urlscan.io logo urlscan.io
SecurityTrails logo

evil.atshop.io Open in urlscan Pro
2606:4700:3035::ac43:9aa1  Public Scan

Go To Rescan Add Verdict Report
URL: https://evil.atshop.io/
Submission: On May 09 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3035::ac43:9aa1, located in United States and belongs to CLOUDFLARENET, US. The main domain is evil.atshop.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.
This is the only time evil.atshop.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 99.84.126.72 16509 (AMAZON-02)
3 54.230.163.72 16509 (AMAZON-02)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 104.19.145.54 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
14 104.243.38.202 23470 (RELIABLESITE)
43 13
6    2606:4700:3035::ac43:9aa1 (United States)

ASN13335 (CLOUDFLARENET, US)
evil.atshop.io
1    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
1    2606:4700:3030::6815:2062 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.paylike.io
3    2607:f8b0:4006:822::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    99.84.126.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-72.ewr52.r.cloudfront.net
widget.intercom.io
3    54.230.163.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-72.ewr53.r.cloudfront.net
js.intercomcdn.com
7    2606:4700:20::ac43:44f5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.atshop.io
1    2607:f8b0:4006:809::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:252f (United States)

ASN13335 (CLOUDFLARENET, US)
device.maxmind.com
1    2606:4700:4400::6812:2a0d (United States)

ASN13335 (CLOUDFLARENET, US)
d-ipv6.mmapiws.com
1    104.19.145.54 (None, )

ASN13335 (CLOUDFLARENET, US)
d-ipv4.mmapiws.com
3    2606:4700::6812:1d5b (United States)

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
1    2606:4700:20::681a:910 (United States)

ASN13335 (CLOUDFLARENET, US)
atshop.io
14    104.243.38.202 (United States)

ASN23470 (RELIABLESITE, US)
i.ibb.co
Apex Domain
Subdomains		 Transfer
14 ibb.co
i.ibb.co — Cisco Umbrella Rank: 13451
7 MB
14 atshop.io
evil.atshop.io
cdn.atshop.io — Cisco Umbrella Rank: 902382
atshop.io — Cisco Umbrella Rank: 566099
2 MB
3 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 19071
131 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 4921
132 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 mmapiws.com
d-ipv6.mmapiws.com — Cisco Umbrella Rank: 23557
d-ipv4.mmapiws.com — Cisco Umbrella Rank: 185091
680 B
1 maxmind.com
device.maxmind.com — Cisco Umbrella Rank: 56502
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
1 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5034
248 B
1 paylike.io
sdk.paylike.io
41 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 3436
450 B
43 11
Domain Requested by
14 i.ibb.co
7 cdn.atshop.io evil.atshop.io
cdn.atshop.io
6 evil.atshop.io evil.atshop.io
3 client.crisp.chat evil.atshop.io
client.crisp.chat
3 js.intercomcdn.com evil.atshop.io
widget.intercom.io
3 www.google-analytics.com evil.atshop.io
www.google-analytics.com
1 atshop.io evil.atshop.io
1 d-ipv4.mmapiws.com device.maxmind.com
1 d-ipv6.mmapiws.com device.maxmind.com
1 device.maxmind.com evil.atshop.io
1 fonts.googleapis.com client
1 widget.intercom.io 1 redirects
1 sdk.paylike.io evil.atshop.io
1 cdn.polyfill.io evil.atshop.io
43 14

This site contains links to these domains. Also see Links.

Domain
t.me
discord.gg
Subject Issuer Validity Valid
atshop.io
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.paylike.io
E1		 2022-04-15 -
2022-07-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.maxmind.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-27 -
2022-11-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-28 -
2022-06-27		 a year crt.sh
crisp.chat
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
ibb.co
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://evil.atshop.io/
Frame ID: 3CAC1B7C11D30FD18149AA7A825F46B8
Requests: 41 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.1d0768bd.js
Frame ID: C6F11300A84B5E7DDB01713A78A937C0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Evil · Products

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.atshop\.io
Overall confidence: 100%
Detected patterns
  • <link[^>]+__meteor-css__
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

43
Requests

98 %
HTTPS

71 %
IPv6

11
Domains

14
Subdomains

13
IPs

2
Countries

9281 kB
Transfer

14140 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://widget.intercom.io/widget/msak0o3q HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
evil.atshop.io/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://evil.atshop.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9aa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4305f5ad90ead4252845d0921ea81070c383f8232e0a4fd0a1b5d5c829bf15

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, maxage=3600, stale-if-error=600
cf-cache-status
DYNAMIC
cf-ray
708a8f579c194bd0-YUL
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 09 May 2022 12:50:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECQ7i3c5edVD7JPXYAC%2FXELxYQvHau9UGCRX6ehn%2B5MB%2F9s485ECzk4fbbeCWrp%2FvAjzJ%2Bxi8VlWxQ3JxRVF0dJH9GIqeeyQBp94MU0wntpMmAxxx1BJTyPF9tP7VJo3qM0NVpBBnQzPrkh9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status
MISS
x-upstream
100.64.0.64:8000
3fa5ee4c135fdec88859483804d2b50e3340f740.css
evil.atshop.io/ 		298 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://evil.atshop.io/3fa5ee4c135fdec88859483804d2b50e3340f740.css?meteor_css_resource=true
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9aa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5456b6501b487c7498ccf6e079b8570023de4910d811323246e5b2956c679f38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
169
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"3fa5ee4c135fdec88859483804d2b50e3340f740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIi0Kbhv5uEhWRuILF3cZVzKC66RKCuSVNmWM519rdH1FWi%2B%2Fpa%2F24jZcvJnKk6yXnPYv9X2hs%2F5n%2F8R6CQnqzvXf9T7vzggNZrJoi31C6pXGAMbCtuoSr7jbrUMdU5ZfyJlo11wH5PJUvOm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-upstream
100.64.0.64:8000
cache-control
public, max-age=31536000
cf-ray
708a8f591e3f4bd0-YUL
expires
Tue, 09 May 2023 12:50:17 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver,IntersectionObserverEntry
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:17 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 00:20:02 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/101.0.0
server-timing
cache-yul12821, PASS, fastly;desc="Edge time";dur=10
accept-ranges
bytes
content-length
126
1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js
evil.atshop.io/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9aa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7809df3a7ba0457562a2689448dcb9098200584ee6e43937d3475f6e0fa1269

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
169
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"1ade9cb538a22a231dd9b5b94aebbdd403d95c0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOFEZIcrbgs8ubFiS5H75ZExe1IIe1LhaSI3fNzHudxxUwdrie%2BVNfCX9v9JcBEyZuC9bmZxIA%2F9Kr1QPb%2BKG164KctiXXGerabUfPusgjyanqJgvLXSmE05rYHNDz2AQU6PZmooLWwP%2BJjW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
x-upstream
100.64.0.64:8000
cache-control
public, max-age=31536000
cf-ray
708a8f591e464bd0-YUL
expires
Tue, 09 May 2023 12:50:17 GMT
3.js
sdk.paylike.io/ 		193 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.paylike.io/3.js
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2062 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7b08ae897bb9d70cc735b03789d9c58213a51f0d7536672b0dc273c65c24ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:17 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRC6H%2FGgXEUEidFDSUGciRq%2BfWCMJ0NWmh%2BXevBi9ws7JvW2FXCMU2B11lmWKuiY%2Fs%2Bjf89oX1cUSusi8tQXoQ%2BgxYx263A30DZKRjN8gduFHk4P6r8MUW3FoIopYwOLc8xdbok51xKLl3cPiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
708a8f5d1fa7ca53-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
176
date
Mon, 09 May 2022 12:47:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 09 May 2022 14:47:21 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/msak0o3q
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/
Protocol
H2
Server
54.230.163.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-72.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24f809ef4f41ef41d84758d13336e9414791dbe3a3cc283cae5f3c4d1fd0324e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 09 May 2022 12:48:30 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2022 11:03:27 GMT
server
AmazonS3
age
108
etag
"21cc8ccd019a61e097fb29cd1df4a00d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
6094
x-amz-cf-id
sTPsz4p4Nb6qVidkji_v5Qim_rv6ezjpYMnR-rTy8lWgbRcopKwE3g==

Redirect headers

date
Mon, 09 May 2022 12:24:43 GMT
via
1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
server
AmazonS3
age
1535
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
EWR52-C3
content-length
0
x-amz-cf-id
bgHxolyXR16j_102TqUsN3aQfKdVf6hjmcmbXHkrF_Hj1sWRzLkLFA==
materialdesignicons.min.css
cdn.atshop.io/assets/materialdesignicons/css/ 		263 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.atshop.io/assets/materialdesignicons/css/materialdesignicons.min.css
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=ogac/A==, md5=WVNdPgTs8v+bzLl6Zzf4sQ==
date
Mon, 09 May 2022 12:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231420
x-guploader-uploadid
ADPycdvfOllmWCcdMUZTvdSFOpC1z8PlAPvYqoqrsRMImbsmI6-NkYa3kOlIRYqfdI3UABpHPqnK0ETwYK0EdYwGPvgD9dfLl9Wy
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Dec 2020 15:10:48 GMT
server
cloudflare
etag
W/"59535d3e04ecf2ff9bccb97a6737f8b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BplsyPV7Jx5uzCFq8Uh89l08Wo0LeNowFGtycipI1lKkQZIOEWdeRSK91FinbvTNvaV2MGm%2BGDN9C9c6rdNk7KlqGuwyKYapoAJj6TWpSzCNIDsvO%2BfdypxFx0chxiI2wy53blv9XhObDVc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1608649848906517
access-control-allow-origin
*
content-type
text/css
access-control-expose-headers
Content-Type
cache-control
public, max-age=2073600
x-goog-stored-content-length
269370
cf-ray
708a8f5d29d47156-YUL
expires
Fri, 06 May 2022 21:33:17 GMT
brands.min.css
cdn.atshop.io/assets/font-awesome/css/ 		632 B
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.atshop.io/assets/font-awesome/css/brands.min.css
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
175d51f1e643964eef2cd995b70011fbe3fed281226895f113107dcf0f702bb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=77Yctg==, md5=CeCuxLc4VJqE3ir+rsbSNw==
date
Mon, 09 May 2022 12:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231421
x-guploader-uploadid
ADPycdvrxj8Yn7lGSDNSv18D_6ERmiHtwb19_JVD0xmFJnbjfpej27qfavShV1KW77StKdFPerMOiwwLLNLDeQtELQf6rg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Jul 2020 15:14:16 GMT
server
cloudflare
etag
W/"09e0aec4b738549a84de2afeaec6d237"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TI29cNXVVVYbRXVonpui%2F6f6R2t%2BZNQZJgyFydo%2BmnbN6nGCaFF2aGReedqeD5WYGrc2PMkr%2FTZm7PtG2AheF84hK98u6E3BAN0IQ07ry8rP4NarPM4nr42YJWM7otZ86dFXIkTF3CgAIUE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1595344456693085
access-control-allow-origin
*
content-type
text/css
access-control-expose-headers
Content-Type
cache-control
public, max-age=2073600
x-goog-stored-content-length
632
cf-ray
708a8f5d29d77156-YUL
expires
Fri, 06 May 2022 21:33:16 GMT
fontawesome.min.css
cdn.atshop.io/assets/font-awesome/css/ 		89 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.atshop.io/assets/font-awesome/css/fontawesome.min.css
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c21dae42a0626ab658f2a4ab66c055d3e30ec25b0a03952c12c4b818e3ff653

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=DTCgHQ==, md5=gGyVr8Kl7kN0rGUsVL0dGw==
date
Mon, 09 May 2022 12:50:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231421
x-guploader-uploadid
ADPycduBtYXhTM3dULN2tuATelse3tYXgKmRQiWglnura_LFnUow25juP7xmUybCADGBR34k724UiZJZkwQFIcFocJSjUMozsRl8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 21 Jul 2020 15:14:16 GMT
server
cloudflare
etag
W/"806c95afc2a5ee4374ac652c54bd1d1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JO0FYRiYSRT%2FqgB6dhj3F6MGYyBwlmfF01OFZvgl5Qh%2BctMrQPEV%2FCJqS%2FOqusNUYeYuZF8WMpKqcJwpQz%2FOpuSP4WMbMTSfdP8GrIZBbpZ7fBK2IZQPcVntyvLP7U7PZdKAveBcng2zV0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1595344456802060
access-control-allow-origin
*
content-type
text/css
access-control-expose-headers
Content-Type
cache-control
public, max-age=2073600
x-goog-stored-content-length
90679
cf-ray
708a8f5d29d87156-YUL
expires
Fri, 06 May 2022 21:33:16 GMT
info
evil.atshop.io/sockjs/ 		78 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://evil.atshop.io/sockjs/info?cb=foy_67rgyr
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9aa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f7ac5e5e474623fe6786664f3074b65eeaaac735946e8da9dc6efdb23208450

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding, Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zDkQDn2HodziU0kgRmN1aXWJExzjPX%2ByrFk%2FgdJHoIcztRafL25vKdn8XeoLEPx1iBD6RWr2kji2U%2BEzoGZK6pFmtOV9Wrxo1bOvASac%2BOPu7DTF73TAVuQSavxB2wBemFzyCed9IV%2BVSJq"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0
x-upstream
100.64.0.64:8000
cf-ray
708a8f5d0c854bd0-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
info
evil.atshop.io/sockjs/ 		79 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://evil.atshop.io/sockjs/info?cb=47ps9nu5qw
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9aa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43601e71a8abeb5d8503a22668bb68a53e23180f13fa714b1374c75b4f04075b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:17 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding, Origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUCeqosT7mLLhaqbCzjLHMJpvtIzOPyr8i8hmpukHcI7e3%2Bxb9hB7CIb7ChxWxie8999e5d%2FzSW68%2BxgBXwXVv2EGNdAnc4h8zEPMue2mXbzqwzrvDRNg5jiu97nxQ7BN6krHy3nrBBwrhV%2F"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, no-transform, must-revalidate, max-age=0
x-upstream
100.64.0.64:8000
cf-ray
708a8f5d0c894bd0-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 09 May 2022 10:56:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 09 May 2022 12:50:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 May 2022 12:50:17 GMT
frame-modern.1d0768bd.js
js.intercomcdn.com/ Frame C6F1 		311 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.1d0768bd.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/msak0o3q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-72.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9238152baaa8545f7f5a92ad3f0971507971b7a7a841192b240a7087d52fa615

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 09 May 2022 11:03:30 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2022 11:02:19 GMT
server
AmazonS3
age
6408
etag
"9230b58d014ab42992864cfa600985fc"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
84569
x-amz-cf-id
W40PDY997yTn7L4ZbFWVIDzFJ6jy8kJzRAUyJHEVuSaVggcGDeW_EQ==
vendor-modern.839a874a.js
js.intercomcdn.com/ Frame C6F1 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.839a874a.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/msak0o3q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-72.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed80a14f0ef1cdca4cc34472cd9af553731240bfad390663c6952b132cda7e05

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 09 May 2022 11:03:30 GMT
content-encoding
gzip
last-modified
Mon, 09 May 2022 11:02:19 GMT
server
AmazonS3
age
6408
etag
"49f79e6187ede9d3890001f46313a2e1"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 208179bfee14e9f51f5eb16e238b2f6c.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-length
42639
x-amz-cf-id
bo-tJ5HTi_eM_8FYfX-8StoRiMud2X7Z7Pftk0Qgv5zbo-orWAd6AQ==
device.js
device.maxmind.com/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://device.maxmind.com/js/device.js
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:252f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5781b90bc2ade5065bb1a8e796438ff0fd6d7c0f3000459e14d7027f735110f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 May 2022 18:10:09 GMT
server
cloudflare
age
35772
etag
W/"62741301-3e81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=43200
cf-ray
708a8f5eb94aca53-YUL
expires
Tue, 10 May 2022 00:50:18 GMT
ant_squire
d-ipv6.mmapiws.com/ 		89 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d-ipv6.mmapiws.com/ant_squire
Requested by
Host: device.maxmind.com
URL: https://device.maxmind.com/js/device.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c98ab218ccb10921ecd7a5d0a1b73caeee6f574186dfa225b21ea3d4894b891
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://evil.atshop.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 12:50:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
708a8f5ffc547157-YUL
ant_squire
d-ipv4.mmapiws.com/ 		87 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d-ipv4.mmapiws.com/ant_squire
Requested by
Host: device.maxmind.com
URL: https://device.maxmind.com/js/device.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.145.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab3d94eb3920d064876f0ec25505e432c8890ac49ff042ffe4c78e0d0533c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://evil.atshop.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 12:50:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
708a8f6088a7a1db-YYZ
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 09 May 2022 13:42:54 GMT
l.js
client.crisp.chat/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1dac2c4ab1b99561eed92908d934d30bddfa3871ec9cba0c85444f9d052f6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
84740
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 May 2022 13:17:05 GMT
server
cloudflare
etag
W/"62751fd1-1ec9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=86400
access-control-allow-credentials
false
cf-ray
708a8f6129d37151-YUL
access-control-allow-headers
Content-Type, Origin
expires
Tue, 10 May 2022 12:50:18 GMT
fetch
atshop.io/__meteor__/dynamic-import/ 		13 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://atshop.io/__meteor__/dynamic-import/fetch
Requested by
Host: evil.atshop.io
URL: https://evil.atshop.io/1ade9cb538a22a231dd9b5b94aebbdd403d95c0d.js?meteor_js_resource=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5b4c390aa9c1b1831231b6db2ad0dfb3aa7a43c8d57cf6e26ecd67e248dc44

Request headers

Referer
https://evil.atshop.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 May 2022 12:50:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nzjiuoobHT%2BjTWM%2B8hoOsqnnNVd2dEM0%2BYBGiIiltf%2FdYeLXRMcCh6yjm6m9AYz%2Fw3oSoIhOTX8xHO7vNmwzeZ6pFYssa2UQDmvOMrFgdFX1u3HEpT8mCxDUvgn7i%2FjLVUBfdkj%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-upstream
100.64.0.64:8000
cf-ray
708a8f6139ed7151-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
client.js
client.crisp.chat/static/javascripts/ 		376 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?019b3e9
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e57585f315b45c8bd7111a61ecdf291cd154ec565a165bccb6e8e3b86e23b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
84719
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 May 2022 13:17:05 GMT
server
cloudflare
etag
W/"62751fd1-5e146"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
708a8f616f79ca6f-YUL
access-control-allow-headers
Content-Type, Origin
expires
Thu, 06 May 2032 12:50:18 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		328 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?019b3e9
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1befcf430228a73f8e8b928a3a0d61c1db5705d3d2c179ef3c689f5136292f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
84719
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 06 May 2022 13:17:05 GMT
server
cloudflare
etag
W/"62751fd1-521ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
708a8f616f7bca6f-YUL
access-control-allow-headers
Content-Type, Origin
expires
Thu, 06 May 2032 12:50:18 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=413613734&t=pageview&_s=1&dl=https%3A%2F%2Fevil.atshop.io%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Evil%20%C2%B7%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIJEAAAAC~&jid=1336063236&gjid=332413322&cid=464151787.1652100618&tid=UA-40056261-7&_gid=1374886825.1652100618&_r=1&_slc=1&z=1481783949
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://evil.atshop.io/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 May 2022 12:50:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://evil.atshop.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
undefined
evil.atshop.io/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evil.atshop.io/undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9aa1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQwbsII%2B6vdHcyMxIOZArgrycw%2B3movHUbSHfJKHF8oKarojVnCRh5pnFVLvi1lbMOZ0Q3%2F%2FhjbSYL9rO9Pxk2%2BlCpyOC%2BPyO7eCRgpVi8LIeNs9Vz85Cq1RPfP8Rud0b6EErOE23BBXBT9T"}],"group":"cf-nel","max_age":604800}
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=utf-8
cache-control
public, maxage=3600, stale-if-error=600
cf-ray
708a8f62de994bd0-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
materialdesignicons-webfont.woff2
cdn.atshop.io/assets/materialdesignicons/fonts/ 		312 KB
314 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.atshop.io/assets/materialdesignicons/fonts/materialdesignicons-webfont.woff2?v=5.8.55
Requested by
Host: cdn.atshop.io
URL: https://cdn.atshop.io/assets/materialdesignicons/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67

Request headers

Referer
https://cdn.atshop.io/assets/materialdesignicons/css/materialdesignicons.min.css
Origin
https://evil.atshop.io
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=K1xeOw==, md5=QYcSGkNTRAwqhl2/G8GQGw==
date
Mon, 09 May 2022 12:50:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168
x-guploader-uploadid
ADPycdtzUCpikowfx8Kbd574Gd9650lYC-e0UXJ1xCISZQoJEjlUdDWQk7d_VaA7VWD1TdZ5OkaB-Zf8PrKCU2DdJZGyYwMwueSN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
319984
last-modified
Tue, 22 Dec 2020 15:10:59 GMT
server
cloudflare
etag
"4187121a4353440c2a865dbf1bc1901b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCPCstmAZI6vM%2FpDYhmAU7yNLd1EZZuCxPbWck62Y5MjdulJsAo6IiDza%2F8Ql6bTeKzVnnRvFgWVOnoOBF2pIkOvPisHiguPMiP6S1p3vQVbCBuX4RZD9KNTGtjxaXQErhgcYUn%2ByEQGDwE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1608649859915847
access-control-allow-origin
*
content-type
application/octet-stream
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=2073600
x-goog-stored-content-length
319984
accept-ranges
bytes
cf-ray
708a8f62ff0e714a-YUL
expires
Mon, 09 May 2022 13:27:14 GMT
paypal.gif
i.ibb.co/3fK5jqj/ 		726 KB
727 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/3fK5jqj/paypal.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
7a040d95d59833b3d7e8b6ef0981d491532b90ea661c4c90cd39d69af8287cdc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 13:49:35 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
742994
expires
Thu, 31 Dec 2037 23:55:55 GMT
dave.gif
i.ibb.co/GdK3qL9/ 		594 KB
595 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/GdK3qL9/dave.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
459d8e8972d9dd1d52c5114bc8e026e747a2c88f819d63bc93aa5c002deb0c9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 16:49:29 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
608401
expires
Thu, 31 Dec 2037 23:55:55 GMT
dominos.gif
i.ibb.co/SsLtQh8/ 		404 KB
405 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/SsLtQh8/dominos.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
f33286b4ba099bf8aba0fdfc276d8bff79d1b6f2fcdaa1334ccd21792396fe9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 16:40:31 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
413847
expires
Thu, 31 Dec 2037 23:55:55 GMT
venmo.gif
i.ibb.co/Lz9gkWz/ 		622 KB
623 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/Lz9gkWz/venmo.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
074c43d5c9cb75376b7539c45d2e1ac2ee7f5149936392615b918e64802c996e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 23:06:45 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
636714
expires
Thu, 31 Dec 2037 23:55:55 GMT
cashapp.gif
i.ibb.co/Z8yQtF2/ 		548 KB
549 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/Z8yQtF2/cashapp.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
816ee94970fefb72ee8eadd3d559b209eb6176fe2275d77811e5418b1588a0af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 23:05:59 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
561558
expires
Thu, 31 Dec 2037 23:55:55 GMT
chipotle.gif
i.ibb.co/M6MQb8z/ 		932 KB
933 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/M6MQb8z/chipotle.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
0d23f8229b4e0dd6d45674f64af8cbf8d8151e02d25cc20cf3f51e118d26ccdf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 16:57:11 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
954040
expires
Thu, 31 Dec 2037 23:55:55 GMT
ubereats.gif
i.ibb.co/0ZqDJvp/ 		749 KB
750 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/0ZqDJvp/ubereats.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
728f2918494626950f2ae59815989dc92e865e08ba5324da670ec1ba72d4b139

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 23:07:45 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
766869
expires
Thu, 31 Dec 2037 23:55:55 GMT
subway.gif
i.ibb.co/vD1N4kQ/ 		639 KB
640 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/vD1N4kQ/subway.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
31aac0554db49b066cc5a3895ebca33e2c7add107f479ac061c39f938eb4c097

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 23:25:01 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
654280
expires
Thu, 31 Dec 2037 23:55:55 GMT
instacart.gif
i.ibb.co/Dr1DRjk/ 		830 KB
831 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/Dr1DRjk/instacart.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
911e3f2398bb088bf0e41704d858db67a058f721716af92b885c5abef4a8d077

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 23:21:58 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
850164
expires
Thu, 31 Dec 2037 23:55:55 GMT
supercell.gif
i.ibb.co/qYSf5Sv/ 		540 KB
541 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/qYSf5Sv/supercell.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
e09d143c985bf439b2d4c14387781068d9d9890f954985222057d75c34b27779

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 23:08:21 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
553127
expires
Thu, 31 Dec 2037 23:55:55 GMT
epicgames.gif
i.ibb.co/hy7ymRK/ 		383 KB
384 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/hy7ymRK/epicgames.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
c28208e64d6f19a08a9985399d3c631b3784055b8611c2ea3395cab8cfd85674

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 23:20:14 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
392560
expires
Thu, 31 Dec 2037 23:55:55 GMT
feedback.gif
i.ibb.co/ByYXvZZ/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/ByYXvZZ/feedback.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
2f28cd28ce79ccdd891d647df43688581165a1d35e741bc1530bd504eb600337

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 22:59:15 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
148061
expires
Thu, 31 Dec 2037 23:55:55 GMT
contact.gif
i.ibb.co/HKdwjRX/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/HKdwjRX/contact.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
43cd11744699674237cf6d68238accd37ebeceb15e6abf1354f54aa0c2b8570f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 23:12:07 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
109006
expires
Thu, 31 Dec 2037 23:55:55 GMT
payment.gif
i.ibb.co/4YcNrXd/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/4YcNrXd/payment.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.243.38.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software
nginx /
Resource Hash
f1981b9c62db35e2d29adf4cd1529c8c1d154e756dd0b1eb77dcda43b2e2a99b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Mon, 09 May 2022 12:50:19 GMT
last-modified
Thu, 05 May 2022 23:15:52 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
140179
expires
Thu, 31 Dec 2037 23:55:55 GMT
bitcoin-1.svg
cdn.atshop.io/assets/payment-method-cards/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.atshop.io/assets/payment-method-cards/bitcoin-1.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a6e341a7c7c2089ef831292ff4622067f6560ed98fe394abd01109b3fa8a345

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=xN6MWg==, md5=3ztVlSKqmXek+VTaL+mHdg==
date
Mon, 09 May 2022 12:50:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231421
x-guploader-uploadid
ADPycdtlttG6XIKGQp-_DYvOyPpE0qV0DtITtgkGjVE9BocntiJNyuwZSv82C2HBMSkfwYkvxbcZX1MoQLSRcuB8Fo-egJgO3WJ_
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 07 May 2021 15:28:07 GMT
server
cloudflare
etag
W/"df3b559522aa9977a4f954da2fe98776"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMRM5nhS0onMgKOsjymmLKXk71xm8Dg7wTlK59Jw2116hq%2FX113gFqCNM7t8F1aX8%2F%2BbAXCgcNdgbG%2BMQ3a1Td0aNXwPNfuhKWct8Fbz8r3A0CpTvHO%2FdPsgThkrsKULFJs7cPkzZx2xsMc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620401287175863
access-control-allow-origin
*
content-type
image/svg+xml
access-control-expose-headers
Content-Type
cache-control
public, max-age=2073600
x-goog-stored-content-length
3164
cf-ray
708a8f64de584bbe-YUL
expires
Fri, 06 May 2022 21:33:18 GMT
ethereum.svg
cdn.atshop.io/assets/payment-method-cards/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.atshop.io/assets/payment-method-cards/ethereum.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7338fd28172235145cfb2246650822609d42efeaf0a7f569c150fab777636c66

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=mlSJPA==, md5=SUhT57/iuVeTO8+jOyJg5A==
date
Mon, 09 May 2022 12:50:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231421
x-guploader-uploadid
ADPycdsFO6dp3DdqzVtVvW66iHnbwMB6pUb91OfHGaRGyVbo4W2CKpT1iu8DMe1r4BupsfWJ3HC4bBjXdUi_3G5bhNgsmTcDVAEq
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 04 Jun 2021 18:03:42 GMT
server
cloudflare
etag
W/"494853e7bfe2b957933bcfa33b2260e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DxQ%2BRVokikzs%2BDsXizQsgRpL8bCqHjWFuA6txZhdYTAhSkDMaslpGuAhf8z%2BM%2BOCju2MktjN8qAMoQhsH3ib0bDY0S6CytNkeKTKZfVmWL0KJqKwOUh4YjBfSHZIkLLS69frMR%2FY1cVDI4I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1622829822719744
access-control-allow-origin
*
content-type
image/svg+xml
access-control-expose-headers
Content-Type
cache-control
public, max-age=2073600
x-goog-stored-content-length
1434
cf-ray
708a8f64de5b4bbe-YUL
expires
Fri, 06 May 2022 21:33:18 GMT
usdcoin.svg
cdn.atshop.io/assets/payment-method-cards/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.atshop.io/assets/payment-method-cards/usdcoin.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e12e3ad8e0e5bcc3fdfc6fc0842c4625b10540462488be1fb6d4d94eb039a28

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://evil.atshop.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=v4xQuw==, md5=zHhTKbawP4/H8Rmo/+ghyw==
date
Mon, 09 May 2022 12:50:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
233673
x-guploader-uploadid
ADPycdt7VOCRqmHNZTmBK-oCl5V1lC14xthRSEODxj2w3huV_nzSSiFUvoNRx28WNcGDM4pyKEfCnzRmgOtyY8k-ofEsIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 04 Jun 2021 17:00:09 GMT
server
cloudflare
etag
W/"cc785329b6b03f8fc7f119a8ffe821cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ge8vlk9WIc%2FAi1njWx02G1fRBK4wvJNTE0HoQKnDOD1dVx7U%2FYjoK9yOJ9hJj4lq2L8RYuqdRu4FRIAs0%2B8mdAuuZ3nen%2F8aHEQ7RfJnNA7splPOnadjmfOykvIk%2FM8mfHPPPcniKB1%2B54%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1622826008917554
access-control-allow-origin
*
content-type
image/svg+xml
access-control-expose-headers
Content-Type
cache-control
public, max-age=2073600
x-goog-stored-content-length
3263
cf-ray
708a8f64de5c4bbe-YUL
expires
Fri, 06 May 2022 20:31:51 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| __meteor_runtime_config__ function| require object| exports object| Package function| Buffer object| process function| ___INIT_METEOR_FAST_REFRESH object| Mongo function| ReactiveVar object| Tracker object| Deps object| ServiceConfiguration function| check object| Match object| HTTP undefined| Picker function| Factory function| ValidationError object| CollectionHooks object| Meteor object| global object| meteorEnv object| WebApp object| DDP function| meteorInstall object| Accounts object| Google object| Github object| Twitter object| Discord function| setImmediate function| clearImmediate object| $cookies object| html function| html_sanitize object| Pace number| maxmind_user_id object| core function| Color function| Chart function| ga object| events object| tools function| Intercom object| App object| google_tag_data object| gaplugins function| Paylike function| __intercomAssignLocation object| __mmapiws object| gaGlobal object| gaData object| $crisp undefined| CRISP_WEBSITE_ID object| _dollar_crisp

5 Cookies

Domain/Path Name / Value
evil.atshop.io/ Name: ats-server-id
Value: 4c982136f16e9fee
.atshop.io/ Name: __mmapiwsid
Value: c03b3dc6-918a-481a-8e08-990d54702548:1545a20987f989dcfc20b4ecc86507d6ce8c7573
.atshop.io/ Name: _ga
Value: GA1.2.464151787.1652100618
.atshop.io/ Name: _gid
Value: GA1.2.1374886825.1652100618
.atshop.io/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

atshop.io
cdn.atshop.io
cdn.polyfill.io
client.crisp.chat
d-ipv4.mmapiws.com
d-ipv6.mmapiws.com
device.maxmind.com
evil.atshop.io
fonts.googleapis.com
i.ibb.co
js.intercomcdn.com
sdk.paylike.io
widget.intercom.io
www.google-analytics.com
104.19.145.54
104.243.38.202
2606:4700:20::681a:910
2606:4700:20::ac43:44f5
2606:4700:3030::6815:2062
2606:4700:3035::ac43:9aa1
2606:4700:4400::6812:2a0d
2606:4700::6810:252f
2606:4700::6812:1d5b
2607:f8b0:4006:809::200a
2607:f8b0:4006:822::200e
2a04:4e42:600::282
54.230.163.72
99.84.126.72
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
074c43d5c9cb75376b7539c45d2e1ac2ee7f5149936392615b918e64802c996e
0d23f8229b4e0dd6d45674f64af8cbf8d8151e02d25cc20cf3f51e118d26ccdf
0f7ac5e5e474623fe6786664f3074b65eeaaac735946e8da9dc6efdb23208450
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604
175d51f1e643964eef2cd995b70011fbe3fed281226895f113107dcf0f702bb9
24f809ef4f41ef41d84758d13336e9414791dbe3a3cc283cae5f3c4d1fd0324e
2c98ab218ccb10921ecd7a5d0a1b73caeee6f574186dfa225b21ea3d4894b891
2f28cd28ce79ccdd891d647df43688581165a1d35e741bc1530bd504eb600337
2f4305f5ad90ead4252845d0921ea81070c383f8232e0a4fd0a1b5d5c829bf15
31aac0554db49b066cc5a3895ebca33e2c7add107f479ac061c39f938eb4c097
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67
3c21dae42a0626ab658f2a4ab66c055d3e30ec25b0a03952c12c4b818e3ff653
43601e71a8abeb5d8503a22668bb68a53e23180f13fa714b1374c75b4f04075b
43cd11744699674237cf6d68238accd37ebeceb15e6abf1354f54aa0c2b8570f
459d8e8972d9dd1d52c5114bc8e026e747a2c88f819d63bc93aa5c002deb0c9a
5456b6501b487c7498ccf6e079b8570023de4910d811323246e5b2956c679f38
5781b90bc2ade5065bb1a8e796438ff0fd6d7c0f3000459e14d7027f735110f2
5a6e341a7c7c2089ef831292ff4622067f6560ed98fe394abd01109b3fa8a345
61e57585f315b45c8bd7111a61ecdf291cd154ec565a165bccb6e8e3b86e23b2
6e12e3ad8e0e5bcc3fdfc6fc0842c4625b10540462488be1fb6d4d94eb039a28
728f2918494626950f2ae59815989dc92e865e08ba5324da670ec1ba72d4b139
7338fd28172235145cfb2246650822609d42efeaf0a7f569c150fab777636c66
7a040d95d59833b3d7e8b6ef0981d491532b90ea661c4c90cd39d69af8287cdc
7f1dac2c4ab1b99561eed92908d934d30bddfa3871ec9cba0c85444f9d052f6c
816ee94970fefb72ee8eadd3d559b209eb6176fe2275d77811e5418b1588a0af
911e3f2398bb088bf0e41704d858db67a058f721716af92b885c5abef4a8d077
9238152baaa8545f7f5a92ad3f0971507971b7a7a841192b240a7087d52fa615
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ba5b4c390aa9c1b1831231b6db2ad0dfb3aa7a43c8d57cf6e26ecd67e248dc44
be1befcf430228a73f8e8b928a3a0d61c1db5705d3d2c179ef3c689f5136292f
c28208e64d6f19a08a9985399d3c631b3784055b8611c2ea3395cab8cfd85674
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d7809df3a7ba0457562a2689448dcb9098200584ee6e43937d3475f6e0fa1269
e09d143c985bf439b2d4c14387781068d9d9890f954985222057d75c34b27779
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed80a14f0ef1cdca4cc34472cd9af553731240bfad390663c6952b132cda7e05
f1981b9c62db35e2d29adf4cd1529c8c1d154e756dd0b1eb77dcda43b2e2a99b
f33286b4ba099bf8aba0fdfc276d8bff79d1b6f2fcdaa1334ccd21792396fe9c
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fab3d94eb3920d064876f0ec25505e432c8890ac49ff042ffe4c78e0d0533c3e
fb7b08ae897bb9d70cc735b03789d9c58213a51f0d7536672b0dc273c65c24ec