| zerossl.ocsp.sectigo.com/ | 104.18.38.233 | | 317 B |
URL zerossl.ocsp.sectigo.com/ IP104.18.38.233:0
Hash51604957014c5898782aad97ce872679 33fea7ad00a73bba334494e8ed9534065d659092 fa1266ea0a4702d26e6bd549900007edc7469c0d3d1c3a79ed06163e65b2b1e6
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 05:58:57 GMT
Content-Type: application/ocsp-response
Content-Length: 317
Connection: keep-alive
Last-Modified: Sat, 04 May 2024 01:58:23 GMT
Expires: Sat, 11 May 2024 01:58:22 GMT
Etag: "33fea7ad00a73bba334494e8ed9534065d659092"
Cache-Control: max-age=330564,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 87fefb2f4e207129-OSL
|
|
| | 196.247.57.92 | 301 Moved Permanently | 236 B |
URL User Request GET HTTP/2IP196.247.57.92:443 ASN#41564 Orion Network Limited
CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashadbaa95fb606ea8f0e8ee42ecc425c9f df104c0bb80b99114c90672fe6457b5a5b8b3bb7 193097c63fdb02b1b36af2aafd606dd629bc0ac28f0c3920ef91fbd1c1a07e26
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 07 May 2024 05:58:57 GMT
content-type: text/html; charset=iso-8859-1
content-length: 236
location: https://www.crocssaleuk.com/
X-Firefox-Spdy: h2
|
|
| | 196.247.57.92 | 200 OK | 6.0 kB |
URL User Request GET HTTP/2IP196.247.57.92:443 ASN#41564 Orion Network Limited
CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (992), with CRLF, LF line terminators Hash0431b71955186442394327c0669958c1 e83644df9dc54758ebb863c65d37685c31baa8b5 79e26d7eed581784ad37bf550859ab66c9bbdb49ea01ac85dc105260337fd7f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: text/html; charset=utf-8
content-length: 5987
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e; path=/; domain=.www.crocssaleuk.com; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/jscript/jscript_cookies.js | 196.247.57.92 | 200 OK | 430 B |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/jscript/jscript_cookies.js IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (745), with no line terminators Hash65807f4bee7bcb4f6af769919ee805d3 c75e394f474f9238cb539f8b7ef9708cc083eff2 6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/jscript/jscript_cookies.js HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: application/javascript
content-length: 430
x-accel-version: 0.01
last-modified: Thu, 18 Aug 2022 03:28:17 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Tue, 07 May 2024 06:03:58 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images/loader.gif | 196.247.57.92 | 200 OK | 35 kB |
URL GET HTTP/2www.crocssaleuk.com/images/loader.gif IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeGIF image data, version 89a, 128 x 38 Hash362e988184d842aea3a0b5d09a64d13e e4ab705fb063ffd2645ce8a25e59e889e98f211c 82656f23517068a7b3d92badc8c29716e53654cd2574d330b08823ca7f7b8fa4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/loader.gif HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/gif
content-length: 35011
last-modified: Thu, 09 Jun 2022 03:23:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a16798-88c3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap | 142.250.74.170 | 200 OK | 1.1 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash21f42b15e82d70ba011f152b2ecd14a2 cab4e93a8fd5a34e69067844793baaf73087b33a cb062565243e5be026f6b38a64e6d72c62e19f150a5df3c4555d77d2742d3170
GET /css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/images/logo.svg | 196.247.57.92 | 200 OK | 1.5 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/images/logo.svg IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash3c8ab1fe15576824ea7e3dad0a0e3e1c 56d49bbed4bd41d4d44f46d6747a92a615ce34ba a221ac4dac16f04d91391a0623af458f42ea03e89cb0a884d79a9d30c7ec497b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/images/logo.svg HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Aug 2022 03:28:00 GMT
vary: Accept-Encoding
cache-control: max-age=864000, public, must-revalidate
expires: Tue, 07 May 2024 06:03:58 GMT
etag: W/"62fdb1c0-94a"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/jscript/jscript_plugins.js | 196.247.57.92 | 200 OK | 91 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/jscript/jscript_plugins.js IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash4b998d523d90548ad0046de94cac3708 44093628b6c99dfe7b5f5906975382569911a309 d5729d143d834f9b3c698a4e021868a04541bc1193b2424b6af255017e2ab07b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/jscript/jscript_plugins.js HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 03:28:21 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Tue, 07 May 2024 06:03:58 GMT
etag: W/"62fdb1d5-42b72"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap | 142.250.74.170 | 200 OK | 8.7 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashc4aa203b627d77ca6612ac17f3dfdbef e2a3615b348ec9a734f41aec06fecd6b5b982b97 62fb10f9c29a344222407c35181132fcee09b68149cdadecbdc26249662cbab2
GET /css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/jscript/jquery.min.js | 196.247.57.92 | 200 OK | 45 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/jscript/jquery.min.js IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash4d129bb71cd3395176dbb0d9200bd0f2 4404f566a4a5894707e1f7199a3717fa3bf73456 fe30a6fdefb08f3b205e04f1c744a6fc0f33f83d0a07c133b5d12919b2f2f7ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/jscript/jquery.min.js HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 03:28:18 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Tue, 07 May 2024 06:03:58 GMT
etag: W/"62fdb1d2-15d9d"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap | 142.250.74.170 | 200 OK | 4.8 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashb4d03e6bc3a50c2f343b80cd510dd0c8 4b15ca69953d492968394952fd2db5ad5ae02d48 bee10ec0e593ef17712a8abaae1d48a41689f5fa963478993f9bd3914275e1c4
GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap | 142.250.74.170 | 200 OK | 7.5 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash4d6d7ff08f3d165f01f91fa2f9909940 4174554cf73a089cc3bd15e9374af10da27bc626 da93efc4c30ff00c9e75424d644bcb2c4ef0cacb4a5133389d7fec12341e9e81
GET /css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap | 142.250.74.170 | 200 OK | 5.9 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash29376b2f305d148ae6ae6c7ea421195b 2cf011fd4a2f8aedf2b70c0050a0ce6190a9485f df8a7255c52ced32bb16162b48e8e7d4c20572d7e6e2ae80d0b6528c6f4774db
GET /css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap | 142.250.74.170 | 200 OK | 8.9 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash2e0e5716218fef1d4d285739699329c0 3a5e4982a48a059fcc446731b147931d86654d30 073e2fbb91dfb16234f22da1aa273cf8221e5e8068f77de77d71f4daf63d87e4
GET /css2?family=Jost:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/images/collection/men.jpg | 196.247.57.92 | 200 OK | 42 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/images/collection/men.jpg IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=1], baseline, precision 8, 600x200, components 3 Hashb02d37e1b0666fa15578784b3e89da44 76868e2f979e9f96921f8a76c5c921154ccefe0c deb61068abc712bbdd5a07666ca6c8be7d29d4f972d403ae7bfd7eaaacdf5e07
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/images/collection/men.jpg HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/jpeg
content-length: 41930
last-modified: Thu, 18 Aug 2022 03:31:41 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 06 Jun 2024 05:58:58 GMT
etag: "62fdb29d-a3ca"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap | 142.250.74.170 | 200 OK | 8.4 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashf1bbfcfc8e1a256b6d8e65c906b8e8a9 b0771f1ee9392844977c3be7c9690bd666174167 f1ea5d7d585215d6d6b2f2cb05863547a7b03f1cf3f67688d3c39db655a4617a
GET /css2?family=Quicksand:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 142.250.74.99 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP142.250.74.99:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crocssaleuk.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:15:02 GMT
expires: Sat, 03 May 2025 02:15:02 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 359037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 142.250.74.99 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP142.250.74.99:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crocssaleuk.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:05 GMT
expires: Fri, 02 May 2025 01:56:05 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 446574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images/payment.png | 196.247.57.92 | 200 OK | 6.2 kB |
URL GET HTTP/2www.crocssaleuk.com/images/payment.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 248 x 26, 8-bit/color RGBA, non-interlaced Hash1fb5f66cada185d72ccefaeb9e9a2963 584108601272e3ed07abe10b4c3ca2f6b200d552 ef645db0e0a9a267fda954e584782b888929b2827548ecaef07600656022535b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/payment.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 6248
last-modified: Thu, 09 Jun 2022 03:19:36 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a166c8-1868"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/images/collection/women.jpg | 196.247.57.92 | 200 OK | 69 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/images/collection/women.jpg IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=164, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=492], baseline, precision 8, 600x200, components 3 Hash39c2700f64ba6728a75466de2c26f9a5 f379bbd03880fb473fc86e837bf8d5640ee859e4 27f3f3ae7f418197da86ddd03c290082b51b2fb359080756901cef82939c8926
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/images/collection/women.jpg HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/jpeg
content-length: 68938
last-modified: Thu, 18 Aug 2022 03:31:42 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 06 Jun 2024 05:58:58 GMT
etag: "62fdb29e-10d4a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/images/collection/kids.jpg | 196.247.57.92 | 200 OK | 67 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/images/collection/kids.jpg IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=13, height=164, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=492], baseline, precision 8, 600x200, components 3 Hashe7e87c8a7b6258ea2a307d5787e752dc e6737a38cc31f346ca5db5c8df5742d23962e3c3 f6b6e30282d1c981954be508b344649193f1f70c4472b51c4489a980da4ad83a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/images/collection/kids.jpg HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/jpeg
content-length: 67286
last-modified: Thu, 18 Aug 2022 03:31:39 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 06 Jun 2024 05:58:58 GMT
etag: "62fdb29b-106d6"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/jscript/jscript_zmain.js | 196.247.57.92 | 200 OK | 17 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/jscript/jscript_zmain.js IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash3161a434d1bf2c21cd5e0b4122f8075d 88b81d5a4ca0c94be9291707c399fcfaf0df73e1 bc1252d11df4711687f421f992d81b80e8f6bae8f5ae3d7da68bf2f1267bea79
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/jscript/jscript_zmain.js HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 03:28:20 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Tue, 07 May 2024 06:03:58 GMT
etag: W/"62fdb1d4-b4a9"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Women-s-Jaunt-Shorty-Boot-Navy.png | 196.247.57.92 | 200 OK | 85 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Women-s-Jaunt-Shorty-Boot-Navy.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Hash594caba407e430ddcda4d85b489ce721 097aa2b8b9ca1975074d57bb7492bd33921720a0 fb795baba979dc8d95828a5e23973dab89d3c7e7520d2e74c93f863fa54e5864
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Women-s-Jaunt-Shorty-Boot-Navy.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 84973
last-modified: Wed, 17 Aug 2022 12:01:38 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd8a2-14bed"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Women-s-Classic-Neo-Puff-Shorty-Boot-Candy-Pink-Stucco.png | 196.247.57.92 | 200 OK | 140 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Women-s-Classic-Neo-Puff-Shorty-Boot-Candy-Pink-Stucco.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size140 kB (140238 bytes) Hash3b355dcf18716ffd8389a38c086a7ace 9fd0caa8d8b17316ec0880f1a711898e1f5c62e6 b3aa0a8204ee0c0b6ebe246d7253cf8784b11e13bc3d39efc0490f4362829f57
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Women-s-Classic-Neo-Puff-Shorty-Boot-Candy-Pink-Stucco.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 140238
last-modified: Wed, 17 Aug 2022 11:59:00 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd804-223ce"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Classic-Lined-Neo-Puff-Tie-Dye-Boot-Mineral-Blue.png | 196.247.57.92 | 200 OK | 184 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Classic-Lined-Neo-Puff-Tie-Dye-Boot-Mineral-Blue.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size184 kB (184346 bytes) Hashc62ebb46aeef5f266c63eb21c8738185 ebf4735f5ee030fc5ff3bf1cf2a005f1d8151629 f08bcdbedd23a42546e7b20405c810cbb87cfb4019150637ce7ed6d29f8b3ba9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Classic-Lined-Neo-Puff-Tie-Dye-Boot-Mineral-Blue.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 184346
last-modified: Wed, 17 Aug 2022 11:39:58 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd38e-2d01a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Crew-Seasonal-Solarized-3-Pack-Black-Multi.png | 196.247.57.92 | 200 OK | 152 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Crew-Seasonal-Solarized-3-Pack-Black-Multi.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size152 kB (151928 bytes) Hash0dcf6d126629de5240b311a7d69fa7de a0c4fa5caccbef59d774fb2a9a340544a7287beb 632d78b9940dd4ed5ce25bcdd8d757c6e9efd6be71b4ef351d003896d129d262
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Crocs-Socks-Adult-Crew-Seasonal-Solarized-3-Pack-Black-Multi.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 151928
last-modified: Wed, 17 Aug 2022 11:46:20 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd50c-25178"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Quarter-Graphic-3-Pack-Black-Camo.png | 196.247.57.92 | 200 OK | 162 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Quarter-Graphic-3-Pack-Black-Camo.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size162 kB (162047 bytes) Hash1cbec880bdb12290a4ccf721d61f55cb d6db81fbfb74e6cfd33246d364a2f9400d2e577c fa5beea0bb476a81b0b94e3fb248201885430d81bac850ec7974cfe84657a658
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Crocs-Socks-Adult-Quarter-Graphic-3-Pack-Black-Camo.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 162047
last-modified: Wed, 17 Aug 2022 11:46:32 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd518-278ff"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Crocs-Socks-Kid-Crew-Seasonal-3-Pack-Lapis-Multi.png | 196.247.57.92 | 200 OK | 161 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Crocs-Socks-Kid-Crew-Seasonal-3-Pack-Lapis-Multi.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size161 kB (160550 bytes) Hashbdf1b2744462be851e922efa6cde4e2a 7d05de55d64106b05747eb9adf84528335210076 daca5974be4225bd52a927fd920873c7e48f351ae80c13efb359c3551b3c1d4f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Crocs-Socks-Kid-Crew-Seasonal-3-Pack-Lapis-Multi.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 160550
last-modified: Wed, 17 Aug 2022 11:46:54 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd52e-27326"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Women-s-Classic-Neo-Puff-Shorty-Boot-Navy.png | 196.247.57.92 | 200 OK | 153 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Women-s-Classic-Neo-Puff-Shorty-Boot-Navy.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size153 kB (152812 bytes) Hasha6b2d396bc39b35d602cbea7de9c12ff 2114e5b3a2c57656acf6ee61d36675c1d66d6c97 85595db500b5f3c041874944da27a4e80f0fa62d573dcb458d5f02b63dfcc9ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Women-s-Classic-Neo-Puff-Shorty-Boot-Navy.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 152812
last-modified: Wed, 17 Aug 2022 11:59:08 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd80c-254ec"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Quarter-3-Pack-Electric-Pink-Multi.png | 196.247.57.92 | 200 OK | 285 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Quarter-3-Pack-Electric-Pink-Multi.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size285 kB (284833 bytes) Hashf05805b0c5f5442d839a50d45303c576 35576cf04cb614a44e30b35675c18bc587301869 759f4e514c97487aac4f9eb2ad81e1f91edb896b6ce612e9b6b87ef9d7c4aab1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Crocs-Socks-Adult-Quarter-3-Pack-Electric-Pink-Multi.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 284833
last-modified: Wed, 17 Aug 2022 11:46:32 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd518-458a1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Crocs-Socks-Kid-Crew-Seasonal-3-Pack-Multi.png | 196.247.57.92 | 200 OK | 139 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Crocs-Socks-Kid-Crew-Seasonal-3-Pack-Multi.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size139 kB (138972 bytes) Hash12f54066660cbebd9ff751f0dfb3d68c 47f59e8561669a301be4f92cb8ebe662c66edf78 b8a35586fab6767c57e88d78d0b7ab455c4bf9625822e3ae59b196bdfc3a5ebd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Crocs-Socks-Kid-Crew-Seasonal-3-Pack-Multi.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 138972
last-modified: Wed, 17 Aug 2022 11:46:56 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd530-21edc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Crew-Seasonal-Out-Of-This-World-3-Pack-Black-Multi.png | 196.247.57.92 | 200 OK | 166 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Crew-Seasonal-Out-Of-This-World-3-Pack-Black-Multi.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size166 kB (165952 bytes) Hashd689fb79aa81473f782cc4e11eec6905 4f07ac0beb8c4108e4386a2b244f87be74ae7bdc 6b5807bba0f5be41e914a11b503abfa0d52bdb10fd84fe65bafeac60d4e38d83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Crocs-Socks-Adult-Crew-Seasonal-Out-Of-This-World-3-Pack-Black-Multi.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 165952
last-modified: Wed, 17 Aug 2022 11:46:20 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd50c-28840"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Quarter-Graphic-3-Pack-Electric-Pink-Tie-Dye.png | 196.247.57.92 | 200 OK | 219 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Crocs-Socks-Adult-Quarter-Graphic-3-Pack-Electric-Pink-Tie-Dye.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size219 kB (218858 bytes) Hash228842c2e5f530fb44354ba552008579 9a99e7377a3dd00c1f31f9a8ac87baa02f4b52db 1025c36550851a7f15d9c952a3f430aa702a1e54ef687e4f7eda2ace27ddcf48
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Crocs-Socks-Adult-Quarter-Graphic-3-Pack-Electric-Pink-Tie-Dye.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 218858
last-modified: Wed, 17 Aug 2022 11:46:36 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd51c-356ea"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/images//prroductss/Women-s-Classic-Neo-Puff-Shorty-Boot-Black.png | 196.247.57.92 | 200 OK | 139 kB |
URL GET HTTP/2www.crocssaleuk.com/images//prroductss/Women-s-Classic-Neo-Puff-Shorty-Boot-Black.png IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typePNG image data, 950 x 794, 8-bit colormap, non-interlaced Size139 kB (138947 bytes) Hash931e55f8e0b3ab6a787897ff2c7b1dba 0e89396188584ab3381ead6df7449126b4667f7f 0ac232a1ccbc9742366b3f9c797e72376dadc213f552a88d4612d63cc0a2313f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images//prroductss/Women-s-Classic-Neo-Puff-Shorty-Boot-Black.png HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/png
content-length: 138947
last-modified: Wed, 17 Aug 2022 11:58:56 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62fcd800-21ec3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/images/Crocs.jpg | 196.247.57.92 | 200 OK | 597 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/images/Crocs.jpg IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=1], baseline, precision 8, 2400x1180, components 3 Size597 kB (596809 bytes) Hash3527dee15632aa40f2c952bd5ff6013c b3f06be0d6b8a2a19640b6b029ca2f03f6aac411 171b4cfeb81302a045aea4e78875f69393967412691092bfd2a654c7e36147b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/images/Crocs.jpg HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/jpeg
content-length: 596809
last-modified: Thu, 18 Aug 2022 03:27:56 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 06 Jun 2024 05:58:58 GMT
etag: "62fdb1bc-91b49"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.170 | 200 OK | 142 kB |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Size142 kB (141828 bytes) Hashe9920278e7354aef94a8f70f60f684c6 657c36ee411d6856de8cb4cbeb300e3268d8d96b a161817c7715aec638a07e8444a506b3b0baf69d7d648b63a349557f99ffd2b8
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/images/w6-bundle-full.jpg | 196.247.57.92 | 200 OK | 366 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/images/w6-bundle-full.jpg IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=1], baseline, precision 8, 2400x1000, components 3 Size366 kB (365683 bytes) Hash883f7335962cfbd636905c9e18141491 bcd25ec1881346bd6e839d69981780111e813b98 82ff358907ee78aa871e4d0c65529894785c32cb8d71dd00a6d3434b653ecbbf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/images/w6-bundle-full.jpg HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: image/jpeg
content-length: 365683
last-modified: Thu, 18 Aug 2022 03:28:09 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 06 Jun 2024 05:58:58 GMT
etag: "62fdb1c9-59473"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/images/favicon.ico | 196.247.57.92 | 200 OK | 36 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/images/favicon.ico IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeMS Windows icon resource - 5 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 64x64, 32 bits/pixel Hash328386fdda521a0d31bfc318249e0584 99a9fcac8a86993f6b483e56436ee9a0f97be98f a8e27be2a5e72f47d5c2866decf21301ccd6e6efceba65e548304bbd96fe0605
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/images/favicon.ico HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:59 GMT
content-type: image/x-icon
content-length: 35874
last-modified: Thu, 18 Aug 2022 03:27:56 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Wed, 08 May 2024 05:58:59 GMT
etag: "62fdb1bc-8c22"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap | 142.250.74.170 | 200 OK | 5.0 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (5076), with no line terminators Hash48d4822accd8873d2852967645115cef 1b20048c205fa24b4fff0afa458ee1fa2c45612f 27b1f874ce4c14645ec6df13bdf94d9a3381db78c5e4720903dd20d0e4bbc0b7
GET /css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap | 142.250.74.170 | 200 OK | 9.7 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (9912), with no line terminators Hash40698f9f19b1a609d2636f5eef9a3e30 46ff448bbf2fb3b30ecc73402877f8845445f8ba f3f7baade7af0f0b4587523c53317642d7c18c2501e70aaae37b93e7ee9a6545
GET /css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap | 142.250.74.170 | 200 OK | 7.6 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7812), with no line terminators Hashea047ba198aaa7637f27cf64c74fa8be 52329f1f70a60957c92db2a590bb97b25796dc19 11a942088d049579ba79db59d72e631d2e26f1fc2b12ee0dba2e2e3ff65d2477
GET /css2?family=Roboto+Condensed:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/fonts/annimex-icons.ttf?teavmy | 196.247.57.92 | 200 OK | 141 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/fonts/annimex-icons.ttf?teavmy IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, adorn-icons Size141 kB (140608 bytes) Hash7d3c0284348a1f07b4cd6ff41354551b 6ff4eb286a7b3c980866382a40dd9279c99cb9cd 924025d175bc0292a137b2b46a4ee48e77c8618c3ea19e44214b6abf30f16005
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/fonts/annimex-icons.ttf?teavmy HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/includes/templates/crocssaleuk/css/style_allplugins.css
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:59 GMT
content-type: application/x-font-ttf
content-length: 140608
last-modified: Thu, 18 Aug 2022 03:27:37 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Tue, 07 May 2024 06:03:59 GMT
etag: "62fdb1a9-22540"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap | 142.250.74.170 | 200 OK | 16 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash56e4df90a29f863f6faa6ccb7567e401 9f3f0306cb0054763e377c6f456890e33f546cd9 165c919c26eb19e053a7cf522566f7cfa686a2782e252b7cd39e15e5d8b4bf15
GET /css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap | 142.250.74.170 | 200 OK | 2.3 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (2310), with no line terminators Hash5cf712cf2b0969e17db3030c359175fe a6bd8bc94377508e45d8b0708c67057efd7ec40d 2590d0359a53a2ba40a5f4074121465e36893f365cf2a67f7c803249cbad479e
GET /css2?family=Glegoo:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap | 142.250.74.170 | 200 OK | 2.4 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (2424), with no line terminators Hash4c11106146294a0f2e0f9a7cd792e1d2 53f4815a87a769d098f64ad9dfafc157f7d572d1 66f67ff9a9b48f878ba4db2df85dcb68e5640e189ecc19cb7a4a8604b7412e94
GET /css2?family=Merienda:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/css/style_zo.css | 196.247.57.92 | 200 OK | 111 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/css/style_zo.css IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeASCII text, with very long lines (731) Size111 kB (111445 bytes) Hash0ce3174b036b4464ed9978a55ec5416b 97b1d35deaf5902f24cdd1799b54467002fe1fe8 454c7754ee041482e3eacd51a73b3697430c867024758389b79de83e4863c87a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/css/style_zo.css HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 03:27:31 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Tue, 07 May 2024 06:58:58 GMT
etag: W/"62fdb1a3-1b355"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.99 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.99:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crocssaleuk.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:02 GMT
expires: Fri, 02 May 2025 02:01:02 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 446277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 142.250.74.99 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP142.250.74.99:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.crocssaleuk.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 04:42:48 GMT
expires: Sat, 03 May 2025 04:42:48 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
age: 350171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/css/style_allplugins.css | 196.247.57.92 | 200 OK | 221 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/css/style_allplugins.css IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
Size221 kB (220793 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/css/style_allplugins.css HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 03:27:29 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Tue, 07 May 2024 06:58:58 GMT
etag: W/"62fdb1a1-35e79"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/css/stylesheet.css | 196.247.57.92 | 200 OK | 61 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/css/stylesheet.css IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeASCII text, with very long lines (349) Hash3db0d0ea6e3eb708926db7e884c84383 05e2c93df0622eb95db601ae5f89e98eee50a27e 67bbe02a97f030db04b23bd78ed79b2aa3b13ddce90e715971c268adea6d656e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/css/stylesheet.css HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 03:27:27 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Tue, 07 May 2024 06:58:58 GMT
etag: W/"62fdb19f-ec8c"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap | 142.250.74.170 | 200 OK | 2.6 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (2605), with no line terminators Hashd7e91faccd8b5b75c6794babc60413e9 490a3fe1bc93ea7dd9cff81c80eca5ea6cad68b3 8d4ecadfe561b26cf0addd9f7e39055b19844488449e0091a936a77fdff727d9
GET /css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap | 142.250.74.170 | 200 OK | 11 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash0f3106ce705bbf98161187fc94d15542 99688690db95c115bbc142ac516d7aa8d8bfade8 376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4
GET /css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Alata&display=swap | 142.250.74.170 | 200 OK | 1.2 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Alata&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1179), with no line terminators Hash1f9ff1758f44a8354f9be6ccf531cb8a 7fd5c0f675262d59736c063d0569dd7fab71256f 37dfb66736045e51980abc5c9c002b3a658a8fadc626f4a0aacf957fe90b6809
GET /css2?family=Alata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.crocssaleuk.com/includes/templates/crocssaleuk/css/style_common.css | 196.247.57.92 | 200 OK | 43 kB |
URL GET HTTP/2www.crocssaleuk.com/includes/templates/crocssaleuk/css/style_common.css IP196.247.57.92:443 ASN#41564 Orion Network Limited
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerZeroSSL Subjectcrocssaleuk.com Fingerprint6E:83:74:3B:D2:5D:1D:7F:5C:1D:4B:64:FE:E7:E4:FF:11:17:E4:E7 ValiditySat, 16 Mar 2024 00:00:00 GMT - Fri, 14 Jun 2024 23:59:59 GMT
File typeassembler source, ASCII text, with very long lines (451) Hash496435b07da9f6e2acbc3df64840f48f edf4be683099efe465c103acb107800f97bb1247 7e5387f12f8ec61fc8ee32d6f186971cf0850895d7a55c64daef31d94a083391
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/crocssaleuk/css/style_common.css HTTP/1.1
Host: www.crocssaleuk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Cookie: zenid=hsqv1b6cq0pllg8cbmtdjf777e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 05:58:58 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 03:27:29 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Tue, 07 May 2024 06:58:58 GMT
etag: W/"62fdb1a1-a7bf"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Staatliches&display=swap | 142.250.74.170 | 200 OK | 808 B |
URL GET HTTP/3fonts.googleapis.com/css2?family=Staatliches&display=swap IP142.250.74.170:443
Requested byhttps://www.crocssaleuk.com/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (826), with no line terminators Hashda420df8479f8779cde5fc034d4cc67b 40e95fcf89bfd02023345af67b83dd45543c29d9 21c8c585a8724114950fa78cb426dd7ff797cab8c34cb44231ea087c6c515d61
GET /css2?family=Staatliches&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.crocssaleuk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 05:58:58 GMT
date: Tue, 07 May 2024 05:58:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|