheeps.com/js/anime.min.js	17 kB	2023-03-07	2024-04-05
Pretty URL switch.skinnysheeps.com/js/anime.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:35 Last Seen2024-04-05 08:18:18 Times Seen283 Hash ca0deb9852be2f55c0f340dc6cbb1534 75362fde3332d75ecf3518dfbc8d49f2c7eb3c71 a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-04-18
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-18 03:51:43 Times Seen134650 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	switch.skinnysheeps.com/core/i18n/validation_messages/en.js	2.1 kB	2023-03-07	2023-05-23
Pretty URL switch.skinnysheeps.com/core/i18n/validation_messages/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:06 Last Seen2023-05-23 14:22:15 Times Seen9 Hash 51cdc8468015bdcb415da61e873b998c 43aa34b5f58696188b42cd87b360577997c6ae91 019e8731ab18c9411ef181f148df8b4413a01e089e742f1c42b5c62e50392367 Loading...

	switch.skinnysheeps.com/js/custom.js	1.3 kB	2023-03-07	2023-03-26
Pretty URL switch.skinnysheeps.com/js/custom.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:07 Last Seen2023-03-26 05:48:13 Times Seen2 Hash 5b56d970373ffa605ad1dd80bc6adc9a 869a427ad0f6ca4fa36f7cf3a0ea172efaa2e0cd b4f05a575c7c914512ebce2b02b2f9327b52107eea81280e7d76273a40ae4496 Loading...

	pushstar.club/ace-push.js	13 kB	2023-03-07	2023-03-17
Pretty URL pushstar.club/ace-push.js IP 104.21.13.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:02 Last Seen2023-03-17 12:43:43 Times Seen1 Hash 587e083075e7384038b687de674cfe53 136abf6c2230eabf9e2545e620d2b975c05ed88b e81518d36906fed3b85b5631f20872787db40b2ffe924f46ed954f52fbf37f14 Loading...

	switch.skinnysheeps.com/core/build/js/new_relic.js	29 kB	2023-03-07	2023-12-26
Pretty URL switch.skinnysheeps.com/core/build/js/new_relic.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:42 Last Seen2023-12-26 13:15:35 Times Seen30 Hash 9d0956a8a03ca451fc7e136e6c8dcaa4 a22209de8d7d33ac2488bb234606551c085f4016 9ea4ed29f229a792a2aa80aeecd3531499dd109cef99e5c3f011840720be32d2 Loading...

	js-agent.newrelic.com/nr-spa-1210.min.js	42 kB	2023-03-07	2023-04-18
Pretty URL js-agent.newrelic.com/nr-spa-1210.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:18 Last Seen2023-04-18 09:28:11 Times Seen31 Hash d5eff122d09ab2c851fb1780f0287cbf acf473eefa1f1fb92ec09593c66c25f94bf1df02 ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49 Loading...

	switch.skinnysheeps.com/core/lib/jquery.min.js	90 kB	2023-03-07	2024-04-18
Pretty URL switch.skinnysheeps.com/core/lib/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 03:45:01 Times Seen137773 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	switch.skinnysheeps.com/core/build/js/app.js	89 kB	2023-03-08	2023-03-08
Pretty URL switch.skinnysheeps.com/core/build/js/app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:10:22 Last Seen2023-03-08 05:10:23 Times Seen1 Hash 53fe9d9dcf1f299e7ae2dacb28e3437c e3e03a6580354a5b798c2f6f26f5704a47db5b70 74e6573f19b7e6416a89050858f33d01db3299b7d362e4f9ea0aff596b915d65 Loading...

HTTP Transactions (38)

URL IP Response Size

switch.skinnysheeps.com/ca-en/

104.21.81.195

301 Moved Permanently

0 B

URL HTTP/1.1
switch.skinnysheeps.com/ca-en/
IP
104.21.81.195:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ca-en/ HTTP/1.1
Host: switch.skinnysheeps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 03 Oct 2022 16:56:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 03 Oct 2022 17:56:29 GMT
Location: https://switch.skinnysheeps.com/ca-en/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BL2LbOZbOAgCH16O0L0Pi2a%2BgKibKsGOVNjvveZ4w9siNBlpWN9I%2BXjiArfYgo4%2BwljpRWgSKVUhpY%2BThgCnnFK6tyalkW5Bvg%2FAhyW8SqUCg%2BLRaNChhN5E6LeGKeOnFlS4Lti5i57YSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7547362268a3b518-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 16:16:53 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QyeBzUQGhIIBmsvU374qkkT8SmvBEYRG9psUSHuGcdv1g4vF2Bx4_g==
Age: 2376

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9120
Expires: Mon, 03 Oct 2022 19:28:30 GMT
Date: Mon, 03 Oct 2022 16:56:30 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OvNuIrxMgRaakw-X4ql6LsXSAX9vjYWXol_66hZljCEHUAdzv7WjMg==
age: 41283
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 16:56:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 16:56:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

32 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
32 kB (32440 bytes)
Hash
2237d4eee5777e8c7311380ee84a4284
693fbc61019e2ed86824d4a3f0e8b1b63631153b
c46d35526e9f6a3f5cb887768b16680eb7da52b2bb14241dca92a7ebbc2dfe7f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 16:56:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 16:56:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Size
17 kB (16980 bytes)
Hash
8a97f720d330e75ccdbda9ae0e9f5e90
8e4fee916581ab48d385187705667cebc7500afe
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

HTTP Headers

GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://switch.skinnysheeps.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:08:02 GMT
expires: Tue, 26 Sep 2023 21:08:02 GMT
cache-control: public, max-age=31536000
age: 589708
last-modified: Mon, 09 May 2022 18:33:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 16:56:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

216.58.207.195

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17116, version 1.0\012- data
Size
17 kB (17116 bytes)
Hash
bcf3a3fb620dfbee774f84e2c8e71530
40a79d240acdd7e5a95e165515ac7c0958a37971
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

HTTP Headers

GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://switch.skinnysheeps.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:55:18 GMT
expires: Tue, 26 Sep 2023 21:55:18 GMT
cache-control: public, max-age=31536000
age: 586872
last-modified: Mon, 09 May 2022 18:31:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 16:56:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 16:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 16:58:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Nbv-D0BrMOYmVP1JdxRxgGNjNHTvDNHcZm6CVmrflY89LzEo6cyeOg==
Age: 1617

pushserve.xyz/api/v1/visit

20.50.64.3

204 No Content

0 B

URL HTTP/2
pushserve.xyz/api/v1/visit
IP
20.50.64.3:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /api/v1/visit HTTP/1.1
Host: pushserve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://switch.skinnysheeps.com/
Origin: https://switch.skinnysheeps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 03 Oct 2022 16:56:30 GMT
server: Kestrel
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
set-cookie: TiPMix=86.83487962057238; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4743
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 16:56:31 GMT
Last-Modified: Mon, 03 Oct 2022 15:37:28 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

js-agent.newrelic.com/nr-spa-1210.min.js

151.101.86.137

200 OK

16 kB

URL HTTP/2
js-agent.newrelic.com/nr-spa-1210.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32003)
Size
16 kB (15563 bytes)
Hash
7dc43edf7b434d3ee43d7c33026b7e84
69276d47de19be73cc7479084441f333e28542cd
7d613080c1440eba0ce5f3f4327abcc5849b225746444bb2c5de2f2849a76c71

HTTP Headers

GET /nr-spa-1210.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://switch.skinnysheeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: FWZvO+KUk1F7wU3z8u/p+DWVpRBZAeO6L816MXYW4pPqXIM421Qf42YG0AqFjVd140b6uMUKFVs=
x-amz-request-id: RMFFQCP9TW6RBK3S
last-modified: Tue, 22 Jun 2021 22:47:08 GMT
etag: "d5eff122d09ab2c851fb1780f0287cbf"
x-amz-version-id: S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 03 Oct 2022 16:56:31 GMT
via: 1.1 varnish
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 40
x-timer: S1664816191.158053,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 15563
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
776359453909e00e69bbe95a05f0ab7a
1bba535e76a5b1bb69692d50c14e925a55a99d01
b32137f03e3dd3d80ff78e807e4a462fa296d3a7fcf89ecd5286f9c9816e7944

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 16:56:31 GMT
Last-Modified: Mon, 03 Oct 2022 16:15:35 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.38.227.80

101 Switching Protocols

2.1 kB

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.227.80:0
ASN
#16509 AMAZON-02

File type
data
Size
2.1 kB (2143 bytes)
Hash
423e301a4e30c60a40dd605f5af0d75e
d520a40b8fb55f3c0d4edc9d66438a4516d86db4
f676ec7da97074d62878839bdeea145767e5c877b130f97c14a4ee95d53021a2

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hw3kpg2QQocUNBbcVLnYPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1kFyW1GS4mg7gYz9ocqlJUb0iPk=

pushserve.xyz/api/v1/visit

20.50.64.3

200 OK

1.2 kB

URL HTTP/2
pushserve.xyz/api/v1/visit
IP
20.50.64.3:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with very long lines (1223), with no line terminators
Size
1.2 kB (1223 bytes)
Hash
2bd1269b24a695bcdf4e2280a0cb3161
d0790b64ec1886c48843fa3773b4b9c265e9664a
37f905d6c8680283318dbbb761c96c15d8cadf69ee1142fea245023f75342217

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /api/v1/visit HTTP/1.1
Host: pushserve.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://switch.skinnysheeps.com/
Content-type: application/json
Origin: https://switch.skinnysheeps.com
Content-Length: 325
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Mon, 03 Oct 2022 16:56:30 GMT
server: Kestrel
access-control-allow-origin: *
set-cookie: TiPMix=34.77008481324005; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
content-length: 1223
X-Firefox-Spdy: h2

api.skinnysheeps.com/api/v1/sessions

104.21.81.195

201 Created

4.1 kB

URL HTTP/2
api.skinnysheeps.com/api/v1/sessions
IP
104.21.81.195:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- data
Size
4.1 kB (4094 bytes)
Hash
f1be8d71d398ec2e7228b8ad80dba18d
f3019a32ff14cbfeed577138a08e5319f15ac7bf
6908224649ed1d367940ec7ea3800bf2ba4ef1736f4fec31c68d5fdcc67264ec

HTTP Headers

POST /api/v1/sessions HTTP/1.1
Host: api.skinnysheeps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://switch.skinnysheeps.com/
content-type: application/json
Origin: https://switch.skinnysheeps.com
Content-Length: 44
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 201 Created
date: Mon, 03 Oct 2022 16:56:31 GMT
content-type: application/json; charset=utf-8
set-cookie: AWSALBTG=wSxaAka7utm5+f05A/k7RcCDApeKtFkM3GatBtCPsuoCw5jnVSmzUV5TEu6Pv3cKh1fff++oPGt09lZbDQiDBnKvuWDLK+lHHKLEh2V40CGzt88fQZU2wCCxTfibxmzCu48DH1lsua50AsJz7QpTO3hMrdpLDiZsANBXccXmwI6RkvjzEi0=; Expires=Mon, 10 Oct 2022 16:56:31 GMT; Path=/
AWSALBTGCORS=wSxaAka7utm5+f05A/k7RcCDApeKtFkM3GatBtCPsuoCw5jnVSmzUV5TEu6Pv3cKh1fff++oPGt09lZbDQiDBnKvuWDLK+lHHKLEh2V40CGzt88fQZU2wCCxTfibxmzCu48DH1lsua50AsJz7QpTO3hMrdpLDiZsANBXccXmwI6RkvjzEi0=; Expires=Mon, 10 Oct 2022 16:56:31 GMT; Path=/; SameSite=None
AWSALB=BcWvBlcOczswT/yMlo3l9RvmOVTzr8EFj5QZRKm2BLT3hlLEbWml5aGO8Ul5k9URp1z2bvsFuIR76su2S5d8ZVWzJ+snO2s9lQCVLrzIxV1/8qW6XG8rVBWPjE5J; Expires=Mon, 10 Oct 2022 16:56:31 GMT; Path=/
AWSALBCORS=BcWvBlcOczswT/yMlo3l9RvmOVTzr8EFj5QZRKm2BLT3hlLEbWml5aGO8Ul5k9URp1z2bvsFuIR76su2S5d8ZVWzJ+snO2s9lQCVLrzIxV1/8qW6XG8rVBWPjE5J; Expires=Mon, 10 Oct 2022 16:56:31 GMT; Path=/; SameSite=None
x-powered-by: PHP/8.0.11
vary: Accept
x-content-type-options: nosniff
x-frame-options: deny
content-location: /api/v1/sessions/cff437fc-7ae1-44e4-b5e5-2d8ce2a80864
location: /api/v1/sessions/cff437fc-7ae1-44e4-b5e5-2d8ce2a80864
cache-control: no-cache, private
access-control-allow-origin: https://switch.skinnysheeps.com
access-control-expose-headers: link
link: <http://api.skinnysheeps.com/api/v1/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFUhH7zCPXF85LOaMRzl5fk28tptPluAH4fbMREaeD1Yjc0S%2FhOIAFt8Y8KAz93NDhg%2BkdIK7yCy%2BOGkgTfqrhFGfUw%2BbmgLam224dekXOFV93ghSJ%2F17FAhW2PWBMiq0ddT06mcUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7547362a0b66b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bam-cell.nr-data.net/ins/1/d4db62af92?a=718237594&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=1780&ck=1&ref=https://switch.skinnysheeps.com/ca-en/

162.247.241.2

204 No Content

0 B

URL HTTP/1.1
bam-cell.nr-data.net/ins/1/d4db62af92?a=718237594&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=1780&ck=1&ref=https://switch.skinnysheeps.com/ca-en/
IP
162.247.241.2:0
ASN
#23467 NEWRELIC-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /ins/1/d4db62af92?a=718237594&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=1780&ck=1&ref=https://switch.skinnysheeps.com/ca-en/ HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1790
Origin: https://switch.skinnysheeps.com
Connection: keep-alive
Referer: https://switch.skinnysheeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Date: Mon, 03 Oct 2022 16:56:31 GMT
Connection: keep-alive
CF-Ray: 7547362cfbeab51b-OSL
Access-Control-Allow-Origin: https://switch.skinnysheeps.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCSecY9KR%2FEsqok75l%2BZPXJNwIRuvAyFhLp7BEPRn%2BvzJGMyBjXAVJztNI8UtnFTz1US2rOKIxz9G%2FeyqQO8aBye1OKh9dLjedTccaajjowjR%2FW7dtragTKD87BKnoCP39zhFMiZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare

bam-cell.nr-data.net/events/1/d4db62af92?a=718237594&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=1786&ck=1&ref=https://switch.skinnysheeps.com/ca-en/

162.247.241.2

200 OK

24 B

URL HTTP/1.1
bam-cell.nr-data.net/events/1/d4db62af92?a=718237594&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=1786&ck=1&ref=https://switch.skinnysheeps.com/ca-en/
IP
162.247.241.2:0
ASN
#23467 NEWRELIC-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
24 B (24 bytes)
Hash
bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

HTTP Headers

POST /events/1/d4db62af92?a=718237594&sa=1&v=1210.e2a3f80&t=Unnamed%20Transaction&rst=1786&ck=1&ref=https://switch.skinnysheeps.com/ca-en/ HTTP/1.1
Host: bam-cell.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 168
Origin: https://switch.skinnysheeps.com
Connection: keep-alive
Referer: https://switch.skinnysheeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 16:56:31 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7547362d0e4fb4f3-OSL
Access-Control-Allow-Origin: https://switch.skinnysheeps.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTDNu6WTnb6Pzzi2dt9Pi0TnuNBPqFhh3KhpDCU%2Fqr0BAvwAJ6TD4%2F8cDYFC38V7GT0EBiFXBxkh36utuZUH%2BITtyUv5IS3xDDsLzFDFg9L9JM5x7yR0vdz9ipTcdKyJzgHJLyL1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11104
Expires: Mon, 03 Oct 2022 20:01:36 GMT
Date: Mon, 03 Oct 2022 16:56:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11104
Expires: Mon, 03 Oct 2022 20:01:36 GMT
Date: Mon, 03 Oct 2022 16:56:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11104
Expires: Mon, 03 Oct 2022 20:01:36 GMT
Date: Mon, 03 Oct 2022 16:56:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11104
Expires: Mon, 03 Oct 2022 20:01:36 GMT
Date: Mon, 03 Oct 2022 16:56:32 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8277 bytes)
Hash
6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 20:14:10 GMT
age: 74542
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10490 bytes)
Hash
bed17699f6b123b33b8df416b23c4cac
36458cca636c4ffc873df8acd254ff726b1a9544
65dac85ddf2d9918696ea270a5a3d034e07e43ca5714f169747feee09fc4b897

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UnHrBSOKrX4XRjDOtvi6MEMUF9BgrHqn4_2zFpaaKh4X3e-lFzA-2A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 17:03:43 GMT
age: 85969
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9083 bytes)
Hash
523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 69065
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10839 bytes)
Hash
36debc920b17e124779c01af9101a59e
b105f7bf041365d644c98c7e11ffa75e4656d29d
f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dOlitYNRYQsyiYLagdUWS2MmO34k8otqQ5yKZ7f4zzbj1HxhAzZoqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:43 GMT
age: 69109
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 44021
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8158 bytes)
Hash
721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 69065
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://switch.skinnysheeps.com
Connection: keep-alive
Referer: https://switch.skinnysheeps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 03 Oct 2022 16:56:30 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:36:43
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: a0e487e2a78c1acd511a3f3825b8812e
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 754736259d131c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://switch.skinnysheeps.com
Connection: keep-alive
Referer: https://switch.skinnysheeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 03 Oct 2022 16:56:30 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/20/2022 02:32:25
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: db3f5850f9a496a89c6b87d807363053
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75473625ad151c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pushstar.club/ace-push.js

104.21.13.43

200 OK

0 B

URL HTTP/2
pushstar.club/ace-push.js
IP
104.21.13.43:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ace-push.js HTTP/1.1
Host: pushstar.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://switch.skinnysheeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 03 Oct 2022 16:56:30 GMT
content-type: application/javascript
etag: W/"1d8a66307301f52"
last-modified: Tue, 02 Aug 2022 11:28:46 GMT
cf-cache-status: BYPASS
set-cookie: TiPMix=38.341777131202505; path=/; HttpOnly; Domain=pushstar.club; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushstar.club; Max-Age=3600; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DodHlgJwbcIpnw%2F2GCObg90%2B2gxg%2FQSpxCxlCq%2BsQmIJH9Go9MqYNfcbswCzRM%2FvlW0%2FxbUXIo9A0spesyleJMqIo5C7OsQiBNUHDLPEV0KSlM0xcx8Ntl4frBNU8srp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754736259c5ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.skinnysheeps.com/api/v1/sessions

104.21.81.195

200 OK

0 B

URL HTTP/2
api.skinnysheeps.com/api/v1/sessions
IP
104.21.81.195:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /api/v1/sessions HTTP/1.1
Host: api.skinnysheeps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://switch.skinnysheeps.com/
Origin: https://switch.skinnysheeps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Mon, 03 Oct 2022 16:56:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALBTG=N6tb/8HIgvPKw1cpai7M9dxhbsRvK4FcfdJovRQRj8CcUMJWpJWkysKlDH3dxprL8WktRezfoP1peRSyNPZt9M8AAmLDfB0UGCdWL52efVBQg+fs8RBgtDdgq1lE8Rg29WNXVApQzPlF1ZFCzqEqUTf+kiqDWjDxapO+eHrxkmf+yn68CPc=; Expires=Mon, 10 Oct 2022 16:56:30 GMT; Path=/
AWSALBTGCORS=N6tb/8HIgvPKw1cpai7M9dxhbsRvK4FcfdJovRQRj8CcUMJWpJWkysKlDH3dxprL8WktRezfoP1peRSyNPZt9M8AAmLDfB0UGCdWL52efVBQg+fs8RBgtDdgq1lE8Rg29WNXVApQzPlF1ZFCzqEqUTf+kiqDWjDxapO+eHrxkmf+yn68CPc=; Expires=Mon, 10 Oct 2022 16:56:30 GMT; Path=/; SameSite=None
AWSALB=l7tijS7b/JUhAAIa9N07uwmLjEIUnohH8um24jAmiVCc9eWOO+TjqF+0En2JuhCLFb8DmM3/dYbVa1LZF6W1niQTnyvEAlZE+pgb58lhc/OXE9Usvi/dTMuo0Sx8; Expires=Mon, 10 Oct 2022 16:56:30 GMT; Path=/
AWSALBCORS=l7tijS7b/JUhAAIa9N07uwmLjEIUnohH8um24jAmiVCc9eWOO+TjqF+0En2JuhCLFb8DmM3/dYbVa1LZF6W1niQTnyvEAlZE+pgb58lhc/OXE9Usvi/dTMuo0Sx8; Expires=Mon, 10 Oct 2022 16:56:30 GMT; Path=/; SameSite=None
x-powered-by: PHP/8.0.11
cache-control: no-cache, private
vary: Origin
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-allow-headers: content-type, authorization
access-control-max-age: 3600
access-control-allow-origin: https://switch.skinnysheeps.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxzwjUcMGL1fwuZ%2B4e%2F%2BTE366JpMw9T3CeZFelWI0zIsRb9EQYc7aCpCKQw%2BG1GcV5D%2B2gEMGYJq6fwvlgF9dYWGvrSFwYhciyWFsgiIPEMnTWmPrmXScuZGffuWo9LhURcx61oDXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754736293a69b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

switch.skinnysheeps.com/ca-en/

104.21.81.195

200 OK

0 B

URL HTTP/2
switch.skinnysheeps.com/ca-en/
IP
104.21.81.195:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ca-en/ HTTP/1.1
Host: switch.skinnysheeps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 03 Oct 2022 16:56:30 GMT
content-type: text/html
last-modified: Fri, 26 Aug 2022 04:59:14 GMT
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIQlrVycVvKr6JhENhv%2Ftn4vGYdgxmvEteBwGZqLlsUoOEy74gFrr5khgQinzfQhM7ZTtE20cW2BFq8Ta%2BYS9QGBi%2BLtS%2BgM7wUCYCz%2BJBNGmtdFUwxCADh37S95o%2F9GlewL5NbvifcuSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75473623ce100af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Nunito+Sans:wght@300;400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://switch.skinnysheeps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 16:56:30 GMT
date: Mon, 03 Oct 2022 16:56:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations