Report - druskele.atshop.io/

Report Overview

Submitted URL
druskele.atshop.io/
IP
104.21.13.49
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-24 13:43:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.242.254
cdn.atshop.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	829 B	8.0 kB	104.26.8.16
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
js.intercomcdn.com	2440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	749 B	110 kB	54.230.111.33
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	21 kB	142.250.74.174
ddp.atshop.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	323 kB	104.21.13.49
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	97 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	746 B	142.250.74.10
sdk.paylike.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	803 B	104.21.32.98
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
cdn.polyfill.io	2365	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	428 B	697 B	151.101.85.26
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.76.226
widget.intercom.io	2417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	6.9 kB	54.230.111.119
client.relay.crisp.chat	17983	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	586 B	464 B	64.227.36.222
client.crisp.chat	19483	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	766 B	1.6 kB	104.18.28.91
druskele.atshop.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	798 B	1.4 kB	172.67.154.161
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.9 kB	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.3
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.165
www.datadoghq-browser-agent.com	3490	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	535 B	54.230.217.110

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-24	medium	atshop.io	Sinkholed
2022-11-24	medium	atshop.io	Sinkholed
2022-11-24	medium	atshop.io	Sinkholed
2022-11-24	medium	atshop.io	Sinkholed
2022-11-24	medium	atshop.io	Sinkholed
2022-11-24	medium	atshop.io	Sinkholed
2022-11-24	medium	atshop.io	Sinkholed

JavaScript (14)

	URL	Size	First Seen	Last Seen
	sdk.paylike.io/3.js	198 kB	2023-03-07	2023-09-23
Pretty URL sdk.paylike.io/3.js IP 104.21.32.98 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:37 Last Seen2023-09-23 17:55:50 Times Seen8 Hash 98d5aa46a3f754102f21a35e9e80b9fe f5cb18deaae7ff841c45a8d3154647d8ffc0cbf1 fb7b08ae897bb9d70cc735b03789d9c58213a51f0d7536672b0dc273c65c24ec Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 00:32:39 Times Seen1530 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	client.crisp.chat/settings/website/1486350d-b05f-4329-832d-38ab79891b50/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2022-10-24-13-43	212 B	2023-03-11	2023-03-11
Pretty URL client.crisp.chat/settings/website/1486350d-b05f-4329-832d-38ab79891b50/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&2022-10-24-13-43 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:07:58 Last Seen2023-03-11 19:07:58 Times Seen1 Hash cc7e262a5d20ce4cb43429da4fc328d4 b78e71a3bfde515f3afb8f407de16911e62ddcb8 0638c390c7192d6ed5990c61edf8885f32a7cbe61267d5d413c70570cd8865c5 Loading...

	client.crisp.chat/static/javascripts/locales/en.js?c12a130	6.9 kB	2023-03-11	2024-02-11
Pretty URL client.crisp.chat/static/javascripts/locales/en.js?c12a130 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 18:57:30 Last Seen2024-02-11 08:31:38 Times Seen1 Hash 51ea7b4b60c7b1d9092a2acd81fac0f2 57225376a69b9cd1e856d0b9e76eaf443a583cd4 aea9fe03af8f7c1ce9a95b1f0f775fc25e817abf92b3d1ce3107369642fc3418 Loading...

	cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver,IntersectionObserverEntry	222 B	2023-03-07	2024-04-02
Pretty URL cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver,IntersectionObserverEntry IP 151.101.85.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:41 Last Seen2024-04-02 11:29:21 Times Seen74 Hash b78d24643a2c7754230d68a8f15f090d 58e645c83460b260d7cee45d361ddf1ad212bbeb cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3 Loading...

	druskele.atshop.io/	267 B	2023-03-07	2023-03-25
Pretty URL druskele.atshop.io/ IP 172.67.154.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:37 Last Seen2023-03-25 23:14:00 Times Seen2 Hash d36ff415b444e01805d20765430fc4ac ba67e28804d83e6dc30ac4d4fa11d82422ef035d 80b2a1839d67121c02d8f3c08e2ee33df8b54f41062653b044688f76bbdb6911 Loading...

	www.google-analytics.com/plugins/ua/ec.js	2.8 kB	2023-03-07	2024-04-24
Pretty URL www.google-analytics.com/plugins/ua/ec.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-24 19:10:50 Times Seen1644 Hash 7b430c6350a59a7cf22b9adeccba327b b48d3c289bcb6809bb52fffd8f013055ed6bcd65 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Loading...

	www.datadoghq-browser-agent.com/datadog-logs-v4.js	43 kB	2023-03-08	2024-02-07
Pretty URL www.datadoghq-browser-agent.com/datadog-logs-v4.js IP 54.230.217.110 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:50:10 Last Seen2024-02-07 06:02:05 Times Seen1 Hash 039ee34f466506a157fdbfc5d2a3a956 6e732d08d0aeebc7fc3ea108e35a070afd540073 7900bdf8889a1bd9dd89e27c8f4a964f313101a3aa33bfd62f3a532c6dc3c42f Loading...

	widget.intercom.io/widget/msak0o3q	19 kB	2023-03-11	2023-03-11
Pretty URL widget.intercom.io/widget/msak0o3q IP 54.230.111.119 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:06:01 Last Seen2023-03-11 19:09:40 Times Seen1 Hash ff611e28363a636df8d7adc4950cfc43 4026979f9dab6599666f5fae6c4706ab449aced5 70179d973022195e9fd20cfd9b9dc8ddc247abb3cd100ce6126f78a4feb3e8b8 Loading...

	js.intercomcdn.com/frame.6bb40925.js	521 kB	2023-03-11	2023-03-11
Pretty URL js.intercomcdn.com/frame.6bb40925.js IP 54.230.111.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:06:01 Last Seen2023-03-11 19:07:58 Times Seen1 Hash a25438045a0b4d599bfb8d1233859210 60aaab25fa5fd3bedb015584609fd55723433376 3a23202e4856a959f2db76edcb80f45d269c4b25cbf9299ab8189e437623b7c3 Loading...

	client.crisp.chat/l.js	8.0 kB	2023-03-11	2024-02-11
Pretty URL client.crisp.chat/l.js IP 104.18.28.91 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 18:57:30 Last Seen2024-02-11 08:31:37 Times Seen1 Hash 59c3f430254ad31dc039db8719bcfb9c 9a028583534ff3aec0ddc11cf6e7a8bab2a3a96e 5f9991d980159ac528acc8b1d6976807af88f75af2d8be0fcf7c30634aa977db Loading...

	client.crisp.chat/settings/website/1486350d-b05f-4329-832d-38ab79891b50/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1649486529551	1.1 kB	2023-03-11	2023-03-11
Pretty URL client.crisp.chat/settings/website/1486350d-b05f-4329-832d-38ab79891b50/?callback=window.%24__CRISP_INSTANCE.__spool.website_handler&1649486529551 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:07:58 Last Seen2023-03-11 19:07:58 Times Seen1 Hash 0fa3bb69a881b9915dc3086c374c3fe4 30a8cd746a74de2cf6bb79f3250ff9708215682d 44f1ceccaad0e68545f843e4bc6fa5e84e3abeeb460bf0c9596439132371b0a6 Loading...

	druskele.atshop.io/	2.6 kB	2023-03-11	2023-03-11
Pretty URL druskele.atshop.io/ IP 172.67.154.161 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:07:58 Last Seen2023-03-11 19:07:58 Times Seen1 Hash 25ac58f5aa88751aa8e05fe65e1a739d 477320faa6771d1397c6d19aa99b856257523f81 b203ceee5b10e75a71202f411d23228cb758b81a56cd56ba9ff3b80055151946 Loading...

		Size	First Seen	Last Seen
	#1 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-26 04:05:33 Times Seen14316 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (50)

URL IP Response Size

druskele.atshop.io/

172.67.154.161

301 Moved Permanently

0 B

URL HTTP/1.1
druskele.atshop.io/
IP
172.67.154.161:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: druskele.atshop.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 13:43:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 24 Nov 2022 14:43:10 GMT
Location: https://druskele.atshop.io/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVcBXB5E3ed9OW50dFZPCxuXTXVbVGTGuCknq5X9MxQZSJgtP8Cc92EFJ0M3xv%2Bi6dVahaGZSNM1AyGiuz8MAyHpldqdG%2Bhn47a4vZ7aaCpZnFp5tGQwmz53qO0Tsud8ervVAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f29274ba23b4fa-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3900
Expires: Thu, 24 Nov 2022 14:48:10 GMT
Date: Thu, 24 Nov 2022 13:43:10 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6532
Cache-Control: max-age=167813
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:10 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:20:03 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 13:18:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1453
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3269
Expires: Thu, 24 Nov 2022 14:37:40 GMT
Date: Thu, 24 Nov 2022 13:43:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: gf91++sfGqZgd92JaRraFdcgRkh4G8WQWQcGGQ2bOOHDV960DxSRq9YPa/F4+Jp5LfrOf4OiDwM=
x-amz-request-id: F0F7GM8MV8GH0XPE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 13:40:25 GMT
age: 166
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 13:43:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
cafd8e8ad542c112b565f801483ede61
43f8b617fbc2113921d5583acc0ff239b41e61a8
70d5624924a2ebb61650320ea61b214f6d0bb8f2fda8f2083328c42c2b2c412e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=98629
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:11 GMT
Etag: "637e5334-118"
Expires: Fri, 25 Nov 2022 17:07:00 GMT
Last-Modified: Wed, 23 Nov 2022 17:07:00 GMT
Server: nginx
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 13:08:53 GMT
cache-control: public,max-age=3600
age: 2058
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
cafd8e8ad542c112b565f801483ede61
43f8b617fbc2113921d5583acc0ff239b41e61a8
70d5624924a2ebb61650320ea61b214f6d0bb8f2fda8f2083328c42c2b2c412e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=98629
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:11 GMT
Etag: "637e5334-118"
Expires: Fri, 25 Nov 2022 17:07:00 GMT
Last-Modified: Wed, 23 Nov 2022 17:07:00 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280

cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver,IntersectionObserverEntry

151.101.85.26

200 OK

126 B

URL HTTP/2
cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver,IntersectionObserverEntry
IP
151.101.85.26:0
ASN
#54113 FASTLY

File type
ASCII text
Size
126 B (126 bytes)
Hash
73facef13260d15915b31c39a22317b8
2e0d6642d943b6bba33c14ed89db6ca0d98e7844
fe0e7a42051b9bde30f5d3f6679756e2aad5814be1914d6606d961f6e15f07f7

HTTP Headers

GET /v2/polyfill.min.js?features=IntersectionObserver,IntersectionObserverEntry HTTP/1.1
Host: cdn.polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Sat, 19 Nov 2022 11:32:22 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Thu, 24 Nov 2022 13:43:11 GMT
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1653, PASS, fastly;desc="Edge time";dur=11
content-length: 126
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6508
Cache-Control: max-age=162726
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:11 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:55:17 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.148.242.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.242.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uKV/zVTHalF6mHrfF2oymg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZYB4LIxS1Paxq6tFxudKjAospGE=

cdn.atshop.io/assets/images/favicon/android-icon-192x192.png

104.26.8.16

200 OK

4.7 kB

URL HTTP/2
cdn.atshop.io/assets/images/favicon/android-icon-192x192.png
IP
104.26.8.16:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.7 kB (4718 bytes)
Hash
a0181b95d0d57ee726aa5490d699edcd
23926c6e0110d299d0d913d0aa96c023f8a8a080
37206d84e0f216e9bd86d689e16fdc0e2e20172bcd7a42d600ff21b0a429f2f1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/favicon/android-icon-192x192.png HTTP/1.1
Host: cdn.atshop.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://druskele.atshop.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:43:12 GMT
content-type: image/webp
content-length: 4718
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=2073600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8115
content-disposition: inline; filename="android-icon-192x192.webp"
etag: "2d81c2fa41d8d0d4b6bdc9895ce4b717"
expires: Fri, 11 Nov 2022 19:18:59 GMT
last-modified: Tue, 16 Jun 2020 21:21:44 GMT
vary: Accept
x-guploader-uploadid: ADPycduDEO4zVnNYAMLkL8jObpnwLj74xMvGdj1OftZRveU1svQGwTQYamMhUlhr_Pp5JFQRBf9-wQRWAg-wHRrI78L9
x-goog-generation: 1592342504330673
x-goog-hash: crc32c=CtJ2Jg==, md5=LYHC+kHY0NS2vcmJXOS3Fw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8115
cf-cache-status: HIT
age: 102925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8%2BpqH38YMu3go67kGXpcM%2B62U7CtgBw%2FFyFoYVxHfMVnzy2i7Qy6GGseUPvOaYAyiZ35DonmASITZNSmatKibjjpOU6cDIuAVPsxOYpJhCueKUzOjN3oi8Z4mj29Mo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2927d98d40b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.atshop.io/assets/images/favicon/favicon-16x16.png

104.26.8.16

200 OK

616 B

URL HTTP/2
cdn.atshop.io/assets/images/favicon/favicon-16x16.png
IP
104.26.8.16:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
616 B (616 bytes)
Hash
baff72be252a0502c4fa1f5dd05d7a5b
fa5ec90448c3c2d5a5cc36db7304e33d834f0705
046059c284981b21ec75fb43c086b1d9911aca257d4fd244fa965515d994533e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/images/favicon/favicon-16x16.png HTTP/1.1
Host: cdn.atshop.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://druskele.atshop.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:43:12 GMT
content-type: image/webp
content-length: 616
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=2073600
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1448
content-disposition: inline; filename="favicon-16x16.webp"
etag: "872abe29857a7e42d03f1ce7a3fe3e3b"
expires: Wed, 23 Nov 2022 14:44:34 GMT
last-modified: Tue, 16 Jun 2020 21:21:49 GMT
vary: Accept
x-guploader-uploadid: ADPycdtIog4eZ66yga2KAvgIF2FvobmSBqOHoOgXJRJpK0FD1pxa1F6DyTFjy4KMwoF6EqbHjHxiScyrrWINDNTbSr5XH8ZTIVUW
x-goog-generation: 1592342509685534
x-goog-hash: crc32c=sbBkAA==, md5=hyq+KYV6fkLQPxzno/4+Ow==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1448
cf-cache-status: HIT
age: 41281
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YG75gZm1baAZMj0mnuATOGuc6MCG88f9%2FY8zUhwQx1SRXRzRxTWzQ6r8S22LYPhgaHGiUdQnjUM8yB%2BxGjUCPGA7rtGBVJfpalkHUdg2La3fM45FZnq6pbwj%2BPNtqyQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f2927d98df0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
a649354114de687f01c0b5240cafbc5d
b730f95c7b54b0044d2e775a52828ae97c1ed714
713c2693d645d7a664ace96dbd0338ea500b6e191b6003a2291bffc07dcf1e9d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "713C2693D645D7A664ACE96DBD0338EA500B6E191B6003A2291BFFC07DCF1E9D"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7463
Expires: Thu, 24 Nov 2022 15:47:35 GMT
Date: Thu, 24 Nov 2022 13:43:12 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
a649354114de687f01c0b5240cafbc5d
b730f95c7b54b0044d2e775a52828ae97c1ed714
713c2693d645d7a664ace96dbd0338ea500b6e191b6003a2291bffc07dcf1e9d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "713C2693D645D7A664ACE96DBD0338EA500B6E191B6003A2291BFFC07DCF1E9D"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7463
Expires: Thu, 24 Nov 2022 15:47:35 GMT
Date: Thu, 24 Nov 2022 13:43:12 GMT
Connection: keep-alive

widget.intercom.io/widget/msak0o3q

54.230.111.119

200 OK

6.2 kB

URL HTTP/2
widget.intercom.io/widget/msak0o3q
IP
54.230.111.119:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Size
6.2 kB (6172 bytes)
Hash
c8233cae2c36e33257a17e1349351cb7
6f201762a530c5605d5602005a1281ada49a0c26
6fe62a0af82353a060e87987cdbb7ddb00691a6cda9bc6c2dd2514a29eee7cdd

HTTP Headers

GET /widget/msak0o3q HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6172
last-modified: Thu, 24 Nov 2022 11:54:44 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: gjgcRjLqLhHf.RUzitdHyr8mzHSx2NaK
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 13:32:11 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "c8233cae2c36e33257a17e1349351cb7"
x-cache: Error from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jz4C1doggvIKy9wLbWSzaYQUssyaPQKr4zqeQ4BWvuKLVNQOJ9upEg==
age: 662
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

js.intercomcdn.com/vendor.4a5cdc79.js

54.230.111.33

200 OK

108 kB

URL HTTP/2
js.intercomcdn.com/vendor.4a5cdc79.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65431)
Size
108 kB (108174 bytes)
Hash
089fe9ef868f8c7cfb708d9036c2c0a1
ed1fa722688cd361ed5f2072bad4980b16e1c4ca
a944b3f462d40328041ca477c083937c116e799f88df76ca1c96cc0e934de617

HTTP Headers

GET /vendor.4a5cdc79.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108174
date: Thu, 24 Nov 2022 11:54:48 GMT
last-modified: Thu, 24 Nov 2022 11:53:14 GMT
etag: "089fe9ef868f8c7cfb708d9036c2c0a1"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, s-maxage=7200, public
content-encoding: gzip
x-amz-version-id: 9gd7.fJTuhMONPuSt8ALzIU0M6kqYvj4
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 64vmpesDNuupXOUS1kNe4v4rdy7TVu2mZ0_QWA1UoWIFmK0-ky-J4g==
age: 6505
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
29aef7781fd855e700a683b6c8c2e214
380ccd2f214955e1b3d55f2f79a81e30a9a18cb3
6ac72415d1ccb12fdbc8f9ead6d1ed9a5cf4461183971220829a7b002fcd546d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101236
Date: Thu, 24 Nov 2022 13:43:12 GMT
Etag: "637e496c-1d7"
Expires: Fri, 25 Nov 2022 17:50:28 GMT
Last-Modified: Wed, 23 Nov 2022 16:25:16 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LZOZZENf33Mp0FmeNNnEZLKKwsboHN7Ou2kBat3Gvb0uDTvo3C6Igg==
Age: 5112

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 12:41:08 GMT
expires: Thu, 24 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 3724
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0de07cccc8bd29e2f12f4f2a0e26a614
436d83a9eb0937c9b07486ca23d59a3721985ece
15b44a18b2953fdeabf89fe7e8dfe1c20420b42dcbc7874b12c4bace8deaf9f8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168271
Date: Thu, 24 Nov 2022 13:43:12 GMT
Etag: "637f5a44-1d7"
Expires: Sat, 26 Nov 2022 12:27:43 GMT
Last-Modified: Thu, 24 Nov 2022 11:49:24 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q6TtwDI4dR_OgBIVMDX3D0FBkKoUFdUErn9JAsML6D41wfrkcH21yw==
Age: 2299

ddp.atshop.io/sockjs/242/03ylg0pm/websocket

104.21.13.49

101 Switching Protocols

0 B

URL HTTP/1.1
ddp.atshop.io/sockjs/242/03ylg0pm/websocket
IP
104.21.13.49:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sockjs/242/03ylg0pm/websocket HTTP/1.1
Host: ddp.atshop.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://druskele.atshop.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e2ahv3dZ6MIqEP+X8kxKyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Thu, 24 Nov 2022 13:43:12 GMT
Connection: upgrade
Sec-Websocket-Accept: MjTOkjToQEPOrV4ABwuI4N6brFQ=
Sec-Websocket-Extensions: permessage-deflate
Set-Cookie: ats-server-id=a4516c9f18355af5; Path=/; HttpOnly
Upgrade: websocket
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wz3s24l8T3IbEFU9Fqjn5n3eeKWT3Y8ycXzgaEiLqD2HrN25ZnNDqK%2B4FVuQEkN9mwOOUkaFRlhbdNWdLgo%2FPpObOxkmP05JkKWQzdYS4rGNF%2BsRD68Yo6fqTWdxqA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f292816d1c1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
c20dfe7b77af6170cfafbc66259d8a5c
fddbfd0b087e92a134061ea84165445ab5f649d1
9a4fb73e7a97db9840722a6606093f69ca542c30d803b77e1b8b33d0c430f9a4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 748
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:13 GMT
Last-Modified: Thu, 24 Nov 2022 13:30:45 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
c20dfe7b77af6170cfafbc66259d8a5c
fddbfd0b087e92a134061ea84165445ab5f649d1
9a4fb73e7a97db9840722a6606093f69ca542c30d803b77e1b8b33d0c430f9a4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 748
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 13:43:13 GMT
Last-Modified: Thu, 24 Nov 2022 13:30:45 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18620
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:43:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18620
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:43:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18620
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:43:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18620
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:43:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5070 bytes)
Hash
0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 56753
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18620
Expires: Thu, 24 Nov 2022 18:53:33 GMT
Date: Thu, 24 Nov 2022 13:43:13 GMT
Connection: keep-alive

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 23346
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11969 bytes)
Hash
1234c13159d1531a698ece38a3bd7ff6
6bd60504d4450a090e6f82d15f2f28b371e4dfcc
488a827d4d2074371860dd556b3611c56a19502d3348e0a7d35c4f7556f63b3a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11969
x-amzn-requestid: e7ab6bb2-9bc5-4862-901b-32f18322db46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwBJFkUoAMFRFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e93a0-56d902c0481eef0932dad57c;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:41:52 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zluh8EkvyvbxVT_lmb1uh3eLph9eMUrsuLlwPYAOmP9-sWAhGyxeMw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:44:50 GMT
age: 57503
etag: "6bd60504d4450a090e6f82d15f2f28b371e4dfcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

54 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
54 kB (54537 bytes)
Hash
99dfde29a6e5eed1f450c598dba00081
49ba2886c18e63e44c87b252e0dddf30bd3e3bec
2af747e3befb09c4c487a38577a66d7833c41f13d858d72b6a2b0db4158f0ed6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 56359
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6789 bytes)
Hash
d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 23271
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7993 bytes)
Hash
92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 57367
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ddp.atshop.io/sockjs/info?cb=5q3xe59xj_

104.21.13.49

200 OK

320 kB

URL HTTP/2
ddp.atshop.io/sockjs/info?cb=5q3xe59xj_
IP
104.21.13.49:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
320 kB (320329 bytes)
Hash
eae6167182af77af7eb96e9f6ba6f723
272350c018e763c651ff57e444cd76293f128170
0a4a39e6012842acea353eb712329682f71c2eb960a9031e8da660a3ab56deff

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sockjs/info?cb=5q3xe59xj_ HTTP/1.1
Host: ddp.atshop.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://druskele.atshop.io/
Origin: https://druskele.atshop.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:43:12 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://druskele.atshop.io
cache-control: no-store, no-cache, no-transform, must-revalidate, max-age=0
set-cookie: ats-server-id=8ef13db06ed548bf; Path=/; HttpOnly
vary: Origin
x-cache-status: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzUTSPgxwNE%2FRlQdW8zvkFu3T65yPA%2B%2BTs%2B%2F28oNbRwPRfeptUQ6FuP5FxJT9%2B34gDqsqyVha%2BsY4bWr7aQMSZ4RMgsLp1NzS3MHjk0QBtvwxRY61J7V6hgkpvxeqAE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f292807bef1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

client.relay.crisp.chat/w/56/?EIO=4&transport=websocket

64.227.36.222

101 Switching Protocols

0 B

URL HTTP/1.1
client.relay.crisp.chat/w/56/?EIO=4&transport=websocket
IP
64.227.36.222:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /w/56/?EIO=4&transport=websocket HTTP/1.1
Host: client.relay.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://druskele.atshop.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rRgMuBlyq6tILkVWVpriGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Thu, 24 Nov 2022 13:43:14 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cGl9WgfOspnitw8W5sTOc3UxE8g=
Sec-WebSocket-Version: 13
X-Crisp-Ray: website w:56 10.133.35.18:3000
Access-Control-Allow-Headers: Content-Type, Origin, Upgrade
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 13:43:12 GMT
date: Thu, 24 Nov 2022 13:43:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

js.intercomcdn.com/frame.6bb40925.js

54.230.111.33

200 OK

0 B

URL HTTP/2
js.intercomcdn.com/frame.6bb40925.js
IP
54.230.111.33:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frame.6bb40925.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 137638
date: Thu, 24 Nov 2022 11:54:48 GMT
last-modified: Thu, 24 Nov 2022 11:53:14 GMT
etag: "497092c6ca2ade14717df7c745a01250"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, s-maxage=7200, public
content-encoding: gzip
x-amz-version-id: f40q4Z7lxOOXH6fhv_rqf8wFaismXBxL
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: idJzOiZBWjWFcflao_LMmncSLOx0AMUGPbdwUozDmjGZqbyabBFBsw==
age: 6505
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ddp.atshop.io/sockjs/info?cb=hua_8llgq1

104.21.13.49

200 OK

0 B

URL HTTP/2
ddp.atshop.io/sockjs/info?cb=hua_8llgq1
IP
104.21.13.49:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sockjs/info?cb=hua_8llgq1 HTTP/1.1
Host: ddp.atshop.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://druskele.atshop.io/
Origin: https://druskele.atshop.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:43:12 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://druskele.atshop.io
cache-control: no-store, no-cache, no-transform, must-revalidate, max-age=0
set-cookie: ats-server-id=69da6cef2c1ed445; Path=/; HttpOnly
vary: Origin
x-cache-status: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUk3BsQaQZ1T7nQH56JrsXivOTr3wwAawocscAEOZiPcqmqp5CJC35zgR5n4phhY1FCk%2BeiWZGQE%2FfMTpKSSMFh2kaPpZqJmJrUgKukx0Ac9VSZ9i0R%2Bpy8JI1YyHR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f292807bea1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

client.crisp.chat/l.js

104.18.28.91

200 OK

0 B

URL HTTP/2
client.crisp.chat/l.js
IP
104.18.28.91:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /l.js HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:43:13 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
etag: W/"622f402b-1f71"
expires: Fri, 25 Nov 2022 13:43:13 GMT
last-modified: Mon, 14 Mar 2022 13:16:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16034
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f29283dacfb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

druskele.atshop.io/

172.67.154.161

200 OK

0 B

URL HTTP/2
druskele.atshop.io/
IP
172.67.154.161:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: druskele.atshop.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:43:11 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=3600, stale-if-error=600
referrer-policy: origin-when-cross-origin
vary: Accept-Encoding
x-cache-status: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOIF9ZsCC97hW%2Fllp9eijLlBQBJL1wdmKOFmbSADiww5Jm4WFuWyp%2FyhaEtfdA%2FTedkrvZ1QIaE%2BgKu9MtrsPP9n8IrXdMKYLEGHfvM6yF%2FNsEON0L2MtyoDQv%2Fbg0sK3tF8Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f292774d2d0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

sdk.paylike.io/3.js

104.21.32.98

200 OK

0 B

URL HTTP/2
sdk.paylike.io/3.js
IP
104.21.32.98:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /3.js HTTP/1.1
Host: sdk.paylike.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:43:12 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7osLHvC9bAg7CufKG%2B02TKc%2FZFDkvP73HnP0taYn0SYw7Gcc5yR%2FCeiCWBLp62BLVBkwZD5Y7ubCfPu%2BiQvSyFQoGlfIcDXdeHFXFrFFOkRDwCOfQswwTR7hBwk4WCFewA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f292802cb7b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

client.crisp.chat/static/javascripts/client.js?c12a130

104.18.28.91

200 OK

0 B

URL HTTP/2
client.crisp.chat/static/javascripts/client.js?c12a130
IP
104.18.28.91:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/javascripts/client.js?c12a130 HTTP/1.1
Host: client.crisp.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 24 Nov 2022 13:43:13 GMT
content-type: application/javascript
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: public, max-age=315360000
cross-origin-resource-policy: cross-origin
etag: W/"62a737a2-63281"
expires: Sun, 21 Nov 2032 13:43:13 GMT
last-modified: Mon, 13 Jun 2022 13:12:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16030
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f292841b14b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.datadoghq-browser-agent.com/datadog-logs-v4.js

54.230.217.110

200 OK

0 B

URL HTTP/2
www.datadoghq-browser-agent.com/datadog-logs-v4.js
IP
54.230.217.110:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /datadog-logs-v4.js HTTP/1.1
Host: www.datadoghq-browser-agent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://druskele.atshop.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:17:57 GMT
server: AmazonS3
content-encoding: br
date: Thu, 24 Nov 2022 13:43:07 GMT
cache-control: max-age=14400, s-maxage=60
etag: W/"039ee34f466506a157fdbfc5d2a3a956"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eeul0mpSV0D4WpxKUsOin8mIBRBiJX3simOCjAzJ5pJdGoCucVfSqQ==
age: 10
timing-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations