shopfitarticles.icu Open in urlscan Pro
172.67.146.62 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.faqplaypix.com/hat
Effective URL:
https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source...
Submission Tags: falconsandbox
Submission: On December 04 via api (December 4th 2024, 7:50:29 am UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 27 HTTP transactions. The main IP is 172.67.146.62, located in United States and belongs to CLOUDFLARENET, US. The main domain is shopfitarticles.icu.
TLS certificate: Issued by WE1 on November 1st 2024. Valid for: 3 months.

This is the only time shopfitarticles.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.151.243 172.67.151.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	184.107.84.181 184.107.84.181	32613 (IWEB-AS) (IWEB-AS)
1 1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 23	172.67.146.62 172.67.146.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.142.245 172.67.142.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.156.201 172.67.156.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	3

1 172.67.151.243 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.faqplaypix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.107.84.181 (Canada) 1 redirects

ASN32613 (IWEB-AS, CA)

www.empowerstratic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mastertrackingdomain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.67.146.62 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shopfitarticles.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.156.201 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-quantivex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.trk-quantivex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	shopfitarticles.icu 1 redirects shopfitarticles.icu	2 MB
4	trk-quantivex.com trk-quantivex.com event.trk-quantivex.com	4 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1331	439 KB
1	mastertrackingdomain.com 1 redirects www.mastertrackingdomain.com	1 KB
1	empowerstratic.com 1 redirects www.empowerstratic.com	647 B
1	faqplaypix.com 1 redirects www.faqplaypix.com	851 B
27	6

	Domain	Requested by
23	shopfitarticles.icu	1 redirects shopfitarticles.icu
3	event.trk-quantivex.com	trk-quantivex.com
1	trk-quantivex.com	shopfitarticles.icu
1	use.fontawesome.com	shopfitarticles.icu
1	www.mastertrackingdomain.com	1 redirects
1	www.empowerstratic.com	1 redirects
1	www.faqplaypix.com	1 redirects
27	7

This site contains no links.

Subject Issuer	Validity	Valid
shopfitarticles.icu WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
use.fontawesome.com WE1	`2024-11-07` - `2025-02-06`	3 months	crt.sh
trk-quantivex.com WE1	`2024-10-14` - `2025-01-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com
Frame ID: 40BE71EE2635D9CD70F8DDA0B1B7FA1C
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IKEA - Umfragebelohnungen

Page URL History Show full URLs

https://www.faqplaypix.com/hat HTTP 302
https://www.empowerstratic.com/465L9XP/XZ582TC/ HTTP 302
https://www.mastertrackingdomain.com/37HF1RW/2G4CHQHS/?source_id=1964&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8 HTTP 302
https://shopfitarticles.icu/mFSTm5lr-ymT-hTmMmL-QRBfXQF3/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f... HTTP 302
http://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub... HTTP 307
https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

3
IPs

3
Countries

2801 kB
Transfer

3632 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.faqplaypix.com/hat HTTP 302
https://www.empowerstratic.com/465L9XP/XZ582TC/ HTTP 302
https://www.mastertrackingdomain.com/37HF1RW/2G4CHQHS/?source_id=1964&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8 HTTP 302
https://shopfitarticles.icu/mFSTm5lr-ymT-hTmMmL-QRBfXQF3/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com HTTP 302
http://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com HTTP 307
https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shopfitarticles.icu/
Redirect Chain

https://www.faqplaypix.com/hat
https://www.empowerstratic.com/465L9XP/XZ582TC/
https://www.mastertrackingdomain.com/37HF1RW/2G4CHQHS/?source_id=1964&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8
https://shopfitarticles.icu/mFSTm5lr-ymT-hTmMmL-QRBfXQF3/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertra...
http://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com
https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

29 KB
6 KB

164ms
163ms

Document
text/html

172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdb6dc51027e445698633b364df9ea65147758e6366e908cc421c7e826d9bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8eca34820874e409-OTP
content-encoding: zstd
content-type: text/html
date: Wed, 04 Dec 2024 07:50:21 GMT
expires: Wed, 04 Dec 2024 07:50:20 GMT
last-modified: Fri, 22 Nov 2024 18:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6vShXB6z264pF5xKl%2BHOihyCGSBWLDmAZK25ARy0PLoyqIj93HJXh8kf4HloD99zeQ%2FZx6AAW8NoeMR47kMj4rGZ6QbUAJBm8Bo3FUlUO0tdZaHAsChuDfLmcb1NHodUxgsHddt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=35188&min_rtt=28775&rtt_var=10291&sent=12&recv=15&lost=0&retrans=0&sent_bytes=5019&recv_bytes=2630&delivery_rate=140124&cwnd=256&unsent_bytes=0&cid=79d1751c5374f368&ts=559&x=0"
strict-transport-security: max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com
Non-Authoritative-Reason: HSTS

GET
H2 200 style.css
shopfitarticles.icu/css/ 16 KB
4 KB 216ms
215ms Stylesheet
text/css 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shopfitarticles.icu/css/style.css

Requested by

Host: shopfitarticles.icu
URL: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

800614a4fe8c556c0d0e1bc4b570118ae5ddec0d756312cd2bdcd70166a0cf96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"6740c79b-3ee2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZaFtfXgMzpW7wzyIO0%2B3mbzswK1Ko%2FSZBW1cxsHO5572CrJzl4VaB%2BIqSAPaKgPI6cpqwphvIP3No2wkgRVhVH8npLh90dytdoeG7FO03Zv0YfPFEpCR2k76iyRK3xSXtr1m7yIy"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=33748&min_rtt=28775&rtt_var=3030&sent=56&recv=26&lost=0&retrans=0&sent_bytes=43917&recv_bytes=3203&delivery_rate=301816&cwnd=257&unsent_bytes=0&cid=79d1751c5374f368&ts=739&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 18:04:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca34831937e409-OTP
permissions-policy: interest-cohort=()
server: cloudflare

GET
H2 200 animate.min.css
shopfitarticles.icu/css/ 70 KB
7 KB 140ms
139ms Stylesheet
text/css 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shopfitarticles.icu/css/animate.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"6740c79b-11846"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AIjkHu0zufe8hJMmCEBASOrVcEa7dLhKdUvdHiWagu2T1dRZnjKlwUZwEF9ty4wOLiyVc40eEzgoUOnYLuRJ7x2SUabXfW3m9dNUgXc63owrJbn71y61r8uQXbR4MMX0abOG6Rf2"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=32894&min_rtt=28775&rtt_var=4068&sent=24&recv=23&lost=0&retrans=0&sent_bytes=12288&recv_bytes=3203&delivery_rate=301816&cwnd=257&unsent_bytes=0&cid=79d1751c5374f368&ts=705&x=0"
date: Wed, 04 Dec 2024 07:50:21 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 18:04:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3483193ae409-OTP
permissions-policy: interest-cohort=()
server: cloudflare

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.15.4/js/ 1 MB
439 KB 871ms
230ms Script
application/javascript 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by: Host: shopfitarticles.icu
URL: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://shopfitarticles.icu
Referer: https://shopfitarticles.icu/

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
etag: W/"5e29440867fdb02a48dffded02338c31"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vySnEwjJKAQ2h%2BySN7rUT1IAxJlSooduye1f33Jv5SZrvyx2fZ7nHs4wi%2BWJPAbsMmO598qtmLYKYVA1vy95TMEeEn%2BiuwHn%2FhgA5FtyJ%2BlTzvYs53ye4GXK4N7KkUpZ1Hkj6cwL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eca34889a86e4b0-OTP
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=29825&min_rtt=29196&rtt_var=9283&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4010&recv_bytes=2275&delivery_rate=125652&cwnd=253&unsent_bytes=0&cid=0615860bff52b85a&ts=376&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: application/javascript
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 datehead.js Show response
shopfitarticles.icu/js/ 2 KB
1 KB 133ms
132ms Script
application/javascript 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shopfitarticles.icu/js/datehead.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e060ccf23f1760f9f5b5b0e72f5dfbb979c2f442112c0a19576e0c141b2b61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"6740c79b-99b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZvIrAxH7trp9gpkjsMBbwEat5KAqXmKA22e1AZ6FFJ12v52M0LBwstpQ7OefyfJeYoOQztfyqX3kgNTFNgvwOZYOupR6qDp1%2BW7snB9Hm6Y5ZdEBYQIWaSN7MnQ5T%2FWIA1Vh68F"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=32894&min_rtt=28775&rtt_var=4068&sent=21&recv=23&lost=0&retrans=0&sent_bytes=10829&recv_bytes=3203&delivery_rate=301816&cwnd=257&unsent_bytes=0&cid=79d1751c5374f368&ts=700&x=0"
date: Wed, 04 Dec 2024 07:50:21 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 18:04:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3483193be409-OTP
permissions-policy: interest-cohort=()
server: cloudflare

GET
H2 200 logo.png
shopfitarticles.icu/images/ 26 KB
27 KB 174ms
173ms Image
image/png 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab289ea7916545d166d25b781a87dbcc8c298e20a07f96a545859df83397f481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79c-692a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYq2dImtqbJin6WyXDzs6xv0SzKhi3imBmLQUcmdAlVB7m3jcbamqX1OkgyCosFHpmbCw65Goz7h2pIBwLshpUl%2FkktY3GNc1ZC4EJzCt3TQF6UsZqRgneppxHgyL1xOXW3gN6dZ"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=33748&min_rtt=28775&rtt_var=3030&sent=29&recv=26&lost=0&retrans=0&sent_bytes=15983&recv_bytes=3203&delivery_rate=301816&cwnd=257&unsent_bytes=0&cid=79d1751c5374f368&ts=739&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 18:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3483193ce409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 26922
server: cloudflare

GET
H2 200 flaglogo.png
shopfitarticles.icu/images/ 2 KB
3 KB 217ms
216ms Image
image/png 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/flaglogo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79d-998"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MFGM2U2Y2sYkTdBMKH0tFAvrdmYNa%2BI7MpzSNGBUMjzGLd9fCf%2F9mgKhsQQRYLVScvn8414hxCia2p5WDgVaB6P0aFUG2eGC921ckIuBP4Qv6OO7KC81wvidlYO3YVU8fQsq3ZqX"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:20 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=33748&min_rtt=28775&rtt_var=3030&sent=56&recv=26&lost=0&retrans=0&sent_bytes=43917&recv_bytes=3203&delivery_rate=301816&cwnd=257&unsent_bytes=7660&cid=79d1751c5374f368&ts=741&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 18:04:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3483193fe409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 2456
server: cloudflare

GET
H2 200 product.png
shopfitarticles.icu/images/ 752 KB
754 KB 126ms
124ms Image
image/png 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/product.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a44053f094ddceb95cb5c96bc5b4bfcad557f954c5b811bd40a30ed04c503be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79c-bc144"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSDnVIs%2BbXW2VM4DSh2BLEpZKt%2FP9AMjAg%2FHkqP5KHIDMfMr4PhAUu4VnBTDVx9iWC1ox2CXGuFzkYxNWYNtPpaPCpe3O8B869Mt9jMPdvTBCr3CIEQzfuKkRFHyV0uYd77ueeuR"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=37134&min_rtt=28775&rtt_var=1466&sent=69&recv=44&lost=0&retrans=0&sent_bytes=54566&recv_bytes=4444&delivery_rate=1383400&cwnd=257&unsent_bytes=0&cid=79d1751c5374f368&ts=914&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 18:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca34847a1ce409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 770372
server: cloudflare

GET
H2 200 loadingBL.gif
shopfitarticles.icu/images/ 121 KB
122 KB 169ms
169ms Image
image/gif 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/loadingBL.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0181afef44528293bbb03b5475b52a1740fa196a769831aebf9239180b2af49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79c-1e5e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBpiyqGvHzdFw8uUXXjTYADeHuLcBzHK1ZogQElPHrkUeZzal2Z3aBawqvGVdl3B1bThC4hOAHvIR7o%2FAwQbqIdpDaTbJ8S%2FRSGcDWgMSvRQxcl84OBKDbap%2BRvsg0pY7M%2BxmIZa"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=37134&min_rtt=28775&rtt_var=1466&sent=119&recv=44&lost=0&retrans=0&sent_bytes=116006&recv_bytes=4444&delivery_rate=1383400&cwnd=257&unsent_bytes=29656&cid=79d1751c5374f368&ts=916&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/gif
last-modified: Fri, 22 Nov 2024 18:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca34847a1de409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 124392
server: cloudflare

GET
H2 200 prize1.png
shopfitarticles.icu/images/ 781 KB
782 KB 294ms
289ms Image
image/png 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/prize1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c03c4b32ac95915f21e31a097fec0ce3bf2636951efbbdee2fb6a7371d5ad9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79c-c32c1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aA%2BRcK6K0lnf0vWK%2BEYYO0L7ODVQzCHSk6G6kna90Gd0YhW9mbZd32OhmY8Iw40UuTJQGBTaOkHXW9PJf234rRHidWETErdyrh3sy48lFcNQW1Icr4GfcZolv2nagH4%2BMqIBf%2FzD"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30332&min_rtt=28775&rtt_var=36&sent=604&recv=104&lost=0&retrans=0&sent_bytes=757096&recv_bytes=4444&delivery_rate=5409731&cwnd=339&unsent_bytes=64704&cid=79d1751c5374f368&ts=998&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 18:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca34848a25e409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 799425
server: cloudflare

GET
H2 200 1.jpg
shopfitarticles.icu/images/ 44 KB
45 KB 291ms
286ms Image
image/jpeg 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08cca3a01826c51da3ba67e576c6edc01819ad7d1fac69888e1cb18638b62bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79d-b0d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6kci7fiHi%2Fy%2FVuFA6Stx0IaP8xJcfHfpobL6gkFfMC0nz1Q1%2BcExE0KqeorMXy%2FMTGFnIld8jiByDk99kXYL0cG9GOawh3kfiKZgbZiLFHW0FOcBFz5TydR3sNhbgW1pbIJQG2M5"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30332&min_rtt=28775&rtt_var=36&sent=584&recv=104&lost=0&retrans=0&sent_bytes=730136&recv_bytes=4444&delivery_rate=5409731&cwnd=339&unsent_bytes=58355&cid=79d1751c5374f368&ts=989&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 18:04:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca34848a28e409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 45264
server: cloudflare

GET
H2 200 2.jpg
shopfitarticles.icu/images/ 45 KB
45 KB 209ms
205ms Image
image/jpeg 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/2.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12848411efa2d4d07a355d984599585dcf70a54213f832586e3a59761b349529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79d-b223"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BP8cNFN%2BwR2%2BtriUZGV4vdcy4xVsEfYbnriFeBe0EYm6AHV8o2nWMZIhnU%2BHdBuQRS4A8BDmlMWhQCgzojTegFFHAelKelRipiAobrAT9zYvY4%2FQIHLOpm3RQpkLRI%2FShQvO9RLQ"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=31587&min_rtt=28775&rtt_var=1246&sent=265&recv=60&lost=0&retrans=0&sent_bytes=304422&recv_bytes=4444&delivery_rate=2071105&cwnd=257&unsent_bytes=64704&cid=79d1751c5374f368&ts=963&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 18:04:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa37e409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 45603
server: cloudflare

GET
H2 200 comm_pic_1.jpg
shopfitarticles.icu/images/ 68 KB
68 KB 208ms
205ms Image
image/jpeg 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/comm_pic_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df69218b1464d93d8f47d18659ed5cbd6ddfea7283a7bf133bbf32be67463974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79d-10e88"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usFniaNZOCDA4McdyToQ4wURkV6ZwIYl5Y2IaI9XLO7FZPku6HsCzqie24gSgEEbbcFk6xuKEEPewQr8SHU3BJIWl60RiEfVZINz%2F8cNwNYyCEJ0GpLsCYZpgrEig9TJpbfUyuHP"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=31587&min_rtt=28775&rtt_var=1246&sent=265&recv=60&lost=0&retrans=0&sent_bytes=304422&recv_bytes=4444&delivery_rate=2071105&cwnd=257&unsent_bytes=64704&cid=79d1751c5374f368&ts=962&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 18:04:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa38e409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 69256
server: cloudflare

GET
H2 200 3.jpg
shopfitarticles.icu/images/ 38 KB
39 KB 292ms
288ms Image
image/jpeg 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/3.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e4781f9a5c59e6dd06e2a0663c83a74a6e7f72b75240e1251d0f47822baaa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79d-982d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGMneRBhjjdRxWTczn%2FatYiRlwaLfTKFW%2FtRpBgEX2VU%2B0V0j6pFekT2W5%2Fzp8Zc5QDPZcC5QzT%2FWnvcZE33lPAx2rj%2FXovijZb40aq1ungghGpbOKqfEbVj8S%2FjHC1fgg0qmgv4"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30332&min_rtt=28775&rtt_var=36&sent=604&recv=104&lost=0&retrans=0&sent_bytes=757096&recv_bytes=4444&delivery_rate=5409731&cwnd=339&unsent_bytes=64704&cid=79d1751c5374f368&ts=993&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 18:04:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa39e409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 38957
server: cloudflare

GET
H2 200 4.jpg
shopfitarticles.icu/images/ 38 KB
38 KB 291ms
288ms Image
image/jpeg 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/4.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d59f849bd004f0145fe46845f941fa5787ef30c4b333839c74085839cdd2eba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79c-97bf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtpTPqZk0qnc6fZD4b0Fj%2Bm4prWcKunBmAWHE%2BL7d6Qnn4bkF9Ntxuqm7FIg1q6Nvc1LDwUyokdgQ%2BVdr74s54toJQdvu2dYp7%2F3eyHv1UjTfvYf3Nu%2B2QkA%2FQQPA1cF%2BOLD2CGY"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30332&min_rtt=28775&rtt_var=36&sent=604&recv=104&lost=0&retrans=0&sent_bytes=757096&recv_bytes=4444&delivery_rate=5409731&cwnd=339&unsent_bytes=64704&cid=79d1751c5374f368&ts=991&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 18:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa3ae409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 38847
server: cloudflare

GET
H2 200 comm_pic_2.jpg
shopfitarticles.icu/images/ 61 KB
62 KB 206ms
203ms Image
image/jpeg 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/comm_pic_2.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b408f7e3bd234ad48605f636b51669ab42a210e6bc97230e742c96c947378e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79e-f513"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0znkOHJUwrpeGGrrlLMlIHg7m7aiSQRtDFDX2MpzwiO55dMSCMTEjJW%2B3DbL6VcEznHFPl7MvBlozPZ6PeUsAJmZqyww4AUYsNxuWhVSlKYW8tjC1S0EzyF%2F5gJ%2BmFz8wcIb3ktX"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=31587&min_rtt=28775&rtt_var=1246&sent=265&recv=60&lost=0&retrans=0&sent_bytes=304422&recv_bytes=4444&delivery_rate=2071105&cwnd=257&unsent_bytes=64704&cid=79d1751c5374f368&ts=962&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 18:04:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa3ce409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 62739
server: cloudflare

GET
H2 200 5.jpg
shopfitarticles.icu/images/ 46 KB
47 KB 290ms
288ms Image
image/jpeg 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/5.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36940f375ccd0d827d78f05e0b3296d140efe4e586abc40ffdbb5395e3277f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79b-b7ec"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XD5jQO7oRwtHo1oLbtbiMmLzn5I5Yxd9g7vepJg2R%2FR6gGFwb4zYVLwmsDRetK5ia2uY0R%2F8%2BFVf27aRWwuGyBP2uf6Ogoik3Ybby4BO5Mug1Lj7RdCzD5QXHMbSof3NMoIFZesK"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30332&min_rtt=28775&rtt_var=36&sent=604&recv=104&lost=0&retrans=0&sent_bytes=757096&recv_bytes=4444&delivery_rate=5409731&cwnd=339&unsent_bytes=55492&cid=79d1751c5374f368&ts=991&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/jpeg
last-modified: Fri, 22 Nov 2024 18:04:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa3de409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 47084
server: cloudflare

GET
H2 200 f_guarantee.png
shopfitarticles.icu/images/ 6 KB
7 KB 244ms
243ms Image
image/png 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/f_guarantee.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79c-18d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uri3VtlP5k6VK2RIkDp4xwgm4BQQx1dNrln444TOWUJYTMUF5ESxCLj%2Bt15wfXV1ONEtjxSjYHkQgxRToMtEFbWi3nUJ08pRfsDy7hKMJNtZQRYVua7yIf2T12h7cT3NsOvpj2R5"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30332&min_rtt=28775&rtt_var=36&sent=480&recv=104&lost=0&retrans=0&sent_bytes=590162&recv_bytes=4444&delivery_rate=5409731&cwnd=339&unsent_bytes=18054&cid=79d1751c5374f368&ts=986&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 18:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa3ee409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 6352
server: cloudflare

GET
H2 200 f_secure_1.png
shopfitarticles.icu/images/ 10 KB
10 KB 289ms
287ms Image
image/png 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/f_secure_1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79c-2686"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n85jVtKECDoZSRnb8TyBE86y%2BmJ7aqHv1h042O%2B32juNPUl9oUlV3mJFExP07iar%2FVQA7nkEd2DMx3XbxoHqgfgLcw1sO6HK5gYTuc5U5A%2BdZJhng%2Bs5fp92QCSVzjsGLkJEvPQO"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30332&min_rtt=28775&rtt_var=36&sent=584&recv=104&lost=0&retrans=0&sent_bytes=730136&recv_bytes=4444&delivery_rate=5409731&cwnd=339&unsent_bytes=72063&cid=79d1751c5374f368&ts=990&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 18:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa3fe409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 9862
server: cloudflare

GET
H2 200 logo2.png
shopfitarticles.icu/images/ 26 KB
26 KB 206ms
205ms Image
image/png 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/logo2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

017022e37b9fe0d83274d518e6207f488bc315eb9eb0c53e151d403866aa5d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79c-66f4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FQYgGHffqfaPKEfsgPAkxLPEkIfoJTZQ5RiWYBPNHwmBrE2lqCNiuv6T%2FGJZTqGUfni3zKeCBqb52UKA9WDRwvXfgfpyWVeS1tGBUZc%2BiJPQoa9z%2FB9r3A5LBAr7DqxkmW3vVoF"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=31587&min_rtt=28775&rtt_var=1246&sent=265&recv=60&lost=0&retrans=0&sent_bytes=304422&recv_bytes=4444&delivery_rate=2071105&cwnd=257&unsent_bytes=64704&cid=79d1751c5374f368&ts=965&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 18:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa40e409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 26356
server: cloudflare

GET
H2 200 script.js Show response
shopfitarticles.icu/js/ 10 KB
3 KB 294ms
289ms Script
application/javascript 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shopfitarticles.icu/js/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8fb96b2f2b0251875611ef89028266a86ec293ede462ab89f83f7b82ac805bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"6740c79b-2811"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axF%2B3tKMCRs3GvHhllqndYPBmVVEwzW8FQWOl%2BoB%2FYbOYOAhuK3kZj9opqg360nF4cxU9IidOQOxyRc7SfJI1iwGYyFDao068r6WcPDv0KVO1WWMyt18fZZEdFkNGn7f5NIWBU4c"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30332&min_rtt=28775&rtt_var=36&sent=604&recv=104&lost=0&retrans=0&sent_bytes=757096&recv_bytes=4444&delivery_rate=5409731&cwnd=339&unsent_bytes=64704&cid=79d1751c5374f368&ts=998&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 18:04:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca34848a27e409-OTP
permissions-policy: interest-cohort=()
server: cloudflare

GET
H2 200 bg.png
shopfitarticles.icu/images/ 263 KB
263 KB 242ms
240ms Image
image/png 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopfitarticles.icu/images/bg.png

Requested by

Host: shopfitarticles.icu
URL: https://shopfitarticles.icu/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7581e0d2150b93d0c3c88bfae8ae0f3a9c61cf0ef4707400945c285abe23f9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/css/style.css

Response headers

cf-cache-status: DYNAMIC
etag: "6740c79d-41aeb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FzR6kGStHuIOZIf5Bf3wL0dJ%2Fx9WIxSrrGO0ccEPlQJjl6yJTCdpji%2FVLbLOV5uvt8mSohzhZrvv2RFSjuL9AgSOIFiDw1lzutJqK2%2FpTOpPEiJwJmn8mXWBvZYuUVragawhyxgm"}],"group":"cf-nel","max_age":604800}
expires: Wed, 04 Dec 2024 07:50:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30332&min_rtt=28775&rtt_var=36&sent=443&recv=104&lost=0&retrans=0&sent_bytes=542319&recv_bytes=4444&delivery_rate=5409731&cwnd=339&unsent_bytes=0&cid=79d1751c5374f368&ts=986&x=0"
date: Wed, 04 Dec 2024 07:50:22 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 18:04:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8eca3484aa41e409-OTP
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 269035
server: cloudflare

GET
H2 200 64d5p99gj0 Show response
trk-quantivex.com/scripts/push/script/ 8 KB
4 KB 963ms
367ms Script
application/javascript 172.67.156.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-quantivex.com/scripts/push/script/64d5p99gj0?url=shopfitarticles.icu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad63a361ece04264588eafdb1e668e16a0d577cf5682b8257248b0d2494a1d13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/

Response headers

content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Spy%2BjPGBjFvY2yhKbmSYLDpM%2BjwrU9kvYjFPZHsFBHsIAIE2fs0Y1aYkkOZCBj6cBuKV9tAcTOHPM0PX2fBBkvfqJaYZE8NYZDzX9lQemDooz4vUtdCb204ZXqc3CT9tXzhzFA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30831&min_rtt=28861&rtt_var=7639&sent=9&recv=11&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2235&delivery_rate=134683&cwnd=253&unsent_bytes=0&cid=69464f656a515061&ts=439&x=0"
date: Wed, 04 Dec 2024 07:50:23 GMT
content-type: application/javascript;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Wed, 04 Dec 2024 07:50:23 GMT
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control: max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8eca348a38a6627d-OTP
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges: bytes
content-length: 2521
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 404 favicon.ico
shopfitarticles.icu/ 555 B
598 B 135ms
134ms Other
text/html 172.67.146.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shopfitarticles.icu/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.146.62 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e209d6d6e97cb95d6246e176f50383d75b0ea94345c7cc1c0777e178935db3c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQQK45oevcSf4DznlKhgel44ENGn29TuTEL5WVCVqyhj3xIqq2EiS1KpVDC49qt45Yi2QsDUXJp7VObpOlwkmwO37CoEqPbtIjIVF5i3lbfgAY%2FdO7TCdLfd5y640xzR8qr3qPDF"}],"group":"cf-nel","max_age":604800}
cf-ray: 8eca348c685ee409-OTP
permissions-policy: interest-cohort=()
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=36818&min_rtt=28683&rtt_var=231&sent=1853&recv=426&lost=0&retrans=0&sent_bytes=2426246&recv_bytes=4714&delivery_rate=33030050&cwnd=1924&unsent_bytes=0&cid=79d1751c5374f368&ts=2191&x=0"
date: Wed, 04 Dec 2024 07:50:23 GMT
content-type: text/html
server: cloudflare

POST
H2 200 l3e4w9jmgv
event.trk-quantivex.com/register/event_log/ 0
0 203ms
201ms Fetch 172.67.156.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-quantivex.com/register/event_log/l3e4w9jmgv

Requested by

Host: trk-quantivex.com
URL: https://trk-quantivex.com/scripts/push/script/64d5p99gj0?url=shopfitarticles.icu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://shopfitarticles.icu/

Response headers

access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lgnbAoWv%2FR0uU8Ky4YqeoxEbqXILS9KzWmeoHZH4oQllVhaib4IaPFZvuxyXst23KEKTlYTdlSAAbAxoJyD8Vu50kWYQ%2Bai1vGfe%2BUifYgKWI5ATkc1U5rj6ennw6VBb2XKNnkofwsMlw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=39275&min_rtt=29773&rtt_var=9356&sent=11&recv=14&lost=0&retrans=0&sent_bytes=5302&recv_bytes=2538&delivery_rate=96619&cwnd=253&unsent_bytes=0&cid=34b64516f26f4041&ts=629&x=0"
date: Wed, 04 Dec 2024 07:50:26 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control: no-cache, no-store, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8eca349f5d7ae4b1-OTP
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

OPTIONS
H2 200 l3e4w9jmgv
event.trk-quantivex.com/register/event_log/ 0
0 1033ms
317ms Preflight 172.67.156.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-quantivex.com/register/event_log/l3e4w9jmgv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shopfitarticles.icu
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8eca349d59fee4b1-OTP
content-length: 0
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date: Wed, 04 Dec 2024 07:50:26 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PgFecmdWVbx1RbHKDIB7kxnQkXlG2w7voMx%2F162rapGJeymM6x1dq%2FfERZLM%2Fg8PUG3yylN0wEh%2FYLs4nV4JUZViyFhMLF25glWQC2vwfM2Q7EFTObLyroo2juv87Go38KJ1Ynzbc3nQbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=40632&min_rtt=35764&rtt_var=9307&sent=9&recv=12&lost=0&retrans=0&sent_bytes=3969&recv_bytes=2298&delivery_rate=96619&cwnd=252&unsent_bytes=0&cid=34b64516f26f4041&ts=427&x=0"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 l3e4w9jmgv
event.trk-quantivex.com/register/event_log/ 0
0 206ms
205ms Fetch 172.67.156.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-quantivex.com/register/event_log/l3e4w9jmgv

Requested by

Host: trk-quantivex.com
URL: https://trk-quantivex.com/scripts/push/script/64d5p99gj0?url=shopfitarticles.icu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.156.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://shopfitarticles.icu/

Response headers

access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgwQt6yq0LsJNbPGQhM7cYifTguaagtCp%2F1gSEAKmSVRlyltrgJTAkkHgGib0MbKnrhlPcvhO0W0HLAwQuFtflmINXNP9shboQjhWfktHQIyZsCxuRQ6JfoVfAfF0UuQhrDlRxmETi3OOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=38261&min_rtt=29773&rtt_var=9044&sent=14&recv=17&lost=0&retrans=0&sent_bytes=5816&recv_bytes=2798&delivery_rate=96619&cwnd=254&unsent_bytes=0&cid=34b64516f26f4041&ts=792&x=0"
date: Wed, 04 Dec 2024 07:50:26 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cache-control: no-cache, no-store, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8eca34a05eede4b1-OTP
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
x-pushplatformapp-params
access-control-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.mastertrackingdomain.com/	1970-01-21 01:29:45	Name: uniqueClick_2G4CHQHS Value: 41a7a574-49b3-49ab-98fc-c722047318ee:1733298620
www.mastertrackingdomain.com/	1970-01-21 03:37:54	Name: transaction_id Value: 123d14f9bd0f49359facc2120021f7b2
shopfitarticles.icu/	1969-12-31 23:59:59	Name: SESSIONIDS Value: mFSTm5lr-ymT-hTmMmL-QRBfXQF3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shopfitarticles.icu/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://shopfitarticles.icu/?encoded_value=279768Q&sub1=aae6de8dcbdf4f6cb8f7fa95ed1723f8&sub2=&sub3=&sub4=&sub5=23215&source_id=1964&ip=77.36.66.78&domain=www.mastertrackingdomain.com Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-quantivex.com
shopfitarticles.icu
trk-quantivex.com
use.fontawesome.com
www.empowerstratic.com
www.faqplaypix.com
www.mastertrackingdomain.com
172.67.142.245
172.67.146.62
172.67.151.243
172.67.156.201
184.107.84.181
188.114.96.3
017022e37b9fe0d83274d518e6207f488bc315eb9eb0c53e151d403866aa5d33
08cca3a01826c51da3ba67e576c6edc01819ad7d1fac69888e1cb18638b62bd6
12848411efa2d4d07a355d984599585dcf70a54213f832586e3a59761b349529
36940f375ccd0d827d78f05e0b3296d140efe4e586abc40ffdbb5395e3277f18
4e060ccf23f1760f9f5b5b0e72f5dfbb979c2f442112c0a19576e0c141b2b61b
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6cdb6dc51027e445698633b364df9ea65147758e6366e908cc421c7e826d9bc1
7581e0d2150b93d0c3c88bfae8ae0f3a9c61cf0ef4707400945c285abe23f9f4
800614a4fe8c556c0d0e1bc4b570118ae5ddec0d756312cd2bdcd70166a0cf96
80e4781f9a5c59e6dd06e2a0663c83a74a6e7f72b75240e1251d0f47822baaa0
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4
a44053f094ddceb95cb5c96bc5b4bfcad557f954c5b811bd40a30ed04c503be9
ab289ea7916545d166d25b781a87dbcc8c298e20a07f96a545859df83397f481
ad63a361ece04264588eafdb1e668e16a0d577cf5682b8257248b0d2494a1d13
b408f7e3bd234ad48605f636b51669ab42a210e6bc97230e742c96c947378e3f
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c03c4b32ac95915f21e31a097fec0ce3bf2636951efbbdee2fb6a7371d5ad9eb
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d0181afef44528293bbb03b5475b52a1740fa196a769831aebf9239180b2af49
d59f849bd004f0145fe46845f941fa5787ef30c4b333839c74085839cdd2eba3
df69218b1464d93d8f47d18659ed5cbd6ddfea7283a7bf133bbf32be67463974
e209d6d6e97cb95d6246e176f50383d75b0ea94345c7cc1c0777e178935db3c5
e8fb96b2f2b0251875611ef89028266a86ec293ede462ab89f83f7b82ac805bb

shopfitarticles.icu Open in urlscan Pro 172.67.146.62 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

3 IPs

3 Countries

2801 kBTransfer

3632 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

shopfitarticles.icu Open in urlscan Pro
172.67.146.62 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

3
IPs

3
Countries

2801 kB
Transfer

3632 kB
Size

3
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!