www.usnordstromrack.shop Open in urlscan Pro
172.67.173.249 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff
Submission: On January 24 via manual (January 24th 2021, 9:06:19 pm UTC) from US

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 172.67.173.249, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.usnordstromrack.shop.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 23rd 2020. Valid for: a year.

This is the only time www.usnordstromrack.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fake Shop (Fashion)

Domain & IP information

	IP Address	AS Autonomous System
22	172.67.173.249 172.67.173.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	122.228.91.87 122.228.91.87	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
24	4

22 172.67.173.249 (United States)

ASN13335 (CLOUDFLARENET, US)

www.usnordstromrack.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.228.91.87 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	usnordstromrack.shop www.usnordstromrack.shop	170 KB
2	51.la js.users.51.la ia.51.la	3 KB
24	2

	Domain	Requested by
22	www.usnordstromrack.shop	www.usnordstromrack.shop
1	ia.51.la	www.usnordstromrack.shop
1	js.users.51.la	www.usnordstromrack.shop
24	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-11-23` - `2021-11-22`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-05-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff
Frame ID: DE8427756FA63C3746A75556F9344048
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
script /owl\.carousel.*\.js/i

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

185 kB
Transfer

432 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request orders_ddfd34c65ca94a530b916f8486edfeff Show response www.usnordstromrack.shop/	42 KB 6 KB	2090ms 1754ms	Document text/html	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8acac9b46ff7139f00ecbae4b5492907f39dc911598cbb6961dc7b42355c4203` Request headers :method GET :authority www.usnordstromrack.shop :scheme https :path /orders_ddfd34c65ca94a530b916f8486edfeff pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=da538580012c01958ebc10879257a4cb61611522360; expires=Tue, 23-Feb-21 21:06:00 GMT; path=/; domain=.usnordstromrack.shop; HttpOnly; SameSite=Lax; Secure ip_check_json=%7B%22ipAddress%22%3A%2245.152.181.220%22%2C%22isFacebook%22%3A0%2C%22continentCode%22%3A%22EU%22%2C%22continentName%22%3A%22Europe%22%2C%22countryCode%22%3A%22FR%22%2C%22countryName%22%3A%22France%22%2C%22isEuMember%22%3Atrue%2C%22currencyCode%22%3A%22EUR%22%2C%22currencyName%22%3A%22Euro%22%2C%22phonePrefix%22%3A%2233%22%2C%22languages%22%3A%5B%22fr-FR%22%2C%22frp%22%2C%22br%22%2C%22co%22%2C%22ca%22%2C%22eu%22%2C%22oc%22%5D%2C%22state%22%3A%22%5Cu00cele-de-France%22%2C%22city%22%3A%22Livry-Gargan%22%2C%22district%22%3A%22Seine-Saint-Denis%22%2C%22geonameId%22%3A%222998056%22%2C%22postalCode%22%3A%2293190%22%2C%22latitude%22%3A%2248.9193%22%2C%22longitude%22%3A%222.5431%22%2C%22gmtOffset%22%3A%221%22%2C%22timeZone%22%3A%22Europe%5C%2FParis%22%2C%22weatherCode%22%3A%22FRXX6706%22%2C%22ASN%22%3A%229009%22%2C%22ASO%22%3A%22M247%22%2C%22ISP%22%3A%22M247+Ltd%22%2C%22connectionType%22%3A%22wireless%22%2C%22usageType%22%3A%22consumer%22%2C%22organization%22%3A%22M247+Ltd%22%2C%22isCrawler%22%3Afalse%2C%22crawlerName%22%3A%22%22%2C%22isProxy%22%3Afalse%2C%22proxyType%22%3A%22%22%2C%22threatLevel%22%3A%22low%22%2C%22threatDetails%22%3A%5B%5D%2C%22fromAd%22%3A0%7D; expires=Fri, 23-Jul-2021 21:06:01 GMT; Max-Age=15552000; path=/ PHPSESSID=4f84141899b5565365f90322ac11b7c1; path=/ PHPSESSID=4f84141899b5565365f90322ac11b7c1; expires=Sun, 24-Jan-2021 21:26:01 GMT; Max-Age=1200; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 07d7d0dcc10000eefec9bc0000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CTPjg30u%2BOWpf%2BRxcwgPl3nXDSUTI2appBKOmBUQvBtBNugw0fsr8k9XaxQgtof7swgP5Z2olbwQnWeAwcS59wvv5k0Sp2o869WZH0kF%2FMfC1azcy7Lop2A%3D"}],"max_age":604800} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 616cb7412b84eefe-MIA content-encoding br
GET H2	200	bootstrap.min.css www.usnordstromrack.shop/js/jquery/bootstrap-3.3.7/css/	45 KB 8 KB	323ms 319ms	Stylesheet text/css	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/js/jquery/bootstrap-3.3.7/css/bootstrap.min.css Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f985e7d7aa871c19747c2fc976dea220a0f8fbd334cc03115b202d053753e663` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3c30000eefe028a0000000001 last-modified Thu, 21 May 2020 08:54:00 GMT server cloudflare etag W/"5ec641a8-b4cd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BtgoPVYyvu7wIFAmCt1nncN9TjZO09r9Ewty0%2BY0FT1vJaUpgowML4vT41dfIAQ8ZDkN3qv55PK%2BwLh5Z4PZlPoBE2XN62zlexi2gsBVivC332R%2FwrvWmYQ%3D"}],"max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 616cb74c38e5eefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	font_375202_rffro0w6xuutmx6r.css www.usnordstromrack.shop/js/jquery/	19 KB 13 KB	195ms 191ms	Stylesheet text/css	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/js/jquery/font_375202_rffro0w6xuutmx6r.css Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0b178e330a8c382e2911c8e51b65ecd836a09d9538be1f40d3fb5499cda00b57` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3a80000eefe0faf5000000001 last-modified Thu, 21 May 2020 08:54:00 GMT server cloudflare etag W/"5ec641a8-4dc8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cA%2B7eYCQ8LSUJgF5JWG80COzsy4WuWd4%2FS95jZZkaEmkbSLDpso4d0lHI6pEGZ48jUy1Qdohn2IWNWo5t9jUDydzZp0FOSCkoalXPIrWkqaxkv5N1RMVLu8%3D"}],"max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 616cb74c38eceefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	style-fonts.css www.usnordstromrack.shop/includes/templates/qn_pg01/css/	803 B 478 B	194ms 190ms	Stylesheet text/css	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/style-fonts.css Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9addda8ff695cbece2414c7c7b81ffd3b7173c2844be96846ed8c65d7843b7b8` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3ae0000eefe163af000000001 last-modified Wed, 06 May 2020 06:20:32 GMT server cloudflare etag W/"5eb25730-323" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x87L8g83%2BlgAvabC2FPfjqLDXrT4%2BdGhNBqL1QfT89ktDK2Cxggf%2F2bwUyjxx37IhWig9DkWPmUgFHBZFbGnZvdEZP3XAL2JyqNWCLo5vf%2FtEpe6I6SVhzM%3D"}],"max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 616cb74c38eeeefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	style-ie.css www.usnordstromrack.shop/includes/templates/qn_pg01/css/	1 KB 815 B	227ms 224ms	Stylesheet text/css	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/style-ie.css Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fbf090c09481172872d498943649f38702370e6aa3c90e250476214ae2d34dcb` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3b50000eefe0faf6000000001 last-modified Wed, 06 May 2020 06:20:32 GMT server cloudflare etag W/"5eb25730-49c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hRDegKuB%2Ba7Z3E11GTeUmfwWDls23fUlOKfU2otj0Lzj8ejbarksBQbsH4u%2Flc3nq4FPMkotKYWzs9unm63j9r6pJ2G9Epy6ykwU0d4Ovq8I2UGhrRt2Z94%3D"}],"max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 616cb74c38f2eefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	style_owl.carousel.min.css www.usnordstromrack.shop/includes/templates/qn_pg01/css/	4 KB 1 KB	181ms 178ms	Stylesheet text/css	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/style_owl.carousel.min.css Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ef0096e57c6b0e3903d16e4c5cc172b9d6c680dd63b2d74b061b99c4309891ad` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3a90000eefec13e0000000001 last-modified Wed, 06 May 2020 06:20:32 GMT server cloudflare etag W/"5eb25730-e1e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gty6%2Buly18it94pRGLenvMEQD6Eqx6BNvKr3aBpEWm0a2X2HRRJ1D75VE8tAD4T3pHA6Ak4FBk0HWacheME0ldpzTo5bOVNvtK6O9Ww5OMoUPMglY842%2Ft4%3D"}],"max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 616cb74c38f4eefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	styles.css www.usnordstromrack.shop/includes/templates/qn_pg01/css/	70 KB 14 KB	200ms 197ms	Stylesheet text/css	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/styles.css Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c42a2602c83756ec1a345defbfb378702d2cc65bbeaa19c872d7f84c3595eb8a` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3a80000eefedbad3000000001 last-modified Mon, 16 Nov 2020 07:15:26 GMT server cloudflare etag W/"5fb2270e-119a2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xq4cwhc197upJLNwFEVy%2BY2RM6Em2fTmRISAVBiF003Q1lWJcP4dijrtw73tppcRdPwqWtjkF5T6%2B9m776lo6InHQ2xDpLN35BIFpIBDBHJfXNCt0jy33QM%3D"}],"max_age":604800} content-type text/css cache-control max-age=43200 cf-ray 616cb74c38f6eefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	jquery.js Show response www.usnordstromrack.shop/js/jquery/	91 KB 31 KB	243ms 240ms	Script application/javascript	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/js/jquery/jquery.js Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b3ac0e210cfcba2b2c52e1edb9b2905efcb3f78bab9d2977fe614593e7dd49d3` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3a80000eefe0b01e000000001 last-modified Thu, 21 May 2020 08:54:00 GMT server cloudflare etag W/"5ec641a8-16b29" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kizVXUx4zl5I7Hcc9uQUV%2BA%2BvHypaKX79gjQ0P694vIfQZHlw1ixBqBV1%2FKZJqUgTGRL3GPj3wX7qX83gFRH7PQtGPE5qZ4VPR%2FIWTqKBEDSUPWPSNelowA%3D"}],"max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=43200 cf-ray 616cb74c38faeefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	base.js Show response www.usnordstromrack.shop/js/jquery/	3 KB 911 B	232ms 230ms	Script application/javascript	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/js/jquery/base.js Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0ad5b365b92aefa251c4c572a5e3d5b778acd81666ecb0d92842a4078d3dbc03` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3aa0000eefecaae5000000001 last-modified Thu, 21 May 2020 08:54:00 GMT server cloudflare etag W/"5ec641a8-a01" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ToEBetf9R6%2Fds7jOqPB%2BtlMIPSjRfW6mgcnWPG4Ff0CInUOglGS0Y7M27gb5xI2ymzt2x%2Bu1j3vAiEz2XBGOmmhYJyKIphAf50A9cdXNU6AV2%2BiFmsAuYi0%3D"}],"max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=43200 cf-ray 616cb74c38ffeefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	validate.js Show response www.usnordstromrack.shop/js/jquery/	20 KB 6 KB	234ms 232ms	Script application/javascript	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/js/jquery/validate.js Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a372effab3cefaa9cc3101a2f59fe463b13806878e976b4b502d5ff1b371e6f3` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3b00000eefecaae6000000001 last-modified Thu, 21 May 2020 08:54:00 GMT server cloudflare etag W/"5ec641a8-51cb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1WeO9rMCcK%2F%2BB88n7bvKGhjFVHBobuengI%2FDHRrnwD9fwiSjPucH%2F7BMocf7Kj0S13sAHH%2Bh66pa%2BNtcAYZsaN%2FVgSsJDwnKthnAIcD0l828prj0aZt9IiQ%3D"}],"max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=43200 cf-ray 616cb74c3901eefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	tabs.js Show response www.usnordstromrack.shop/js/jquery/	373 B 505 B	192ms 190ms	Script application/javascript	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/js/jquery/tabs.js Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ee9e4a2bfd2c7b46886c255f87fdc8c6e8c0b764c68c3fe7ff2416628b35f590` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3b20000eefefb1bc000000001 last-modified Thu, 21 May 2020 08:54:00 GMT server cloudflare etag W/"5ec641a8-175" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TxeCbc4BEAR3d%2Bzw%2FmlBuZUtlHazQvgFVHdlG4FOCC95BUjG88yVzagjRJwT4VefK3UlKpE8y7Kvuet6LlgLCxJX0ZEnxdLLRwPqvQV7IQcmC5%2BSZgOkwfs%3D"}],"max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=43200 cf-ray 616cb74c3903eefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	jscript_noscroll.js Show response www.usnordstromrack.shop/includes/templates/qn_pg01/js/	2 KB 842 B	231ms 229ms	Script application/javascript	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/js/jscript_noscroll.js Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ddb3fed3b6c90bf9f0a06c28783f60038088f5c284dd26f8fbc529f17f9cab81` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3bd0000eefeff296000000001 last-modified Sat, 17 Oct 2020 09:01:44 GMT server cloudflare etag W/"5f8ab2f8-7a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SU0rQhSmQIY%2FxF0%2Bq0TLJFVxEf2Do5EDe8fx%2Fl9LMVhv7dj%2FTRVs5WQiaLN5kKSAD7eqju4stDXdBrDv0XFXL301EdLEgL%2BwgzMHF9OudGMXPSjlCJCgFpk%3D"}],"max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=43200 cf-ray 616cb74c5937eefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	jscript_owl.carousel.min.js Show response www.usnordstromrack.shop/includes/templates/qn_pg01/js/	39 KB 10 KB	227ms 225ms	Script application/javascript	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/js/jscript_owl.carousel.min.js Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3ba0000eefec4bb4000000001 last-modified Wed, 06 May 2020 06:20:32 GMT server cloudflare etag W/"5eb25730-9dd1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ufv4JS8Ytxq2tzWglD9SpTuSxD%2BQdeCrF1%2BlGXK6Tc0N4GDqUAgV45RPEHqbAlCOVaAf56DDcxS6wGuVdr1RVATtlNmaF%2Bbe1ipM%2BVOZREPkPFgi%2FpIyM0A%3D"}],"max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=43200 cf-ray 616cb74c5939eefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	jscript_touchSlider.js Show response www.usnordstromrack.shop/includes/templates/qn_pg01/js/	5 KB 2 KB	225ms 223ms	Script application/javascript	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/js/jscript_touchSlider.js Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60a973fee3d4fd469ee70f2df2e2caa21fee6672a8138b48eb727021fc7b84cf` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 40551 cf-request-id 07d7d0e3ba0000eefe163b0000000001 last-modified Sat, 17 Oct 2020 09:01:48 GMT server cloudflare etag W/"5f8ab2fc-14fd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QxFCgY6YG9M71Myk3Md0Ul09t9YkmyeCPyM2gh56N%2BbFnp4Na%2FGwJpPA3lmuWKS9LJP57KiqbqqYKCcI7cUfHn0neZzxA2394i9hApMqt9xmr0Ra%2FA7G11U%3D"}],"max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=43200 cf-ray 616cb74c593ceefe-MIA expires Sun, 24 Jan 2021 21:50:11 GMT
GET H2	200	logo.png www.usnordstromrack.shop/includes/templates/qn_pg01/images/	2 KB 3 KB	191ms 190ms	Image image/png	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/images/logo.png Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `decbc6e4fae1a6fdd1d89f7fddac2530e91a6e606e71aa2a3c6c80ed5c171185` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 160252 content-length 2072 cf-request-id 07d7d0e4ff0000eefef5327000000001 last-modified Wed, 14 Oct 2020 05:01:10 GMT server cloudflare etag "5f868616-818" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6%2F6qxOkmD11N0ditIXAgjLcyYt%2FTs6eurIsUWzEOWgZjn22SJDrtbcZURfQjtwbuASMiIFytS88BlRR5glt2bDXGz224KAC%2Fs3p87BMgRvhmgNE8OKo%2BUow%3D"}],"max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 616cb74e6ddbeefe-MIA expires Mon, 22 Feb 2021 00:35:10 GMT
GET H2	200	paypal.gif www.usnordstromrack.shop/images/payment/	9 KB 9 KB	340ms 340ms	Image image/gif	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.usnordstromrack.shop/images/payment/paypal.gif Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `452207668490304c70d64d5b8973865ee4effad48e6cff1a3d5aa89c3880effc` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} content-length 9212 cf-request-id 07d7d0e5070000eefe0b033000000001 last-modified Thu, 21 May 2020 08:54:00 GMT server cloudflare etag "5ec641a8-23fc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DK%2FuBS9VD3jTfycRCkJxqiqeXPI7Wj1FzGma6W3fs6kLlX2KcyJuBsAn4qoXfe873aM05S5Of1qGIjmjSDCwnnjV6ygUZOnrbWuHusozl1Pptx0eqNnES0k%3D"}],"max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 616cb74e7df8eefe-MIA expires Tue, 23 Feb 2021 21:06:02 GMT
GET H2	200	09b6973e0d7100ca81a2de56d950f32a.jpg www.usnordstromrack.shop/images/cache/0/9/	3 KB 3 KB	349ms 348ms	Image image/jpeg	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.usnordstromrack.shop/images/cache/0/9/09b6973e0d7100ca81a2de56d950f32a.jpg Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d90322a12b16f2d0ffcef3c3af4e0846bafdff25dd601aa8a0b907683c90caba` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} content-length 2825 cf-request-id 07d7d0e50c0000eefe0f39f000000001 last-modified Fri, 27 Nov 2020 02:27:58 GMT server cloudflare etag "5fc0642e-b09" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=thOvtyLciG%2Fpax1eKbtqa6OUqxKOMkM6yzacOAxnEu499It3SiiQmOqjPU2KUe6zzBvQf1EuWK1aIXP2iS0Win6srFNfMFAAp3g9iayiOjP3fOv5VmMIroY%3D"}],"max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 616cb74e7dfbeefe-MIA expires Tue, 23 Feb 2021 21:06:02 GMT
GET H2	200	footer-right.png www.usnordstromrack.shop/includes/templates/qn_pg01/images/	6 KB 6 KB	203ms 203ms	Image image/png	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/images/footer-right.png Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `03f9afd614ee37a5eca69647317c5ac37f0ee24fdafcfad641b8664e5d0aa796` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 160252 content-length 5986 cf-request-id 07d7d0e50e0000eefefc990000000001 last-modified Wed, 06 May 2020 06:20:32 GMT server cloudflare etag "5eb25730-1762" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jxHsj%2FZQKjFXxyHJXRBJ7o17fCpJDzkMvqqOfMEie39n6Ih5d0D%2BhXsBTP4uIe5dnh0g6uGGxO9CPrfaC6a390JFyIq8gs75OZdSt3qJnlz7A1tT3%2BZwhXE%3D"}],"max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 616cb74e7dfdeefe-MIA expires Mon, 22 Feb 2021 00:35:10 GMT
GET H/1.1	200 OK	20997301.js Show response js.users.51.la/	5 KB 3 KB	832ms 274ms	Script application/javascript	122.228.91.87 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/20997301.js Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software nginx/1.14.0 / Resource Hash `b1030ea3308286b797d9104961e2b64ca680fc9e1673c3a68dcfd5ccc26ac85e` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-id 20997301 Date Sun, 24 Jan 2021 21:06:03 GMT Content-Encoding gzip Vary Accept-Encoding Age 14989 Transfer-Encoding chunked X-Via 1.1 zhshx11:7 (Cdn Cache Server V2.0)[106 200 2], 1.1 zhdx134:5 (Cdn Cache Server V2.0)[138 200 2], 1.1 zhoudianxin116:4 (Cdn Cache Server V2.0)[0 200 0] Content-Disposition inline;filename=f.txt Connection keep-alive Request-Id 00000177355317FC9019896C90F04A3D x-reserved amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSXxw6F/Z46Fzs/2yMe6vTU98WRr8x0e Last-Modified Mon Nov 23 16:28:28 CST 2020 Server nginx/1.14.0 ETag "df27424927fd85cf7b9130d01e1f426c" X-Ws-Request-Id 600de13b_ianxin170_31126-29643 Content-Type application/javascript;charset=UTF-8 version-id G0011175F437F38CFFFF90550D8913AB
GET H2	200	down.png www.usnordstromrack.shop/includes/templates/qn_pg01/images/	207 B 501 B	190ms 190ms	Image image/png	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/images/down.png Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `02bf568f6ef31ee7b116b9577962188d94f24b62d1b616e33e42a9da3ed21ccb` Request headers Referer https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 160252 content-length 207 cf-request-id 07d7d0e50f0000eefecc994000000001 last-modified Wed, 06 May 2020 06:20:32 GMT server cloudflare etag "5eb25730-cf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bXDOOovEHgz6UuvKPSm40kTM6p4u4%2FfXoB03D5oF5A3hZhhDdk8ArAIg42YkP6ZL1mGBYW2kWDm850Jp3FpukFKwpZFRNCgrhcdKIiuCUeRVLU1GtFyrauU%3D"}],"max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 616cb74e7e0beefe-MIA expires Mon, 22 Feb 2021 00:35:10 GMT
GET H2	200	pfdintextpro-regular.woff www.usnordstromrack.shop/includes/templates/qn_pg01/css/	25 KB 25 KB	183ms 183ms	Font application/font-woff	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/pfdintextpro-regular.woff Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/style-fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `16b87b6524f1b7c3e4e8ebde71268ab0e6e37e2fdefb4452ef47c27c37477e11` Request headers Origin https://www.usnordstromrack.shop Referer https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/style-fonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 May 2020 06:20:32 GMT server cloudflare age 663 etag W/"5eb25730-643c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lABxTFow9Zbt6RY8gMQ%2BB7zP5VY9A4nXLB79A7S31jUdUB71nTM%2FKqC5%2B6cKtQz6qgYj5mwNfEq3BzhbpVaKOdqCcKHmg4Qm%2BlLEzCUIblk0bAxgUnxay1U%3D"}],"max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 616cb74e7e0feefe-MIA cf-request-id 07d7d0e50d0000eefefb1de000000001
GET DATA	200 OK	truncated /	11 KB 11 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5723e39c0316483bbe0bbf4719778336a4a62647ca194786521a795f1d2b4d3b` Request headers Origin https://www.usnordstromrack.shop Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	i_msg-success.gif www.usnordstromrack.shop/includes/templates/qn_pg01/images/	1 KB 1 KB	342ms 342ms	Image image/gif	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/images/i_msg-success.gif Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d0d7cc414c1b9ec941210c0c08f5e4b0650b8a9be6b6b309e623d698f3aea115` Request headers Referer https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/styles.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT cf-cache-status MISS nel {"max_age":604800,"report_to":"cf-nel"} content-length 1024 cf-request-id 07d7d0e5590000eefedeacf000000001 last-modified Wed, 06 May 2020 06:20:32 GMT server cloudflare etag "5eb25730-400" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7NcLDHjfRqM9eSJoJyYd4QUbqfHA3MQkhtZc1Wr7wLk0djuHpOWxv006xytpOq9th8ZJ80uAf63c0rSqJiDvWTszf%2FtpHHGAyOB4RolVkcrVKovTX830BGU%3D"}],"max_age":604800} content-type image/gif cache-control max-age=2592000 accept-ranges bytes cf-ray 616cb74eff01eefe-MIA expires Tue, 23 Feb 2021 21:06:02 GMT
GET H2	200	pfdintextpro-medium.woff www.usnordstromrack.shop/includes/templates/qn_pg01/css/	26 KB 27 KB	173ms 172ms	Font application/font-woff	172.67.173.249 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/pfdintextpro-medium.woff Requested by Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/style-fonts.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.173.249 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6f7a1c16234b4190cd398f474a05e0845567690ec337a18e166ee33749888289` Request headers Origin https://www.usnordstromrack.shop Referer https://www.usnordstromrack.shop/includes/templates/qn_pg01/css/style-fonts.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 24 Jan 2021 21:06:02 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 May 2020 06:20:32 GMT server cloudflare age 663 etag W/"5eb25730-6974" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FwC8cX15fllavX1FY1cSBqSEuW7PT2UB%2F2YH4HNjQz%2BdcPMvUaJfu08Qt0TAf1VcYPZvnnKbw%2BRzjmu2sn9ysLGcVyXuarzbuCAhGffHKll08R2lmeGqcNs%3D"}],"max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 616cb74eff13eefe-MIA cf-request-id 07d7d0e55f0000eefed6883000000001
GET H/1.1	200	go1 ia.51.la/	0 254 B	968ms 339ms	Image application/octet-stream	183.131.207.66 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=20997301&rt=1611522363314&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1611522363314&tt=Checkout%2520Result&kw=Patagonia%2520is%2520a%2520designer%2520of%2520outdoor%2520clothing%2520and%2520gear%2520for%2520the%2520silent%2520sports.&cu=https%253A%252F%252Fwww.usnordstromrack.shop%252Forders_ddfd34c65ca94a530b916f8486edfeff&pu= Requested by* Host: www.usnordstromrack.shop URL: https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software CloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.usnordstromrack.shop/orders_ddfd34c65ca94a530b916f8486edfeff User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 24 Jan 2021 21:06:04 GMT Server CloudWAF Connection keep-alive Content-Length 0 Content-Type application/octet-stream

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fake Shop (Fashion)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.usnordstromrack.shop/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
www.usnordstromrack.shop/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.usnordstromrack.shop/	1969-12-31 23:59:59	Name: __tins__20997301 Value: %7B%22sid%22%3A%201611522363314%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201611524163314%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ia.51.la
js.users.51.la
www.usnordstromrack.shop
122.228.91.87
172.67.173.249
183.131.207.66
02bf568f6ef31ee7b116b9577962188d94f24b62d1b616e33e42a9da3ed21ccb
03f9afd614ee37a5eca69647317c5ac37f0ee24fdafcfad641b8664e5d0aa796
0ad5b365b92aefa251c4c572a5e3d5b778acd81666ecb0d92842a4078d3dbc03
0b178e330a8c382e2911c8e51b65ecd836a09d9538be1f40d3fb5499cda00b57
16b87b6524f1b7c3e4e8ebde71268ab0e6e37e2fdefb4452ef47c27c37477e11
452207668490304c70d64d5b8973865ee4effad48e6cff1a3d5aa89c3880effc
5723e39c0316483bbe0bbf4719778336a4a62647ca194786521a795f1d2b4d3b
60a973fee3d4fd469ee70f2df2e2caa21fee6672a8138b48eb727021fc7b84cf
6f7a1c16234b4190cd398f474a05e0845567690ec337a18e166ee33749888289
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
8acac9b46ff7139f00ecbae4b5492907f39dc911598cbb6961dc7b42355c4203
9addda8ff695cbece2414c7c7b81ffd3b7173c2844be96846ed8c65d7843b7b8
a372effab3cefaa9cc3101a2f59fe463b13806878e976b4b502d5ff1b371e6f3
b1030ea3308286b797d9104961e2b64ca680fc9e1673c3a68dcfd5ccc26ac85e
b3ac0e210cfcba2b2c52e1edb9b2905efcb3f78bab9d2977fe614593e7dd49d3
c42a2602c83756ec1a345defbfb378702d2cc65bbeaa19c872d7f84c3595eb8a
d0d7cc414c1b9ec941210c0c08f5e4b0650b8a9be6b6b309e623d698f3aea115
d90322a12b16f2d0ffcef3c3af4e0846bafdff25dd601aa8a0b907683c90caba
ddb3fed3b6c90bf9f0a06c28783f60038088f5c284dd26f8fbc529f17f9cab81
decbc6e4fae1a6fdd1d89f7fddac2530e91a6e606e71aa2a3c6c80ed5c171185
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee9e4a2bfd2c7b46886c255f87fdc8c6e8c0b764c68c3fe7ff2416628b35f590
ef0096e57c6b0e3903d16e4c5cc172b9d6c680dd63b2d74b061b99c4309891ad
f985e7d7aa871c19747c2fc976dea220a0f8fbd334cc03115b202d053753e663
fbf090c09481172872d498943649f38702370e6aa3c90e250476214ae2d34dcb

www.usnordstromrack.shop Open in urlscan Pro 172.67.173.249 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

4 IPs

2 Countries

185 kBTransfer

432 kBSize

3 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

3 Cookies

Indicators

www.usnordstromrack.shop Open in urlscan Pro
172.67.173.249 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

185 kB
Transfer

432 kB
Size

3
Cookies

24 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!